From e64026e27ae20aafee43a619c7c46cacff1936e7 Mon Sep 17 00:00:00 2001
From: nonam3e <71525212+nonam3e@users.noreply.github.com>
Date: Wed, 1 Oct 2025 20:24:35 +0700
Subject: [PATCH] Fix/icicle ml kem 768 (#2288)

* fix 768 version

Signed-off-by: nonam3e <timur@ingonyama.com>

* update upstream git commit

Signed-off-by: nonam3e <timur@ingonyama.com>

---------

Signed-off-by: nonam3e <timur@ingonyama.com>
---
 docs/algorithms/kem/ml_kem.md                 |   2 +-
 docs/algorithms/kem/ml_kem.yml                |   2 +-
 .../copy_from_upstream/copy_from_upstream.yml |   4 +-
 .../patches/icicle-mlkem-enc-derand.patch     | 102 ------------------
 .../icicle_ml-kem.cpp                         |  18 ++--
 5 files changed, 13 insertions(+), 115 deletions(-)
 delete mode 100644 scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch

diff --git a/docs/algorithms/kem/ml_kem.md b/docs/algorithms/kem/ml_kem.md
index d8e458534..a8f993c68 100644
--- a/docs/algorithms/kem/ml_kem.md
+++ b/docs/algorithms/kem/ml_kem.md
@@ -14,7 +14,7 @@
       - **Source**: https://github.com/open-quantum-safe/liboqs-cupqc-meta/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
       - **Implementation license (SPDX-Identifier)**: Apache-2.0
   - **icicle-icicle_cuda**:<a name="icicle-icicle_cuda"></a>
-      - **Source**: https://github.com/ingonyama-zk/icicle-liboqs/commit/8f215fd845928abfc2bb7d5ca15db76b839bee5c
+      - **Source**: https://github.com/ingonyama-zk/icicle-liboqs/commit/4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
       - **Implementation license (SPDX-Identifier)**: MIT
 
 
diff --git a/docs/algorithms/kem/ml_kem.yml b/docs/algorithms/kem/ml_kem.yml
index aea0c9794..36fa82cc3 100644
--- a/docs/algorithms/kem/ml_kem.yml
+++ b/docs/algorithms/kem/ml_kem.yml
@@ -24,7 +24,7 @@ optimized-upstreams:
     source: https://github.com/open-quantum-safe/liboqs-cupqc-meta/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
     spdx-license-identifier: Apache-2.0
   icicle-icicle_cuda:
-    source: https://github.com/ingonyama-zk/icicle-liboqs/commit/8f215fd845928abfc2bb7d5ca15db76b839bee5c
+    source: https://github.com/ingonyama-zk/icicle-liboqs/commit/4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
     spdx-license-identifier: MIT
 parameter-sets:
 - name: ML-KEM-512
diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml
index 816a0b977..03bbe9f0e 100644
--- a/scripts/copy_from_upstream/copy_from_upstream.yml
+++ b/scripts/copy_from_upstream/copy_from_upstream.yml
@@ -51,10 +51,10 @@ upstreams:
     name: icicle
     git_url: https://github.com/ingonyama-zk/icicle-liboqs.git
     git_branch: main
-    git_commit: 8f215fd845928abfc2bb7d5ca15db76b839bee5c
+    git_commit: 4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
     kem_meta_path: '{pretty_name_full}_META.yml'
     kem_scheme_path: '.'
-    patches: [icicle-mlkem-enc-derand.patch]
+    patches: []
   -
     name: pqcrystals-dilithium-standard
     git_url: https://github.com/pq-crystals/dilithium.git
diff --git a/scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch b/scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch
deleted file mode 100644
index d6a18e492..000000000
--- a/scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-diff --git a/ML-KEM-1024_META.yml b/ML-KEM-1024_META.yml
-index 5ad054f..49aa71a 100644
---- a/ML-KEM-1024_META.yml
-+++ b/ML-KEM-1024_META.yml
-@@ -25,10 +25,11 @@ implementations:
-     version: FIPS203
-     signature_keypair: icicle_ml_kem_1024_keypair
-     signature_enc: icicle_ml_kem_1024_enc
-+    signature_enc_derand: icicle_ml_kem_1024_enc_derand
-     signature_dec: icicle_ml_kem_1024_dec
-     sources: ./ml-kem-1024/icicle_ml-kem.cpp
-     supported_platforms:
-       - architecture: CUDA
-         operating_systems:
-           - Linux
--          - Darwin
-\ No newline at end of file
-+          - Darwin
-diff --git a/ML-KEM-512_META.yml b/ML-KEM-512_META.yml
-index c14cf33..c93caa1 100644
---- a/ML-KEM-512_META.yml
-+++ b/ML-KEM-512_META.yml
-@@ -25,10 +25,11 @@ implementations:
-     version: FIPS203
-     signature_keypair: icicle_ml_kem_512_keypair
-     signature_enc: icicle_ml_kem_512_enc
-+    signature_enc_derand: icicle_ml_kem_512_enc_derand
-     signature_dec: icicle_ml_kem_512_dec
-     sources: ./ml-kem-512/icicle_ml-kem.cpp
-     supported_platforms:
-       - architecture: CUDA
-         operating_systems:
-           - Linux
--          - Darwin
-\ No newline at end of file
-+          - Darwin
-diff --git a/ML-KEM-768_META.yml b/ML-KEM-768_META.yml
-index a1b88a8..1d580a8 100644
---- a/ML-KEM-768_META.yml
-+++ b/ML-KEM-768_META.yml
-@@ -25,10 +25,11 @@ implementations:
-     version: FIPS203
-     signature_keypair: icicle_ml_kem_768_keypair
-     signature_enc: icicle_ml_kem_768_enc
-+    signature_enc_derand: icicle_ml_kem_768_enc_derand
-     signature_dec: icicle_ml_kem_768_dec
-     sources: ./ml-kem-768/icicle_ml-kem.cpp
-     supported_platforms:
-       - architecture: CUDA
-         operating_systems:
-           - Linux
--          - Darwin
-\ No newline at end of file
-+          - Darwin
-diff --git a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
-index 33b38cb..793afb6 100644
---- a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
-+++ b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
-@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
-     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
- }
- 
-+OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
-+    icicle::pqc::ml_kem::MlKemConfig config;
-+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
-+}
-+
- OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
-     icicle::pqc::ml_kem::MlKemConfig config;
-     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
-diff --git a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
-index 89c4211..f73c539 100644
---- a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
-+++ b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
-@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_512_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
-     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
- }
- 
-+OQS_STATUS icicle_ml_kem_512_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
-+    icicle::pqc::ml_kem::MlKemConfig config;
-+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
-+}
-+
- OQS_STATUS icicle_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
-     icicle::pqc::ml_kem::MlKemConfig config;
-     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
-diff --git a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
-index 33b38cb..793afb6 100644
---- a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
-+++ b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
-@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
-     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
- }
- 
-+OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
-+    icicle::pqc::ml_kem::MlKemConfig config;
-+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
-+}
-+
- OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
-     icicle::pqc::ml_kem::MlKemConfig config;
-     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
diff --git a/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp b/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp
index 793afb69e..83e7135e3 100644
--- a/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp
+++ b/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp
@@ -8,31 +8,31 @@
 #include "icicle/errors.h"
 
 extern "C" {
-#if defined(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda)
-OQS_STATUS icicle_ml_kem_1024_keypair(uint8_t *pk, uint8_t *sk) {
+#if defined(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda)
+OQS_STATUS icicle_ml_kem_768_keypair(uint8_t *pk, uint8_t *sk) {
     uint8_t coins[icicle::pqc::ml_kem::ENTROPY_BYTES];
     OQS_randombytes(coins, icicle::pqc::ml_kem::ENTROPY_BYTES);
 
     icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::keygen<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, config, (std::byte*)pk, (std::byte*)sk) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::keygen<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, config, (std::byte*)pk, (std::byte*)sk) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
-OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
+OQS_STATUS icicle_ml_kem_768_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     uint8_t coins[icicle::pqc::ml_kem::MESSAGE_BYTES];
     OQS_randombytes(coins, icicle::pqc::ml_kem::MESSAGE_BYTES);
 
     icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
-OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
+OQS_STATUS icicle_ml_kem_768_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
     icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
-OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
+OQS_STATUS icicle_ml_kem_768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 #endif
 }