* [#1823] replace malloc/calloc/strdup/free with openssl allocator
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] update memory allocator for copy_from_upstream
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] Use OpenSSL Memory Allocator for BIKE, FrodoKEM, and NTRUPrime
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* [#1823] Add Comments for Doxygen
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* include openssl/crypto.h and resolve conflict varible for ntru
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add openssl version check to fix build error
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Fix build for OQS_DLOPEN_OPENSSL
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* remove OQS_MEM_free
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add allocator check in tests/test_code_conventions.py
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add IGNORE memory-check
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Delect checked allocation functions
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Revert back p_param to p for sntrup
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add allocator check for '.c', '.h', '.fragment'
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add NULL for previous checked allocation
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* Add fprintf error for abort cases
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
* use OQS_EXIT_IF_NULLPTR for checked malloc cases
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
---------
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Add support for LMS and XMSS. Key generation and signing are disabled behind a feature flag labelled "hazardous experimental."
---------
Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Signed-off-by: Norman Ashley <nashley@cisco.com>
Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>
Co-authored-by: Duc Tri Nguyen <dnguye69@gmu.edu>
Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>
Co-authored-by: Duc Nguyen <106774416+ducnguyen-sb@users.noreply.github.com>
Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>
Co-authored-by: Duc Nguyen <ductri.nguyen@sandboxquantum.com>
Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Co-authored-by: Jason Goertzen <133878263+jgoertzen-sb@users.noreply.github.com>
* sha2: Use EVP_MD_CTX_free instead of EVP_MD_CTX_destroy
According to the manual page, EVP_MD_CTX_destroy has been renamed to
EVP_MD_CTX_free in OpenSSL 1.1.0 and only provided as a compatibility
macro in later OpenSSL releases:
https://www.openssl.org/docs/man1.1.1/man3/EVP_MD_CTX_free.html
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* ossl_helpers: Use pthread_once instead of CRYPTO_THREAD_run_once
Throughout the code base, liboqs uses pthread_once for one-shot
initialization and falls back to thread-unsafe code if it is not
supported nor enabled on the system. For consistency and to remove
additional dependency on OpenSSL, this switches the use of
CRYPTO_THREAD_run_once with that.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Make common algorithms pluggable
This allows applications to replace the implementation of common
cryptographic algorithms at runtime, by setting callback functions for
each operations with OQS_AES_set_callbacks, OQS_SHA2_set_callbacks,
OQS_SHA3_set_callbacks, and OQS_SHA3_x4_callbacks. Those functions
may be called once before OQS_init; otherwise the default
implementation will be used.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Add option to dynamically load libcrypto.so.*
This adds OQS_DLOPEN_OPENSSL build option to use OpenSSL through
dynamically loaded libcrypto.so.* with dlopen, instead of linking to
the library at build time.
That way the applications could use their favorite implementation of
common cryptographic primitives without pulling in the OpenSSL as a
hard dependency.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Add tests for OQS_*_set_callbacks
This adds tests that exercise OQS_*_set_callbacks by overriding one of
the function of each and ensuring the wrapper function is called.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---------
Signed-off-by: Daiki Ueno <dueno@redhat.com>
* disable OpenSSL if neither AES, SHA2, or SHA3 are OSSL-provided
* Fixes faulty OpenSSL incremental SHA2 API integration
* guard OpenSSL3 initialization
* initialize all OSSL3 statics if OQS_USE_OPENSSL=ON
* Strawman version of one-time fetching MD objects from OpenSSL
We need init them and free them in one place to avoid threading
issues.
* Moving initialization of OpenSSL objects to a separate file
* Call OQS_init to ensure OpenSSL methods are cached
* Fix typo
* Use prefetch OpenSSL cipher object in rand_nist
---------
Co-authored-by: Douglas Stebila <beldmit@users.noreply.github.com>
Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>
* Add SPDX-License-Identifier in src/common
* Add SPDX-License-Identifier in FrodoKEM
* Add SPDX-License-Identifier in SIKE
* Add SPDX-License-Identifier in BIKE
* Add SPDX-License-Identifier in OQS headers
* Add SPDX-License-Identifier in files generated during copy-from-pqclean
* Add SPDX-License-Identifier in Picnic
* Add SPDX-License-Identifier in qTesla
* Add SPDX-License-Identifier in CMake files
* Update license info in README
* Add SPDX-License-Identifier in scripts
* Add SPDX-License-Info to CMakeLists
* Add SPDX-License-Info in tests
* Add SPDX-License-Info to various files
* Prettyprint
* Add test for SPDX-License-Identifier headers
* Updated license identifiers for CPU extension detection code.
* Use conjunction for SPDX in file with two licenses
Co-authored-by: xvzcf <xvzcf@users.noreply.github.com>
* Sync with PQClean commit 6de728361e33ad3a5a6997e0896ff9fe8e44a999
* Revise SHA-2 API to match PQClean
* Revise SHA-3 API to match PQClean
* Fix compiler warning
* Fix typo
[skip ci]
* Fix typo
[skip ci]
* Sync with PQClean as of January 22, 2020
* Add SHA256 incremental state destroy function
Following https://github.com/PQClean/PQClean/pull/247
* Fix typo
* Update PQClean commit in algorithm data sheets
[skip ci]
* Single underscore in header inclusion guards
* Added -Wstrict-prototypes flag and fixed resulting errors.
* Removed double underscores from header guards.
* Changed EVP_MD_CTX_create to EVP_MD_CTX_new and EVP_MD_CTX_destroy to EVP_MD_CTX_free.
* Fixed comments.
* Changed Kyber function signatures.
* Revert "Changed EVP_MD_CTX_create to EVP_MD_CTX_new and EVP_MD_CTX_destroy to EVP_MD_CTX_free."
This reverts commit f09b5e49d73b16b56d332fbcfc3b671966032fd4.
