diff --git a/docs/algorithms/kem/bike.md b/docs/algorithms/kem/bike.md
index 33fcc7128..417c858e4 100644
--- a/docs/algorithms/kem/bike.md
+++ b/docs/algorithms/kem/bike.md
@@ -5,9 +5,11 @@
- **Principal submitters**: Nicolas Aragon, Paulo Barreto, Slim Bettaieb, Loic Bidoux, Olivier Blazy, Jean-Christophe Deneuville, Phillipe Gaborit, Santosh Gosh, Shay Gueron, Tim Güneysu, Carlos Aguilar Melchor, Rafael Misoczki, Edoardo Persichetti, Nicolas Sendrier, Jean-Pierre Tillich, Valentin Vasseur, Gilles Zémor.
- **Authors' website**: http://bikesuite.org/
- **Specification version**: 4.1.
-- **Implementation source**: https://github.com/awslabs/bike-kem, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/awslabs/bike-kem
+ - **Implementation license (SPDX-Identifier)**: Apache-2.0
+, which takes it from:
- https://bikesuite.org/files/v4.1/Reference_Implementation.2020.10.20.2.zip
-- **Implementation license (SPDX-Identifier)**: Apache-2.0.
## Parameter set summary
@@ -18,10 +20,10 @@
## BIKE-L1 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| master | little endian | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | master | little endian | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -29,10 +31,10 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## BIKE-L3 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | little endian | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | little endian | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin | AVX2,AVX512,PCLMUL,SSE2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/bike.yml b/docs/algorithms/kem/bike.yml
index 7665c8a90..ca3479000 100644
--- a/docs/algorithms/kem/bike.yml
+++ b/docs/algorithms/kem/bike.yml
@@ -22,8 +22,9 @@ crypto-assumption: QC-MDPC (Quasi-Cyclic Moderate Density Parity-Check)
website: http://bikesuite.org/
nist-round: 3
spec-version: 4.1
-spdx-license-identifier: Apache-2.0
-upstream: https://github.com/awslabs/bike-kem
+primary-upstream:
+ source: https://github.com/awslabs/bike-kem
+ spdx-license-identifier: Apache-2.0
upstream-ancestors:
- https://bikesuite.org/files/v4.1/Reference_Implementation.2020.10.20.2.zip
parameter-sets:
@@ -36,7 +37,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: little endian
operating_systems:
@@ -44,7 +46,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -69,7 +72,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: little endian
operating_systems:
@@ -77,7 +81,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
diff --git a/docs/algorithms/kem/classic_mceliece.md b/docs/algorithms/kem/classic_mceliece.md
index 49b0835b8..2a5b5fa07 100644
--- a/docs/algorithms/kem/classic_mceliece.md
+++ b/docs/algorithms/kem/classic_mceliece.md
@@ -5,9 +5,11 @@
- **Principal submitters**: Daniel J. Bernstein, Tung Chou, Tanja Lange, Ingo von Maurich, Rafael Misoczki, Ruben Niederhagen, Edoardo Persichetti, Christiane Peters, Peter Schwabe, Nicolas Sendrier, Jakub Szefer, Wen Wang.
- **Authors' website**: https://classic.mceliece.org
- **Specification version**: SUPERCOP-20191221.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ - **Implementation license (SPDX-Identifier)**: Public domain
+, which takes it from:
- SUPERCOP-20191221 "vec" and "avx" implementations
-- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@@ -26,10 +28,10 @@
## Classic-McEliece-348864 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -37,82 +39,82 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-348864f implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-460896 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-460896f implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6688128 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6688128f implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6960119 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-6960119f implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,BMI1,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-8192128 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Classic-McEliece-8192128f implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| vec | All | All | None | True | True | True |
-| avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | vec | All | All | None | True | True | True |
+| [Primary Source](#primary-source) | avx | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/classic_mceliece.yml b/docs/algorithms/kem/classic_mceliece.yml
index fe366f272..30a51eb39 100644
--- a/docs/algorithms/kem/classic_mceliece.yml
+++ b/docs/algorithms/kem/classic_mceliece.yml
@@ -18,8 +18,6 @@ crypto-assumption: Niederreiter's dual version of McEliece's public key encrypti
website: https://classic.mceliece.org
nist-round: 3
spec-version: SUPERCOP-20191221
-spdx-license-identifier: Public domain
-upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- SUPERCOP-20191221 "vec" and "avx" implementations
parameter-sets:
@@ -40,6 +38,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -55,6 +54,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-348864f
claimed-nist-level: 1
claimed-security: IND-CCA2
@@ -72,6 +72,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -88,6 +89,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-460896
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -105,6 +107,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -120,6 +123,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-460896f
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -137,6 +141,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -153,6 +158,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-6688128
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -170,6 +176,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -185,6 +192,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-6688128f
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -202,6 +210,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -218,6 +227,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-6960119
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -235,6 +245,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -250,6 +261,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-6960119f
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -267,6 +279,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -283,6 +296,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-8192128
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -300,6 +314,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -315,6 +330,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- name: Classic-McEliece-8192128f
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -332,6 +348,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
- upstream-id: avx
supported-platforms:
- architecture: x86_64
@@ -348,4 +365,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
auxiliary-submitters: []
+primary-upstream:
+ spdx-license-identifier: Public domain
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
diff --git a/docs/algorithms/kem/frodokem.md b/docs/algorithms/kem/frodokem.md
index ca0ea3504..fbf5366b0 100644
--- a/docs/algorithms/kem/frodokem.md
+++ b/docs/algorithms/kem/frodokem.md
@@ -5,8 +5,10 @@
- **Principal submitters**: Michael Naehrig, Erdem Alkim, Joppe Bos, Léo Ducas, Karen Easterbrook, Brian LaMacchia, Patrick Longa, Ilya Mironov, Valeria Nikolaenko, Christopher Peikert, Ananth Raghunathan, Douglas Stebila.
- **Authors' website**: https://frodokem.org/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
-- **Implementation license (SPDX-Identifier)**: MIT.
+- **Primary Source**:
+ - **Source**: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
+ - **Implementation license (SPDX-Identifier)**: MIT
+
## Parameter set summary
@@ -21,10 +23,10 @@
## FrodoKEM-640-AES implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -32,46 +34,46 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-640-SHAKE implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-976-AES implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-976-SHAKE implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-1344-AES implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FrodoKEM-1344-SHAKE implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| master | All | All | None | True | True | False |
-| master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | master | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | master | x86\_64 | Linux,Darwin,Windows | AVX2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/frodokem.yml b/docs/algorithms/kem/frodokem.yml
index 21c558f20..41ffff308 100644
--- a/docs/algorithms/kem/frodokem.yml
+++ b/docs/algorithms/kem/frodokem.yml
@@ -17,8 +17,9 @@ crypto-assumption: learning with errors (LWE)
website: https://frodokem.org/
nist-round: 3
spec-version: NIST Round 3 submission
-spdx-license-identifier: MIT
-upstream: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
+primary-upstream:
+ source: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
+ spdx-license-identifier: MIT
parameter-sets:
- name: FrodoKEM-640-AES
claimed-nist-level: 1
@@ -29,7 +30,8 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -37,7 +39,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -61,7 +64,8 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -69,7 +73,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -93,7 +98,8 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -101,7 +107,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -125,7 +132,8 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -133,7 +141,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -157,7 +166,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -165,7 +175,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -189,7 +200,8 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms: all
common-crypto:
- AES: liboqs
@@ -197,7 +209,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: master
+ - upstream: primary-upstream
+ upstream-id: master
supported-platforms:
- architecture: x86_64
operating_systems:
diff --git a/docs/algorithms/kem/hqc.md b/docs/algorithms/kem/hqc.md
index f3cd35a63..79eb2f479 100644
--- a/docs/algorithms/kem/hqc.md
+++ b/docs/algorithms/kem/hqc.md
@@ -5,10 +5,12 @@
- **Principal submitters**: Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Olivier Blazy, Jurjen Bos, Jean-Christophe Deneuville, Philippe Gaborit, Edoardo Persichetti, Jean-Marc Robert, Pascal Véron, Gilles Zémor, Loïc Bidoux.
- **Authors' website**: https://pqc-hqc.org/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ - **Implementation license (SPDX-Identifier)**: Public domain
+, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc, which takes it from:
- submission 2020-10-01 at https://pqc-hqc.org/implementation.html
-- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@@ -20,10 +22,10 @@
## HQC-128 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -31,19 +33,19 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## HQC-192 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## HQC-256 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | True |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/hqc.yml b/docs/algorithms/kem/hqc.yml
index 91dc180d1..60505add0 100644
--- a/docs/algorithms/kem/hqc.yml
+++ b/docs/algorithms/kem/hqc.yml
@@ -17,8 +17,6 @@ crypto-assumption: Syndrome decoding of structure codes (Hamming Quasi-Cyclic)
website: https://pqc-hqc.org/
nist-round: 3
spec-version: NIST Round 3 submission
-spdx-license-identifier: Public domain
-upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc
- submission 2020-10-01 at https://pqc-hqc.org/implementation.html
@@ -39,6 +37,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -54,6 +53,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: HQC-192
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -70,6 +70,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -85,6 +86,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: HQC-256
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -101,6 +103,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -116,3 +119,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: true
+ upstream: primary-upstream
+primary-upstream:
+ spdx-license-identifier: Public domain
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
diff --git a/docs/algorithms/kem/kyber.yml b/docs/algorithms/kem/kyber.yml
index 096caaa88..9da2d19c2 100644
--- a/docs/algorithms/kem/kyber.yml
+++ b/docs/algorithms/kem/kyber.yml
@@ -17,11 +17,13 @@ website: https://pq-crystals.org/
nist-round: 3
spec-version: NIST Round 3 submission
primary-upstream:
- source: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2 with copy_from_upstream patches
+ source: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2
+ with copy_from_upstream patches
spdx-license-identifier: CC0-1.0
optimized-upstreams:
pqclean-aarch64:
- source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524 with copy_from_upstream patches
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ with copy_from_upstream patches
spdx-license-identifier: CC0-1.0
parameter-sets:
- name: Kyber512
@@ -64,7 +66,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
- required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@@ -148,7 +149,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
- required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@@ -232,7 +232,6 @@ parameter-sets:
operating_systems:
- Linux
- Darwin
- required_flags:
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
diff --git a/docs/algorithms/kem/ntru.md b/docs/algorithms/kem/ntru.md
index 0d77474bc..4424c608e 100644
--- a/docs/algorithms/kem/ntru.md
+++ b/docs/algorithms/kem/ntru.md
@@ -6,9 +6,11 @@
- **Auxiliary submitters**: Cong Chen, Oussama Danba, Jeffrey Hoffstein, Andreas Hülsing, Joost Rijneveld, Tsunekazu Saito, Peter Schwabe, William Whyte, Keita Xagawa, Takashi Yamakawa, Zhenfei Zhang.
- **Authors' website**: https://ntru.org/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ - **Implementation license (SPDX-Identifier)**: CC0-1.0
+, which takes it from:
- https://github.com/jschanck/ntru/tree/a43a4457
-- **Implementation license (SPDX-Identifier)**: CC0-1.0.
## Parameter set summary
@@ -21,10 +23,10 @@
## NTRU-HPS-2048-509 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -32,28 +34,28 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HPS-2048-677 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HPS-4096-821 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## NTRU-HRSS-701 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/ntru.yml b/docs/algorithms/kem/ntru.yml
index f71cba160..554696583 100644
--- a/docs/algorithms/kem/ntru.yml
+++ b/docs/algorithms/kem/ntru.yml
@@ -18,8 +18,6 @@ crypto-assumption: NTRU in Z[x]/(q, x^n-1) with prime n and power-of-two q
website: https://ntru.org/
nist-round: 3
spec-version: NIST Round 3 submission
-spdx-license-identifier: CC0-1.0
-upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/ntru/tree/a43a4457
parameter-sets:
@@ -39,6 +37,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -53,6 +52,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: NTRU-HPS-2048-677
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -69,6 +69,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -83,6 +84,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: NTRU-HPS-4096-821
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -99,6 +101,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -113,6 +116,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: NTRU-HRSS-701
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -129,6 +133,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -143,3 +148,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
+primary-upstream:
+ spdx-license-identifier: CC0-1.0
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
diff --git a/docs/algorithms/kem/ntruprime.md b/docs/algorithms/kem/ntruprime.md
index 8e1ff3141..e8bd32e9c 100644
--- a/docs/algorithms/kem/ntruprime.md
+++ b/docs/algorithms/kem/ntruprime.md
@@ -5,10 +5,12 @@
- **Principal submitters**: Daniel J. Bernstein, Billy Bob Brumley, Ming-Shing Chen, Chitchanok Chuengsatiansup, Tanja Lange, Adrian Marotzke, Bo-Yuan Peng, Nicola Tuveri, Christine van Vredendaal, Bo-Yin Yang.
- **Authors' website**: https://ntruprime.cr.yp.to
- **Specification version**: supercop-20200826.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ - **Implementation license (SPDX-Identifier)**: Public domain
+, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime, which takes it from:
- supercop-20210604
-- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@@ -25,10 +27,10 @@
## ntrulpr653 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -36,64 +38,64 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr761 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr857 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## ntrulpr1277 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup653 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup761 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup857 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## sntrup1277 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/ntruprime.yml b/docs/algorithms/kem/ntruprime.yml
index d8e4a712e..87ff6ff22 100644
--- a/docs/algorithms/kem/ntruprime.yml
+++ b/docs/algorithms/kem/ntruprime.yml
@@ -15,8 +15,6 @@ crypto-assumption: NTRU
website: https://ntruprime.cr.yp.to
nist-round: 3
spec-version: supercop-20200826
-spdx-license-identifier: Public domain
-upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime
- supercop-20210604
@@ -38,6 +36,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -52,6 +51,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: ntrulpr761
claimed-nist-level: 2
claimed-security: IND-CCA2
@@ -69,6 +69,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -83,6 +84,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: ntrulpr857
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -100,6 +102,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -114,6 +117,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: ntrulpr1277
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -131,6 +135,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -145,6 +150,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: sntrup653
claimed-nist-level: 1
claimed-security: IND-CCA2
@@ -162,6 +168,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -176,6 +183,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: sntrup761
claimed-nist-level: 2
claimed-security: IND-CCA2
@@ -193,6 +201,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -207,6 +216,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: sntrup857
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -224,6 +234,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -238,6 +249,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: sntrup1277
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -255,6 +267,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -269,3 +282,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
+primary-upstream:
+ spdx-license-identifier: Public domain
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
diff --git a/docs/algorithms/kem/saber.md b/docs/algorithms/kem/saber.md
index d2fb95a1f..c3c49936e 100644
--- a/docs/algorithms/kem/saber.md
+++ b/docs/algorithms/kem/saber.md
@@ -5,10 +5,12 @@
- **Principal submitters**: Jan-Pieter D'Anvers, Angshuman Karmakar, Sujoy Sinha Roy, Frederik Vercauteren.
- **Authors' website**: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Primary Source**:
+ - **Source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
+ - **Implementation license (SPDX-Identifier)**: Public domain
+, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/1ae84c3c/saber, which takes it from:
- https://github.com/KULeuven-COSIC/SABER/tree/509cc5ec3a7e12a751ccdd2ef5bd6e54e00bd350
-- **Implementation license (SPDX-Identifier)**: Public domain.
## Parameter set summary
@@ -20,10 +22,10 @@
## LightSaber-KEM implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@@ -31,19 +33,19 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Saber-KEM implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## FireSaber-KEM implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| clean | All | All | None | True | True | False |
-| avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2 | False | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
diff --git a/docs/algorithms/kem/saber.yml b/docs/algorithms/kem/saber.yml
index 9412b5bf9..096200263 100644
--- a/docs/algorithms/kem/saber.yml
+++ b/docs/algorithms/kem/saber.yml
@@ -9,8 +9,6 @@ crypto-assumption: Module learning with rounding
website: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/
nist-round: 3
spec-version: NIST Round 3 submission
-spdx-license-identifier: Public domain
-upstream: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0
upstream-ancestors:
- https://github.com/jschanck/package-pqclean/tree/1ae84c3c/saber
- https://github.com/KULeuven-COSIC/SABER/tree/509cc5ec3a7e12a751ccdd2ef5bd6e54e00bd350
@@ -31,6 +29,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -44,6 +43,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: Saber-KEM
claimed-nist-level: 3
claimed-security: IND-CCA2
@@ -60,6 +60,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -73,6 +74,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- name: FireSaber-KEM
claimed-nist-level: 5
claimed-security: IND-CCA2
@@ -89,6 +91,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
@@ -102,3 +105,7 @@ parameter-sets:
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
+ upstream: primary-upstream
+primary-upstream:
+ spdx-license-identifier: Public domain
+ source: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524
diff --git a/docs/algorithms/kem/sike.md b/docs/algorithms/kem/sike.md
index 31ff882a3..7aaa619f3 100644
--- a/docs/algorithms/kem/sike.md
+++ b/docs/algorithms/kem/sike.md
@@ -5,8 +5,10 @@
- **Principal submitters**: David Jao, Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev, David Urbanik.
- **Authors' website**: https://sike.org
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
-- **Implementation license (SPDX-Identifier)**: MIT.
+- **Primary Source**:
+ - **Source**: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
+ - **Implementation license (SPDX-Identifier)**: MIT
+
## Parameter set summary
@@ -31,12 +33,12 @@
## SIDH-p434 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
@@ -44,174 +46,174 @@ Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p434-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p503 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p503-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p610 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p610-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p751 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIDH-p751-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p434 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p434-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p503 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p503-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p610 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p610-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p751 implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
## SIKE-p751-compressed implementation characteristics
-| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| optimized | All | All | None | True | True | False |
-| additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
-| additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
-| additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
-| additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
+| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
+|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
+| [Primary Source](#primary-source) | optimized | All | All | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64 | x86\_64 | Linux,Darwin | None | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_bmi2 | x86\_64 | Linux,Darwin | BMI2 | True | True | False |
+| [Primary Source](#primary-source) | additional\_amd64\_adx | x86\_64 | Linux,Darwin | BMI2,ADX | True | True | False |
+| [Primary Source](#primary-source) | additional\_arm64 | arm64v8 | Linux,Darwin | None | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **No**.
diff --git a/docs/algorithms/kem/sike.yml b/docs/algorithms/kem/sike.yml
index d9c2daa30..d181eaf4c 100644
--- a/docs/algorithms/kem/sike.yml
+++ b/docs/algorithms/kem/sike.yml
@@ -20,7 +20,9 @@ website: https://sike.org
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: MIT
-upstream: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
+primary-upstream:
+ source: https://github.com/microsoft/PQCrypto-SIDH/commit/effa607f244768cdd38f930887076373604eaa78
+ spdx-license-identifier: MIT
parameter-sets:
- name: SIDH-p434
claimed-nist-level: 1
@@ -31,14 +33,16 @@ parameter-sets:
length-shared-secret: 110
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -51,7 +55,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -65,7 +70,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -85,14 +91,16 @@ parameter-sets:
length-shared-secret: 110
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -105,7 +113,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -119,7 +128,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -139,14 +149,16 @@ parameter-sets:
length-shared-secret: 126
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -157,7 +169,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -170,7 +183,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -184,7 +198,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -204,14 +219,16 @@ parameter-sets:
length-shared-secret: 126
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -222,7 +239,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -235,7 +253,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -249,7 +268,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -269,14 +289,16 @@ parameter-sets:
length-shared-secret: 154
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -289,7 +311,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -303,7 +326,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -323,14 +347,16 @@ parameter-sets:
length-shared-secret: 154
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -343,7 +369,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -357,7 +384,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -377,14 +405,16 @@ parameter-sets:
length-shared-secret: 188
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -395,7 +425,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -408,7 +439,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -422,7 +454,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -442,14 +475,16 @@ parameter-sets:
length-shared-secret: 188
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -460,7 +495,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -473,7 +509,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -487,7 +524,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -507,14 +545,16 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -527,7 +567,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -541,7 +582,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -561,14 +603,16 @@ parameter-sets:
length-shared-secret: 16
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -581,7 +625,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -595,7 +640,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -615,14 +661,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -633,7 +681,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -646,7 +695,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -660,7 +710,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -680,14 +731,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -698,7 +751,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -711,7 +765,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -725,7 +780,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -745,14 +801,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -765,7 +823,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -779,7 +838,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -799,14 +859,16 @@ parameter-sets:
length-shared-secret: 24
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -819,7 +881,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -833,7 +896,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -853,14 +917,16 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -871,7 +937,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -884,7 +951,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -898,7 +966,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
@@ -918,14 +987,16 @@ parameter-sets:
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: false
implementations:
- - upstream-id: optimized
+ - upstream: primary-upstream
+ upstream-id: optimized
supported-platforms: all
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64
+ - upstream: primary-upstream
+ upstream-id: additional_amd64
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -936,7 +1007,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_bmi2
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_bmi2
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -949,7 +1021,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_amd64_adx
+ - upstream: primary-upstream
+ upstream-id: additional_amd64_adx
supported-platforms:
- architecture: x86_64
operating_systems:
@@ -963,7 +1036,8 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- - upstream-id: additional_arm64
+ - upstream: primary-upstream
+ upstream-id: additional_arm64
supported-platforms:
- architecture: arm64v8
operating_systems:
diff --git a/docs/algorithms/sig/falcon.md b/docs/algorithms/sig/falcon.md
index 848a19dce..27d59b4b6 100644
--- a/docs/algorithms/sig/falcon.md
+++ b/docs/algorithms/sig/falcon.md
@@ -6,7 +6,7 @@
- **Auxiliary submitters**: Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Ricosset, Gregor Seiler, William Whyte, Zhenfei Zhang.
- **Authors' website**: https://falcon-sign.info
- **Specification version**: v1.2.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524, which takes it from:
- https://github.com/jschanck/package-pqclean/tree/cea1fa5a/falcon, which takes it from:
- supercop-20201018
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
diff --git a/docs/algorithms/sig/rainbow.md b/docs/algorithms/sig/rainbow.md
index 71d6dd30c..002fac032 100644
--- a/docs/algorithms/sig/rainbow.md
+++ b/docs/algorithms/sig/rainbow.md
@@ -6,7 +6,7 @@
- **Auxiliary submitters**: Ming-Shing Chen, Matthias Kannwischer, Jacques Patarin, Albrecht Petzoldt, Dieter Schmidt, Bo-Yin Yang.
- **Authors' website**: https://www.pqcrainbow.org/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0, which takes it from:
+- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524, which takes it from:
- https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
diff --git a/docs/algorithms/sig/sphincs.md b/docs/algorithms/sig/sphincs.md
index 39364a3d8..11a1bc31e 100644
--- a/docs/algorithms/sig/sphincs.md
+++ b/docs/algorithms/sig/sphincs.md
@@ -6,7 +6,7 @@
- **Auxiliary submitters**: Jean-Philippe Aumasson, Daniel J. Bernstein,, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag, Panos Kampanakis, Stefan Kölbl, Tanja Lange, Martin M. Lauridsen, Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, Peter Schwabe.
- **Authors' website**: https://sphincs.org/
- **Specification version**: NIST Round 3 submission.
-- **Implementation source**: https://github.com/PQClean/PQClean/commit/5b8ef3baea3ffdfbf688a3a1bb8f02de44a67ec0 with copy_from_upstream patches, which takes it from:
+- **Implementation source**: https://github.com/PQClean/PQClean/commit/7eb978b4a733696bd7197278aa84216095674524 with copy_from_upstream patches, which takes it from:
- https://github.com/sphincs/sphincsplus
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py
index d7df24a0e..e968683b1 100755
--- a/scripts/copy_from_upstream/copy_from_upstream.py
+++ b/scripts/copy_from_upstream/copy_from_upstream.py
@@ -164,6 +164,8 @@ def load_instructions():
for scheme in family['schemes']:
if not 'upstream_location' in scheme:
scheme['upstream_location'] = family['upstream_location']
+ if (not 'arch_specific_upstream_locations' in scheme) and 'arch_specific_upstream_locations' in family:
+ scheme['arch_specific_upstream_locations'] = family['arch_specific_upstream_locations']
if not 'git_commit' in scheme:
scheme['git_commit'] = upstreams[scheme['upstream_location']]['git_commit']
if not 'git_branch' in scheme:
@@ -179,7 +181,7 @@ def load_instructions():
if 'arch_specific_upstream_locations' in family:
if 'extras' not in scheme['kem_meta_paths']:
scheme['kem_meta_paths']['extras'] = {}
-
+
for arch in family['arch_specific_upstream_locations']:
location = family['arch_specific_upstream_locations'][arch]
scheme['kem_meta_paths']['extras'][arch] = os.path.join('repos', location,
@@ -187,14 +189,28 @@ def load_instructions():
metadata = {}
if not 'metadata' in scheme:
metadata = yaml.safe_load(file_get_contents(scheme['kem_meta_paths']['default']))
+ imps_to_remove = []
+ upstream = upstreams[scheme['upstream_location']]
for imp in metadata['implementations']:
- imp['upstream'] = upstreams[scheme['upstream_location']]
+ if 'ignore' in upstream and "{}_{}_{}".format(upstream['name'], scheme['pqclean_scheme'], imp['name']) in upstream['ignore']:
+ imps_to_remove.append(imp['name'])
+ else:
+ imp['upstream'] = upstream
+ for imp_name in imps_to_remove:
+ for i in range(len(metadata['implementations'])):
+ if metadata['implementations'][i]['name'] == imp_name:
+ del metadata['implementations'][i]
+ break
+
if 'extras' in scheme['kem_meta_paths']:
for arch in scheme['kem_meta_paths']['extras']:
implementations = yaml.safe_load(file_get_contents(scheme['kem_meta_paths']['extras'][arch]))['implementations']
for imp in implementations:
- if arch in family['arch_specific_implementations'] and imp['name'] in family['arch_specific_implementations']:
- imp['upstream'] = upstreams[family['arch_specific_upstream_locations'][arch]]
+ upstream = upstreams[family['arch_specific_upstream_locations'][arch]]
+ if (arch in family['arch_specific_implementations'] and imp['name'] in family['arch_specific_implementations']) \
+ and ('ignore' not in upstream or ('ignore' in upstream and "{}_{}_{}".format(upstream['name'], scheme['pqclean_scheme'], impl['name']) \
+ not in upstream['ignore'])):
+ imp['upstream'] = upstream
metadata['implementations'].append(imp)
break
scheme['metadata'] = metadata
@@ -265,7 +281,7 @@ def load_instructions():
if 'arch_specific_upstream_locations' in family:
if 'extras' not in scheme['kem_meta_paths']:
scheme['sig_meta_paths']['extras'] = {}
-
+
for arch in family['arch_specific_upstream_locations']:
location = family['arch_specific_upstream_locations'][arch]
scheme['sig_meta_paths']['extras'][arch] = os.path.join('repos', location,
@@ -584,6 +600,9 @@ def copy_from_upstream():
shutil.rmtree('repos')
update_upstream_alg_docs.do_it(os.environ['LIBOQS_DIR'])
+ # Not in love with using sub process to call a python script, but this is the easiest solution for
+ # automatically calling this script in its current state.
+ shell(["python3", "../update_docs_from_yaml.py", "--liboqs-root", "../../"])
def verify_from_upstream():
instructions = load_instructions()
@@ -600,33 +619,42 @@ def verify_from_upstream():
if 'implementation' in scheme:
impl = scheme['implementation']
oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
- '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl))
+ '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl))
verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
- '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl))
- scheme['verifydir'] = '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'], impl)
- ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
- if ret.returncode == 0:
- validated += 1
+ '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl))
+ if not os.path.isdir(oqsdir) and os.path.isdir(erifydir):
+ print('Available implementation in upstream that isn\'t integrated into LIBOQS: {}_{}_{}'.format(impl['upstream']['name'],
+ scheme['pqclean_scheme'], impl))
else:
- differ += 1
- dinfo.append(scheme)
- else:
- # If no scheme['implementation'] given, get the list from META.yml and add all implementations
- for impl in scheme['metadata']['implementations']:
- oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
- '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
- impl['name']))
- verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
- '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
- impl['name']))
- scheme['verifydir'] = '{}_{}_{}'.format(scheme['upstream_location'], scheme['pqclean_scheme'],
- impl['name'])
+ scheme['verifydir'] = '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'], impl)
ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
+ # If we haven't integrated something from upstream it shouldn't be reported as an error, it should just be reported.
if ret.returncode == 0:
validated += 1
else:
differ += 1
dinfo.append(scheme)
+ else:
+ # If no scheme['implementation'] given, get the list from META.yml and add all implementations
+ for impl in scheme['metadata']['implementations']:
+ oqsdir = os.path.join(os.environ['LIBOQS_DIR'], 'src', family['type'], family['name'],
+ '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
+ impl['name']))
+ verifydir = os.path.join(basedir, 'src', family['type'], family['name'],
+ '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
+ impl['name']))
+ if not os.path.isdir(oqsdir) and os.path.isdir(verifydir):
+ print('Available implementation in upstream that isn\'t integrated into LIBOQS: {}_{}_{}'.format(impl['upstream']['name'],
+ scheme['pqclean_scheme'], impl['name']))
+ else:
+ scheme['verifydir'] = '{}_{}_{}'.format(impl['upstream']['name'], scheme['pqclean_scheme'],
+ impl['name'])
+ ret = subprocess.run(['diff', '-rq', oqsdir, verifydir], stdout=subprocess.DEVNULL)
+ if ret.returncode == 0:
+ validated += 1
+ else:
+ differ += 1
+ dinfo.append(scheme)
patch_list = []
for upstream in instructions['upstreams']:
diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml
index ead9689df..e8db98667 100644
--- a/scripts/copy_from_upstream/copy_from_upstream.yml
+++ b/scripts/copy_from_upstream/copy_from_upstream.yml
@@ -8,6 +8,7 @@ upstreams:
sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml'
kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
sig_scheme_path: 'crypto_sign/{pqclean_scheme}'
+ ignore: ['pqclean_lightsaber_aarch64', 'pqclean_saber_aarch64', 'pqclean_firesaber_aarch64']
patches: ['pqclean-sphincs.patch', 'pqclean-kyber-armneon-yml.patch', 'pqclean-kyber-armneon-shake.patch']
-
name: pqcrystals-kyber
diff --git a/scripts/copy_from_upstream/src/kem/family/kem_scheme.c b/scripts/copy_from_upstream/src/kem/family/kem_scheme.c
index 1d2bea800..914ddabcc 100644
--- a/scripts/copy_from_upstream/src/kem/family/kem_scheme.c
+++ b/scripts/copy_from_upstream/src/kem/family/kem_scheme.c
@@ -93,9 +93,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_keypair'] %}
- return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key);
{%- else %}
- return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)
@@ -125,9 +125,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *c
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_enc'] %}
- return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key);
{%- else %}
- return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)
@@ -157,9 +157,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *s
#endif /* OQS_DIST_BUILD */
{%- endif -%}
{%- if impl['signature_dec'] %}
- return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key);
{%- else %}
- return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key);
+ {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key);
{%- endif %}
{%- if 'required_flags' in impl and impl['required_flags'] %}
#if defined(OQS_DIST_BUILD)
diff --git a/scripts/copy_from_upstream/update_upstream_alg_docs.py b/scripts/copy_from_upstream/update_upstream_alg_docs.py
index 7fd919e02..9038b79c2 100755
--- a/scripts/copy_from_upstream/update_upstream_alg_docs.py
+++ b/scripts/copy_from_upstream/update_upstream_alg_docs.py
@@ -68,13 +68,19 @@ def get_oqs_yaml(param_list, name):
exit(1)
# Merge documentation contained in liboqs_root/docs/algorithms/kem/kem['name'].yml with upstream information:
-# Args:
+# Args:
# kems: List of kems in copy_from_upstream.yml
# upstream_info: Hashtable of upstream information (keyed by upstream source)
-# incl. entry: 'upstream_root' pointing to local folder containing source code
+# incl. entry: 'upstream_root' pointing to local folder containing source code
def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes=False):
for kem in kems:
ui = get_upstream_info(upstream_info, kem['upstream_location'])
+
+ ouis = dict()
+ if 'arch_specific_upstream_locations' in kem:
+ for arch_specific_ul in kem['arch_specific_upstream_locations']:
+ name = kem['arch_specific_upstream_locations'][arch_specific_ul] + '-' + str(arch_specific_ul)
+ ouis[name] = get_upstream_info(upstream_info, kem['arch_specific_upstream_locations'][arch_specific_ul])
patches_done=""
if 'patches' in ui:
for patchfilename in ui['patches']:
@@ -96,6 +102,7 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
# in the OQS YAML files matches that of copy_from_upstream.yml
# hence use helper function get_oqs_yaml(alg_name)
for scheme in kem['schemes']:
+ meta_yaml_path_template = ui['kem_meta_path']
upstream_meta_path = os.path.join(upstream_root, meta_yaml_path_template.format_map(scheme))
if DEBUG > 0:
print("Examining {}'s META.yml.".format(scheme['pretty_name_full']))
@@ -107,7 +114,41 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
upstream_base_url = ui['git_url'][:-len(".git")]
# upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
- oqs_yaml['upstream'] = rhs_if_not_equal(oqs_yaml['upstream'], ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "upstream")
+
+ # Need to check if yml is of old format. If so, update to new format
+ if 'primary-upstream' not in oqs_yaml:
+ print("Updating format of {}. Please double check ordering of yaml file".format(scheme['pretty_name_full']))
+ lhs = oqs_yaml['upstream']
+ oqs_yaml['primary-upstream'] = dict()
+ oqs_yaml['primary-upstream']['spdx-license-identifier'] = oqs_yaml['spdx-license-identifier']
+ for i in range(len(oqs_yaml['parameter-sets'])):
+ for j in range(len(oqs_yaml['parameter-sets'][i]['implementations'])):
+ oqs_yaml['parameter-sets'][i]['implementations'][j]['upstream'] = 'primary-upstream'
+ else:
+ lhs = oqs_yaml['primary-upstream']['source']
+ oqs_yaml['primary-upstream']['source'] = rhs_if_not_equal(lhs, ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "primary-upstream")
+ if 'upstream' in oqs_yaml:
+ del oqs_yaml['upstream']
+ del oqs_yaml['spdx-license-identifier']
+
+ if ouis:
+ for upstream in ouis:
+ optimized_upstream_base_url = ouis[upstream]['git_url'][:-len(".git")]
+ for patchfilename in ouis[upstream]['patches']:
+ if kem['name'] in patchfilename:
+ patches_done=" with copy_from_upstream patches"
+ patches_done=""
+ if 'patches' in ouis[upstream]:
+ for patchfilename in ouis[upstream]['patches']:
+ if kem['name'] in patchfilename:
+ patches_done=" with copy_from_upstream patches"
+ if 'optimized-upstreams' in oqs_yaml and upstream in oqs_yaml['optimized-upstreams']:
+ lhs = oqs_yaml['optimized-upstreams'][upstream]['source']
+ else:
+ lhs = ''
+ git_commit = ouis[upstream]['git_commit']
+ oqs_yaml['optimized-upstreams'][upstream]['source'] = rhs_if_not_equal(lhs, ("{}/commit/{}"+patches_done).format(optimized_upstream_base_url, git_commit), "optimized-upstreams")
+
if 'auxiliary-submitters' in upstream_yaml:
oqs_yaml['auxiliary-submitters'] = rhs_if_not_equal(oqs_yaml['auxiliary-submitters'] if 'auxiliary-submitters' in oqs_yaml else '', upstream_yaml['auxiliary-submitters'], "auxiliary-submitters")
@@ -127,14 +168,33 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
oqs_scheme_yaml['length-ciphertext'] = rhs_if_not_equal(oqs_scheme_yaml['length-ciphertext'], upstream_yaml['length-ciphertext'], "length-ciphertext")
oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key")
oqs_scheme_yaml['length-shared-secret'] = rhs_if_not_equal(oqs_scheme_yaml['length-shared-secret'], upstream_yaml['length-shared-secret'], "length-shared-secret")
-
+
+ _upstream_yaml = upstream_yaml
for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']):
+ upstream_yaml = _upstream_yaml
+ if impl['upstream'] in ouis:
+ upstream_name = impl['upstream']
+ meta_yaml_path_template = ouis[upstream_name]['kem_meta_path']
+ opt_upstream_root = ouis[upstream_name]['upstream_root']
+ upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
+ upstream_yaml = load_yaml(upstream_meta_path)
+
for upstream_impl in upstream_yaml['implementations']:
if impl['upstream-id'] == upstream_impl['name']:
break
-
# Logic to add Common_META.yml components
- uir = get_upstream_info(upstream_yaml['implementations'], impl['upstream-id'])
+
+ implementations = upstream_yaml['implementations']
+ """
+ if 'arch_specific_upstream_locations' in kem and impl['upstream'] != 'primary-upstream':
+ upstream_name = impl['upstream']
+ meta_yaml_path_template = ouis[upstream_name]['kem_meta_path']
+ opt_upstream_root = ouis[upstream_name]['upstream_root']
+ upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
+ optimized_meta = load_yaml(upstream_meta_path)
+ implementations = optimized_meta['implementations']
+ """
+ uir = get_upstream_info(implementations, impl['upstream-id'])
if (uir != None) and ('common_dep' in uir):
upstream_common_path = upstream_meta_path.replace(scheme['pretty_name_full'], "Common")
upstream_common_yaml = load_yaml(upstream_common_path)
@@ -144,12 +204,18 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
if 'required_flags' in ur['supported_platforms'][0].keys():
upstream_impl['supported_platforms'][0]['required_flags']=list(set(upstream_impl['supported_platforms'][0]['required_flags']+ur['supported_platforms'][0]['required_flags']))
upstream_impl['supported_platforms'][0]['required_flags'].sort()
-
if 'supported_platforms' in upstream_impl:
+ for i in range(len(upstream_impl['supported_platforms'])):
+ if upstream_impl['supported_platforms'][i]['architecture'] == 'arm_8':
+ upstream_impl['supported_platforms'][i]['architecture'] = 'ARM64_V8'
+ if 'asimd' in upstream_impl['supported_platforms'][i]['required_flags']:
+ upstream_impl['supported_platforms'][i]['required_flags'].remove('asimd')
+ if not upstream_impl['supported_platforms'][i]['required_flags']:
+ del upstream_impl['supported_platforms'][i]['required_flags']
+
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], upstream_impl['supported_platforms'], "supported-platforms")
else:
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], "all", "supported-platforms")
-
oqs_scheme_yaml['implementations'][impl_index] = impl
oqs_yaml['parameter-sets'][index] = oqs_scheme_yaml
@@ -189,7 +255,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
oqs_yaml['principal-submitters'] = rhs_if_not_equal(oqs_yaml['principal-submitters'], upstream_yaml['principal-submitters'], "principal-submitters")
upstream_base_url = ui['git_url'][:-len(".git")]
- # upstream is special: We will take the upstream git commit information
+ # upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
oqs_yaml['upstream'] = rhs_if_not_equal(oqs_yaml['upstream'], ("{}/commit/{}"+patches_done).format(upstream_base_url, ui['git_commit']), "upstream")
@@ -232,7 +298,6 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], upstream_impl['supported_platforms'], "supported-platforms")
else:
impl['supported-platforms'] = rhs_if_not_equal(impl['supported-platforms'], "all", "supported-platforms")
-
oqs_scheme_yaml['implementations'][impl_index] = impl
oqs_yaml['parameter-sets'][index] = oqs_scheme_yaml
diff --git a/scripts/update_docs_from_yaml.py b/scripts/update_docs_from_yaml.py
index 140876d35..ade3ec0bd 100644
--- a/scripts/update_docs_from_yaml.py
+++ b/scripts/update_docs_from_yaml.py
@@ -41,7 +41,16 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
out_md.write('- **Authors\' website**: {}\n'.format(kem_yaml['website']))
out_md.write('- **Specification version**: {}.\n'.format(kem_yaml['spec-version']))
- out_md.write('- **Implementation source**: {}'.format(kem_yaml['upstream']))
+ out_md.write('- **Primary Source**:\n')
+ out_md.write(' - **Source**: {}\n'.format(kem_yaml['primary-upstream']['source']))
+ out_md.write(' - **Implementation license (SPDX-Identifier)**: {}\n'.format(kem_yaml['primary-upstream']['spdx-license-identifier']))
+ if 'optimized-upstreams' in kem_yaml:
+ out_md.write('- **Optimized Implementation sources**: {}\n'.format(kem_yaml['primary-upstream']['source']))
+ for opt_upstream in kem_yaml['optimized-upstreams']:
+ out_md.write(' - **{}**:\n'.format(opt_upstream, opt_upstream))
+ out_md.write(' - **Source**: {}\n'.format(kem_yaml['optimized-upstreams'][opt_upstream]['source']))
+ out_md.write(' - **Implementation license (SPDX-Identifier)**: {}\n'.format(kem_yaml['optimized-upstreams'][opt_upstream]['spdx-license-identifier']))
+
if 'upstream-ancestors' in kem_yaml:
out_md.write(', which takes it from:\n')
for url in kem_yaml['upstream-ancestors'][:-1]:
@@ -50,7 +59,6 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
else:
out_md.write('\n')
- out_md.write('- **Implementation license (SPDX-Identifier)**: {}.\n'.format(kem_yaml['spdx-license-identifier']))
out_md.write('\n## Parameter set summary\n\n')
table = [['Parameter set',
@@ -73,7 +81,8 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
for index, parameter_set in enumerate(kem_yaml['parameter-sets']):
out_md.write('\n## {} implementation characteristics\n\n'.format(parameter_set['name']))
- table_header = ['Identifier in upstream',
+ table_header = ['Implementation source',
+ 'Identifier in upstream',
'Supported architecture(s)',
'Supported operating system(s)',
'CPU extension(s) used',
@@ -86,8 +95,11 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
table = [table_header]
for impl in parameter_set['implementations']:
+ # todo, automate linking this?
+ # if all platforms are supported, assuming not optimized and is primary upstream
if impl['supported-platforms'] == 'all':
- table.append([impl['upstream-id'].replace('_', '\_'),
+ table.append(['[Primary Source](#primary-source)',
+ impl['upstream-id'].replace('_', '\_'),
'All',
'All',
'None',
@@ -97,12 +109,19 @@ for kem_yaml_path in sorted(glob.glob(os.path.join(args.liboqs_root, 'docs', 'al
else:
for platform in impl['supported-platforms']:
op_systems = ','.join(platform['operating_systems'])
- if 'required_flags' in platform:
+ if 'required_flags' in platform and platform['required_flags']:
flags = ','.join(flag.upper() for flag in platform['required_flags'])
else:
flags = 'None'
-
- table.append([impl['upstream-id'].replace('_', '\_'),
+ if impl['upstream'] == 'primary-upstream':
+ name = 'Primary Source'
+ anchor = 'primary-source'
+ else:
+ name = impl['upstream']
+ anchor = impl['upstream']
+ upstream_name = '[{}](#{})'.format(name, anchor)
+ table.append([upstream_name,
+ impl['upstream-id'].replace('_', '\_'),
platform['architecture'].replace('_', '\_'),
op_systems,
flags,
diff --git a/src/oqsconfig.h.cmake b/src/oqsconfig.h.cmake
index 332732a47..0d0d5db3f 100644
--- a/src/oqsconfig.h.cmake
+++ b/src/oqsconfig.h.cmake
@@ -169,13 +169,10 @@
#cmakedefine OQS_ENABLE_KEM_SABER 1
#cmakedefine OQS_ENABLE_KEM_saber_lightsaber 1
#cmakedefine OQS_ENABLE_KEM_saber_lightsaber_avx2 1
-#cmakedefine OQS_ENABLE_KEM_saber_lightsaber_aarch64 1
#cmakedefine OQS_ENABLE_KEM_saber_saber 1
#cmakedefine OQS_ENABLE_KEM_saber_saber_avx2 1
-#cmakedefine OQS_ENABLE_KEM_saber_saber_aarch64 1
#cmakedefine OQS_ENABLE_KEM_saber_firesaber 1
#cmakedefine OQS_ENABLE_KEM_saber_firesaber_avx2 1
-#cmakedefine OQS_ENABLE_KEM_saber_firesaber_aarch64 1
#cmakedefine OQS_ENABLE_SIG_DILITHIUM 1
#cmakedefine OQS_ENABLE_SIG_dilithium_2 1