liboqs

mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-05 00:05:12 -04:00

Author	SHA1	Message	Date
Spencer Wilson	3ca1a36909	Add DeriveKeyPair API (#2070 ) * Initial derive keypair commit Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add pqcrystals-ml_kem_ipd.patch Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix encaps key in scheme and revert whitespace changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Hopefully corrected patch file Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Corrected missing derand in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Fix indentation Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> derand testing tentative changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add missing function declarations Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Add template for avx2 derand functions Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> WIP: Add changes for coin length Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Update patch to include coin lengths Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Bootstrap Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Conditional copy Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Separate coins variable into two distinct variables Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com> Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Add derand fixes - Add support for BIKE, FrodoKEM, sntrup - Add hooks for testing - Add missing kem comment to documentation - Don't run decaps() in test_kem_derand if encaps_derand() fails - Add markdown documentation changes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> WIP trying to fix build errors Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix remaining build issues Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused parameter issues for BIKE Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Resolve unused paramter issues for FrodoKEM Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitespace inconsistency Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix whitepace issue Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Insert unused attributes Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Void all unused parameters Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Use tab instead of spaces in kem_scheme Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Run copy_from_upstream Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Fix kem_derand python tests Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Initialize coins in test_kem_derand Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update patch to work with mlkem-native Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update docs generation and templating Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Don't call randombytes on zero-length arrays Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run format script Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Remove encaps_derand support Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Skip encaps/decaps in test_kem_derand Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refactor test code Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * s/coins/seed/g Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve output Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Improve formatting [full tests] [extended tests] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Eddy Kim <Eddy.M.Kim@outlook.com>	2025-03-18 14:40:07 -04:00
Basil Hess	940d2d0bb8	chore: update MAYO version in datasheet (#2103 ) Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-18 11:10:20 -04:00
Marco Gianvecchio	8ee6039c74	Add bitflip test for trivial SUF-CMA forgeries (#2090 ) * add bitflip test to test_sig.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * format code Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * - add sig->suf_cma - add command-line argument to test_sig.c (the number of bitflips) - update CROSS upstream to SUF-CMA Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * %d to %ld for size_t bitflips Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast argument bitflips to size_t Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * replace atoi() with strtol() Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * cast bit_index to %llu Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update bitflip tests: - revert CROSS to EUF-CMA - add test_bitflip_message - exclude stateful signatures for now Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * remove bitflips_as_str in printf Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * test_bitflip as a single function, add support for stateful signatures Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * add OQS_TEST_CT_DECLASSIFY after test_bitflip_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * more OQS_TEST_CT_DECLASSIFY [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * patch dilithium to add suf-cma Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * SUF-CMA in dilithium docs, run copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct sizeof in OQS_randombytes call (thank you @SWilson4!) Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * factor bitflip testing functions out into test_helpers.c Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_kem_mem Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * --allow-multiple-definition for Windows .dll in test_sig and test_sig_stfl Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-03-14 11:53:05 -04:00
Matthias J. Kannwischer	8ed50816c1	Add UOV (#2094 ) * update_docs_from_yaml.py: Do not rely on SPHINCS being last Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * allow pqov namespace Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * add uov implementations [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Typo [skip ci] Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> * add UOV to NIST_SIG_ONRAMP Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Co-authored-by: Thing-han, Lim <15379156+potsrevennil@users.noreply.github.com> Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-10 10:33:27 -04:00
Spencer Wilson	bf515a3609	Bump version to 0.13.0-dev [skip ci] (#2099 ) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-03-07 17:41:17 -05:00
Spencer Wilson	526506f67a	Add references to security response process (#2077 ) * Add link to security response process [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add security support info to PLATFORMS.md [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add SECURITY.md to Doxyfile Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Fix links for Doxygen Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-03-07 17:40:57 -05:00
Matthias J. Kannwischer	726400dfe6	Update mlkem-native to v1.0.0-beta (#2092 ) * remove pqcrystals ml-kem patch that is no longer needed Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> * Update mlkem-native to v1.0.0-beta [full tests] [extended tests] Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu> --------- Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-03-07 13:43:02 -05:00
Basil Hess	fa5f792906	Update MAYO to NIST round 2 (#2095 ) * Update MAYO to NIST round 2 [full tests] [extended tests] [trigger downstream] Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * Update mayo yml with neon Signed-off-by: Basil Hess <bhe@zurich.ibm.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-03-07 18:31:41 +01:00
Aiden Fox Ivey	d4eb7a6d61	Add Nix flake, instructions, and Nix CI (#1970 ) Signed-off-by: Aiden Fox Ivey <aiden@aidenfoxivey.com>	2025-03-05 14:41:38 -05:00
Matthias J. Kannwischer	5450d7c2ee	Update actions/cache to v4.2.2 [full tests] (#2093 ) Github recently turned off their old caching APIs: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down liboqs' CI started failing with the following error message for me: This request has been automatically failed because it uses a deprecated version of `actions/cache: e12d46a63a90f2fae62d114769bbf2a179198b5c`. Please update your workflow to use v3/v4 of actions/cache to avoid interruptions. This commit updates to the newer version of actions/cache that is using the new Github APIs. Note that Github's blog post is misleading. A lot more versions than v1/v2 are being disabled including v3.3.3 that is used in liboqs - see https://github.com/actions/cache/discussions/1510 Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>	2025-03-03 07:46:41 -05:00
Abhinav Saxena	38725ba063	Add checks for ML-KEM keys (#2009 ) * add checks for ML-KEM keys * add mod(3329) using barrett reduction Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2025-02-26 10:31:13 +01:00
Pablo Gutiérrez	c2a6559c22	Added alg_version details to test output (#2080 ) * Added alg_version details as test output Signed-off-by: Pablo Gutiérrez <pablogf@uma.es>	2025-02-25 17:21:11 +01:00
Richard Levitte	f5a044874d	Ensure that building against liboqs build directory works (#2086 ) liboqsTargets.cmake is supposed to be adjacent liboqsConfig.cmake for the latter to be functional. This change ensure that this condition is met in the build directory, allowing other CMake projects to build against a liboqs build directory (as should be possible, implied by the use of 'export()'). Signed-off-by: Richard Levitte <richard@levitte.org>	2025-02-24 17:00:42 -05:00
Michael Baentsch	ef47d9af27	improving CONTRIBUTING.md for maintainability [skip ci] (#2081 ) Signed-off-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>	2025-02-21 18:18:07 +01:00
Marco Gianvecchio	77917043c4	Update CROSS to version 2.0 (#2078 ) * Update CROSS to version 2.0 Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * implementations-switch-on-runtime-cpu-features: false in CROSS [skip ci] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update KAT "all" for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * update cross.md [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * correct call stack in the suppression file for CROSS [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com>	2025-02-20 07:51:12 +01:00
Douglas Stebila	063ed784e0	Add threat model (#2033 ) * Add threat model Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update language around constant-time goals Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update SECURITY.md Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-19 16:41:04 -05:00
Pravek Sharma	5afca64205	Disable cupqc-buildcheck (#2075 ) Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>	2025-02-10 16:48:01 -05:00
Spencer Wilson	0a23450d06	GitHub runner updates (#2069 ) * Add macos-15 runner; update gcc version [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Don't run libjade on macos-15; remove gcc 13 patch Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add windows-2025 runner [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Refactor matrix [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update actionlint config Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update PLATFORMS.md [skip ci] Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Specify gcc-14 Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-10 09:18:26 -05:00
Spencer Wilson	b80240c348	Update example files (#2071 ) * Update example files to use ML-KEM and ML-DSA Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Call example_sig_stfl in test_cmdline.py Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-02-07 15:22:07 -05:00
Basil Hess	a554b36dd3	Import ML-KEM from mlkem-native/PQ code package (#2041 ) * Integrate ML-KEM from mlkem-native [full tests] [extended tests] --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-02-04 16:26:27 +01:00
Pablo Gutiérrez	47612ee6d8	Update sig_stfl Doxygen documentation (#2059 ) * Bump jinja2 in /scripts/copy_from_upstream in the pip group (#2036) Bumps the pip group in /scripts/copy_from_upstream with 1 update: [jinja2](https://github.com/pallets/jinja). Updates `jinja2` from 3.1.4 to 3.1.5 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added sig_stfl.h path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added sig_stfl path to .Doxyfile INPUT setting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Update to public Ubuntu 24.04 ARM runner [full tests] (#2050) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * Added Doxygen comments of algorithm identifiers until XMSSMT Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * commit Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added all algorithm identifiers Doxyfile comments for sig_stfl Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * added additional Doxygen comments to sig_stfl.h Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed formatting Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * fixed return types errors Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> * included sig_stfl API Doxygen documentation [full tests] Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Pablo Gutiérrez <pablogf@MSI.> Signed-off-by: Pablo Gutiérrez <pablogf@uma.es> Signed-off-by: Daiki Ueno <dueno@redhat.com> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daiki Ueno <dueno@redhat.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Co-authored-by: Steven I Reeves <sreeves@nvidia.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-02-03 12:46:29 -05:00
Basil Hess	7eb9af7aba	Build with latest zephyr container failing, pinning 0.27.4 [full tests] (#2063 ) Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2025-02-03 12:45:49 -05:00
Daiki Ueno	f877812314	Check unresolved symbols when compiled with OQS_DLOPEN_OPENSSL (#2058 ) As a follow-up of commit 64bceb37fafa9b90cf228965079de9ebd77a83b9, this checks that the library artifacts don't contain any unresolved symbols from libcrypto.so when it is dynamically loaded. Signed-off-by: Daiki Ueno <dueno@redhat.com>	2025-01-29 14:15:00 -05:00
Abhinav Saxena	4b34efeaec	Update ACVP vectors for KEM and DSA (#2051 ) * add latest ACVP vector tests Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * minor script improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix build issues Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix build issues Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * minor improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * test file improvements Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> --------- Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2025-01-29 14:11:47 -05:00
Steven I Reeves	6a16ac68b5	NVIDIA: Adding cuPQC as a backend for ML-KEM. (#2044 ) * Adding cuPQC as a backend for ML-KEM. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Fixing transposition error that left out OQS_USE_CUPQC in CMake system. Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Add CMake dependent options for cupqc. Fixed formatting in kem_ml_kem_####.c and kem/family/kem_scheme.c Signed-off-by: Steven Reeves <sreeves@nvidia.com> * Move cupqc_ml-kem source files to correctly named dir Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Stop piggybacking on pqcrystals-kyber-standard and move cupqc_ml-kem metadata to separate upstream repo Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update licensing information Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Update PLATFORMS.md Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix kem_family cmakelists template Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Run copy_from_upsream.py and pull updated upstream Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Add cupqc build test to basic.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Move cupqc build test from basic.yml to linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * fixup! Fix error in linux.yml Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Redo cupqc build check Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Supply default CUDA arch to cupqc-buildcheck configuration stage Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Specify CUDAXX in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> * Make cuPQC_DIR explicit in cupqc-buildcheck Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> --------- Signed-off-by: Steven Reeves <sreeves@nvidia.com> Signed-off-by: Pravek Sharma <sharmapravek@gmail.com> Co-authored-by: Pravek Sharma <sharmapravek@gmail.com>	2025-01-27 18:17:05 -05:00
Spencer Wilson	99affa6935	Update to public Ubuntu 24.04 ARM runner [full tests] (#2050 ) Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2025-01-26 13:10:19 -05:00
Daiki Ueno	64bceb37fa	Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL (#2043 ) * Do not assume OpenSSL memory functions when libcrypto is dlopened Otherwise, when the OQS_DLOPEN_OPENSSL is defined but OpenSSL is used only partially, e.g., with OQS_USE_SHA3_OPENSSL=ON, there will be some unresolved symbols in the final artifact: ``` $ cmake -GNinja -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_AES_INSTRUCTIONS=OFF -DOQS_DIST_BUILD=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_DLOPEN_OPENSSL=ON -DCMAKE_BUILD_TYPE=Debug -LAH .. $ ninja $ nm -g lib/liboqs.so.0.12.1-dev \| grep '^[[:space:]]U ' U __assert_fail@GLIBC_2.2.5 U CRYPTO_free U CRYPTO_malloc U dlopen@GLIBC_2.34 U dlsym@GLIBC_2.34 ``` Signed-off-by: Daiki Ueno <dueno@redhat.com> Wrap OpenSSL memory functions with OSSL_FUNC This enables those OpenSSL memory functions can be either resolved at build time or at run-time through dlopen. Note that we use CRYPTO_* functions instead of OPENSSL_* as the latter are defined as a macro and cannot be dynamically resolved. Signed-off-by: Daiki Ueno <dueno@redhat.com> --------- Signed-off-by: Daiki Ueno <dueno@redhat.com>	2025-01-15 15:55:51 -05:00
dependabot[bot]	cc61cb046d	Bump jinja2 in /scripts/copy_from_upstream in the pip group (#2036 ) Bumps the pip group in /scripts/copy_from_upstream with 1 update: [jinja2](https://github.com/pallets/jinja). Updates `jinja2` from 3.1.4 to 3.1.5 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-08 21:28:46 -05:00
Spencer Wilson	af78b87869	Update PQClean commit and delete patch for HQC (#2026 ) * Update script info Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-12-22 00:34:13 -05:00
Nigel Jones	d35017e3e9	#1830 update scorecard to v5 (gh action 2.4.0) (#1890 ) * #1830 update scorecard to v5 (gh action 2.4.0) Signed-off-by: Nigel Jones <jonesn@uk.ibm.com> * Pin action version in unix.yml Signed-off-by: Nigel Jones <jonesn@uk.ibm.com> * Schedule only, no PR. Minor updates to scorecard Signed-off-by: Nigel Jones <jonesn@uk.ibm.com> --------- Signed-off-by: Nigel Jones <jonesn@uk.ibm.com>	2024-12-21 17:49:23 +01:00
Spencer Wilson	416778ecc2	Trigger liboqs-java and liboqs-rust downstream CI (#2021 ) * Trigger liboqs-java CI on commits to main Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Trigger liboqs-rust CI on commits to main Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-12-17 13:17:54 -05:00
Iyán	51708b699e	Remove hardcoded build paths & modify basic workflow to build in random path (#2019 ) * Remove hardcoded build paths This fixes #2018 using `helpers.get_current_build_dir_name()` Signed-off-by: Iyán Méndez Veiga <me@iyanmv.com> * Use a random build path in the basic build test Signed-off-by: Iyán Méndez Veiga <me@iyanmv.com> --------- Signed-off-by: Iyán Méndez Veiga <me@iyanmv.com>	2024-12-13 17:08:35 -05:00
Douglas Stebila	dd1706bc9b	Update upload-artifact action to v4 (#2017 ) Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>	2024-12-11 07:11:21 +01:00
Abhinav Saxena	bbf1dbec29	Minor changes to ML_DSA ACVP tests (#2007 ) * minor improvements to dsa acvp tests Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * check method for NULL before dereferencing Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * change ctxlen to 256 Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> --------- Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2024-12-09 20:49:38 -05:00
zhaixiaojuan	ee0da46c9e	Add loongarch64 support (#2010 ) Signed-off-by: zhaixiaojuan <zhaixiaojuan@loongson.cn>	2024-12-09 20:46:44 -05:00
Douglas Stebila	6f17ad7c35	Bump version to 0.12.1-dev (#2015 ) Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>	2024-12-09 20:46:07 -05:00
Douglas Stebila	f4b96220e4	0.12.0 release (#2011 ) * Release notes for 0.12.0 release Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update changelog [skip ci] Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Wording in release notes [skip ci] Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> 0.12.0	2024-12-09 20:27:54 -05:00
Douglas Stebila	d0d0413dc9	Create liboqs 0.12.0 release candidate 1 (#2006 ) * Update version numbers for 0.12.0-rc1 Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update list of supported versions Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update release notes for 0.12.0-rc1 Fixes #1990 and #2004. Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Fix typo and workding [skip ci] Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> * Revise wording on API removal Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Update release date for rc1 [skip ci] Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> 0.12.0-rc1	2024-11-29 11:50:15 -05:00
Douglas Stebila	3224d553ef	Add defines for OQS version components (#2000 ) * Add defines for OQS version components Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Set OQS_VERSION_TEXT based on new OQS_VERSION_* macros Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Make OQS_VERSION_PRE_RELEASE optionally defined Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Add documentation about OQS_VERSION macros Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> * Clarify wording about definition of OQS_VERSION_PRE_RELEASE Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca> Signed-off-by: Douglas Stebila <dstebila@users.noreply.github.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 08:11:56 -05:00
Basil Hess	d9c214cc64	Add ML-DSA / FIPS 204 final (#1919 ) * Pull ML-DSA from pq-crystals upstream. * Removes ML-DSA-ipd * Adds support for context strings to OQS SIG API. * Adding _with_ctx_str APIs, templating * Adds ACVP tests for ML-DSA * export symbols for acvp tests (dynamic linking) * remove IPD intermediate values * adds flag for ctx support * Update constant-time passes after line nubmer and function name changes * Update KATs * API with checks for signatures without ctx support * Additional test for signatures with ctx * Change alg_version to FIPS204 * Update ML-DSA security claim to SUF-CMA, according to FIPS204 * Update src/sig/sig.h * Fix test_alg_info --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 13:45:10 +01:00
Spencer Wilson	25206cdcb8	Set ML-KEM alg_version to "FIPS203" (#1997 ) * Update patch to include version number change Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Run copy_from_upstream Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Generate patch with git diff Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-26 04:24:48 -05:00
Norman Ashley	fbaf871a4a	Fix LMS crash (#1998 ) * Fix LMS crash Signed-off-by: Norman Ashley <nashley@cisco.com> * Fixed compile issue on Mac Signed-off-by: Norman Ashley <nashley@cisco.com> --------- Signed-off-by: Norman Ashley <nashley@cisco.com>	2024-11-24 03:13:48 -05:00
Spencer Wilson	cce1bfde4e	Run copy_from_upstream.py Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-21 05:50:03 -08:00
Spencer Wilson	95f904bcaa	Add patch to fix HQC decapsulation Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-21 05:50:03 -08:00
Abhinav Saxena	507d03009c	Test Improvements for ML-KEM (#1947 ) * test improvements for ML-KEM Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * update length type from int to size_t Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix windows dll + compilation issues Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix windows tests for ACVP vectors Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * fix build failure in vector_kem Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * remove const qualifier from prng_op_stream Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * add macros instead of hardcoding & declasify values before use Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * add ML-KEM rejection tests in seperate function Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * add ciphertext corruption test for kem rejection Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> * add conditional compilation for ML-KEM tests Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com> --------- Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>	2024-11-13 13:30:57 +01:00
Daiki Ueno	2ee908df24	Avoid OpenSSL functions being called unconditionally at OQS_destroy (#1982 ) When OQS_DLOPEN_OPENSSL is designated and low-level primitives are overridden with OQS__set_callbacks, OQS_destroy still indirectly calls EVP__free from OpenSSL. This adds a extra NULL check to avoid that. Signed-off-by: Daiki Ueno <dueno@redhat.com>	2024-11-12 11:11:15 -05:00
Spencer Wilson	77aa1455e5	Update PLATFORMS.md / re-enable CROSS on s390x (#1988 ) * Complete the revival of Travis and CROSS Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Add Travis badge to README Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> --------- Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>	2024-11-12 08:10:27 +01:00
ChinoUkaegbu	8c5e88197b	Add CI badges to README.md (#1987 ) Signed-off-by: ChinoUkaegbu <77782533+ChinoUkaegbu@users.noreply.github.com>	2024-11-11 15:32:13 -05:00
Marco Gianvecchio	1dfb70bca8	imported fix from CROSS upstream: endianness-aware csprng (#1983 ) * Revert "Disable erroring TravisCI build" This reverts commit b59d78c0f02455da91ce8a34fa742c2b063ccddd. Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * disable cross on s390x Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * remove status badge Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * imported fix from CROSS upstream: endianness-aware csprng Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * reenable cross on s390x Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * fix more endianness issues, add file creation to copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> * revert: add file creation to copy_from_upstream.py Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com> Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Co-authored-by: Basil Hess <bhe@zurich.ibm.com>	2024-11-11 13:14:40 -05:00
Basil Hess	e26d36ead9	Revert "Disable erroring TravisCI build" (#1960 ) * Revert "Disable erroring TravisCI build" This reverts commit b59d78c0f02455da91ce8a34fa742c2b063ccddd. Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * disable cross on s390x Signed-off-by: Basil Hess <bhe@zurich.ibm.com> * remove status badge Signed-off-by: Basil Hess <bhe@zurich.ibm.com> --------- Signed-off-by: Basil Hess <bhe@zurich.ibm.com>	2024-11-11 08:09:42 +01:00

1 2 3 4 5 ...

1620 Commits