liboqs

mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-04 00:02:01 -04:00

Author	SHA1	Message	Date
Matthias J. Kannwischer	708b1052d5	Adjust constan-time test exception for mlkem-native [extended tests] (#2162 ) The constant-time tests have been failing for mlkem-native as check_sk changed it's name and is no no longer recognized as an exception. This function processes exclusively public data in the secret key and it's, hence, okay to branch both inside the function and depending on the return value. This commit renames the function in the constant_time exceptions file. Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-06-10 08:49:19 -04:00
Sadiq Hussain M	a47d8926c9	tests: Check OQS_STATUS of RNG and fstore functions (#2153 )	2025-06-06 13:26:31 -04:00
h2parson	f06ade9406	Wycheproof (#2145 ) * added wycheproof vectors for mlkem Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * astyle formatting Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * add license and remove unused vars Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * random_bytes_free Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * remove unused rc Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * add assert Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * initialize variables before branching Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * fix dead code warning Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * explicit json encoding and helpers run subprocess addedd Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * styling Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * fixing dead code and linux issues Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Hayden Parsons <h2parson@eduroam-campus-10-36-104-59.campus-dynamic.uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-05 19:47:02 -04:00
Sadiq Hussain M	9aa76bc130	tests: Remove unused variables (#2152 ) signed_msg and signed_msg_len aren't used as output parameters anywhere. Hence, remove their occurrences. Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com>	2025-06-05 09:00:37 -04:00
Sadiq Hussain M	bf14f5fce2	tests: Use secure free for secret key objects (#2149 ) Use OQS_MEM_secure_free() instead of OQS_MEM_insecure_free() for secret key objects. Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com>	2025-06-05 09:00:20 -04:00
Matthias J. Kannwischer	4784356bd1	Update mlkem-native to v1.0.0 (#2146 ) * Update mlkem-native to v1.0.0 This commit updates mlkem-native to the first stable release v1.0.0. This also removes a patch that was needed for an older version of mlkem-native. Resolves https://github.com/open-quantum-safe/liboqs/issues/2110 Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-05 08:59:49 -04:00
Sadiq Hussain M	894547b15c	Check for NULL dereference before using secure free (#2151 ) * Check for NULL dereference before using secure free Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-04 16:18:45 -04:00
Sadiq Hussain M	65ed00c2f1	Use OQS_MEM_cleanse() instead of memset() (#2158 ) * Use OQS_MEM_cleanse() instead of memset() This is needed for secret objects as memset maybe optimized out by the compiler. Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-04 16:18:36 -04:00
Douglas Stebila	1e8222339b	Skip failing CI test (#2157 ) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>	2025-06-04 08:09:16 -04:00
M-AlNoaimi	51bf0b6b94	Add support for context string signing in signature algorithms (#2142 ) Signed-off-by: M-AlNoaimi <26318936+M-AlNoaimi@users.noreply.github.com>	2025-05-28 06:46:00 -04:00
Abhinav Saxena	b75bfb8c56	Update ACVP vectors to latest release (#2131 ) Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2025-05-02 21:07:50 -04:00
Jan Adriaan Leegwater	429c98ee7e	Integrate SNOVA into liboqs (#2109 ) * Integrate SNOVA into liboqs Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Remove SNOVA_66_15_3 Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Add ARM NEON Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Update, tighter constant_time passes and issues [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Update remote commit Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Review comments SWilson4 [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Fix newline at end of file [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Restrict zephyr algorithms to the low stack ones. [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Disable SNOVA_24_5_5 in zephyr test [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Fix typos in KAT [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Use Constant Time version for sign [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> --------- Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl>	2025-05-01 11:41:57 -04:00
Pravek Sharma	9c68f3d7e4	Change cupqc upstream repo (#2115 ) Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>	2025-04-25 12:09:39 -04:00
Aiden Fox Ivey	f8766fa696	Update Nix flake inputs (#2126 ) Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-04-25 11:35:44 -04:00
Spencer Wilson	1dfa5beaba	Promote @SWilson4 from Committer to Maintainer [skip ci] (#2120 ) * Promote @SWilson4 from Committer to Maintainer [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Document Michael's leave of absence [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Remove John Schanck from the list of current committers [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Keep @SWilson4 on the list of Committers [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-04-21 09:57:38 -04:00
Khalid	5d4a3caee0	Restrict -Wno-maybe-uninitialized to GCC and fix stack size typo (#2111 ) Signed-off-by: Khalid Alraddady <187553667+hawazyn@users.noreply.github.com> Co-authored-by: Khalid Alraddady <187553667+hawazyn@users.noreply.github.com>	2025-04-21 09:36:14 -04:00
Pravek Sharma	23360d41be	Switch to dev mode (#2125 ) Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>	2025-04-17 12:35:10 -04:00
Pravek Sharma	85cac74dab	0.13.0 release (#2119 ) * Bump version string Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update release notes Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update security notes Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Remove rc1 tags Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add link to OQS survey in RELEASE.md Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update RELEASE.md with HQC remark Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update release date Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add survey link to README.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>	2025-04-17 11:05:33 -04:00
Spencer Wilson	3cedd464f7	Fix PR workflow runs (#2123 ) * Run scorecard workflow with models:read Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Remove all permissions for scorecard workflow Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add security-events and id-token perms Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Clean up comments Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update commit-to-main and weekly calls Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-04-11 07:30:01 -04:00
Douglas Stebila	a7d698ca9c	Temporarily disable HQC (#2122 ) * Temporarily disable HQC Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Add logic to disable algorithms by default Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-04-11 05:47:21 -04:00
Spencer Wilson	6337a8424d	Add support caveat (#2114 ) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-03-24 20:01:09 -04:00
Martin Kröning	a20597ce83	build: search unistd.h separately from sys/random.h for getentropy (#2104 ) Signed-off-by: Martin Kröning <martin.kroening@eonerc.rwth-aachen.de>	2025-03-20 12:58:16 -04:00
Basil Hess	fe11b6a9fd	Update nist-round in UOV and MAYO data sheet (#2105 ) Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-19 11:56:15 -04:00
Spencer Wilson	3ca1a36909	Add DeriveKeyPair API (#2070 ) * Initial derive keypair commit Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add pqcrystals-ml_kem_ipd.patch Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix encaps key in scheme and revert whitespace changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Hopefully corrected patch file Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Corrected missing derand in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix indentation Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> derand testing tentative changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add missing function declarations Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add template for avx2 derand functions Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> WIP: Add changes for coin length Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Update patch to include coin lengths Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Bootstrap Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Conditional copy Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Separate coins variable into two distinct variables Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Add derand fixes - Add support for BIKE, FrodoKEM, sntrup - Add hooks for testing - Add missing kem comment to documentation - Don't run decaps() in test_kem_derand if encaps_derand() fails - Add markdown documentation changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> WIP trying to fix build errors Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix remaining build issues Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused parameter issues for BIKE Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused paramter issues for FrodoKEM Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitespace inconsistency Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitepace issue Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Insert unused attributes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Void all unused parameters Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Use tab instead of spaces in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix kem_derand python tests Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Initialize coins in test_kem_derand Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update patch to work with mlkem-native Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update docs generation and templating Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Don't call randombytes on zero-length arrays Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run format script Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Remove encaps_derand support Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Skip encaps/decaps in test_kem_derand Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refactor test code Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * s/coins/seed/g Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve output Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve formatting [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Eddy Kim <Eddy.M.Kim@outlook.com>	2025-03-18 14:40:07 -04:00
Basil Hess	940d2d0bb8	chore: update MAYO version in datasheet (#2103 ) Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-18 11:10:20 -04:00
Marco Gianvecchio	8ee6039c74	Add bitflip test for trivial SUF-CMA forgeries (#2090 ) * add bitflip test to test_sig.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * format code Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * - add sig->suf_cma - add command-line argument to test_sig.c (the number of bitflips) - update CROSS upstream to SUF-CMA Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * %d to %ld for size_t bitflips Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast argument bitflips to size_t Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * replace atoi() with strtol() Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast bit_index to %llu Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update bitflip tests: - revert CROSS to EUF-CMA - add test_bitflip_message - exclude stateful signatures for now Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * remove bitflips_as_str in printf Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * test_bitflip as a single function, add support for stateful signatures Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * add OQS_TEST_CT_DECLASSIFY after test_bitflip_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * more OQS_TEST_CT_DECLASSIFY [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * patch dilithium to add suf-cma Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * SUF-CMA in dilithium docs, run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct sizeof in OQS_randombytes call (thank you @SWilson4!) Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * factor bitflip testing functions out into test_helpers.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_kem_mem Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_sig and test_sig_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-03-14 11:53:05 -04:00
Matthias J. Kannwischer	8ed50816c1	Add UOV (#2094 ) * update_docs_from_yaml.py: Do not rely on SPHINCS being last Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * allow pqov namespace Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * add uov implementations [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Typo [skip ci] Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> * add UOV to NIST_SIG_ONRAMP Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Co-authored-by: Thing-han, Lim <15379156+potsrevennil@users.noreply.github.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-10 10:33:27 -04:00
Spencer Wilson	bf515a3609	Bump version to 0.13.0-dev [skip ci] (#2099 ) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-03-07 17:41:17 -05:00
Spencer Wilson	526506f67a	Add references to security response process (#2077 ) * Add link to security response process [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add security support info to PLATFORMS.md [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add SECURITY.md to Doxyfile Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Fix links for Doxygen Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-03-07 17:40:57 -05:00
Matthias J. Kannwischer	726400dfe6	Update mlkem-native to v1.0.0-beta (#2092 ) * remove pqcrystals ml-kem patch that is no longer needed Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Update mlkem-native to v1.0.0-beta [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-03-07 13:43:02 -05:00
Basil Hess	fa5f792906	Update MAYO to NIST round 2 (#2095 ) * Update MAYO to NIST round 2 [full tests] [extended tests] [trigger downstream] Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * Update mayo yml with neon Signed-off-by: Basil Hess <bhe@zurich.ibm.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-07 18:31:41 +01:00
Aiden Fox Ivey	d4eb7a6d61	Add Nix flake, instructions, and Nix CI (#1970 ) Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-03-05 14:41:38 -05:00
Matthias J. Kannwischer	5450d7c2ee	Update actions/cache to v4.2.2 [full tests] (#2093 ) Github recently turned off their old caching APIs: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down liboqs' CI started failing with the following error message for me: This request has been automatically failed because it uses a deprecated version of `actions/cache: e12d46a63a90f2fae62d114769bbf2a179198b5c`. Please update your workflow to use v3/v4 of actions/cache to avoid interruptions. This commit updates to the newer version of actions/cache that is using the new Github APIs. Note that Github's blog post is misleading. A lot more versions than v1/v2 are being disabled including v3.3.3 that is used in liboqs - see https://github.com/actions/cache/discussions/1510 Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-03-03 07:46:41 -05:00
Abhinav Saxena	38725ba063	Add checks for ML-KEM keys (#2009 ) * add checks for ML-KEM keys * add mod(3329) using barrett reduction Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2025-02-26 10:31:13 +01:00
Pablo Gutiérrez	c2a6559c22	Added alg_version details to test output (#2080 ) * Added alg_version details as test output Signed-off-by: Pablo Gutiérrez <pablogf@uma.es>	2025-02-25 17:21:11 +01:00
Richard Levitte	f5a044874d	Ensure that building against liboqs build directory works (#2086 ) liboqsTargets.cmake is supposed to be adjacent liboqsConfig.cmake for the latter to be functional. This change ensure that this condition is met in the build directory, allowing other CMake projects to build against a liboqs build directory (as should be possible, implied by the use of 'export()'). Signed-off-by: Richard Levitte <richard@levitte.org>	2025-02-24 17:00:42 -05:00
Michael Baentsch	ef47d9af27	improving CONTRIBUTING.md for maintainability [skip ci] (#2081 ) Signed-off-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>	2025-02-21 18:18:07 +01:00
Marco Gianvecchio	77917043c4	Update CROSS to version 2.0 (#2078 ) * Update CROSS to version 2.0 Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * implementations-switch-on-runtime-cpu-features: false in CROSS [skip ci] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update KAT "all" for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update cross.md [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct call stack in the suppression file for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-02-20 07:51:12 +01:00
Douglas Stebila	063ed784e0	Add threat model (#2033 ) * Add threat model Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update language around constant-time goals Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update SECURITY.md Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-19 16:41:04 -05:00
Pravek Sharma	5afca64205	Disable cupqc-buildcheck (#2075 ) Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>	2025-02-10 16:48:01 -05:00
Spencer Wilson	0a23450d06	GitHub runner updates (#2069 ) * Add macos-15 runner; update gcc version [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Don't run libjade on macos-15; remove gcc 13 patch Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add windows-2025 runner [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refactor matrix [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update actionlint config Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update PLATFORMS.md [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Specify gcc-14 Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-10 09:18:26 -05:00
Spencer Wilson	b80240c348	Update example files (#2071 ) * Update example files to use ML-KEM and ML-DSA Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Call example_sig_stfl in test_cmdline.py Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-07 15:22:07 -05:00
Basil Hess	a554b36dd3	Import ML-KEM from mlkem-native/PQ code package (#2041 ) * Integrate ML-KEM from mlkem-native [full tests] [extended tests] --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-02-04 16:26:27 +01:00
Pablo Gutiérrez	47612ee6d8	Update sig_stfl Doxygen documentation (#2059 ) * Bump jinja2 in /scripts/copy_from_upstream in the pip group (#2036) Bumps the pip group in /scripts/copy_from_upstream with 1 update: [jinja2](https://github.com/pallets/jinja). Updates `jinja2` from 3.1.4 to 3.1.5 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added sig_stfl.h path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added sig_stfl path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Update to public Ubuntu 24.04 ARM runner [full tests] (#2050) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added Doxygen comments of algorithm identifiers until XMSSMT Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * commit Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added all algorithm identifiers Doxyfile comments for sig_stfl Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added additional Doxygen comments to sig_stfl.h Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed formatting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed return types errors Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * included sig_stfl API Doxygen documentation [full tests] Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daiki Ueno <dueno@redhat.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Steven I Reeves <sreeves@nvidia.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-02-03 12:46:29 -05:00
Basil Hess	7eb9af7aba	Build with latest zephyr container failing, pinning 0.27.4 [full tests] (#2063 ) Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-02-03 12:45:49 -05:00
Daiki Ueno	f877812314	Check unresolved symbols when compiled with OQS_DLOPEN_OPENSSL (#2058 ) As a follow-up of commit 64bceb37fafa9b90cf228965079de9ebd77a83b9, this checks that the library artifacts don't contain any unresolved symbols from libcrypto.so when it is dynamically loaded. Signed-off-by: Daiki Ueno <dueno@redhat.com>	2025-01-29 14:15:00 -05:00
Abhinav Saxena	4b34efeaec	Update ACVP vectors for KEM and DSA (#2051 ) * add latest ACVP vector tests Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * minor script improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix build issues Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix build issues Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * minor improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * test file improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> --------- Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2025-01-29 14:11:47 -05:00
Steven I Reeves	6a16ac68b5	NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044 ) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-01-27 18:17:05 -05:00
Spencer Wilson	99affa6935	Update to public Ubuntu 24.04 ARM runner [full tests] (#2050 ) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-01-26 13:10:19 -05:00
Daiki Ueno	64bceb37fa	Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043 ) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com>	2025-01-15 15:55:51 -05:00

1 2 3 4 5 ...

1643 Commits