liboqs

mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-04 00:02:01 -04:00

Author	SHA1	Message	Date
nonam3e	e64026e27a	Fix/icicle ml kem 768 (#2288 ) * fix 768 version Signed-off-by: nonam3e <timur@ingonyama.com> * update upstream git commit Signed-off-by: nonam3e <timur@ingonyama.com> --------- Signed-off-by: nonam3e <timur@ingonyama.com>	2025-10-01 09:24:35 -04:00
Douglas Stebila	b6c875f196	Disable strict aliasing on SPHINCS+-SHAKE (#2264 ) * Disable strict aliasing on SPHINCS+-SHAKE Fixes #2210 Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Missed a few variants Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>	2025-09-23 08:42:11 -04:00
Bruce	f629296e28	Remove Dilithium (#2275 ) * Removed upstream `name: pqcrystals-dilithium` and signature `name: dilithium` from `copy_from_upstream.yml`. Removed everything under `src/sig/dilithium` Re-run `copy_from_upstream.py -d copy`, which produced downstream changes to various build files. Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * remove Dilithium entries from kats.json Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * remove Dilithium entries from constant_time tests Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Removed dilithium.yml and dilithium.md. Re-run copy_from_upstream.py, which also updated README.md and cbom.json Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Removed Dilithium from FUZZING.md Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * removed license information about pqclean Dilithium and pqcrystals-dilithium from README.md. README.md still mentions Dilithium but only to say that it has been excluded Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Upgraded CONFIGURE.md minimal build example to ML-KEM-768 and ML-DSA-44 Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Upgraded C++ sig linking test to ML-DSA-44; also added option to make the test fail hard if the algorithm is not enabled Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * remove Dilithium from GitHub action workflows Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * removed Dilithium from zephyr configuration and examples Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Removed scripts/copy_from_upstream/patches/pqclean-dilithium-arm-randomized-signing.patch Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Removed dilithium from upstream.name==pqclean.ignore Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Removed orphaned patches Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> --------- Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-09-22 20:52:14 -04:00
Bruce	1ae1b92302	initialize length_encaps_seed for NTRU implementations (#2266 ) * initialize length_encaps_seed for NTRU implementations Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * Only allocate for keypair seed and encaps seed when derandomized Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * format test_kem.c according to astyle Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * only call memcmp on keypair_seed and encaps_seed if derand Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> --------- Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-09-15 15:53:48 -04:00
Bruce	390b906d19	Patch ICICLE ML-KEM for deterministic encapsulation (#2258 ) * patch ICICLE ML-KEM to include enc_derand, but they are not tested Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> * copy_from_upstream.py added deterministic encapsulation info to NTRU docs Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca> --------- Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-09-15 10:09:26 -04:00
Saito Masataka	59bf831b47	Add NTRU back (#2176 ) This commit includes following changes: * Revert "Removed NTRU. (#1335)" * Replace the uses of malloc with OQS_MEM_malloc * Add a derandomized keypair function * Add "all" entries of NTRU algorithms to the KATs file * Fix reflecting the removal of NTRU from PQClean * Update NTRU documents with the latest manners * Change the CODEOWNERS of NTRU KEM Signed-off-by: Saito Masataka <saitomst@intellilink.co.jp>	2025-09-09 17:10:28 -04:00
Marco Gianvecchio	f58b45a087	Update CROSS to version 2.2 (#2247 ) * update CROSS to version 2.2 Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * in CROSS-RSDPG memset vector to 0 before AVX2 exponentiation Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * in CROSS-RSDPG memset vector to 0 before AVX2 exponentiation Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-09-09 17:03:45 -04:00
max-p-log-p	c7ae760162	Change 64 bit add to 32 bit add to wrap on 32 bit counter for AES-CTR AES-NI implementation (#2252 ) Signed-off-by: Brandon Luo <sel4@disroot.org> Co-authored-by: Brandon Luo <brandon.luo@ll.mit.edu>	2025-09-09 16:55:19 -04:00
Vibhav Tiwari	d566dd236a	Improve random number generator security (#2225 ) * Update common/CMakeLists.txt * Add OQS_HAVE_BCRYPT compile definition Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> * Use BCryptGenRandom as default Win32 system RNG Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> * Fix code formatting Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix CMakeLists.txt Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> * Revert change to OQS_randombytes docs Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> * Fix CMake build failures Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> --------- Signed-off-by: vibhav950 <vibhavtiwari.official@gmail.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca>	2025-09-04 11:09:10 -04:00
Rodrigo Martín	c62031ee75	Include DeriveEncapsulation functionality (Issue #2135 ) (#2221 ) * Include 'encaps_derand' functionality Signed-off-by: RodriM11 <62776780+RodriM11@users.noreply.github.com> * Add changes pertaining to upstream copy Signed-off-by: RodriM11 <62776780+RodriM11@users.noreply.github.com> * Add co-author Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: RodriM11 <62776780+RodriM11@users.noreply.github.com> * Fix formatting Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Modify 'vectors_kem.c' to employ '_derand' API Signed-off-by: Rodrigo Martin Sánchez-Ledesma <rmsanchezledesma@indra.es> --------- Signed-off-by: RodriM11 <62776780+RodriM11@users.noreply.github.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Rodrigo Martin Sánchez-Ledesma <rmsanchezledesma@indra.es> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Rodrigo Martin Sánchez-Ledesma <rmsanchezledesma@indra.es>	2025-08-27 10:05:41 -04:00
h2parson	cbffa331d5	SLH-DSA ACVP tests (#2237 ) * apply slh acvp branch Signed-off-by: h2parson <h2parson@uwaterloo.ca> * remove openssl/bio.h include Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix windows __attribute__ issue Signed-off-by: h2parson <h2parson@uwaterloo.ca> * Update tests/vectors_sig.c [skip ci] Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: h2parson <h2parson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-08-27 09:43:57 -04:00
matlimatli	5f9736304f	Avoid invalid compiler options for MSVC (#2239 ) Fixes #2238, Fixes #2177 Signed-off-by: Mattias Lindblad <matlin@gmail.com>	2025-08-19 08:26:13 -04:00
sukrucildirr	2dc4afc2cf	chore: fix typos across codebase (#2244 ) * Update PROCEDURES.md Signed-off-by: sukrucildirr <sukrucildirr@gmail.com> * Update FUZZING.md Signed-off-by: sukrucildirr <sukrucildirr@gmail.com> * Update vectors_kem.c Signed-off-by: sukrucildirr <sukrucildirr@gmail.com> * Update ossl_functions.h Signed-off-by: sukrucildirr <sukrucildirr@gmail.com> --------- Signed-off-by: sukrucildirr <sukrucildirr@gmail.com>	2025-08-18 10:19:28 -04:00
Aiden Fox Ivey	1d6e213aa3	Add Classic McEliece sanitization patch (#2218 ) * Add patches Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> * Add Classic McEliece sanitization patch Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> --------- Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-08-18 10:04:23 -04:00
nonam3e	16b8629972	Icicle-pqc integration (#2216 ) * correct build Signed-off-by: nonam3e <timur@ingonyama.com> * use interface to link Signed-off-by: nonam3e <timur@ingonyama.com> * remove load backends Signed-off-by: nonam3e <timur@ingonyama.com> * liboqs 0.14.0 release candidate 1 (#2180) * Prepare 0.14.0 release candidate 1 [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update release notes with deprecation and security info [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: nonam3e <timur@ingonyama.com> * add icicle in scripts Signed-off-by: nonam3e <timur@ingonyama.com> * update docs Signed-off-by: nonam3e <timur@ingonyama.com> * add link Signed-off-by: nonam3e <timur@ingonyama.com> * build with local package Signed-off-by: nonam3e <timur@ingonyama.com> * update scripts Signed-off-by: nonam3e <timur@ingonyama.com> * choose alg -DOQS_ENABLE_KEM_ml_kem_512_icicle_cuda=ON -DOQS_ENABLE_KEM_ml_kem_768_icicle_cuda=OFF Signed-off-by: nonam3e <timur@ingonyama.com> * docs Signed-off-by: nonam3e <timur@ingonyama.com> * OQS_STATUS return type Signed-off-by: nonam3e <timur@ingonyama.com> * Document public / internal API split [skip ci] (#2182) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: nonam3e <timur@ingonyama.com> * liboqs 0.14.0 release (#2198) Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: nonam3e <timur@ingonyama.com> * manual build Signed-off-by: nonam3e <timur@ingonyama.com> * remove tmp Signed-off-by: nonam3e <timur@ingonyama.com> * build statically with target_link_libraries Signed-off-by: nonam3e <timur@ingonyama.com> * Switch to dev mode for 0.14.1 (#2199) Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: nonam3e <timur@ingonyama.com> * update ACVP to 1.1.0.40 (#2172) Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> Signed-off-by: nonam3e <timur@ingonyama.com> * Added Custom Timeout to CI (#2189) * Added Custom Timeout to CI Signed-off-by: Konstantinos <konstantinos.kitsios@uzh.ch> * remove unnecessary comment Signed-off-by: Konstantinos <konstantinos.kitsios@uzh.ch> * Use correct syntax for timeout in jobs that span multiple files Signed-off-by: Konstantinos <konstantinos.kitsios@uzh.ch> --------- Signed-off-by: Konstantinos <konstantinos.kitsios@uzh.ch> Signed-off-by: nonam3e <timur@ingonyama.com> * Update nixpkgs from 24.05 to 25.05 (#2187) Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> Signed-off-by: nonam3e <timur@ingonyama.com> * update commit Signed-off-by: nonam3e <timur@ingonyama.com> * icicle pqc package cmd in CONFIGURE.md Signed-off-by: nonam3e <timur@ingonyama.com> * remove unnecessary targets from cmake config Signed-off-by: nonam3e <timur@ingonyama.com> * add SPDX-License-Identifier header Signed-off-by: nonam3e <timur@ingonyama.com> --------- Signed-off-by: nonam3e <timur@ingonyama.com> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> Signed-off-by: Konstantinos <konstantinos.kitsios@uzh.ch> Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> Co-authored-by: Kitsios Konstantinos <kitsios.konst@gmail.com> Co-authored-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-08-14 09:52:26 -04:00
h2parson	9e964cad5b	Integrate SLH-DSA-C Library (#2175 ) * copy from slhdsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * integrate with copy from upstream Signed-off-by: h2parson <h2parson@uwaterloo.ca> * explicitly list slhdsa files to include and push generated code Signed-off-by: h2parson <h2parson@uwaterloo.ca> * format code script Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add to requirements.in Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix code conventions Signed-off-by: h2parson <h2parson@uwaterloo.ca> * copy from upstream changes Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add chdir to copy from slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modify template Signed-off-by: h2parson <h2parson@uwaterloo.ca> * generate requirements.txt Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modify requirments in workflows Signed-off-by: h2parson <h2parson@uwaterloo.ca> * format Signed-off-by: h2parson <h2parson@uwaterloo.ca> * a Signed-off-by: h2parson <h2parson@uwaterloo.ca> * sort filenames in cmake file generation for slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add newline at end of header file Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add whitespace and fix alg info tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * update docs with copy from upstream Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add whitespace to src files Signed-off-by: h2parson <h2parson@uwaterloo.ca> * initialize ctx in slh Signed-off-by: h2parson <h2parson@uwaterloo.ca> * explicitly set little endian for windows x86 Signed-off-by: h2parson <h2parson@uwaterloo.ca> * temporarily disable ctx signing for slh tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * disable kats until hashes available for slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix issues in test sig mem Signed-off-by: h2parson <h2parson@uwaterloo.ca> * temporarily add namespaces so that slh dsa will not break test namespace Signed-off-by: h2parson <h2parson@uwaterloo.ca> * updates Signed-off-by: h2parson <h2parson@uwaterloo.ca> * formatted file Signed-off-by: h2parson <h2parson@uwaterloo.ca> * align jinja template to astyle Signed-off-by: h2parson <h2parson@uwaterloo.ca> * change addrnd size Signed-off-by: h2parson <h2parson@uwaterloo.ca> * copy from slhdsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * integrate with copy from upstream Signed-off-by: h2parson <h2parson@uwaterloo.ca> * explicitly list slhdsa files to include and push generated code Signed-off-by: h2parson <h2parson@uwaterloo.ca> * format code script Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add to requirements.in Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix code conventions Signed-off-by: h2parson <h2parson@uwaterloo.ca> * copy from upstream changes Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add chdir to copy from slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modify template Signed-off-by: h2parson <h2parson@uwaterloo.ca> * generate requirements.txt Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modify requirments in workflows Signed-off-by: h2parson <h2parson@uwaterloo.ca> * format Signed-off-by: h2parson <h2parson@uwaterloo.ca> * a Signed-off-by: h2parson <h2parson@uwaterloo.ca> * sort filenames in cmake file generation for slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add newline at end of header file Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add whitespace and fix alg info tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * update docs with copy from upstream Signed-off-by: h2parson <h2parson@uwaterloo.ca> * add whitespace to src files Signed-off-by: h2parson <h2parson@uwaterloo.ca> * initialize ctx in slh Signed-off-by: h2parson <h2parson@uwaterloo.ca> * explicitly set little endian for windows x86 Signed-off-by: h2parson <h2parson@uwaterloo.ca> * temporarily disable ctx signing for slh tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * disable kats until hashes available for slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix issues in test sig mem Signed-off-by: h2parson <h2parson@uwaterloo.ca> * temporarily add namespaces so that slh dsa will not break test namespace Signed-off-by: h2parson <h2parson@uwaterloo.ca> * updates Signed-off-by: h2parson <h2parson@uwaterloo.ca> * formatted file Signed-off-by: h2parson <h2parson@uwaterloo.ca> * align jinja template to astyle Signed-off-by: h2parson <h2parson@uwaterloo.ca> * change addrnd size Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix std algs filtering issue Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modifying windows amd toolchain file to fix endianness issue Signed-off-by: h2parson <h2parson@uwaterloo.ca> * disable leak testing on slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * disable slh dsa for arm emulated linux and zephyr tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix zephyr test skip logic Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix upstream issue with prehash naming and add variant specific nist levels Signed-off-by: h2parson <h2parson@uwaterloo.ca> * automatically update slh dsa yml file Signed-off-by: h2parson <h2parson@uwaterloo.ca> * get slh dsa md file generation working Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix naming in slh wrapper files Signed-off-by: h2parson <h2parson@uwaterloo.ca> * minor changes from review Signed-off-by: h2parson <h2parson@uwaterloo.ca> * separate slh dsa jobs from stfl sigs Signed-off-by: h2parson <h2parson@uwaterloo.ca> * separate slhdsa from sig stfl tests on mac and windows Signed-off-by: h2parson <h2parson@uwaterloo.ca> * fix macos yml format Signed-off-by: h2parson <h2parson@uwaterloo.ca> * modify zephyr timeout Signed-off-by: h2parson <h2parson@uwaterloo.ca> * re-enable some tests for slh dsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> * separate leak tests Signed-off-by: h2parson <h2parson@uwaterloo.ca> * allow algorithm family level enablement and reconfigure slhdsa CI jobs Signed-off-by: h2parson <h2parson@uwaterloo.ca> * move slh dsa address sanitizer to extended tests and extend time limit to 90 minutes Signed-off-by: h2parson <h2parson@uwaterloo.ca> * remove package deb from CI job, remove auto gen kat sig for slhdsa, add prime ctx step for sig testing slhdsa Signed-off-by: h2parson <h2parson@uwaterloo.ca> --------- Signed-off-by: h2parson <h2parson@uwaterloo.ca>	2025-08-13 15:41:47 -04:00
Spencer Wilson	b5d3dac4eb	liboqs 0.14.0 release candidate 1 (#2180 ) * Prepare 0.14.0 release candidate 1 [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update release notes with deprecation and security info [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-06-26 14:23:12 -04:00
Spencer Wilson	4215362acb	Merge commit from fork * Enable constant-time testing for -O3 builds [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add regression test for HQC constant-time issues * Build HQC without optimizations --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-06-23 14:36:48 -04:00
Aiden Fox Ivey	50185c6e72	Zeroize memory in SHA3 implementation (#2171 ) * Add OQS_MEM_aligned_secure_free convenience fn Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> * Rewrite SHA3 aligned frees to zeroize Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> --------- Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-06-20 14:12:12 -04:00
Marcel Cornu	8f926065eb	Add AVX512VL-Optimized SHA3/SHAKE Implementations (#2167 ) * Add SHA3-256/384/512 and SHAKE128/256 AVX512VL implementations Co-authored-by: Tomasz Kantecki <tomasz.kantecki@intel.com> Co-authored-by: Erdinc Ozturk <erdinc.ozturk@intel.com> Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> Signed-off-by: Tomasz Kantecki <tomasz.kantecki@intel.com> * AVX512VL SHA3 is added as an extension of XKCP implementation Co-authored-by: Marcel Cornu <marcel.d.cornu@intel.com> Signed-off-by: Tomasz Kantecki <tomasz.kantecki@intel.com> Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> * Add SHA3-384 tests Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> * Update namespace test to include SHA3 Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> * Release SHA3 context after triggering dispatcher Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> * Add linux CI for OQS_USE_SHA3_AVX512VL=OFF config Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> * Add AVX512 emulation to linux CI Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> --------- Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com> Signed-off-by: Tomasz Kantecki <tomasz.kantecki@intel.com> Co-authored-by: Tomasz Kantecki <tomasz.kantecki@intel.com> Co-authored-by: Erdinc Ozturk <erdinc.ozturk@intel.com>	2025-06-20 13:37:32 -04:00
Aiden Fox Ivey	47b8fdd404	Adding code coverage (#2148 ) * First stab at adding coverage tests Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Install dependencies for coveralls action Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Integrate code coverage into CI Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Properly parallelize Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refine test coverage Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Ignore unused exclude path error Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update exclude path Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Fix Markdown formatting Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Pin dependencies Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update workflow badge path Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> * Fix path in CI.md Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> * Remove unnecessary call to install curl Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-06-19 14:45:44 -04:00
Matthias J. Kannwischer	4784356bd1	Update mlkem-native to v1.0.0 (#2146 ) * Update mlkem-native to v1.0.0 This commit updates mlkem-native to the first stable release v1.0.0. This also removes a patch that was needed for an older version of mlkem-native. Resolves https://github.com/open-quantum-safe/liboqs/issues/2110 Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-05 08:59:49 -04:00
Sadiq Hussain M	894547b15c	Check for NULL dereference before using secure free (#2151 ) * Check for NULL dereference before using secure free Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-04 16:18:45 -04:00
Sadiq Hussain M	65ed00c2f1	Use OQS_MEM_cleanse() instead of memset() (#2158 ) * Use OQS_MEM_cleanse() instead of memset() This is needed for secret objects as memset maybe optimized out by the compiler. Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> * Skip failing CI test (#2157) * Skip failing CI test Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Co-authored-by: Hussain1811 <Sadiq.Hussain.M@ibm.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>	2025-06-04 16:18:36 -04:00
M-AlNoaimi	51bf0b6b94	Add support for context string signing in signature algorithms (#2142 ) Signed-off-by: M-AlNoaimi <26318936+M-AlNoaimi@users.noreply.github.com>	2025-05-28 06:46:00 -04:00
Jan Adriaan Leegwater	429c98ee7e	Integrate SNOVA into liboqs (#2109 ) * Integrate SNOVA into liboqs Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Remove SNOVA_66_15_3 Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Add ARM NEON Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Update, tighter constant_time passes and issues [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Update remote commit Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Review comments SWilson4 [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Fix newline at end of file [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Restrict zephyr algorithms to the low stack ones. [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Disable SNOVA_24_5_5 in zephyr test [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Fix typos in KAT [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> * Use Constant Time version for sign [full tests] [extended tests] Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl> --------- Signed-off-by: Jan Adriaan Leegwater <info@vacuas.nl>	2025-05-01 11:41:57 -04:00
Martin Kröning	a20597ce83	build: search unistd.h separately from sys/random.h for getentropy (#2104 ) Signed-off-by: Martin Kröning <martin.kroening@eonerc.rwth-aachen.de>	2025-03-20 12:58:16 -04:00
Spencer Wilson	3ca1a36909	Add DeriveKeyPair API (#2070 ) * Initial derive keypair commit Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add pqcrystals-ml_kem_ipd.patch Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix encaps key in scheme and revert whitespace changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Hopefully corrected patch file Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Corrected missing derand in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix indentation Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> derand testing tentative changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add missing function declarations Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add template for avx2 derand functions Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> WIP: Add changes for coin length Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Update patch to include coin lengths Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Bootstrap Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Conditional copy Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Separate coins variable into two distinct variables Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Add derand fixes - Add support for BIKE, FrodoKEM, sntrup - Add hooks for testing - Add missing kem comment to documentation - Don't run decaps() in test_kem_derand if encaps_derand() fails - Add markdown documentation changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> WIP trying to fix build errors Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix remaining build issues Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused parameter issues for BIKE Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused paramter issues for FrodoKEM Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitespace inconsistency Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitepace issue Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Insert unused attributes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Void all unused parameters Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Use tab instead of spaces in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix kem_derand python tests Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Initialize coins in test_kem_derand Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update patch to work with mlkem-native Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update docs generation and templating Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Don't call randombytes on zero-length arrays Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run format script Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Remove encaps_derand support Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Skip encaps/decaps in test_kem_derand Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refactor test code Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * s/coins/seed/g Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve output Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve formatting [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Eddy Kim <Eddy.M.Kim@outlook.com>	2025-03-18 14:40:07 -04:00
Marco Gianvecchio	8ee6039c74	Add bitflip test for trivial SUF-CMA forgeries (#2090 ) * add bitflip test to test_sig.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * format code Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * - add sig->suf_cma - add command-line argument to test_sig.c (the number of bitflips) - update CROSS upstream to SUF-CMA Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * %d to %ld for size_t bitflips Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast argument bitflips to size_t Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * replace atoi() with strtol() Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast bit_index to %llu Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update bitflip tests: - revert CROSS to EUF-CMA - add test_bitflip_message - exclude stateful signatures for now Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * remove bitflips_as_str in printf Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * test_bitflip as a single function, add support for stateful signatures Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * add OQS_TEST_CT_DECLASSIFY after test_bitflip_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * more OQS_TEST_CT_DECLASSIFY [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * patch dilithium to add suf-cma Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * SUF-CMA in dilithium docs, run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct sizeof in OQS_randombytes call (thank you @SWilson4!) Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * factor bitflip testing functions out into test_helpers.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_kem_mem Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_sig and test_sig_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-03-14 11:53:05 -04:00
Matthias J. Kannwischer	8ed50816c1	Add UOV (#2094 ) * update_docs_from_yaml.py: Do not rely on SPHINCS being last Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * allow pqov namespace Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * add uov implementations [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Typo [skip ci] Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> * add UOV to NIST_SIG_ONRAMP Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Co-authored-by: Thing-han, Lim <15379156+potsrevennil@users.noreply.github.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-10 10:33:27 -04:00
Matthias J. Kannwischer	726400dfe6	Update mlkem-native to v1.0.0-beta (#2092 ) * remove pqcrystals ml-kem patch that is no longer needed Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Update mlkem-native to v1.0.0-beta [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-03-07 13:43:02 -05:00
Basil Hess	fa5f792906	Update MAYO to NIST round 2 (#2095 ) * Update MAYO to NIST round 2 [full tests] [extended tests] [trigger downstream] Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * Update mayo yml with neon Signed-off-by: Basil Hess <bhe@zurich.ibm.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-07 18:31:41 +01:00
Richard Levitte	f5a044874d	Ensure that building against liboqs build directory works (#2086 ) liboqsTargets.cmake is supposed to be adjacent liboqsConfig.cmake for the latter to be functional. This change ensure that this condition is met in the build directory, allowing other CMake projects to build against a liboqs build directory (as should be possible, implied by the use of 'export()'). Signed-off-by: Richard Levitte <richard@levitte.org>	2025-02-24 17:00:42 -05:00
Marco Gianvecchio	77917043c4	Update CROSS to version 2.0 (#2078 ) * Update CROSS to version 2.0 Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * implementations-switch-on-runtime-cpu-features: false in CROSS [skip ci] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update KAT "all" for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update cross.md [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct call stack in the suppression file for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-02-20 07:51:12 +01:00
Basil Hess	a554b36dd3	Import ML-KEM from mlkem-native/PQ code package (#2041 ) * Integrate ML-KEM from mlkem-native [full tests] [extended tests] --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-02-04 16:26:27 +01:00
Pablo Gutiérrez	47612ee6d8	Update sig_stfl Doxygen documentation (#2059 ) * Bump jinja2 in /scripts/copy_from_upstream in the pip group (#2036) Bumps the pip group in /scripts/copy_from_upstream with 1 update: [jinja2](https://github.com/pallets/jinja). Updates `jinja2` from 3.1.4 to 3.1.5 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added sig_stfl.h path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added sig_stfl path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Update to public Ubuntu 24.04 ARM runner [full tests] (#2050) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added Doxygen comments of algorithm identifiers until XMSSMT Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * commit Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added all algorithm identifiers Doxyfile comments for sig_stfl Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added additional Doxygen comments to sig_stfl.h Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed formatting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed return types errors Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * included sig_stfl API Doxygen documentation [full tests] Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daiki Ueno <dueno@redhat.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Steven I Reeves <sreeves@nvidia.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-02-03 12:46:29 -05:00
Steven I Reeves	6a16ac68b5	NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044 ) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-01-27 18:17:05 -05:00
Daiki Ueno	64bceb37fa	Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043 ) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com>	2025-01-15 15:55:51 -05:00
Spencer Wilson	af78b87869	Update PQClean commit and delete patch for HQC (#2026 ) * Update script info Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-12-22 00:34:13 -05:00
zhaixiaojuan	ee0da46c9e	Add loongarch64 support (#2010 ) Signed-off-by: zhaixiaojuan <zhaixiaojuan@loongson.cn>	2024-12-09 20:46:44 -05:00
Douglas Stebila	d0d0413dc9	Create liboqs 0.12.0 release candidate 1 (#2006 ) * Update version numbers for 0.12.0-rc1 Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update list of supported versions Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update release notes for 0.12.0-rc1 Fixes #1990 and #2004. Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo and workding [skip ci] Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> * Revise wording on API removal Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update release date for rc1 [skip ci] Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-29 11:50:15 -05:00
Douglas Stebila	3224d553ef	Add defines for OQS version components (#2000 ) * Add defines for OQS version components Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Set OQS_VERSION_TEXT based on new OQS_VERSION_* macros Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Make OQS_VERSION_PRE_RELEASE optionally defined Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Add documentation about OQS_VERSION macros Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Clarify wording about definition of OQS_VERSION_PRE_RELEASE Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 08:11:56 -05:00
Basil Hess	d9c214cc64	Add ML-DSA / FIPS 204 final (#1919 ) * Pull ML-DSA from pq-crystals upstream. * Removes ML-DSA-ipd * Adds support for context strings to OQS SIG API. * Adding _with_ctx_str APIs, templating * Adds ACVP tests for ML-DSA * export symbols for acvp tests (dynamic linking) * remove IPD intermediate values * adds flag for ctx support * Update constant-time passes after line nubmer and function name changes * Update KATs * API with checks for signatures without ctx support * Additional test for signatures with ctx * Change alg_version to FIPS204 * Update ML-DSA security claim to SUF-CMA, according to FIPS204 * Update src/sig/sig.h * Fix test_alg_info --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 13:45:10 +01:00
Spencer Wilson	25206cdcb8	Set ML-KEM alg_version to "FIPS203" (#1997 ) * Update patch to include version number change Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Generate patch with git diff Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 04:24:48 -05:00
Norman Ashley	fbaf871a4a	Fix LMS crash (#1998 ) * Fix LMS crash Signed-off-by: Norman Ashley <nashley@cisco.com> * Fixed compile issue on Mac Signed-off-by: Norman Ashley <nashley@cisco.com> --------- Signed-off-by: Norman Ashley <nashley@cisco.com>	2024-11-24 03:13:48 -05:00
Spencer Wilson	cce1bfde4e	Run copy_from_upstream.py Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-21 05:50:03 -08:00
Daiki Ueno	2ee908df24	Avoid OpenSSL functions being called unconditionally at OQS_destroy (#1982 ) When OQS_DLOPEN_OPENSSL is designated and low-level primitives are overridden with OQS__set_callbacks, OQS_destroy still indirectly calls EVP__free from OpenSSL. This adds a extra NULL check to avoid that. Signed-off-by: Daiki Ueno <dueno@redhat.com>	2024-11-12 11:11:15 -05:00
Marco Gianvecchio	1dfb70bca8	imported fix from CROSS upstream: endianness-aware csprng (#1983 ) * Revert "Disable erroring TravisCI build" This reverts commit b59d78c0f02455da91ce8a34fa742c2b063ccddd. Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * disable cross on s390x Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * remove status badge Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * imported fix from CROSS upstream: endianness-aware csprng Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * reenable cross on s390x Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * fix more endianness issues, add file creation to copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * revert: add file creation to copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Co-authored-by: Basil Hess <bhe@zurich.ibm.com>	2024-11-11 13:14:40 -05:00
Spencer Wilson	f7f6af0895	Remove SPHINCS+ aarch64 code (#1972 ) * Add a --delete option to copy_from_upstream to remove unwanted implementation subdirectories. * Enable the --delete option in CI to detect files included by mistake * Switch to git status --porcelain in CI for script stability * Remove unused SPHINCS+ aarch64 implementation using the --delete option Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-04 16:55:30 -05:00
Norman Ashley	3c8bde1b08	Add new API to cleanup OpenSSL threads. (#1959 ) * Add new API to clean up OpenSSL threads. Signed-off-by: Norman Ashley <nashley@cisco.com> * Updates per review comments. Signed-off-by: Norman Ashley <nashley@cisco.com> * Update format Signed-off-by: Norman Ashley <nashley@cisco.com> * Apply suggestions from code review Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Norman Ashley <nashley@cisco.com> --------- Signed-off-by: Norman Ashley <nashley@cisco.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-10-30 12:20:05 -04:00

1 2 3 4 5 ...

760 Commits