Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Stateful Signature (XMSS and LMS) #1650

Merged
merged 69 commits into from
Jun 5, 2024
Merged
Changes from 62 commits
Commits
Show all changes
69 commits
Select commit Hold shift + click to select a range
dad6412
Initial addition of sig_stfl API and dummy XMSS variant
cothan Apr 2, 2024
b0c06fa
Fix API and build issues
dstebila May 8, 2023
7b59154
Add SIG_STFL to tests/dump_alg_info
dstebila May 8, 2023
8e1dd5c
Update sig_stfl dummy scheme and add basic test program
dstebila May 9, 2023
244288f
Add XMSS parameter xmss_sha256_h10 (#1482)
ducnguyen-sb Jun 1, 2023
c9c3835
Re-add OQS_SECRET_KEY (#1493)
dstebila Jul 12, 2023
e356ebf
Na lms (#1486)
ashman-p Jul 13, 2023
a7e26d9
Add 12 XMSS and 16 XMSSMT parameters. (#1489)
ducnguyen-sb Jul 24, 2023
55094c3
LMS H5_W1 (#1513)
ashman-p Jul 31, 2023
4d773d7
Convert to use OQS_SIG_STFL_SECRET_KEY struct (#1525)
ashman-p Aug 12, 2023
4694fc3
Add secret key object to XMSS (#1530)
ducnguyen-sb Aug 18, 2023
245aede
LMS updated to use new SK API (#1533)
ashman-p Aug 29, 2023
99067be
Add XMSS Serialize/Deserialize (#1542)
ducnguyen-sb Sep 9, 2023
a85a9aa
Stateful sigs secret key storage callback (#1553)
ashman-p Sep 22, 2023
3934949
Na statful sig lock (#1559)
ashman-p Sep 28, 2023
3db6b44
Secret Key Query (#1572)
ashman-p Oct 5, 2023
2446c64
Na stateful sigs lms var (#1574)
ashman-p Oct 10, 2023
8df2539
Stateful sigs XMSS updates (#1590)
ashman-p Oct 20, 2023
2dbfc40
Update XMSS secret key object APIs, sync with LMS (#1588)
ducnguyen-sb Nov 1, 2023
47740ad
Enforce idx from unsigned int to uint32_t. (#1611)
ducnguyen-sb Nov 15, 2023
a7b2987
SHA2 Increment with arbitrary length (non-block sizes) (#1614)
ashman-p Nov 27, 2023
2dd9e07
Na lms kat multi level (#1620)
ashman-p Dec 13, 2023
982b440
Fix Build Errors (#1635)
ashman-p Dec 19, 2023
ddae644
Various fixes
ashman-p Dec 20, 2023
cc50ef0
Fix warning
ashman-p Dec 21, 2023
9610576
Fix windows-x86 and arm compiling error. (#1634)
ducnguyen-sb Jan 2, 2024
bb658b7
Address stateful-sigs comments in #1650 (#1656)
ducnguyen-sb Jan 11, 2024
7db8ddf
Update `sig_stfl.h` document for #1650 (#1655)
ducnguyen-sb Jan 11, 2024
cf03392
Update README.md
ashman-p Jan 13, 2024
9325713
Update README.md
ashman-p Jan 13, 2024
a52b217
Update README.md
ashman-p Jan 13, 2024
d442ac9
Update README.md
ashman-p Jan 13, 2024
72ab478
Update README.md
ashman-p Jan 13, 2024
5967f12
Update src/CMakeLists.txt
ashman-p Jan 13, 2024
fc6d512
Update documentation and license text. (#1663)
ashman-p Jan 19, 2024
c3e5750
Add Apache 2.0 and MIT License to XMSS (#1662)
ducnguyen-sb Jan 19, 2024
e7a83c7
Disable Stateful Signatures in the build by default (#1676)
ashman-p Jan 30, 2024
6c81bae
Na stateful macro (#1687)
ashman-p Feb 8, 2024
001e96a
Update GitHub Actions workflows for stateful signatures (#1692)
SWilson4 Feb 13, 2024
e1f02b2
Change XMSS License from `(Apache 2.0 AND MIT)` to `(Apache 2.0 OR MI…
ducnguyen-sb Feb 13, 2024
17c12c3
Add return status for XMSS lock/unlock functions. (#1712)
ducnguyen-sb Mar 1, 2024
32949b7
Reformat LMS / XMSS KAT files (#1722)
SWilson4 Mar 11, 2024
1941636
Add return check for lock/unlock function (#1727)
ducnguyen-sb Mar 11, 2024
b45415c
Use `abort()` instead of exit to get the trace log. (#1728)
ducnguyen-sb Mar 12, 2024
ba63672
Reduce number of `malloc/free` call in `XMSS/external` (#1724)
ducnguyen-sb Mar 30, 2024
8524a16
Post-rebase cleanup
SWilson4 Apr 12, 2024
5da49e3
Satisfy astyle
SWilson4 Apr 12, 2024
a535114
Fix macOS build error: lld -> llu
SWilson4 Apr 15, 2024
71ee535
Bring EVP_DigestUpdate calls in line with main
SWilson4 Apr 15, 2024
154d8e4
Fix test program linkage for cross-compiling
SWilson4 Apr 15, 2024
b2cdab6
Fix typo from STFL to SFTL
cothan Apr 16, 2024
e92aab3
Stateful sigs: Rename keygen / sign option, add more tests, fix memor…
SWilson4 Apr 18, 2024
b075878
Clean up OQS_SIG_STFL_SECRET_KEY_free
SWilson4 Apr 22, 2024
db000c2
Remove unused sig member
SWilson4 Apr 26, 2024
9b60f60
Naming convention for serialize / deserialize functions
SWilson4 Apr 26, 2024
f9a4f03
Switch order of params for deserialize
SWilson4 Apr 26, 2024
8c1529d
Swap param order down the stack; rename length param; update document…
SWilson4 Apr 26, 2024
c408cee
Update src/sig_stfl/sig_stfl.h
SWilson4 Apr 26, 2024
7dd4ea0
Test stateful sigs on arm64, s390x, and powerpc (#1772)
SWilson4 Apr 29, 2024
4ebd1b9
Update tests/example_sig_stfl.c
ashman-p May 12, 2024
0c3d39c
Zeroing internal state memory on heap (#1790)
cothan May 14, 2024
31bdf13
Clean up unresolved comments on stateful-sigs PR (#1793)
SWilson4 May 14, 2024
8e75f98
Update config variable name
SWilson4 May 23, 2024
ca27922
Strengthen warning in CONFIGURE.md
SWilson4 May 23, 2024
6f35f43
DCO sign-off [skip ci]
dstebila May 30, 2024
20d39aa
I, Spencer Wilson, retroactively sign off on these commits:
SWilson4 May 30, 2024
d37f20d
I, Duc Nguyen, retroactively sign off on these commits:
cothan May 30, 2024
3621a6b
I, Norman Ashley, retroactively sign off on these commits:
ashman-p Jun 4, 2024
4fb0141
Merge branch 'main' into stateful-sigs
SWilson4 Jun 5, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
87 changes: 86 additions & 1 deletion .CMake/alg_support.cmake
Original file line number Diff line number Diff line change
@@ -497,6 +497,91 @@ endif()

##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_ADD_ENABLE_BY_ALG_CONDITIONAL_END

option(OQS_ENABLE_SIG_STFL_XMSS "Enable XMSS algorithm family" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha256_h10 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha256_h16 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha256_h20 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake128_h10 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake128_h16 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake128_h20 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha512_h10 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha512_h16 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_sha512_h20 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake256_h10 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake256_h16 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmss_shake256_h20 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h20_2 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h20_4 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h40_2 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h40_4 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h40_8 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h60_3 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h60_6 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_sha256_h60_12 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h20_2 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h20_4 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h40_2 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h40_4 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h40_8 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h60_3 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h60_6 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h60_12 "" ON "OQS_ENABLE_SIG_STFL_XMSS" OFF)


option(OQS_ENABLE_SIG_STFL_LMS "Enable LMS algorithm family" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w1 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w1 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w1 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w1 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h25_w1 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h25_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h25_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h25_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w8_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w4_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w8_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w2_h10_w2 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w4_h10_w4 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w8_h10_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w8_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w8_h10_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h15_w8_h15_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w8_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w8_h10_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w8_h15_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h20_w8_h20_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF)

option(OQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN "Enable stateful key and signature generation for research and experimentation" OFF)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't we hear suggestions to make this config option sound really dangerous and hard to accidentally enable? What about naming it "OQS_ENABLE_EXPERIMENTAL_AND_BORDERING_ON_IRRESPONSIBLE_STATEFUL_HASHBASED_SIGNATURE_AND_KEYGEN_FEATURE" (basically quoting one such feedback)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about OQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN as something that sounds reasonably professional while conveying the essence of "bordering on irresponsible"?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good to me.

cmake_dependent_option(OQS_ALLOW_STFL_KEY_AND_SIG_GEN "" ON "OQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN" OFF)

if (${OQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN} AND ${OQS_ENABLE_SIG_STFL_XMSS})
set(OQS_ALLOW_XMSS_KEY_AND_SIG_GEN ON)
else()
set(OQS_ALLOW_XMSS_KEY_AND_SIG_GEN OFF)
endif()

if (${OQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN} AND ${OQS_ENABLE_SIG_STFL_LMS})
set(OQS_ALLOW_LMS_KEY_AND_SIG_GEN ON)
else()
set(OQS_ALLOW_LMS_KEY_AND_SIG_GEN OFF)
endif()

if(OQS_ALLOW_STFL_KEY_AND_SIG_GEN STREQUAL "ON")
message(STATUS "Experimental stateful key and signature generation is enabled. Ensure secret keys are securely stored to prevent multiple simultaneous sign operations.")
endif()

# Set XKCP (Keccak) required for Sphincs AVX2 code even if OpenSSL3 SHA3 is used:
if (${OQS_ENABLE_SIG_SPHINCS} OR NOT ${OQS_USE_SHA3_OPENSSL})
set(OQS_ENABLE_SHA3_xkcp_low ON)
@@ -509,4 +594,4 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
else()
set(OQS_ENABLE_SHA3_xkcp_low_avx2 OFF)
endif()
endif()
endif()
1 change: 1 addition & 0 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -344,6 +344,7 @@ workflows:
<<: *require_buildcheck
name: arm64
PYTEST_ARGS: --numprocesses=auto --maxprocesses=10 --ignore=tests/test_kat_all.py
CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON

commit-to-main:
when:
4 changes: 3 additions & 1 deletion .github/workflows/android.yml
Original file line number Diff line number Diff line change
@@ -10,8 +10,10 @@ jobs:
fail-fast: false
matrix:
abi: [armeabi-v7a, arm64-v8a, x86, x86_64]
stfl_opt: [ON, OFF]

steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build project
run: ./scripts/build-android.sh $ANDROID_NDK_HOME -a ${{ matrix.abi }}
run: ./scripts/build-android.sh $ANDROID_NDK_HOME -a ${{ matrix.abi }} -f "-DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }}"
5 changes: 4 additions & 1 deletion .github/workflows/apple.yml
Original file line number Diff line number Diff line change
@@ -10,10 +10,13 @@ jobs:
fail-fast: false
matrix:
platform: [OS64, TVOS]
stfl_opt: [OFF, ON]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Generate project
run: cmake -B build --toolchain .CMake/apple.cmake -DOQS_USE_OPENSSL=OFF -DPLATFORM=${{ matrix.platform }} .
run: |
cmake -B build --toolchain .CMake/apple.cmake -DOQS_USE_OPENSSL=OFF -DPLATFORM=${{ matrix.platform }} \
-DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build project
run: cmake --build build
25 changes: 19 additions & 6 deletions .github/workflows/unix.yml
Original file line number Diff line number Diff line change
@@ -74,15 +74,19 @@ jobs:
include:
- name: alpine
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-no-stfl-key-sig-gen
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-openssl-all
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-noopenssl
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: focal-nistr4-openssl
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
@@ -98,7 +102,11 @@ jobs:
PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py
- name: address-sanitizer
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --numprocesses=auto --maxprocesses=10
- name: address-sanitizer-no-stfl-key-sig-gen
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --numprocesses=auto --maxprocesses=10
container:
image: ${{ matrix.container }}
@@ -137,7 +145,11 @@ jobs:
include:
- name: armhf
ARCH: armhf
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: armhf-no-stfl-key-sig-gen
ARCH: armhf
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
# no longer supporting armel
# - name: armel
@@ -203,6 +215,7 @@ jobs:
- macos-13
- macos-14
CMAKE_ARGS:
- -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
- -DCMAKE_C_COMPILER=gcc-13
- -DOQS_USE_OPENSSL=OFF
- -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF
@@ -268,4 +281,4 @@ jobs:
working-directory: build
- name: Run tests
timeout-minutes: 60
run: mkdir -p tmp && python3 -m pytest --verbose --ignore=tests/test_code_conventions.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py
run: mkdir -p tmp && python3 -m pytest --verbose --ignore=tests/test_code_conventions.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py
8 changes: 6 additions & 2 deletions .github/workflows/windows.yml
Original file line number Diff line number Diff line change
@@ -6,10 +6,13 @@ jobs:

windows-arm64:
runs-on: windows-2022
strategy:
matrix:
stfl_opt: [ON, OFF]
steps:
- uses: actions/checkout@v3
- name: Generate Project
run: cmake -B build --toolchain .CMake/toolchain_windows_arm64.cmake .
run: cmake -B build --toolchain .CMake/toolchain_windows_arm64.cmake -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build Project
run: cmake --build build

@@ -19,10 +22,11 @@ jobs:
fail-fast: false
matrix:
toolchain: [.CMake/toolchain_windows_x86.cmake, .CMake/toolchain_windows_amd64.cmake]
stfl_opt: [ON, OFF]
steps:
- uses: actions/checkout@v3
- name: Generate Project
run: cmake -B build --toolchain ${{ matrix.toolchain }} .
run: cmake -B build --toolchain ${{ matrix.toolchain }} -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build Project
run: cmake --build build
- name: Test dependencies
4 changes: 2 additions & 2 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -9,13 +9,13 @@ jobs:
compiler: gcc
if: NOT branch =~ /^ghactionsonly-/
script:
- mkdir build && cd build && cmake -GNinja .. && cmake -LA .. && ninja
- mkdir build && cd build && cmake -GNinja -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_STFL_SIG_KEY_SIG_GEN=ON .. && cmake -LA .. && ninja
- cd build & ninja run_tests
- arch: s390x
os: linux
dist: focal
compiler: gcc
if: NOT branch =~ /^ghactionsonly-/
script:
- mkdir build && cd build && cmake -GNinja .. && cmake -LA .. && ninja
- mkdir build && cd build && cmake -GNinja -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_EXPERIMENTAL_ENABLE_STFL_SIG_KEY_SIG_GEN=ON .. && cmake -LA .. && ninja
- cd build & ninja run_tests
9 changes: 8 additions & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -153,7 +153,8 @@ set(PUBLIC_HEADERS ${PROJECT_SOURCE_DIR}/src/oqs.h
${PROJECT_SOURCE_DIR}/src/common/common.h
${PROJECT_SOURCE_DIR}/src/common/rand/rand.h
${PROJECT_SOURCE_DIR}/src/kem/kem.h
${PROJECT_SOURCE_DIR}/src/sig/sig.h)
${PROJECT_SOURCE_DIR}/src/sig/sig.h
${PROJECT_SOURCE_DIR}/src/sig_stfl/sig_stfl.h)

set(INTERNAL_HEADERS ${PROJECT_SOURCE_DIR}/src/common/aes/aes.h
${PROJECT_SOURCE_DIR}/src/common/rand/rand_nist.h
@@ -196,6 +197,12 @@ if(OQS_ENABLE_SIG_SPHINCS)
set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig/sphincs/sig_sphincs.h)
endif()
##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_INCLUDE_HEADERS_END
if(OQS_ENABLE_SIG_STFL_XMSS)
set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig_stfl/xmss/sig_stfl_xmss.h)
endif()
if(OQS_ENABLE_SIG_STFL_LMS)
set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig_stfl/lms/sig_stfl_lms.h)
endif()
execute_process(COMMAND ${CMAKE_COMMAND} -E make_directory ${PROJECT_BINARY_DIR}/include/oqs)
execute_process(COMMAND ${CMAKE_COMMAND} -E copy ${PUBLIC_HEADERS} ${PROJECT_BINARY_DIR}/include/oqs)
execute_process(COMMAND ${CMAKE_COMMAND} -E copy ${INTERNAL_HEADERS} ${PROJECT_BINARY_DIR}/include/oqs)
Loading