* sha2: Use EVP_MD_CTX_free instead of EVP_MD_CTX_destroy
According to the manual page, EVP_MD_CTX_destroy has been renamed to
EVP_MD_CTX_free in OpenSSL 1.1.0 and only provided as a compatibility
macro in later OpenSSL releases:
https://www.openssl.org/docs/man1.1.1/man3/EVP_MD_CTX_free.html
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* ossl_helpers: Use pthread_once instead of CRYPTO_THREAD_run_once
Throughout the code base, liboqs uses pthread_once for one-shot
initialization and falls back to thread-unsafe code if it is not
supported nor enabled on the system. For consistency and to remove
additional dependency on OpenSSL, this switches the use of
CRYPTO_THREAD_run_once with that.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Make common algorithms pluggable
This allows applications to replace the implementation of common
cryptographic algorithms at runtime, by setting callback functions for
each operations with OQS_AES_set_callbacks, OQS_SHA2_set_callbacks,
OQS_SHA3_set_callbacks, and OQS_SHA3_x4_callbacks. Those functions
may be called once before OQS_init; otherwise the default
implementation will be used.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Add option to dynamically load libcrypto.so.*
This adds OQS_DLOPEN_OPENSSL build option to use OpenSSL through
dynamically loaded libcrypto.so.* with dlopen, instead of linking to
the library at build time.
That way the applications could use their favorite implementation of
common cryptographic primitives without pulling in the OpenSSL as a
hard dependency.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Add tests for OQS_*_set_callbacks
This adds tests that exercise OQS_*_set_callbacks by overriding one of
the function of each and ensuring the wrapper function is called.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---------
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Strawman version of one-time fetching MD objects from OpenSSL
We need init them and free them in one place to avoid threading
issues.
* Moving initialization of OpenSSL objects to a separate file
* Call OQS_init to ensure OpenSSL methods are cached
* Fix typo
* Use prefetch OpenSSL cipher object in rand_nist
---------
Co-authored-by: Douglas Stebila <beldmit@users.noreply.github.com>
Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>
* sha3: remove old implementations
* sha3: new implementations
* picnic: use liboqs sha3 and sha3x4
* frodo: use new sha3x4 interface
* sphincs: use liboqs sha3x4
* fixup
* skip test_spdx on xkcp_low directory
* xkcp_sha3: explicit casts to avoid narrowing warnings
* xkcp_sha3x4: explicit casts to avoid narrowing warnings
* sha3: disable platform specific xkcp if OQS_PORTABLE_BUILD
* sha3: fix Wcast-qual warnings on clang-9
* fix 'reset' functions
* xkcp_sha3: skip fastloop call if input is not long enough
* xkcp_low: Enable lane complementing for plain-64bits
* xkcp_low: remove Kravatte definitions from times4/avx2
* Add common OQS_MEM_aligned_alloc and OQS_MEM_aligned_free
* Require both OQS_USE_OPENSSL and OQS_USE_SHA3_OPENSSL to enable OpenSSL's SHA3
* Fix some undefined behaviour in KeccakP-1600/plain-64bits
* Fix some undefined behaviour in KeccakP-1600times4/avx2
* Expand shake tests
* Add sha3x4.h include to oqs.h
* Add xkcp_low license info to readme [skip-ci]
* Add copy_from_xkcp scripts [skip-ci]
* SPDX License Info for new scripts [skip-ci]
* Add SPDX-License-Identifier in src/common
* Add SPDX-License-Identifier in FrodoKEM
* Add SPDX-License-Identifier in SIKE
* Add SPDX-License-Identifier in BIKE
* Add SPDX-License-Identifier in OQS headers
* Add SPDX-License-Identifier in files generated during copy-from-pqclean
* Add SPDX-License-Identifier in Picnic
* Add SPDX-License-Identifier in qTesla
* Add SPDX-License-Identifier in CMake files
* Update license info in README
* Add SPDX-License-Identifier in scripts
* Add SPDX-License-Info to CMakeLists
* Add SPDX-License-Info in tests
* Add SPDX-License-Info to various files
* Prettyprint
* Add test for SPDX-License-Identifier headers
* Updated license identifiers for CPU extension detection code.
* Use conjunction for SPDX in file with two licenses
Co-authored-by: xvzcf <xvzcf@users.noreply.github.com>
* Removed non-standard CMake build types and introduced new variables to customize the build.
* Added handling for new build variables to all KEMS and signatures and updated CI.
* Added clang-9 test to CI.
* Sync with PQClean commit 6de728361e33ad3a5a6997e0896ff9fe8e44a999
* Revise SHA-2 API to match PQClean
* Revise SHA-3 API to match PQClean
* Fix compiler warning
* Fix typo
[skip ci]
* Fix typo
[skip ci]
* Initial format with astyle
* Fix templating to match
* Fix files with missing newline at EOF
* Remove old line
* Remove old .clang-format spec
* Add prettyprint target to CMake
* Added -Wstrict-prototypes flag and fixed resulting errors.
* Removed double underscores from header guards.
* Changed EVP_MD_CTX_create to EVP_MD_CTX_new and EVP_MD_CTX_destroy to EVP_MD_CTX_free.
* Fixed comments.
* Changed Kyber function signatures.
* Revert "Changed EVP_MD_CTX_create to EVP_MD_CTX_new and EVP_MD_CTX_destroy to EVP_MD_CTX_free."
This reverts commit f09b5e49d73b16b56d332fbcfc3b671966032fd4.
* Fixed a typo in a comment
* Refactored sig API following nist-branch (also fixes issue 380)
* Fixed Windows compilation error in sig.c.
* Added Picnic to Windows' config, and changed defaul alg to Picnic (since qTesla is not yet supported on Windows)
* Moved sig_picnic and sig_qtesla under sig directory, to harmonize with kem api
* Use different default sig alg on Windows to fix Travis back-compat tests and platform gap.
* Further changes required for OQS to be properly used by applications
* Compare OQS functions's return values to OQS error codes in sig.c.
* Fixed typos in comments.
* Replaced minimal_oqs_sig with example_sig.
* Ensure travis tests fail on error
* Add try-catch block in all-tests.sh
* Ignore example_sig
* Point global-namespace-check to .libs/liboqs.a
* More precise error handling in global-namespace-check
* Warning colours in travis tests and error handling in free-check
* Error handling in style-check
* Clean up style-check
* Removed leftover minimal_sig_oqs ref and VS projects.
* Prettyprint
* Revert clang-format version check
* Re-revert clang-format style check
* Prettyprint
* Added speed_sig to master.
* Removed superfluous extern from sig schemes .h
