Sync with PQClean (#954)

* Sync with PQClean commmit e463123b92a5b315531c883d0d6b7381731e9b1c * Sync with PQClean commit ef4ad5da02283ec0dd58b57a0684c98a1e33a531 * Reduce concurrency in CircleCI AddressSanitizer builds
2025-12-15 00:03:27 -05:00 · 2021-04-05 15:40:07 -04:00 · 2021-04-05 15:40:07 -04:00 · b1e2b44888
commit b1e2b44888
parent 336488085c
19 changed files with 34 additions and 19 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -307,7 +307,7 @@ workflows:
                - /^audit.*/
          CONTAINER: openquantumsafe/ci-ubuntu-focal-x86_64:latest
          CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address
-          PYTEST_ARGS: --ignore=tests/test_portability.py --numprocesses=auto
+          PYTEST_ARGS: --ignore=tests/test_portability.py --numprocesses=auto --maxprocesses=10
      # Disabling test_constant_time for now
      #- linux_x64:
      #    <<: *require_buildcheck
--- a/docs/algorithms/kem/classic_mceliece.md
+++ b/docs/algorithms/kem/classic_mceliece.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: SUPERCOP-20191221, "vec" and "avx" implementations
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: Public domain
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2, BMI1, POPCNT instructions (if available at run-time)
--- a/docs/algorithms/kem/hqc.md
+++ b/docs/algorithms/kem/hqc.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/c9181076/hqc
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: Public domain
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2, BMI1, PCLMULQDQ instructions (if available at run-time)
--- a/docs/algorithms/kem/ntru.md
+++ b/docs/algorithms/kem/ntru.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: https://github.com/jschanck/ntru/tree/a43a4457
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: Public domain
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2, BMI2 instructions (if available at run-time)
--- a/docs/algorithms/kem/ntruprime.md
+++ b/docs/algorithms/kem/ntruprime.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: SUPERCOP-20200826
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: Public domain
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2 instructions (if available at run-time)
--- a/docs/algorithms/kem/saber.md
+++ b/docs/algorithms/kem/saber.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: https://github.com/KULeuven-COSIC/SABER/tree/509cc5ec3a7e12a751ccdd2ef5bd6e54e00bd350 via https://github.com/jschanck/package-pqclean/tree/1ae84c3c/saber
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: Public domain
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2 instructions (if available at run-time)
--- a/docs/algorithms/sig/falcon.md
+++ b/docs/algorithms/sig/falcon.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: supercop-20201018 via https://github.com/jschanck/package-pqclean/tree/cea1fa5a/falcon
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: CC0 1.0 Universal
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AVX2 instructions (if available at run-time)
--- a/docs/algorithms/sig/rainbow.md
+++ b/docs/algorithms/sig/rainbow.md
@ -8,7 +8,7 @@
 ## Implementation

 - **Source of implementation**: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: CC0 1.0
 - **Constant-time**: Yes
 - **Optimizations**: Portable C
--- a/docs/algorithms/sig/sphincs.md
+++ b/docs/algorithms/sig/sphincs.md
@ -9,7 +9,7 @@
 ## Implementation

 - **Source of implementation**: https://github.com/sphincs/sphincsplus
- **Implementation version**: https://github.com/PQClean/PQClean.git, master, 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+- **Implementation version**: https://github.com/PQClean/PQClean.git, master, ef4ad5da02283ec0dd58b57a0684c98a1e33a531
 - **License**: CC0 1.0 Universal
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with AES, AVX2 instructions (if available at run-time)
--- a/scripts/copy_from_upstream/copy_from_upstream.yml
+++ b/scripts/copy_from_upstream/copy_from_upstream.yml
@ -3,7 +3,7 @@ upstreams:
    name: pqclean
    git_url: https://github.com/PQClean/PQClean.git
    git_branch: master
-    git_commit: 865f0bd1d1dceb6624fc27e6395b14d2d03261ad
+    git_commit: ef4ad5da02283ec0dd58b57a0684c98a1e33a531
    kem_meta_path: 'crypto_kem/{pqclean_scheme}/META.yml'
    sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml'
    kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
--- a/src/kem/hqc/kem_hqc_128.c
+++ b/src/kem/hqc/kem_hqc_128.c
@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_hqc_128_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_hqc_128;
-	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/c9181076/hqc";
+	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/9c4e109d/hqc";

 	kem->claimed_nist_level = 1;
 	kem->ind_cca = true;
--- a/src/kem/hqc/kem_hqc_192.c
+++ b/src/kem/hqc/kem_hqc_192.c
@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_hqc_192_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_hqc_192;
-	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/c9181076/hqc";
+	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/9c4e109d/hqc";

 	kem->claimed_nist_level = 3;
 	kem->ind_cca = true;
--- a/src/kem/hqc/kem_hqc_256.c
+++ b/src/kem/hqc/kem_hqc_256.c
@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_hqc_256_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_hqc_256;
-	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/c9181076/hqc";
+	kem->alg_version = "hqc-submission_2020-10-01 via https://github.com/jschanck/package-pqclean/tree/9c4e109d/hqc";

 	kem->claimed_nist_level = 5;
 	kem->ind_cca = true;
--- a/src/kem/hqc/pqclean_hqc-rmrs-128_avx2/gf2x.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-128_avx2/gf2x.c
@ -363,7 +363,7 @@ static inline void karat_mult9(__m256i *C, const aligned_vec_t *A, const aligned
 * @param[in] a2 Pointer to a polynomial
 */
 void PQCLEAN_HQCRMRS128_AVX2_vect_mul(uint64_t *o, const aligned_vec_t *a1, const aligned_vec_t *a2) {
-    __m256i a1_times_a2[2 * PARAM_N_MULT + 1] = {0};
+    __m256i a1_times_a2[CEIL_DIVIDE(2 * PARAM_N_MULT + 1, 256)] = {0};
    karat_mult9(a1_times_a2, a1, a2);
    reduce(o, a1_times_a2);
 }
--- a/src/kem/hqc/pqclean_hqc-rmrs-128_avx2/reed_solomon.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-128_avx2/reed_solomon.c
@ -434,7 +434,12 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
 * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
 */
 void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
-    uint16_t syndromes[2 * PARAM_DELTA] = {0};
+    union {
+        uint16_t arr16[16 * CEIL_DIVIDE(2 * PARAM_DELTA, 16)];
+        __m256i dummy;
+    } syndromes_aligned = {0};
+    uint16_t *syndromes = syndromes_aligned.arr16;
+
    uint16_t sigma[1 << PARAM_FFT] = {0};
    uint8_t error[1 << PARAM_M] = {0};
    uint16_t z[PARAM_N1] = {0};
--- a/src/kem/hqc/pqclean_hqc-rmrs-192_avx2/gf2x.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-192_avx2/gf2x.c
@ -402,7 +402,7 @@ static inline void karat_mult9(__m256i *C, const aligned_vec_t *A, const aligned
 * @param[in] a2 Pointer to a polynomial
 */
 void PQCLEAN_HQCRMRS192_AVX2_vect_mul(uint64_t *o, const aligned_vec_t *a1, const aligned_vec_t *a2) {
-    __m256i a1_times_a2[2 * PARAM_N_MULT + 1] = {0};
+    __m256i a1_times_a2[CEIL_DIVIDE(2 * PARAM_N_MULT + 1, 256)] = {0};
    karat_mult9(a1_times_a2, a1, a2);
    reduce(o, a1_times_a2);
 }
--- a/src/kem/hqc/pqclean_hqc-rmrs-192_avx2/reed_solomon.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-192_avx2/reed_solomon.c
@ -444,7 +444,12 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
 * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
 */
 void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
-    uint16_t syndromes[2 * PARAM_DELTA] = {0};
+    union {
+        uint16_t arr16[16 * CEIL_DIVIDE(2 * PARAM_DELTA, 16)];
+        __m256i dummy;
+    } syndromes_aligned = {0};
+    uint16_t *syndromes = syndromes_aligned.arr16;
+
    uint16_t sigma[1 << PARAM_FFT] = {0};
    uint8_t error[1 << PARAM_M] = {0};
    uint16_t z[PARAM_N1] = {0};
--- a/src/kem/hqc/pqclean_hqc-rmrs-256_avx2/gf2x.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-256_avx2/gf2x.c
@ -597,7 +597,7 @@ static void toom_3_mult(uint64_t *Out, const aligned_vec_t *A, const aligned_vec
 * @param[in] a2 Pointer to a polynomial
 */
 void PQCLEAN_HQCRMRS256_AVX2_vect_mul(uint64_t *o, const aligned_vec_t *a1, const aligned_vec_t *a2) {
-    __m256i a1_times_a2[VEC_N_256_SIZE_64 << 1] = {0};
+    __m256i a1_times_a2[CEIL_DIVIDE(2 * PARAM_N_MULT + 1, 256)] = {0};
    toom_3_mult((uint64_t *)a1_times_a2, a1, a2);
    reduce(o, a1_times_a2);
 }
--- a/src/kem/hqc/pqclean_hqc-rmrs-256_avx2/reed_solomon.c
+++ b/src/kem/hqc/pqclean_hqc-rmrs-256_avx2/reed_solomon.c
@ -712,7 +712,12 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
 * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
 */
 void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
-    uint16_t syndromes[2 * PARAM_DELTA] = {0};
+    union {
+        uint16_t arr16[16 * CEIL_DIVIDE(2 * PARAM_DELTA, 16)];
+        __m256i dummy;
+    } syndromes_aligned = {0};
+    uint16_t *syndromes = syndromes_aligned.arr16;
+
    uint16_t sigma[1 << PARAM_FFT] = {0};
    uint8_t error[1 << PARAM_M] = {0};
    uint16_t z[PARAM_N1] = {0};