* Removed upstream `name: pqcrystals-dilithium` and signature `name: dilithium` from `copy_from_upstream.yml`.
Removed everything under `src/sig/dilithium`
Re-run `copy_from_upstream.py -d copy`, which produced downstream changes to various build files.
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* remove Dilithium entries from kats.json
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* remove Dilithium entries from constant_time tests
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Removed dilithium.yml and dilithium.md. Re-run copy_from_upstream.py, which also updated README.md and cbom.json
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Removed Dilithium from FUZZING.md
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* removed license information about pqclean Dilithium and pqcrystals-dilithium from README.md. README.md still mentions Dilithium but only to say that it has been excluded
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Upgraded CONFIGURE.md minimal build example to ML-KEM-768 and ML-DSA-44
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Upgraded C++ sig linking test to ML-DSA-44; also added option to make the test fail hard if the algorithm is not enabled
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* remove Dilithium from GitHub action workflows
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* removed Dilithium from zephyr configuration and examples
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Removed scripts/copy_from_upstream/patches/pqclean-dilithium-arm-randomized-signing.patch
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Removed dilithium from upstream.name==pqclean.ignore
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Removed orphaned patches
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
---------
Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
* Pull ML-DSA from pq-crystals upstream.
* Removes ML-DSA-ipd
* Adds support for context strings to OQS SIG API.
* Adding _with_ctx_str APIs, templating
* Adds ACVP tests for ML-DSA
* export symbols for acvp tests (dynamic linking)
* remove IPD intermediate values
* adds flag for ctx support
* Update constant-time passes after line nubmer and function name changes
* Update KATs
* API with checks for signatures without ctx support
* Additional test for signatures with ctx
* Change alg_version to FIPS204
* Update ML-DSA security claim to SUF-CMA, according to FIPS204
* Update src/sig/sig.h
* Fix test_alg_info
---------
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
* [#1823] replace malloc/calloc/strdup/free with openssl allocator
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] update memory allocator for copy_from_upstream
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] Use OpenSSL Memory Allocator for BIKE, FrodoKEM, and NTRUPrime
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] Add Comments for Doxygen
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* include openssl/crypto.h and resolve conflict varible for ntru
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add openssl version check to fix build error
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Fix build for OQS_DLOPEN_OPENSSL
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* remove OQS_MEM_free
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add allocator check in tests/test_code_conventions.py
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add IGNORE memory-check
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Delect checked allocation functions
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Revert back p_param to p for sntrup
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add allocator check for '.c', '.h', '.fragment'
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add NULL for previous checked allocation
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add fprintf error for abort cases
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* use OQS_EXIT_IF_NULLPTR for checked malloc cases
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
---------
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Pulls ML-DSA-ipd and ML-KEM-ipd
Adds test cases with NIST supplied test vectors for ML-DSA/ML-KEM
Adds aliases (ML-<name> are aliases of ML-<name>-ipd)
[trigger downstream]
Run full KAT tests weekly. All should pass except Falcon-1024, which is pending upstream changes.
---------
Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>
* Separate public and internal headers
* Add necessary #include statements in FrodoKem code
* Build oqs-internal library
* Link test programs with oqs-internal
* Update header file documentation
* Refactor test Makefile
* Move rand_nist to internal API only
* Delete nistseedexpander shim
* Remove internal headers from Doxyfile
* Switch to new PQClean commit for SPHINCS+ and remove old patch file
* Improve "compilability" on Apple M1 (ARM) (#1421)
* correct ARM SHA3 extension addition
* correct compile option for ARM SHA
* correct SHA3 enablement
* Remove SPHINCS+ robust and Haraka variants
* Fix SHA2 block sizes in OpenSSL wrapper
* enable Keccak for Sphincs even if OpenSSL shall provide SHA3
* properly handle xkcp enablement if only specific algorithms are selected
* correct conditional setting
* re-enable XKCP for other platforms
* Windows support
* alternate pqcrystals-AES removal
---------
Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>
* Strawman version of one-time fetching MD objects from OpenSSL
We need init them and free them in one place to avoid threading
issues.
* Moving initialization of OpenSSL objects to a separate file
* Call OQS_init to ensure OpenSSL methods are cached
* Fix typo
* Use prefetch OpenSSL cipher object in rand_nist
---------
Co-authored-by: Douglas Stebila <beldmit@users.noreply.github.com>
Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>
* Point Kyber and Dilithium to pqcrystals-repo.
* Pulls Kyber and Dilithium from PQCrystals using copy_from_upstream
* Dilithium Round 3
* Kyber round 3
* Updates Dilithium Round 3 KAT
* Updates kyber.md and dilithium.md (manual changes after running copy_from_upstream)
* Update copy_from_pqclean / copy_from_upstream (#880)
* Renames copy_from_pqclean to copy_from_upstream.
* Adds 'upstreams' field to copy_from_upstream.yml, allowing to specify upstream repositories, branches and commits.
* Modifies "copy" command in copy_from_upstream: sources are pulled from specified git-repositories. Implementation folders in $LIBOQS_DIR/src will be prefixed with the upstream-name.
* Adds "verify" command in copy_from_upstream: Implementations in $LIBOQS_DIR/src are compared with expected upstream versions.
* Prepares for copying pqclean, pqcrystals-kyber and pqcrystals-dilithium from upstream.
* Updates copy_from_upstream to process common dependencies from an upstream.
* Adds reminder text to manually update algorithm docs .md files after copying
* Add SPDX-License-Identifier in src/common
* Add SPDX-License-Identifier in FrodoKEM
* Add SPDX-License-Identifier in SIKE
* Add SPDX-License-Identifier in BIKE
* Add SPDX-License-Identifier in OQS headers
* Add SPDX-License-Identifier in files generated during copy-from-pqclean
* Add SPDX-License-Identifier in Picnic
* Add SPDX-License-Identifier in qTesla
* Add SPDX-License-Identifier in CMake files
* Update license info in README
* Add SPDX-License-Identifier in scripts
* Add SPDX-License-Info to CMakeLists
* Add SPDX-License-Info in tests
* Add SPDX-License-Info to various files
* Prettyprint
* Add test for SPDX-License-Identifier headers
* Updated license identifiers for CPU extension detection code.
* Use conjunction for SPDX in file with two licenses
Co-authored-by: xvzcf <xvzcf@users.noreply.github.com>
* Refactored build and templating scripts.
* Added check for OQS_PORTABLE_BUILD to Frodo.
* Removed security_strength parameter from OQS_randombytes_nist_kat_init.
* More cleanup after replaced dashes in filenames
* Add Falcon from PQClean and sync with latest PQClean commits
* Try to fix type punning warning in Falcon
* Missed templating
* Formatting change
