sharpetronics/liboqs
1
0
Fork 0
mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-04 00:02:01 -04:00
Code Issues Projects Releases Wiki Activity

Adding multiple upstream support to doc generation (#1123)

Browse Source 
* Fix an issue where run_tests tried to run tests from upstream. Fix by @DStebila

* No longer checking spdx on files copied from upstream

* Added compiler checking for gcc. Must be at least 9.4.0.

* Added pqclean's aarch64 optimized kyber implementation to liboqs

* stripping asimd flag for ARM64_V8 as it isn't needed and will cause errors when trying to specify it during compilation

* Updated kyber docs

* Updated kyber markdown so that no-secret-dependent-branching-checked-by-valgrind correctly says false for the new aarch64 implementation

* Added automated updating of legacy yaml format, and added some yaml files which don't get automatically updated

* Fixed a bug where optimized upstreams would use the primary upstream's supported platform

* Fixed a bug with copy_from_upstream.py's verify function where it would always use the default upstream location when comparing with diff

* Added reporting for implementations that are in upstream but aren't yet integrated into liboqs

* Added support to ignore implementations from upstream in copy_from_upstream.yml. This is to prevent implementations that haven't been integrated into LIBOQS yet from being pulled in by copy_from_upstream.py. It also silences the warning when verifying.

* Adding updated ymls and md files for docs

* copy_from_upstream.py now also calls update_docs_from_yaml.py
This commit is contained in:
Jason Goertzen 2021-11-18 00:56:19 -05:00 committed by GitHub
parent ba5b61a779
commit 769412623c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 703 additions and 425 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/algorithms/kem/bike.md
View File

@ -5,9 +5,11 @@
- **Principal submitters**: Nicolas Aragon, Paulo Barreto, Slim Bettaieb, Loic Bidoux, Olivier Blazy, Jean-Christophe Deneuville, Phillipe Gaborit, Santosh Gosh, Shay Gueron, Tim Güneysu, Carlos Aguilar Melchor, Rafael Misoczki, Edoardo Persichetti, Nicolas Sendrier, Jean-Pierre Tillich, Valentin Vasseur, Gilles Zémor.
- **Authors' website**: http://bikesuite.org/
- **Specification version**: 4.1.
- **Implementation source**: https://github.com/awslabs/bike-kem, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/awslabs/bike-kem
- **Implementation license (SPDX-Identifier)**: Apache-2.0
, which takes it from:
- https://bikesuite.org/files/v4.1/Reference_Implementation.2020.10.20.2.zip
- **Implementation license (SPDX-Identifier)**: Apache-2.0.
## Parameter set summary
@ -18,10 +20,10 @@
## BIKE-L1 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| master | little endian | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | master | little endian | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -29,10 +31,10 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## BIKE-L3 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | little endian | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | little endian | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

17
docs/algorithms/kem/bike.yml
View File

@ -22,8 +22,9 @@ crypto-assumption: QC-MDPC (Quasi-Cyclic Moderate Density Parity-Check)
website: http://bikesuite.org/
nist-round: 3
spec-version: 4.1
spdx-license-identifier: Apache-2.0
upstream: https://github.com/awslabs/bike-kem
primary-upstream:
source: https://github.com/awslabs/bike-kem
spdx-license-identifier: Apache-2.0
upstream-ancestors:
- https://bikesuite.org/files/v4.1/Reference_Implementation.2020.10.20.2.zip
parameter-sets:
@ -36,7 +37,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: little endian
operating_systems:
@ -44,7 +46,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -69,7 +72,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: little endian
operating_systems:
@ -77,7 +81,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:

86
docs/algorithms/kem/classic_mceliece.md
View File

@ -5,9 +5,11 @@
- **Principal submitters**: Daniel J. Bernstein, Tung Chou, Tanja Lange, Ingo von Maurich, Rafael Misoczki, Ruben Niederhagen, Edoardo Persichetti, Christiane Peters, Peter Schwabe, Nicolas Sendrier, Jakub Szefer, Wen Wang.
- **Authors' website**: https://classic.mceliece.org
- **Specification version**: SUPERCOP-20191221.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
- **Implementation license (SPDX-Identifier)**: Public domain
, which takes it from:
- SUPERCOP-20191221 "vec" and "avx" implementations
- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@ -26,10 +28,10 @@
## Classic-McEliece-348864 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -37,82 +39,82 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-348864f implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-460896 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-460896f implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6688128 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6688128f implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6960119 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6960119f implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-8192128 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-8192128f implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| vec | All | All | None | True | True | True |
| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

25
docs/algorithms/kem/classic_mceliece.yml
View File

@ -18,8 +18,6 @@ crypto-assumption: Niederreiter's dual version of McEliece's public key encrypti
website: https://classic.mceliece.org
nist-round: 3
spec-version: SUPERCOP-20191221
spdx-license-identifier: Public domain
upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- SUPERCOP-20191221 "vec" and "avx" implementations
parameter-sets:
@ -40,6 +38,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -55,6 +54,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-348864f
claimed-nist-level: 1
claimed-security: IND-CCA2
@ -72,6 +72,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -88,6 +89,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -105,6 +107,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -120,6 +123,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896f
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -137,6 +141,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -153,6 +158,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -170,6 +176,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -185,6 +192,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128f
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -202,6 +210,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -218,6 +227,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -235,6 +245,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -250,6 +261,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119f
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -267,6 +279,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -283,6 +296,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -300,6 +314,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -315,6 +330,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128f
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -332,6 +348,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@ -348,4 +365,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
auxiliary-submitters: []
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524

54
docs/algorithms/kem/frodokem.md
View File

@ -5,8 +5,10 @@
- **Principal submitters**: Michael Naehrig, Erdem Alkim, Joppe Bos, Léo Ducas, Karen Easterbrook, Brian LaMacchia, Patrick Longa, Ilya Mironov, Valeria Nikolaenko, Christopher Peikert, Ananth Raghunathan, Douglas Stebila.
- **Authors' website**: https://frodokem.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
- **Implementation license (SPDX-Identifier)**: MIT.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
- **Implementation license (SPDX-Identifier)**: MIT
## Parameter set summary
@ -21,10 +23,10 @@
## FrodoKEM-640-AES implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -32,46 +34,46 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-640-SHAKE implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-976-AES implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-976-SHAKE implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-1344-AES implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-1344-SHAKE implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| master | All | All | None | True | True | False |
| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

41
docs/algorithms/kem/frodokem.yml
View File

@ -17,8 +17,9 @@ crypto-assumption: learning with errors (LWE)
website: https://frodokem.org/
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: MIT
upstream: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
primary-upstream:
source: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
spdx-license-identifier: MIT
parameter-sets:
- name: FrodoKEM-640-AES
claimed-nist-level: 1
@ -29,7 +30,8 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -37,7 +39,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -61,7 +64,8 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -69,7 +73,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -93,7 +98,8 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -101,7 +107,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -125,7 +132,8 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -133,7 +141,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -157,7 +166,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -165,7 +175,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@ -189,7 +200,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@ -197,7 +209,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: master
- upstream: primary-upstream
upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:

30
docs/algorithms/kem/hqc.md
View File

@ -5,10 +5,12 @@
- **Principal submitters**: Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Olivier Blazy, Jurjen Bos, Jean-Christophe Deneuville, Philippe Gaborit, Edoardo Persichetti, Jean-Marc Robert, Pascal Véron, Gilles Zémor, Loïc Bidoux.
- **Authors' website**: https://pqc-hqc.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
- **Implementation license (SPDX-Identifier)**: Public domain
, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc, which takes it from:
- submission 2020-10-01 at https://pqc-hqc.org/implementation.html
- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@ -20,10 +22,10 @@
## HQC-128 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -31,19 +33,19 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## HQC-192 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## HQC-256 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | True |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

11
docs/algorithms/kem/hqc.yml
View File

@ -17,8 +17,6 @@ crypto-assumption: Syndrome decoding of structure codes (Hamming Quasi-Cyclic)
website: https://pqc-hqc.org/
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: Public domain
upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc
- submission 2020-10-01 at https://pqc-hqc.org/implementation.html
@ -39,6 +37,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -54,6 +53,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: HQC-192
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -70,6 +70,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -85,6 +86,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: HQC-256
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -101,6 +103,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -116,3 +119,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524

9
docs/algorithms/kem/kyber.yml
View File

@ -17,11 +17,13 @@ website: https://pq-crystals.org/
nist-round: 3
spec-version: NIST Round 3 submission
primary-upstream:
source: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2 with copy_from_upstream patches
source: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0
optimized-upstreams:
pqclean-aarch64:
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524 with copy_from_upstream patches
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0
parameter-sets:
- name: Kyber512
@ -64,7 +66,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@ -148,7 +149,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@ -232,7 +232,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true

38
docs/algorithms/kem/ntru.md
View File

@ -6,9 +6,11 @@
- **Auxiliary submitters**: Cong Chen, Oussama Danba, Jeffrey Hoffstein, Andreas Hülsing, Joost Rijneveld, Tsunekazu Saito, Peter Schwabe, William Whyte, Keita Xagawa, Takashi Yamakawa, Zhenfei Zhang.
- **Authors' website**: https://ntru.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
- **Implementation license (SPDX-Identifier)**: CC0-1.0
, which takes it from:
- https://github.com/jschanck/ntru/tree/a43a4457
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
## Parameter set summary
@ -21,10 +23,10 @@
## NTRU-HPS-2048-509 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -32,28 +34,28 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HPS-2048-677 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HPS-4096-821 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HRSS-701 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

13
docs/algorithms/kem/ntru.yml
View File

@ -18,8 +18,6 @@ crypto-assumption: NTRU in Z[x]/(q, x^n-1) with prime n and power-of-two q
website: https://ntru.org/
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: CC0-1.0
upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/ntru/tree/a43a4457
parameter-sets:
@ -39,6 +37,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -53,6 +52,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: NTRU-HPS-2048-677
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -69,6 +69,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -83,6 +84,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: NTRU-HPS-4096-821
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -99,6 +101,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -113,6 +116,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: NTRU-HRSS-701
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -129,6 +133,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -143,3 +148,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: CC0-1.0
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524

70
docs/algorithms/kem/ntruprime.md
View File

@ -5,10 +5,12 @@
- **Principal submitters**: Daniel J. Bernstein, Billy Bob Brumley, Ming-Shing Chen, Chitchanok Chuengsatiansup, Tanja Lange, Adrian Marotzke, Bo-Yuan Peng, Nicola Tuveri, Christine van Vredendaal, Bo-Yin Yang.
- **Authors' website**: https://ntruprime.cr.yp.to
- **Specification version**: supercop-20200826.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
- **Implementation license (SPDX-Identifier)**: Public domain
, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime, which takes it from:
- supercop-20210604
- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@ -25,10 +27,10 @@
## ntrulpr653 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -36,64 +38,64 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr761 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr857 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr1277 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup653 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup761 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup857 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup1277 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

21
docs/algorithms/kem/ntruprime.yml
View File

@ -15,8 +15,6 @@ crypto-assumption: NTRU
website: https://ntruprime.cr.yp.to
nist-round: 3
spec-version: supercop-20200826
spdx-license-identifier: Public domain
upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime
- supercop-20210604
@ -38,6 +36,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -52,6 +51,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: ntrulpr761
claimed-nist-level: 2
claimed-security: IND-CCA2
@ -69,6 +69,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -83,6 +84,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: ntrulpr857
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -100,6 +102,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -114,6 +117,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: ntrulpr1277
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -131,6 +135,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -145,6 +150,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: sntrup653
claimed-nist-level: 1
claimed-security: IND-CCA2
@ -162,6 +168,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -176,6 +183,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: sntrup761
claimed-nist-level: 2
claimed-security: IND-CCA2
@ -193,6 +201,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -207,6 +216,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: sntrup857
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -224,6 +234,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -238,6 +249,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: sntrup1277
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -255,6 +267,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -269,3 +282,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524

30
docs/algorithms/kem/saber.md
View File

@ -5,10 +5,12 @@
- **Principal submitters**: Jan-Pieter D'Anvers, Angshuman Karmakar, Sujoy Sinha Roy, Frederik Vercauteren.
- **Authors' website**: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
- **Implementation license (SPDX-Identifier)**: Public domain
, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/1ae84c3c/saber, which takes it from:
- https://github.com/KULeuven-COSIC/SABER/tree/509cc5ec3a7e12a751ccdd2ef5bd6e54e00bd350
- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@ -20,10 +22,10 @@
## LightSaber-KEM implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -31,19 +33,19 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Saber-KEM implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FireSaber-KEM implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| clean | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

11
docs/algorithms/kem/saber.yml
View File

@ -9,8 +9,6 @@ crypto-assumption: Module learning with rounding
website: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: Public domain
upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/1ae84c3c/saber
- https://github.com/KULeuven-COSIC/SABER/tree/509cc5ec3a7e12a751ccdd2ef5bd6e54e00bd350
@ -31,6 +29,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -44,6 +43,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: Saber-KEM
claimed-nist-level: 3
claimed-security: IND-CCA2
@ -60,6 +60,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -73,6 +74,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- name: FireSaber-KEM
claimed-nist-level: 5
claimed-security: IND-CCA2
@ -89,6 +91,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@ -102,3 +105,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524

214
docs/algorithms/kem/sike.md
View File

@ -5,8 +5,10 @@
- **Principal submitters**: David Jao, Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev, David Urbanik.
- **Authors' website**: https://sike.org
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
- **Implementation license (SPDX-Identifier)**: MIT.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
- **Implementation license (SPDX-Identifier)**: MIT
## Parameter set summary
@ -31,12 +33,12 @@
## SIDH-p434 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
@ -44,174 +46,174 @@ Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p434-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p503 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p503-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p610 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p610-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p751 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p751-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p434 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p434-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p503 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p503-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p610 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p610-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p751 implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p751-compressed implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| optimized | All | All | None | True | True | False |
| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.

220
docs/algorithms/kem/sike.yml
View File

@ -20,7 +20,9 @@ website: https://sike.org
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: MIT
upstream: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
primary-upstream:
source: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
spdx-license-identifier: MIT
parameter-sets:
- name: SIDH-p434
claimed-nist-level: 1
@ -31,14 +33,16 @@ parameter-sets:
length-shared-secret: 110
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -51,7 +55,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -65,7 +70,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -85,14 +91,16 @@ parameter-sets:
length-shared-secret: 110
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -105,7 +113,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -119,7 +128,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -139,14 +149,16 @@ parameter-sets:
length-shared-secret: 126
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -157,7 +169,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -170,7 +183,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -184,7 +198,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -204,14 +219,16 @@ parameter-sets:
length-shared-secret: 126
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -222,7 +239,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -235,7 +253,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -249,7 +268,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -269,14 +289,16 @@ parameter-sets:
length-shared-secret: 154
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -289,7 +311,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -303,7 +326,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -323,14 +347,16 @@ parameter-sets:
length-shared-secret: 154
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -343,7 +369,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -357,7 +384,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -377,14 +405,16 @@ parameter-sets:
length-shared-secret: 188
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -395,7 +425,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -408,7 +439,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -422,7 +454,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -442,14 +475,16 @@ parameter-sets:
length-shared-secret: 188
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -460,7 +495,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -473,7 +509,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -487,7 +524,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -507,14 +545,16 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -527,7 +567,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -541,7 +582,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -561,14 +603,16 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -581,7 +625,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -595,7 +640,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -615,14 +661,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -633,7 +681,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -646,7 +695,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -660,7 +710,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -680,14 +731,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -698,7 +751,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -711,7 +765,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -725,7 +780,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -745,14 +801,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -765,7 +823,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -779,7 +838,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -799,14 +859,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -819,7 +881,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -833,7 +896,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -853,14 +917,16 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -871,7 +937,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -884,7 +951,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -898,7 +966,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@ -918,14 +987,16 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: false
implementations:
- upstream-id: optimized
- upstream: primary-upstream
upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64
- upstream: primary-upstream
upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@ -936,7 +1007,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_bmi2
- upstream: primary-upstream
upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@ -949,7 +1021,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_amd64_adx
- upstream: primary-upstream
upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@ -963,7 +1036,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream-id: additional_arm64
- upstream: primary-upstream
upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:

2
docs/algorithms/sig/falcon.md
View File

@ -6,7 +6,7 @@
- **Auxiliary submitters**: Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Ricosset, Gregor Seiler, William Whyte, Zhenfei Zhang.
- **Authors' website**: https://falcon-sign.info
- **Specification version**: v1.2.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/cea1fa5a/falcon, which takes it from:
- supercop-20201018
- **Implementation license (SPDX-Identifier)**: CC0-1.0.

2
docs/algorithms/sig/rainbow.md
View File

@ -6,7 +6,7 @@
- **Auxiliary submitters**: Ming-Shing Chen, Matthias Kannwischer, Jacques Patarin, Albrecht Petzoldt, Dieter Schmidt, Bo-Yin Yang.
- **Authors' website**: https://www.pqcrainbow.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524, which takes it from:
- https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263
- **Implementation license (SPDX-Identifier)**: CC0-1.0.

2
docs/algorithms/sig/sphincs.md
View File

@ -6,7 +6,7 @@
- **Auxiliary submitters**: Jean-Philippe Aumasson, Daniel J. Bernstein,, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag, Panos Kampanakis, Stefan Kölbl, Tanja Lange, Martin M. Lauridsen, Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, Peter Schwabe.
- **Authors' website**: https://sphincs.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0 with copy_from_upstream patches, which takes it from:
- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524 with copy_from_upstream patches, which takes it from:
- https://github.com/sphincs/sphincsplus
- **Implementation license (SPDX-Identifier)**: CC0-1.0.

76
scripts/copy_from_upstream/copy_from_upstream.py
View File

@ -164,6 +164,8 @@ def load_instructions():
for scheme in family['schemes']:
if not 'upstream_location' in scheme:
scheme['upstream_location'] = family['upstream_location']
if (not 'arch_specific_upstream_locations' in scheme) and 'arch_specific_upstream_locations' in family:
scheme['arch_specific_upstream_locations'] = family['arch_specific_upstream_locations']
if not 'git_commit' in scheme:
scheme['git_commit'] = upstreams[scheme['upstream_location']]['git_commit']
if not 'git_branch' in scheme:
@ -179,7 +181,7 @@ def load_instructions():
if 'arch_specific_upstream_locations' in family:
if 'extras' not in scheme['kem_meta_paths']:
scheme['kem_meta_paths']['extras'] = {}
for arch in family['arch_specific_upstream_locations']:
location = family['arch_specific_upstream_locations'][arch]
scheme['kem_meta_paths']['extras'][arch] = os.path.join('repos', location,
@ -187,14 +189,28 @@ def load_instructions():
metadata = {}
if not 'metadata' in scheme:
metadata = yaml.safe_load(file_get_contents(scheme['kem_meta_paths']['default']))
imps_to_remove = []
upstream = upstreams[scheme['upstream_location']]
for imp in metadata['implementations']:
imp['upstream'] = upstreams[scheme['upstream_location']]
if 'ignore' in upstream and "{}_{}_{}".format(upstream['name'], scheme['pqclean_scheme'], imp['name']) in upstream['ignore']:
imps_to_remove.append(imp['name'])
else:
imp['upstream'] = upstream
for imp_name in imps_to_remove:
for i in range(len(metadata['implementations'])):
if metadata['implementations'][i]['name'] == imp_name:
del metadata['implementations'][i]
break
if 'extras' in scheme['kem_meta_paths']:
for arch in scheme['kem_meta_paths']['extras']:
implementations = yaml.safe_load(file_get_contents(scheme['kem_meta_paths']['extras'][arch]))['implementations']
for imp in implementations:
if arch in family['arch_specific_implementations'] and imp['name'] in family['arch_specific_implementations']:
imp['upstream'] = upstreams[family['arch_specific_upstream_locations'][arch]]
upstream = upstreams[family['arch_specific_upstream_locations'][arch]]
if (arch in family['arch_specific_implementations'] and imp['name'] in family['arch_specific_implementations']) \
and ('ignore' not in upstream or ('ignore' in upstream and "{}_{}_{}".format(upstream['name'], scheme['pqclean_scheme'], impl['name']) \
not in upstream['ignore'])):
imp['upstream'] = upstream
metadata['implementations'].append(imp)
break
scheme['metadata'] = metadata
@ -265,7 +281,7 @@ def load_instructions():
if 'arch_specific_upstream_locations' in family:
if 'extras' not in scheme['kem_meta_paths']:
scheme['sig_meta_paths']['extras'] = {}
for arch in family['arch_specific_upstream_locations']:
location = family['arch_specific_upstream_locations'][arch]
scheme['sig_meta_paths']['extras'][arch] = os.path.join('repos', location,
@ -584,6 +600,9 @@ def copy_from_upstream():
shutil.rmtree('repos')
update_upstream_alg_docs.do_it(os.environ['LIBOQS_DIR'])
# Not in love with using sub process to call a python script, but this is the easiest solution for
# automatically calling this script in its current state.
shell(["python3", "../update_docs_from_yaml.py", "--liboqs-root", "../../"])
def verify_from_upstream():
instructions = load_instructions()
@ -600,33 +619,42 @@ def verify_from_upstream():
if 'implementation' in scheme:
impl = scheme['implementation']
oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
'{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl))
'{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl))
verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
'{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl))
scheme['verifydir'] = '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl)
ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
if ret.returncode == 0:
validated += 1
'{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl))
if not os.path.isdir(oqsdir) and os.path.isdir(erifydir):
print('Available implementation in upstream that isn\'t integrated into LIBOQS: {}_{}_{}'.format(impl['upstream']['name'],
scheme['pqclean_scheme'], impl))
else:
differ += 1
dinfo.append(scheme)
else:
# If no scheme['implementation'] given, get the list from META.yml and add all implementations
for impl in scheme['metadata']['implementations']:
oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
'{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
impl['name']))
verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
'{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
impl['name']))
scheme['verifydir'] = '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
impl['name'])
scheme['verifydir'] = '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl)
ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
# If we haven't integrated something from upstream it shouldn't be reported as an error, it should just be reported.
if ret.returncode == 0:
validated += 1
else:
differ += 1
dinfo.append(scheme)
else:
# If no scheme['implementation'] given, get the list from META.yml and add all implementations
for impl in scheme['metadata']['implementations']:
oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
'{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
impl['name']))
verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
'{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
impl['name']))
if not os.path.isdir(oqsdir) and os.path.isdir(verifydir):
print('Available implementation in upstream that isn\'t integrated into LIBOQS: {}_{}_{}'.format(impl['upstream']['name'],
scheme['pqclean_scheme'], impl['name']))
else:
scheme['verifydir'] = '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
impl['name'])
ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
if ret.returncode == 0:
validated += 1
else:
differ += 1
dinfo.append(scheme)
patch_list = []
for upstream in instructions['upstreams']:

1
scripts/copy_from_upstream/copy_from_upstream.yml
View File

@ -8,6 +8,7 @@ upstreams:
sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml'
kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
sig_scheme_path: 'crypto_sign/{pqclean_scheme}'
ignore: ['pqclean_lightsaber_aarch64', 'pqclean_saber_aarch64', 'pqclean_firesaber_aarch64']
patches: ['pqclean-sphincs.patch', 'pqclean-kyber-armneon-yml.patch', 'pqclean-kyber-armneon-shake.patch']
-
name: pqcrystals-kyber

12
scripts/copy_from_upstream/src/kem/family/kem_scheme.c
View File

@ -93,9 +93,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_keypair'] %}
return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key);
{%- else %}
return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)
@ -125,9 +125,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *c
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_enc'] %}
return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key);
{%- else %}
return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)
@ -157,9 +157,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *s
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_dec'] %}
return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key);
{%- else %}
return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key);
{% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)

85
scripts/copy_from_upstream/update_upstream_alg_docs.py
View File

@ -68,13 +68,19 @@ def get_oqs_yaml(param_list, name):
exit(1)
# Merge documentation contained in liboqs_root/docs/algorithms/kem/kem['name'].yml with upstream information:
# Args:
# Args:
# kems: List of kems in copy_from_upstream.yml
# upstream_info: Hashtable of upstream information (keyed by upstream source)
# incl. entry: 'upstream_root' pointing to local folder containing source code
# incl. entry: 'upstream_root' pointing to local folder containing source code
def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes=False):
for kem in kems:
ui = get_upstream_info(upstream_info, kem['upstream_location'])
ouis = dict()
if 'arch_specific_upstream_locations' in kem:
for arch_specific_ul in kem['arch_specific_upstream_locations']:
name = kem['arch_specific_upstream_locations'][arch_specific_ul] + '-' + str(arch_specific_ul)
ouis[name] = get_upstream_info(upstream_info, kem['arch_specific_upstream_locations'][arch_specific_ul])
patches_done=""
if 'patches' in ui:
for patchfilename in ui['patches']:
@ -96,6 +102,7 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
# in the OQS YAML files matches that of copy_from_upstream.yml
# hence use helper function get_oqs_yaml(alg_name)
for scheme in kem['schemes']:
meta_yaml_path_template = ui['kem_meta_path']
upstream_meta_path = os.path.join(upstream_root, meta_yaml_path_template.format_map(scheme))
if DEBUG > 0:
print("Examining {}'s META.yml.".format(scheme['pretty_name_full']))
@ -107,7 +114,41 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
upstream_base_url = ui['git_url'][:-len(".git")]
# upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
oqs_yaml['upstream'] = rhs_if_not_equal(oqs_yaml['upstream'], ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "upstream")
# Need to check if yml is of old format. If so, update to new format
if 'primary-upstream' not in oqs_yaml:
print("Updating format of {}. Please double check ordering of yaml file".format(scheme['pretty_name_full']))
lhs = oqs_yaml['upstream']
oqs_yaml['primary-upstream'] = dict()
oqs_yaml['primary-upstream']['spdx-license-identifier'] = oqs_yaml['spdx-license-identifier']
for i in range(len(oqs_yaml['parameter-sets'])):
for j in range(len(oqs_yaml['parameter-sets'][i]['implementations'])):
oqs_yaml['parameter-sets'][i]['implementations'][j]['upstream'] = 'primary-upstream'
else:
lhs = oqs_yaml['primary-upstream']['source']
oqs_yaml['primary-upstream']['source'] = rhs_if_not_equal(lhs, ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "primary-upstream")
if 'upstream' in oqs_yaml:
del oqs_yaml['upstream']
del oqs_yaml['spdx-license-identifier']
if ouis:
for upstream in ouis:
optimized_upstream_base_url = ouis[upstream]['git_url'][:-len(".git")]
for patchfilename in ouis[upstream]['patches']:
if kem['name'] in patchfilename:
patches_done=" with copy_from_upstream patches"
patches_done=""
if 'patches' in ouis[upstream]:
for patchfilename in ouis[upstream]['patches']:
if kem['name'] in patchfilename:
patches_done=" with copy_from_upstream patches"
if 'optimized-upstreams' in oqs_yaml and upstream in oqs_yaml['optimized-upstreams']:
lhs = oqs_yaml['optimized-upstreams'][upstream]['source']
else:
lhs = ''
git_commit = ouis[upstream]['git_commit']
oqs_yaml['optimized-upstreams'][upstream]['source'] = rhs_if_not_equal(lhs, ("{}/commit/{}"+patches_done).format(optimized_upstream_base_url, git_commit), "optimized-upstreams")
if 'auxiliary-submitters' in upstream_yaml:
oqs_yaml['auxiliary-submitters'] = rhs_if_not_equal(oqs_yaml['auxiliary-submitters'] if 'auxiliary-submitters' in oqs_yaml else '', upstream_yaml['auxiliary-submitters'], "auxiliary-submitters")
@ -127,14 +168,33 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
oqs_scheme_yaml['length-ciphertext'] = rhs_if_not_equal(oqs_scheme_yaml['length-ciphertext'], upstream_yaml['length-ciphertext'], "length-ciphertext")
oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key")
oqs_scheme_yaml['length-shared-secret'] = rhs_if_not_equal(oqs_scheme_yaml['length-shared-secret'], upstream_yaml['length-shared-secret'], "length-shared-secret")
_upstream_yaml = upstream_yaml
for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']):
upstream_yaml = _upstream_yaml
if impl['upstream'] in ouis:
upstream_name = impl['upstream']
meta_yaml_path_template = ouis[upstream_name]['kem_meta_path']
opt_upstream_root = ouis[upstream_name]['upstream_root']
upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
upstream_yaml = load_yaml(upstream_meta_path)
for upstream_impl in upstream_yaml['implementations']:
if impl['upstream-id'] == upstream_impl['name']:
break
# Logic to add Common_META.yml components
uir = get_upstream_info(upstream_yaml['implementations'], impl['upstream-id'])
implementations = upstream_yaml['implementations']
"""
if 'arch_specific_upstream_locations' in kem and impl['upstream'] != 'primary-upstream':
upstream_name = impl['upstream']
meta_yaml_path_template = ouis[upstream_name]['kem_meta_path']
opt_upstream_root = ouis[upstream_name]['upstream_root']
upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
optimized_meta = load_yaml(upstream_meta_path)
implementations = optimized_meta['implementations']
"""
uir = get_upstream_info(implementations, impl['upstream-id'])
if (uir != None) and ('common_dep' in uir):
upstream_common_path = upstream_meta_path.replace(scheme['pretty_name_full'], "Common")
upstream_common_yaml = load_yaml(upstream_common_path)
@ -144,12 +204,18 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
if 'required_flags' in ur['supported_platforms'][0].keys():
upstream_impl['supported_platforms'][0]['required_flags']=list(set(upstream_impl['supported_platforms'][0]['required_flags']+ur['supported_platforms'][0]['required_flags']))
upstream_impl['supported_platforms'][0]['required_flags'].sort()
if 'supported_platforms' in upstream_impl:
for i in range(len(upstream_impl['supported_platforms'])):
if upstream_impl['supported_platforms'][i]['architecture'] == 'arm_8':
upstream_impl['supported_platforms'][i]['architecture'] = 'ARM64_V8'
if 'asimd' in upstream_impl['supported_platforms'][i]['required_flags']:
upstream_impl['supported_platforms'][i]['required_flags'].remove('asimd')
if not upstream_impl['supported_platforms'][i]['required_flags']:
del upstream_impl['supported_platforms'][i]['required_flags']
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], upstream_impl['supported_platforms'], "supported-platforms")
else:
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], "all", "supported-platforms")
oqs_scheme_yaml['implementations'][impl_index] = impl
oqs_yaml['parameter-sets'][index] = oqs_scheme_yaml
@ -189,7 +255,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
oqs_yaml['principal-submitters'] = rhs_if_not_equal(oqs_yaml['principal-submitters'], upstream_yaml['principal-submitters'], "principal-submitters")
upstream_base_url = ui['git_url'][:-len(".git")]
# upstream is special: We will take the upstream git commit information
# upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
oqs_yaml['upstream'] = rhs_if_not_equal(oqs_yaml['upstream'], ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "upstream")
@ -232,7 +298,6 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], upstream_impl['supported_platforms'], "supported-platforms")
else:
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], "all", "supported-platforms")
oqs_scheme_yaml['implementations'][impl_index] = impl
oqs_yaml['parameter-sets'][index] = oqs_scheme_yaml

33
scripts/update_docs_from_yaml.py
View File

@ -41,7 +41,16 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
out_md.write('- **Authors\' website**: {}\n'.format(kem_yaml['website']))
out_md.write('- **Specification version**: {}.\n'.format(kem_yaml['spec-version']))
out_md.write('- **Implementation source**: {}'.format(kem_yaml['upstream']))
out_md.write('- **Primary Source**<a name="primary-source"></a>:\n')
out_md.write(' - **Source**: {}\n'.format(kem_yaml['primary-upstream']['source']))
out_md.write(' - **Implementation license (SPDX-Identifier)**: {}\n'.format(kem_yaml['primary-upstream']['spdx-license-identifier']))
if 'optimized-upstreams' in kem_yaml:
out_md.write('- **Optimized Implementation sources**: {}\n'.format(kem_yaml['primary-upstream']['source']))
for opt_upstream in kem_yaml['optimized-upstreams']:
out_md.write(' - **{}**:<a name="{}"></a>\n'.format(opt_upstream, opt_upstream))
out_md.write(' - **Source**: {}\n'.format(kem_yaml['optimized-upstreams'][opt_upstream]['source']))
out_md.write(' - **Implementation license (SPDX-Identifier)**: {}\n'.format(kem_yaml['optimized-upstreams'][opt_upstream]['spdx-license-identifier']))
if 'upstream-ancestors' in kem_yaml:
out_md.write(', which takes it from:\n')
for url in kem_yaml['upstream-ancestors'][:-1]:
@ -50,7 +59,6 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
else:
out_md.write('\n')
out_md.write('- **Implementation license (SPDX-Identifier)**: {}.\n'.format(kem_yaml['spdx-license-identifier']))
out_md.write('\n## Parameter set summary\n\n')
table = [['Parameter set',
@ -73,7 +81,8 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
for index, parameter_set in enumerate(kem_yaml['parameter-sets']):
out_md.write('\n## {} implementation characteristics\n\n'.format(parameter_set['name']))
table_header = ['Identifier in upstream',
table_header = ['Implementation source',
'Identifier in upstream',
'Supported architecture(s)',
'Supported operating system(s)',
'CPU extension(s) used',
@ -86,8 +95,11 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
table = [table_header]
for impl in parameter_set['implementations']:
# todo, automate linking this?
# if all platforms are supported, assuming not optimized and is primary upstream
if impl['supported-platforms'] == 'all':
table.append([impl['upstream-id'].replace('_', '\_'),
table.append(['[Primary Source](#primary-source)',
impl['upstream-id'].replace('_', '\_'),
'All',
'All',
'None',
@ -97,12 +109,19 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
else:
for platform in impl['supported-platforms']:
op_systems = ','.join(platform['operating_systems'])
if 'required_flags' in platform:
if 'required_flags' in platform and platform['required_flags']:
flags = ','.join(flag.upper() for flag in platform['required_flags'])
else:
flags = 'None'
table.append([impl['upstream-id'].replace('_', '\_'),
if impl['upstream'] == 'primary-upstream':
name = 'Primary Source'
anchor = 'primary-source'
else:
name = impl['upstream']
anchor = impl['upstream']
upstream_name = '[{}](#{})'.format(name, anchor)
table.append([upstream_name,
impl['upstream-id'].replace('_', '\_'),
platform['architecture'].replace('_', '\_'),
op_systems,
flags,

3
src/oqsconfig.h.cmake
View File

@ -169,13 +169,10 @@
#cmakedefine OQS_ENABLE_KEM_SABER 1
#cmakedefine OQS_ENABLE_KEM_saber_lightsaber 1
#cmakedefine OQS_ENABLE_KEM_saber_lightsaber_avx2 1
#cmakedefine OQS_ENABLE_KEM_saber_lightsaber_aarch64 1
#cmakedefine OQS_ENABLE_KEM_saber_saber 1
#cmakedefine OQS_ENABLE_KEM_saber_saber_avx2 1
#cmakedefine OQS_ENABLE_KEM_saber_saber_aarch64 1
#cmakedefine OQS_ENABLE_KEM_saber_firesaber 1
#cmakedefine OQS_ENABLE_KEM_saber_firesaber_avx2 1
#cmakedefine OQS_ENABLE_KEM_saber_firesaber_aarch64 1
#cmakedefine OQS_ENABLE_SIG_DILITHIUM 1
#cmakedefine OQS_ENABLE_SIG_dilithium_2 1