Run copy_from_upstream; don't apply Dilithium and Kyber changes

README.md

@@ -44,7 +44,7 @@ The list below indicates all algorithms supported by liboqs, but not all those a
 - **BIKE**: BIKE-L1, BIKE-L3, BIKE-L5
 - **Classic McEliece**: Classic-McEliece-348864†, Classic-McEliece-348864f†, Classic-McEliece-460896†, Classic-McEliece-460896f†, Classic-McEliece-6688128†, Classic-McEliece-6688128f†, Classic-McEliece-6960119†, Classic-McEliece-6960119f†, Classic-McEliece-8192128†, Classic-McEliece-8192128f†
 - **FrodoKEM**: FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE
-- **HQC**: HQC-128, HQC-192, HQC-256†
+- **HQC**: HQC-128, HQC-192, HQC-256
 - **Kyber**: Kyber512, Kyber768, Kyber1024
 - **NTRU-Prime**: sntrup761
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_KEXS_END -->

docs/algorithms/kem/classic_mceliece.yml

@@ -26,7 +26,9 @@ advisories:
   building with ``clang`` using optimization level ``-O2`` and ``-O3``. Care is advised
   when using the algorithm at higher optimization levels, and any other compiler and
   architecture.
-- Current implementation of the algorithm may not be constant-time. Additionally, environment specific constant-time leaks may not be documented; please report potential constant-time leaks when found. 
+- Current implementation of the algorithm may not be constant-time. Additionally,
+  environment specific constant-time leaks may not be documented; please report potential
+  constant-time leaks when found.
 parameter-sets:
 - name: Classic-McEliece-348864
   claimed-nist-level: 1
@@ -376,4 +378,4 @@ parameter-sets:
 auxiliary-submitters: []
 primary-upstream:
   spdx-license-identifier: Public domain
-  source: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852

docs/algorithms/kem/hqc.md

@@ -2,11 +2,11 @@
 
 - **Algorithm type**: Key encapsulation mechanism.
 - **Main cryptographic assumption**: Syndrome decoding of structure codes (Hamming Quasi-Cyclic).
-- **Principal submitters**: Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Olivier Blazy, Jurjen Bos, Jean-Christophe Deneuville, Philippe Gaborit, Edoardo Persichetti, Jean-Marc Robert, Pascal Véron, Gilles Zémor, Loïc Bidoux.
+- **Principal submitters**: Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Loïc Bidoux, Olivier Blazy, Jurjen Bos, Jean-Christophe Deneuville, Arnaud Dion, Philippe Gaborit, Jérôme Lacan, Edoardo Persichetti, Jean-Marc Robert, Pascal Véron, Gilles Zémor.
 - **Authors' website**: https://pqc-hqc.org/
 - **Specification version**: NIST Round 3 submission.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  - **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
   - **Implementation license (SPDX-Identifier)**: Public domain
 - **Ancestors of primary source**:
   - https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc, which takes it from:
@@ -20,16 +20,15 @@
 
 |  Parameter set  | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
 |:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|     HQC-128     | IND-CCA2         |                    1 |                      2249 |                      2289 |                      4481 |                           64 |
-|     HQC-192     | IND-CCA2         |                    3 |                      4522 |                      4562 |                      9026 |                           64 |
-|     HQC-256     | IND-CCA2         |                    5 |                      7245 |                      7285 |                     14469 |                           64 |
+|     HQC-128     | IND-CCA2         |                    1 |                      2249 |                      2305 |                      4433 |                           64 |
+|     HQC-192     | IND-CCA2         |                    3 |                      4522 |                      4586 |                      8978 |                           64 |
+|     HQC-256     | IND-CCA2         |                    5 |                      7245 |                      7317 |                     14421 |                           64 |
 
 ## HQC-128 implementation characteristics
 
 |       Implementation source       | Identifier in upstream   | Supported architecture(s)   | Supported operating system(s)   | CPU extension(s) used   | No branching-on-secrets claimed?   | No branching-on-secrets checked by valgrind?   | Large stack usage?‡   |
 |:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
 | [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | True                               | True                                           | False                 |
-| [Primary Source](#primary-source) | avx2                     | x86\_64                     | Linux,Darwin                    | AVX2,BMI1,PCLMULQDQ     | False                              | True                                           | False                 |
 
 Are implementations chosen based on runtime CPU feature detection? **Yes**.
 
@@ -40,7 +39,6 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
 |       Implementation source       | Identifier in upstream   | Supported architecture(s)   | Supported operating system(s)   | CPU extension(s) used   | No branching-on-secrets claimed?   | No branching-on-secrets checked by valgrind?   | Large stack usage?   |
 |:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
 | [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | True                               | True                                           | False                |
-| [Primary Source](#primary-source) | avx2                     | x86\_64                     | Linux,Darwin                    | AVX2,BMI1,PCLMULQDQ     | False                              | True                                           | False                |
 
 Are implementations chosen based on runtime CPU feature detection? **Yes**.
 
@@ -49,7 +47,6 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
 |       Implementation source       | Identifier in upstream   | Supported architecture(s)   | Supported operating system(s)   | CPU extension(s) used   | No branching-on-secrets claimed?   | No branching-on-secrets checked by valgrind?   | Large stack usage?   |
 |:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
 | [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | True                               | True                                           | False                |
-| [Primary Source](#primary-source) | avx2                     | x86\_64                     | Linux,Darwin                    | AVX2,BMI1,PCLMULQDQ     | False                              | True                                           | True                 |
 
 Are implementations chosen based on runtime CPU feature detection? **Yes**.
 

docs/algorithms/kem/hqc.yml

@@ -4,15 +4,17 @@ principal-submitters:
 - Carlos Aguilar Melchor
 - Nicolas Aragon
 - Slim Bettaieb
+- Loïc Bidoux
 - Olivier Blazy
 - Jurjen Bos
 - Jean-Christophe Deneuville
+- Arnaud Dion
 - Philippe Gaborit
+- Jérôme Lacan
 - Edoardo Persichetti
 - Jean-Marc Robert
 - Pascal Véron
 - Gilles Zémor
-- Loïc Bidoux
 crypto-assumption: Syndrome decoding of structure codes (Hamming Quasi-Cyclic)
 website: https://pqc-hqc.org/
 nist-round: 3
@@ -28,8 +30,8 @@ parameter-sets:
   claimed-nist-level: 1
   claimed-security: IND-CCA2
   length-public-key: 2249
-  length-ciphertext: 4481
-  length-secret-key: 2289
+  length-ciphertext: 4433
+  length-secret-key: 2305
   length-shared-secret: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
@@ -41,28 +43,12 @@ parameter-sets:
     no-secret-dependent-branching-checked-by-valgrind: true
     large-stack-usage: false
     upstream: primary-upstream
-  - upstream-id: avx2
-    supported-platforms:
-    - architecture: x86_64
-      operating_systems:
-      - Linux
-      - Darwin
-      required_flags:
-      - avx2
-      - bmi1
-      - pclmulqdq
-    common-crypto:
-    - SHA3: liboqs
-    no-secret-dependent-branching-claimed: false
-    no-secret-dependent-branching-checked-by-valgrind: true
-    large-stack-usage: false
-    upstream: primary-upstream
 - name: HQC-192
   claimed-nist-level: 3
   claimed-security: IND-CCA2
-  length-ciphertext: 9026
+  length-ciphertext: 8978
   length-public-key: 4522
-  length-secret-key: 4562
+  length-secret-key: 4586
   length-shared-secret: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
@@ -74,28 +60,12 @@ parameter-sets:
     no-secret-dependent-branching-checked-by-valgrind: true
     large-stack-usage: false
     upstream: primary-upstream
-  - upstream-id: avx2
-    supported-platforms:
-    - architecture: x86_64
-      operating_systems:
-      - Linux
-      - Darwin
-      required_flags:
-      - avx2
-      - bmi1
-      - pclmulqdq
-    common-crypto:
-    - SHA3: liboqs
-    no-secret-dependent-branching-claimed: false
-    no-secret-dependent-branching-checked-by-valgrind: true
-    large-stack-usage: false
-    upstream: primary-upstream
 - name: HQC-256
   claimed-nist-level: 5
   claimed-security: IND-CCA2
-  length-ciphertext: 14469
+  length-ciphertext: 14421
   length-public-key: 7245
-  length-secret-key: 7285
+  length-secret-key: 7317
   length-shared-secret: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
@@ -107,22 +77,6 @@ parameter-sets:
     no-secret-dependent-branching-checked-by-valgrind: true
     large-stack-usage: false
     upstream: primary-upstream
-  - upstream-id: avx2
-    supported-platforms:
-    - architecture: x86_64
-      operating_systems:
-      - Linux
-      - Darwin
-      required_flags:
-      - avx2
-      - bmi1
-      - pclmulqdq
-    common-crypto:
-    - SHA3: liboqs
-    no-secret-dependent-branching-claimed: false
-    no-secret-dependent-branching-checked-by-valgrind: true
-    large-stack-usage: true
-    upstream: primary-upstream
 primary-upstream:
   spdx-license-identifier: Public domain
-  source: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852

docs/algorithms/sig/falcon.md

@@ -7,7 +7,7 @@
 - **Authors' website**: https://falcon-sign.info
 - **Specification version**: 20211101.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  - **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
   - **Implementation license (SPDX-Identifier)**: MIT
 
 
@@ -22,7 +22,7 @@
 
 |       Implementation source       | Identifier in upstream   | Supported architecture(s)   | Supported operating system(s)   | CPU extension(s) used   | No branching-on-secrets claimed?   | No branching-on-secrets checked by valgrind?   | Large stack usage?‡   |
 |:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | False                              | False                                          | False                 |
+| [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | True                               | True                                           | False                 |
 | [Primary Source](#primary-source) | avx2                     | x86\_64                     | All                             | AVX2                    | False                              | False                                          | False                 |
 | [Primary Source](#primary-source) | aarch64                  | ARM64\_V8                   | Linux,Darwin                    | None                    | False                              | False                                          | False                 |
 
@@ -34,7 +34,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
 
 |       Implementation source       | Identifier in upstream   | Supported architecture(s)   | Supported operating system(s)   | CPU extension(s) used   | No branching-on-secrets claimed?   | No branching-on-secrets checked by valgrind?   | Large stack usage?   |
 |:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | False                              | False                                          | False                |
+| [Primary Source](#primary-source) | clean                    | All                         | All                             | None                    | True                               | True                                           | False                |
 | [Primary Source](#primary-source) | avx2                     | x86\_64                     | All                             | AVX2                    | False                              | False                                          | False                |
 | [Primary Source](#primary-source) | aarch64                  | ARM64\_V8                   | Linux,Darwin                    | None                    | False                              | False                                          | False                |
 

docs/algorithms/sig/falcon.yml

@@ -18,7 +18,7 @@ website: https://falcon-sign.info
 nist-round: 3
 spec-version: 20211101
 primary-upstream:
-  source: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
   spdx-license-identifier: MIT
   upstream-ancestors:
   - https://www.falcon-sign.info

docs/algorithms/sig/sphincs.md

@@ -7,7 +7,7 @@
 - **Authors' website**: https://sphincs.org/
 - **Specification version**: NIST Round 3 submission, v3.1 (June 10, 2022).
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a with copy_from_upstream patches
+  - **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852 with copy_from_upstream patches
   - **Implementation license (SPDX-Identifier)**: CC0-1.0
 
 

docs/algorithms/sig/sphincs.yml

@@ -26,7 +26,7 @@ nist-round: 3
 spec-version: NIST Round 3 submission, v3.1 (June 10, 2022)
 spdx-license-identifier: CC0-1.0
 primary-upstream:
-  source: https://github.com/PQClean/PQClean/commit/8e220a87308154d48fdfac40abbb191ac7fce06a
+  source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
     with copy_from_upstream patches
   spdx-license-identifier: CC0-1.0
   upstream-ancestors: