Merge branch 'open-quantum-safe:main' into kemkeyschk

open-quantum-safe · Jan 21, 2025 · e2b09a5 · e2b09a5
2 parents 83e5d42 + 64bceb3
commit e2b09a5
Show file tree

Hide file tree

Showing 107 changed files with 598 additions and 231 deletions.
diff --git a/.github/workflows/basic.yml b/.github/workflows/basic.yml
@@ -67,25 +67,27 @@ jobs:
       KEM_NAME: ml_kem_768
       SIG_NAME: ml_dsa_65
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
             -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_MINIMAL_BUILD="KEM_$KEM_NAME;SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build code
         run: ninja
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
       - name: Build documentation
         run: ninja gen_docs
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
   cppcheck:
     name: Check C++ linking with example program
@@ -94,28 +96,30 @@ jobs:
     env:
       SIG_NAME: dilithium_2
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
             -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_MINIMAL_BUILD="SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build liboqs
         run: ninja
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
       - name: Link with C++ program
         run: |
-          g++ ../cpp/sig_linking_test.cpp -g \
+          g++ "$GITHUB_WORKSPACE"/cpp/sig_linking_test.cpp -g \
           -I./include -L./lib -loqs -lcrypto -std=c++11 -o example_sig && \
           ./example_sig
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
   fuzzbuildcheck:
     name: Check that code passes a basic fuzzing build
@@ -129,23 +133,26 @@ jobs:
       CFLAGS: -fsanitize=fuzzer-no-link,address
       LDFLAGS: -fsanitize=address
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
+            -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_BUILD_FUZZ_TESTS=ON \
             -DOQS_MINIMAL_BUILD="SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build code
         run: ninja fuzz_test_sig
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
       - name: Short fuzz check (30s)
         run: ./tests/fuzz_test_sig -max_total_time=30
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
diff --git a/.github/workflows/downstream-basic.yml b/.github/workflows/downstream-basic.yml
@@ -81,3 +81,27 @@ jobs:
                --data '{"event_type":"liboqs-upstream-trigger"}' \
                https://api.github.com/repos/open-quantum-safe/liboqs-python/dispatches | tee curl_out \
           && grep -q "204" curl_out
+      - name: Trigger liboqs-java CI
+        if: ${{ !cancelled() }} # run all steps independent of failures
+        run: |
+          curl --silent \
+               --write-out "\n%{response_code}\n" \
+               --request POST \
+               --header "Accept: application/vnd.github+json" \
+               --header "Authorization: Bearer ${{ secrets.OQSBOT_GITHUB_ACTIONS }}" \
+               --header "X-GitHub-Api-Version: 2022-11-28" \
+               --data '{"event_type":"liboqs-upstream-trigger"}' \
+               https://api.github.com/repos/open-quantum-safe/liboqs-java/dispatches | tee curl_out \
+          && grep -q "204" curl_out
+      - name: Trigger liboqs-rust CI
+        if: ${{ !cancelled() }} # run all steps independent of failures
+        run: |
+          curl --silent \
+               --write-out "\n%{response_code}\n" \
+               --request POST \
+               --header "Accept: application/vnd.github+json" \
+               --header "Authorization: Bearer ${{ secrets.OQSBOT_GITHUB_ACTIONS }}" \
+               --header "X-GitHub-Api-Version: 2022-11-28" \
+               --data '{"event_type":"liboqs-upstream-trigger"}' \
+               https://api.github.com/repos/open-quantum-safe/liboqs-rust/dispatches | tee curl_out \
+          && grep -q "204" curl_out
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
@@ -132,7 +132,7 @@ jobs:
         working-directory: build
       - name: Retain .deb file
         if: matrix.name == 'jammy-std-openssl3'
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3
+        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # pin@v4
         with:
           name: liboqs-openssl3-shared-x64
           path: build/*.deb
@@ -259,7 +259,7 @@ jobs:
     container: openquantumsafe/ci-ubuntu-latest:latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: mkdir build && cd build && scan-build --status-bugs cmake -GNinja ..
       - name: Build

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -9,6 +9,7 @@ on:
   workflow_call:
   workflow_dispatch:
 
+
 jobs:
   analysis:
     name: Scorecard analysis
@@ -24,12 +25,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # pin@v2.3.1
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # pin@v2.4.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -46,18 +47,18 @@ jobs:
           # For private repositories:
           #   - `publish_results` will always be set to `false`, regardless
           #     of the value entered here.
-          publish_results: false
+          publish_results: true
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # pin@v4
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # pin@v4
         with:
           name: SARIF file
           path: results.sarif
-          retention-days: 5
+          retention-days: 28
       # Upload the results to GitHub's code scanning dashboard.
-      #- name: "Upload to code-scanning"
-      #  uses: github/codeql-action/upload-sarif@e949a1676c32f4c215780f7429eb9f00ff18b225 # pin@v2
-      #  with:
-      #    sarif_file: results.sarif
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # pin@v3
+        with:
+          sarif_file: results.sarif
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -42,8 +42,8 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 set(CMAKE_C_VISIBILITY_PRESET hidden)
 set(OQS_VERSION_MAJOR 0)
 set(OQS_VERSION_MINOR 12)
-set(OQS_VERSION_PATCH 0)
-set(OQS_VERSION_PRE_RELEASE "-rc1")
+set(OQS_VERSION_PATCH 1)
+set(OQS_VERSION_PRE_RELEASE "-dev")
 set(OQS_VERSION_TEXT "${OQS_VERSION_MAJOR}.${OQS_VERSION_MINOR}.${OQS_VERSION_PATCH}${OQS_VERSION_PRE_RELEASE}")
 set(OQS_COMPILE_BUILD_TARGET "${CMAKE_SYSTEM_PROCESSOR}-${CMAKE_HOST_SYSTEM}")
 set(OQS_MINIMAL_GCC_VERSION "7.1.0")
@@ -127,6 +127,12 @@ elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "s390x")
     endif()
 elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "riscv")
     set(ARCH "riscv")
+elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "loongarch64")
+    set(ARCH "loongarch64")
+    set(ARCH_LOONGARCH64 ON)
+    if(${OQS_DIST_BUILD})
+        set(OQS_DIST_LOONGARCH64_BUILD ON)
+    endif()
 elseif(OQS_PERMIT_UNSUPPORTED_ARCHITECTURE)
     message(WARNING "Unknown or unsupported processor: " ${CMAKE_SYSTEM_PROCESSOR})
     message(WARNING "Compilation on an unsupported processor should only be used for testing, as it may result an insecure configuration, for example due to variable-time instructions leaking secret information.")

diff --git a/PLATFORMS.md b/PLATFORMS.md
@@ -62,3 +62,4 @@ In this policy, the words "must" and "must not" specify absolute requirements th
 - x86 for Windows (Visual Studio Toolchain)
 - ppc641e for Ubuntu (Focal)
 - s390x for Ubuntu (Focal)
+- loongarch64 for Debian Linux (trixie)
diff --git a/RELEASE.md b/RELEASE.md
@@ -1,5 +1,5 @@
-liboqs version 0.12.0-rc1
-=========================
+liboqs version 0.12.0
+=====================
 
 About
 -----
@@ -27,7 +27,7 @@ liboqs can also be used in the following programming languages via language-spec
 Release notes
 =============
 
-This is release candidate 1 for version 0.12.0 of liboqs. It was released on November 29, 2024.
+This is version 0.12.0 of liboqs. It was released on December 9, 2024.
 
 This release updates the ML-DSA implementation to the [final FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
 
@@ -38,14 +38,19 @@ This will be the last release of liboqs to include Kyber (that is, the NIST Roun
 
 The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at https://github.com/open-quantum-safe/liboqs/issues/2001.
 
+Security issues
+===============
+
+- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
+
 What's New
 ----------
 
 This release continues from the 0.11.0 release of liboqs.
 
 ### Key encapsulation mechanisms
 
-- HQC: Fixed correctness bug in decapsulation. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
+- HQC: Fixed bug in decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
 - Kyber: This is the last release of liboqs to include Kyber.
 - ML-KEM: Improved testing of ML-KEM.
 
@@ -93,10 +98,13 @@ Detailed changelog
 * Update PLATFORMS.md / re-enable CROSS on s390x by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1988
 * Avoid OpenSSL functions are unconditionally called at OQS_destroy by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1982
 * Test Improvements for ML-KEM by @abhinav-thales in https://github.com/open-quantum-safe/liboqs/pull/1947
+* Add patch to fix HQC decapsulation in https://github.com/open-quantum-safe/liboqs/commit/95f904bcaafe4cb12cfdf029347ac3b7c795308a
+* Run copy_from_upstream.py in https://github.com/open-quantum-safe/liboqs/commit/cce1bfde4e52c524b087b9687020d283fbde0f24
 * Fix LMS crash by @ashman-p in https://github.com/open-quantum-safe/liboqs/pull/1998
 * Set ML-KEM alg_version to "FIPS203" by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1997
 * Add ML-DSA / FIPS 204 final by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1919
 * Add defines for OQS version components by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/2000
+* Create liboqs 0.12.0 release candidate 1 by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/2006
 
 ## New Contributors
 
@@ -108,4 +116,4 @@ Detailed changelog
 * @ChinoUkaegbu made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1987
 * @abhinav-thales made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1947
 
-**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.11.0...0.12.0-rc1
+**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.11.0...0.12.0
diff --git a/docs/algorithms/kem/classic_mceliece.md b/docs/algorithms/kem/classic_mceliece.md
@@ -6,7 +6,7 @@
 - **Authors' website**: https://classic.mceliece.org
 - **Specification version**: SUPERCOP-20221025.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
   - **Implementation license (SPDX-Identifier)**: Public domain
 - **Ancestors of primary source**:
   - SUPERCOP-20221025 "clean" and "avx2" implementations

diff --git a/docs/algorithms/kem/classic_mceliece.yml b/docs/algorithms/kem/classic_mceliece.yml
@@ -378,4 +378,4 @@ parameter-sets:
 auxiliary-submitters: []
 primary-upstream:
   spdx-license-identifier: Public domain
-  source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+  source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
diff --git a/docs/algorithms/kem/hqc.md b/docs/algorithms/kem/hqc.md
@@ -6,7 +6,7 @@
 - **Authors' website**: https://pqc-hqc.org/
 - **Specification version**: 2023-04-30.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789 with copy_from_upstream patches
+  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
   - **Implementation license (SPDX-Identifier)**: Public domain
 - **Ancestors of primary source**:
   - https://github.com/SWilson4/package-pqclean/tree/8db1b24b/hqc, which takes it from:

diff --git a/docs/algorithms/kem/hqc.yml b/docs/algorithms/kem/hqc.yml
@@ -76,5 +76,4 @@ parameter-sets:
     upstream: primary-upstream
 primary-upstream:
   spdx-license-identifier: Public domain
-  source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
-    with copy_from_upstream patches
+  source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
diff --git a/docs/algorithms/sig/falcon.md b/docs/algorithms/sig/falcon.md
@@ -7,9 +7,9 @@
 - **Authors' website**: https://falcon-sign.info
 - **Specification version**: 20211101.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
   - **Implementation license (SPDX-Identifier)**: MIT
-- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
   - **pqclean-aarch64**:<a name="pqclean-aarch64"></a>
       - **Source**: https://github.com/PQClean/PQClean/commit/7707d1bcc8ae7f9ffd296dd13b1d76d2767d14f8
       - **Implementation license (SPDX-Identifier)**: Apache-2.0

diff --git a/docs/algorithms/sig/falcon.yml b/docs/algorithms/sig/falcon.yml
@@ -18,7 +18,7 @@ website: https://falcon-sign.info
 nist-round: 3
 spec-version: 20211101
 primary-upstream:
-  source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+  source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
   spdx-license-identifier: MIT
   upstream-ancestors:
   - https://www.falcon-sign.info

diff --git a/docs/algorithms/sig/sphincs.md b/docs/algorithms/sig/sphincs.md
@@ -7,7 +7,7 @@
 - **Authors' website**: https://sphincs.org/
 - **Specification version**: NIST Round 3 submission, v3.1 (June 10, 2022).
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789 with copy_from_upstream patches
+  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181 with copy_from_upstream patches
   - **Implementation license (SPDX-Identifier)**: CC0-1.0
 
 

diff --git a/docs/algorithms/sig/sphincs.yml b/docs/algorithms/sig/sphincs.yml
@@ -26,7 +26,7 @@ nist-round: 3
 spec-version: NIST Round 3 submission, v3.1 (June 10, 2022)
 spdx-license-identifier: CC0-1.0
 primary-upstream:
-  source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
+  source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
     with copy_from_upstream patches
   spdx-license-identifier: CC0-1.0
   upstream-ancestors:

diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml
@@ -15,12 +15,12 @@ upstreams:
     name: pqclean
     git_url: https://github.com/PQClean/PQClean.git
     git_branch: master
-    git_commit: 8e221ae797b229858a0b0d784577a8cb149d5789
+    git_commit: 1eacfdafc15ddc5d5759d0b85b4cef26627df181
     kem_meta_path: 'crypto_kem/{pqclean_scheme}/META.yml'
     sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml'
     kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
     sig_scheme_path: 'crypto_sign/{pqclean_scheme}'
-    patches: [pqclean-sphincs.patch, pqclean-hqc-decaps.patch]
+    patches: [pqclean-sphincs.patch]
     ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64, pqclean_kyber512_aarch64, pqclean_kyber1024_aarch64, pqclean_kyber768_aarch64, pqclean_dilithium2_aarch64, pqclean_dilithium3_aarch64, pqclean_dilithium5_aarch64
   -
     name: pqcrystals-kyber