Xmss test lms

[ashman-p]

Initial commit of Cisco's open source LMS.
This is the initial commit. The following commits should have more weighty code additions.

Fixes open-quantum-safe#1098.

• [N ] Does this PR change the input/output behaviour of a cryptographic algorithm (i.e., does it change known answer test values)? (If so, a version bump will be required from x.y.z to x.(y+1).0.)
• [ Y ] Does this PR change the the list of algorithms available -- either adding, removing, or renaming? Does this PR otherwise change an API? (If so, PRs in oqs-provider, OQS-OpenSSL, OQS-BoringSSL, and OQS-OpenSSH will also need to be ready for review and merge by the time this is merged.)

[baentsch]

Is it intentional/necessary to add cmake generated files into git?

[ashman-p]

Nope. A miss. Will remove.

[baentsch]

Thanks for taking this on, @ashman-p !

Generally, LGTM. The location of code also makes sense to me: Not integrated into sig as it is no "straight" (NIST) PQ sig alg. Agreed, @dstebila?

What would be good to have right from the start is some CI test: It aids (at least me) understanding how everything fits together (builds/tests). For starters, just one platform/CI system, e.g., Linux.

[baentsch]

Hardcoded compiler/assembler paths. Doesn't look right.

[ashman-p]

Agreed but, this makefile will not be used in liboqs. This is as-is, untouched from the LMS repo.
I guess the preferece is to only commit files that will be used? I can also remove the test files and migrate them later to oqs test directories.

[baentsch]

I guess the preferece is to only commit files that will be used?

Most definitely -- there shouldn't be anything in OQS that is useless.

[baentsch]

What server is this? Will we (eventually) (want to) be able to use it for testing?

[ashman-p]

This is the NIST ACVP test server. NIST is in the process of adding LMS test vectors. An ACVP test harness would be required to handle this type of testing, which Cisco has an open source version. It would have to be integrated for OQS.
This service is more targeted if FIPS algorithm testing is of interest.

[baentsch]

Test vector testing (known answer tests - KATs) should be part of CI testing as it already is for all other algorithms. If this can be done independently of a server, perfect. Can you add a pointer to this server(s documentation) such as to understand what its benefits would be?

[baentsch]

Suppose comment should read "...for available stateful signature schemes..."? Or should this code fit identically into the current liboqs sig APIs?

[ashman-p]

Will fix these comments.

[ashman-p]

Thanks Michael,
The current stateful tests test_sig_mem, test_sig_stfl_mem and dump_alg_info are the intended basic tests for me.
They currently run list the algorithms, and fails cleanly for key gen. More to come in subsequent commits.
I plan to close this PR, update per the given comments and reopen the PR on the main fork since i now have write access there (Thanks Douglas).

[baentsch]

since i now have write access there

see my comments there. There's no objection at least from my side to anyone doing development in a "silent" (non-PRd) branch of OQS (which the write access permits you to do now).

A PR IMO should only be opened if the work is basically complete to avoid "information overload" to the team subscribed to the project: Would you want to be informed about every development commit of a team member well prior to work completion?