sharpetronics/liboqs
1
0
Fork 0
mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-04 00:02:01 -04:00
Code Issues Projects Releases Wiki Activity

Run copy_from_upstream and test (#1589)

Browse Source 
* update docs from copy_from_upstream

* move cleanup code to the end to ensure documentation patches survive
This commit is contained in:
Michael Baentsch 2023-10-30 06:32:31 +01:00 committed by GitHub
parent bac716cc91
commit bd943ce5ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 31 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/linux.yml vendored
View File

@ -30,6 +30,7 @@ jobs:
git config --global user.name "ciuser" && \
git config --global user.email "ci@openquantumsafe.org" && \
export LIBOQS_DIR=`pwd` && \
git config --global --add safe.directory $LIBOQS_DIR && \
cd scripts/copy_from_upstream && \
! pip3 install -r requirements.txt 2>&1 | grep ERROR && \
python3 copy_from_upstream.py copy && \

42
docs/algorithms/kem/classic_mceliece.md
View File

@ -14,7 +14,7 @@
## Advisories
- Classic-McEliece-460896, Classic-McEliece-460896f, Classic-McEliece-6960119, and Classic-McEliece-6960119f parameter sets fail memory leak testing on x86-64 when building with ``clang`` using optimization level ``-O2`` and ``-O3``. Care is advised when using the algorithm at higher optimization levels, and any other compiler and architecture.
- Current implementation of the algorithm may not be constant-time. Additionally, environment specific constant-time leaks may not be documented; please report potential constant-time leaks when found.
- Current implementation of the algorithm may not be constant-time. Additionally, environment specific constant-time leaks may not be documented; please report potential constant-time leaks when found.
## Parameter set summary
@ -35,8 +35,8 @@
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -46,8 +46,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -55,8 +55,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -64,8 +64,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -73,8 +73,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -82,8 +82,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -91,8 +91,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -100,8 +100,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -109,8 +109,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -118,8 +118,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | True | True |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | True |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI1 | False | False | True |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

4
docs/algorithms/kem/classic_mceliece.yml
View File

@ -26,7 +26,9 @@ advisories:
building with ``clang`` using optimization level ``-O2`` and ``-O3``. Care is advised
when using the algorithm at higher optimization levels, and any other compiler and
architecture.
- Current implementation of the algorithm may not be constant-time. Additionally, environment specific constant-time leaks may not be documented; please report potential constant-time leaks when found.
- Current implementation of the algorithm may not be constant-time. Additionally,
environment specific constant-time leaks may not be documented; please report potential
constant-time leaks when found.
parameter-sets:
- name: Classic-McEliece-348864
claimed-nist-level: 1

4
docs/algorithms/sig/falcon.md
View File

@ -22,7 +22,7 @@
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |
@ -34,7 +34,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

6
scripts/copy_from_upstream/copy_from_upstream.py
View File

@ -611,8 +611,6 @@ def copy_from_upstream():
for t in ["kem", "sig"]:
with open(os.path.join(os.environ['LIBOQS_DIR'], 'tests', 'KATs', t, 'kats.json'), "w") as f:
json.dump(kats[t], f, indent=2, sort_keys=True)
if not keepdata:
shutil.rmtree('repos')
update_upstream_alg_docs.do_it(os.environ['LIBOQS_DIR'])
@ -622,6 +620,10 @@ def copy_from_upstream():
update_docs_from_yaml.do_it(os.environ['LIBOQS_DIR'])
update_cbom.update_cbom_if_algs_not_changed(os.environ['LIBOQS_DIR'], "git")
if not keepdata:
shutil.rmtree('repos')
def verify_from_upstream():
instructions = load_instructions()
basedir = "verify_from_upstream"