From da3dab860dae10e11e2b5086bc3006446df87c36 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Wed, 7 Feb 2024 13:30:32 -0500 Subject: [PATCH] Update SPHINCS+ "clean" suppression files (#1683) --- .github/workflows/weekly.yml | 4 +-- docs/algorithms/sig/sphincs.yml | 48 +++++++++++++------------- tests/constant_time/sig/issues.json | 48 +++++++++++++------------- tests/constant_time/sig/issues/sphincs | 31 ++++++++++++++--- 4 files changed, 76 insertions(+), 55 deletions(-) diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 9d0be91f07..28b6f3ccad 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -16,12 +16,12 @@ jobs: container: openquantumsafe/ci-ubuntu-focal-x86_64:latest CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON PYTEST_ARGS: --numprocesses=auto -k 'test_constant_time' - SKIP_ALGS: 'SPHINCS\+-SHA*,Classic-McEliece-[^3](.)*' + SKIP_ALGS: 'SPHINCS\+-SHA(.)*s-simple,SPHINCS\+-SHAKE-(.)*,Classic-McEliece-[^3](.)*' - name: extensions container: openquantumsafe/ci-ubuntu-focal-x86_64:latest CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=haswell -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON PYTEST_ARGS: --numprocesses=auto -k 'test_constant_time' - SKIP_ALGS: 'SPHINCS\+-SHA*,Classic-McEliece-(.)*' + SKIP_ALGS: 'SPHINCS\+-SHA(.)*s-simple,SPHINCS\+-SHAKE-(.)*,Classic-McEliece-[^3](.)*' container: image: ${{ matrix.container }} steps: diff --git a/docs/algorithms/sig/sphincs.yml b/docs/algorithms/sig/sphincs.yml index fa0224c408..b5148335ab 100644 --- a/docs/algorithms/sig/sphincs.yml +++ b/docs/algorithms/sig/sphincs.yml @@ -47,8 +47,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -77,8 +77,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -107,8 +107,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -137,8 +137,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -167,8 +167,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -197,8 +197,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA2: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -227,8 +227,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -257,8 +257,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -287,8 +287,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -317,8 +317,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -347,8 +347,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 @@ -377,8 +377,8 @@ parameter-sets: supported-platforms: all common-crypto: - SHA3: liboqs - no-secret-dependent-branching-claimed: true - no-secret-dependent-branching-checked-by-valgrind: true + no-secret-dependent-branching-claimed: false + no-secret-dependent-branching-checked-by-valgrind: false large-stack-usage: false - upstream: primary-upstream upstream-id: avx2 diff --git a/tests/constant_time/sig/issues.json b/tests/constant_time/sig/issues.json index 9bb7eb81c4..37dc988271 100644 --- a/tests/constant_time/sig/issues.json +++ b/tests/constant_time/sig/issues.json @@ -5,28 +5,28 @@ "Dilithium5": [], "Falcon-1024": ["falcon"], "Falcon-512": ["falcon"], - "SPHINCS+-SHA256-128f-robust": ["sphincs"], - "SPHINCS+-SHA256-128f-simple": ["sphincs"], - "SPHINCS+-SHA256-128s-robust": ["sphincs"], - "SPHINCS+-SHA256-128s-simple": ["sphincs"], - "SPHINCS+-SHA256-192f-robust": ["sphincs"], - "SPHINCS+-SHA256-192f-simple": ["sphincs"], - "SPHINCS+-SHA256-192s-robust": ["sphincs"], - "SPHINCS+-SHA256-192s-simple": ["sphincs"], - "SPHINCS+-SHA256-256f-robust": ["sphincs"], - "SPHINCS+-SHA256-256f-simple": ["sphincs"], - "SPHINCS+-SHA256-256s-robust": ["sphincs"], - "SPHINCS+-SHA256-256s-simple": ["sphincs"], - "SPHINCS+-SHAKE256-128f-robust": ["sphincs"], - "SPHINCS+-SHAKE256-128f-simple": ["sphincs"], - "SPHINCS+-SHAKE256-128s-robust": ["sphincs"], - "SPHINCS+-SHAKE256-128s-simple": ["sphincs"], - "SPHINCS+-SHAKE256-192f-robust": ["sphincs"], - "SPHINCS+-SHAKE256-192f-simple": ["sphincs"], - "SPHINCS+-SHAKE256-192s-robust": ["sphincs"], - "SPHINCS+-SHAKE256-192s-simple": ["sphincs"], - "SPHINCS+-SHAKE256-256f-robust": ["sphincs"], - "SPHINCS+-SHAKE256-256f-simple": ["sphincs"], - "SPHINCS+-SHAKE256-256s-robust": ["sphincs"], - "SPHINCS+-SHAKE256-256s-simple": ["sphincs"] + "SPHINCS+-SHA2-128f-robust": ["sphincs"], + "SPHINCS+-SHA2-128f-simple": ["sphincs"], + "SPHINCS+-SHA2-128s-robust": ["sphincs"], + "SPHINCS+-SHA2-128s-simple": ["sphincs"], + "SPHINCS+-SHA2-192f-robust": ["sphincs"], + "SPHINCS+-SHA2-192f-simple": ["sphincs"], + "SPHINCS+-SHA2-192s-robust": ["sphincs"], + "SPHINCS+-SHA2-192s-simple": ["sphincs"], + "SPHINCS+-SHA2-256f-robust": ["sphincs"], + "SPHINCS+-SHA2-256f-simple": ["sphincs"], + "SPHINCS+-SHA2-256s-robust": ["sphincs"], + "SPHINCS+-SHA2-256s-simple": ["sphincs"], + "SPHINCS+-SHAKE-128f-robust": ["sphincs"], + "SPHINCS+-SHAKE-128f-simple": ["sphincs"], + "SPHINCS+-SHAKE-128s-robust": ["sphincs"], + "SPHINCS+-SHAKE-128s-simple": ["sphincs"], + "SPHINCS+-SHAKE-192f-robust": ["sphincs"], + "SPHINCS+-SHAKE-192f-simple": ["sphincs"], + "SPHINCS+-SHAKE-192s-robust": ["sphincs"], + "SPHINCS+-SHAKE-192s-simple": ["sphincs"], + "SPHINCS+-SHAKE-256f-robust": ["sphincs"], + "SPHINCS+-SHAKE-256f-simple": ["sphincs"], + "SPHINCS+-SHAKE-256s-robust": ["sphincs"], + "SPHINCS+-SHAKE-256s-simple": ["sphincs"] } diff --git a/tests/constant_time/sig/issues/sphincs b/tests/constant_time/sig/issues/sphincs index 14a18ee7a6..2a944c6c03 100644 --- a/tests/constant_time/sig/issues/sphincs +++ b/tests/constant_time/sig/issues/sphincs @@ -1,7 +1,28 @@ { - memcpy source and destination overlap see issue 1038 - Memcheck:Overlap - fun:__GI_memcpy - fun:gen_chain - fun:PQCLEAN_SPHINCS*_CLEAN_wots_* + This implementation of SPHINCS+ may not be constant time. + Memcheck:Cond + src:wotsx1.c:29 + # fun:PQCLEAN_SPHINCSSHA*FSIMPLE_CLEAN_wots_gen_leafx1 + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_treehashx1 + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_merkle_sign + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_crypto_sign_signature +} + +{ + This implementation of SPHINCS+ may not be constant time. + Memcheck:Cond + src:wotsx1.c:58 + # fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_wots_gen_leafx1 + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_treehashx1 + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_merkle_sign + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_crypto_sign_signature +} + +{ + This implementation of SPHINCS+ may not be constant time. + Memcheck:Cond + src:utilsx1.c:65 + # fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_treehashx1 + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_*_sign + fun:PQCLEAN_SPHINCSSHA*SIMPLE_CLEAN_crypto_sign_signature }