diff --git a/docs/algorithms/kem/bike.md b/docs/algorithms/kem/bike.md index 841993739c..139dc9f9c2 100644 --- a/docs/algorithms/kem/bike.md +++ b/docs/algorithms/kem/bike.md @@ -13,11 +13,11 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| BIKE-L1 | NA | IND-CPA | 1 | 1541 | 5223 | 1573 | 32 | -| BIKE-L3 | NA | IND-CPA | 3 | 3083 | 10105 | 3115 | 32 | -| BIKE-L5 | NA | IND-CPA | 5 | 5122 | 16494 | 5154 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| BIKE-L1 | NA | IND-CPA | 1 | 1541 | 5223 | 1573 | 32 | 0 | 0 | +| BIKE-L3 | NA | IND-CPA | 3 | 3083 | 10105 | 3115 | 32 | 0 | 0 | +| BIKE-L5 | NA | IND-CPA | 5 | 5122 | 16494 | 5154 | 32 | 0 | 0 | ## BIKE-L1 implementation characteristics diff --git a/docs/algorithms/kem/classic_mceliece.md b/docs/algorithms/kem/classic_mceliece.md index 2c6a267e49..005d22eac4 100644 --- a/docs/algorithms/kem/classic_mceliece.md +++ b/docs/algorithms/kem/classic_mceliece.md @@ -18,18 +18,18 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:-------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| Classic-McEliece-348864 | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | -| Classic-McEliece-348864f | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | -| Classic-McEliece-460896 | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | -| Classic-McEliece-460896f | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | -| Classic-McEliece-6688128 | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | -| Classic-McEliece-6688128f | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | -| Classic-McEliece-6960119 | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | -| Classic-McEliece-6960119f | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | -| Classic-McEliece-8192128 | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | -| Classic-McEliece-8192128f | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:-------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| Classic-McEliece-348864 | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | 0 | 0 | +| Classic-McEliece-348864f | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | 0 | 0 | +| Classic-McEliece-460896 | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | 0 | 0 | +| Classic-McEliece-460896f | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | 0 | 0 | +| Classic-McEliece-6688128 | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | 0 | 0 | +| Classic-McEliece-6688128f | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | 0 | 0 | +| Classic-McEliece-6960119 | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | 0 | 0 | +| Classic-McEliece-6960119f | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | 0 | 0 | +| Classic-McEliece-8192128 | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | 0 | 0 | +| Classic-McEliece-8192128f | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | 0 | 0 | ## Classic-McEliece-348864 implementation characteristics diff --git a/docs/algorithms/kem/frodokem.md b/docs/algorithms/kem/frodokem.md index 07f216a5a5..25ea44fab4 100644 --- a/docs/algorithms/kem/frodokem.md +++ b/docs/algorithms/kem/frodokem.md @@ -12,14 +12,14 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:-------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| FrodoKEM-640-AES | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | -| FrodoKEM-640-SHAKE | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | -| FrodoKEM-976-AES | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | -| FrodoKEM-976-SHAKE | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | -| FrodoKEM-1344-AES | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | -| FrodoKEM-1344-SHAKE | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:-------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| FrodoKEM-640-AES | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | 0 | 0 | +| FrodoKEM-640-SHAKE | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | 0 | 0 | +| FrodoKEM-976-AES | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | 0 | 0 | +| FrodoKEM-976-SHAKE | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | 0 | 0 | +| FrodoKEM-1344-AES | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | 0 | 0 | +| FrodoKEM-1344-SHAKE | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | 0 | 0 | ## FrodoKEM-640-AES implementation characteristics diff --git a/docs/algorithms/kem/hqc.md b/docs/algorithms/kem/hqc.md index dca44d745b..568fb7ce1c 100644 --- a/docs/algorithms/kem/hqc.md +++ b/docs/algorithms/kem/hqc.md @@ -14,11 +14,11 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| HQC-128 | NA | IND-CCA2 | 1 | 2249 | 2305 | 4433 | 64 | -| HQC-192 | NA | IND-CCA2 | 3 | 4522 | 4586 | 8978 | 64 | -| HQC-256 | NA | IND-CCA2 | 5 | 7245 | 7317 | 14421 | 64 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| HQC-128 | NA | IND-CCA2 | 1 | 2249 | 2305 | 4433 | 64 | 0 | 0 | +| HQC-192 | NA | IND-CCA2 | 3 | 4522 | 4586 | 8978 | 64 | 0 | 0 | +| HQC-256 | NA | IND-CCA2 | 5 | 7245 | 7317 | 14421 | 64 | 0 | 0 | ## HQC-128 implementation characteristics diff --git a/docs/algorithms/kem/kyber.md b/docs/algorithms/kem/kyber.md index 0ae1cf3109..53314eccdc 100644 --- a/docs/algorithms/kem/kyber.md +++ b/docs/algorithms/kem/kyber.md @@ -17,11 +17,11 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| Kyber512 | NA | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | -| Kyber768 | NA | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | -| Kyber1024 | NA | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| Kyber512 | NA | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | 0 | 0 | +| Kyber768 | NA | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | 0 | 0 | +| Kyber1024 | NA | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | 0 | 0 | ## Kyber512 implementation characteristics diff --git a/docs/algorithms/kem/ml_kem.md b/docs/algorithms/kem/ml_kem.md index 7d5e0561ab..13accb76b6 100644 --- a/docs/algorithms/kem/ml_kem.md +++ b/docs/algorithms/kem/ml_kem.md @@ -13,11 +13,11 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| ML-KEM-512-ipd | ML-KEM-512 | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | -| ML-KEM-768-ipd | ML-KEM-768 | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | -| ML-KEM-1024-ipd | ML-KEM-1024 | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| ML-KEM-512-ipd | ML-KEM-512 | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | 64 | 32 | +| ML-KEM-768-ipd | ML-KEM-768 | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | 64 | 32 | +| ML-KEM-1024-ipd | ML-KEM-1024 | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | 64 | 32 | ## ML-KEM-512-ipd implementation characteristics diff --git a/docs/algorithms/kem/ml_kem.yml b/docs/algorithms/kem/ml_kem.yml index 58d2ce19b1..6e84bfc639 100644 --- a/docs/algorithms/kem/ml_kem.yml +++ b/docs/algorithms/kem/ml_kem.yml @@ -29,6 +29,8 @@ parameter-sets: length-ciphertext: 768 length-secret-key: 1632 length-shared-secret: 32 + length-keypair-coins: 64 + length-encaps-coins: 32 implementations-switch-on-runtime-cpu-features: true implementations: - upstream: primary-upstream @@ -63,6 +65,8 @@ parameter-sets: length-ciphertext: 1088 length-secret-key: 2400 length-shared-secret: 32 + length-keypair-coins: 64 + length-encaps-coins: 32 implementations-switch-on-runtime-cpu-features: true implementations: - upstream: primary-upstream @@ -97,6 +101,8 @@ parameter-sets: length-ciphertext: 1568 length-secret-key: 3168 length-shared-secret: 32 + length-keypair-coins: 64 + length-encaps-coins: 32 implementations-switch-on-runtime-cpu-features: true implementations: - upstream: primary-upstream diff --git a/docs/algorithms/kem/ntruprime.md b/docs/algorithms/kem/ntruprime.md index 5ff56716ff..a195238750 100644 --- a/docs/algorithms/kem/ntruprime.md +++ b/docs/algorithms/kem/ntruprime.md @@ -14,9 +14,9 @@ ## Parameter set summary -| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| sntrup761 | NA | IND-CCA2 | 2 | 1158 | 1763 | 1039 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | Keypair coins (bytes) | Encapsulation coins (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|------------------------:|------------------------------:| +| sntrup761 | NA | IND-CCA2 | 2 | 1158 | 1763 | 1039 | 32 | 0 | 0 | ## sntrup761 implementation characteristics diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py index 9c4f8f2232..110f2b5737 100755 --- a/scripts/copy_from_upstream/copy_from_upstream.py +++ b/scripts/copy_from_upstream/copy_from_upstream.py @@ -156,6 +156,10 @@ def load_instructions(): scheme['upstream_location'] = family['upstream_location'] if (not 'arch_specific_upstream_locations' in scheme) and 'arch_specific_upstream_locations' in family: scheme['arch_specific_upstream_locations'] = family['arch_specific_upstream_locations'] + if (not 'derandomized_keypair' in scheme) and 'derandomized_keypair' in family: + scheme['derandomized_keypair'] = family['derandomized_keypair'] + if (not 'derandomized_encaps' in scheme) and 'derandomized_encaps' in family: + scheme['derandomized_encaps'] = family['derandomized_encaps'] if not 'git_commit' in scheme: scheme['git_commit'] = upstreams[scheme['upstream_location']]['git_commit'] if not 'git_branch' in scheme: diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index f9582fa74f..1705a46e0c 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -36,7 +36,7 @@ upstreams: git_commit: d1321ce5ac0b53f583eb47a040dc3625ee8e7e37 kem_meta_path: '{pretty_name_full}_META.yml' kem_scheme_path: '.' - patches: [pqcrystals-ml_kem_ipd.patch] + patches: [pqcrystals-ml_kem_ipd.patch, pqcrystals-ml_kem_derand.patch] - name: pqcrystals-dilithium git_url: https://github.com/pq-crystals/dilithium.git @@ -149,6 +149,8 @@ kems: name: ml_kem default_implementation: ref upstream_location: pqcrystals-kyber-standard + derandomized_keypair: true + derandomized_encaps: true schemes: - scheme: "512_ipd" diff --git a/scripts/copy_from_upstream/patches/pqcrystals-ml_kem_derand.patch b/scripts/copy_from_upstream/patches/pqcrystals-ml_kem_derand.patch new file mode 100644 index 0000000000..9c8b12d6e6 --- /dev/null +++ b/scripts/copy_from_upstream/patches/pqcrystals-ml_kem_derand.patch @@ -0,0 +1,97 @@ +1cc6a58671c65ed8960ffaef0696666c25f4b459 +diff --git a/ML-KEM-1024-ipd_META.yml b/ML-KEM-1024-ipd_META.yml +index ffafcf0..80f4ac1 100644 +--- a/ML-KEM-1024-ipd_META.yml ++++ b/ML-KEM-1024-ipd_META.yml +@@ -6,6 +6,8 @@ length-public-key: 1568 + length-ciphertext: 1568 + length-secret-key: 3168 + length-shared-secret: 32 ++length-keypair-coins: 64 ++length-encaps-coins: 32 + nistkat-sha256: 03d6494b74c45d010e61b0328c1ab318c4df3b7f9dbd04d0e35b3468848584b7 + testvectors-sha256: 85ab251d6e749e6b27507a8a6ec473ba2e8419c1aef87d0cd5ec9903c1bb92df + principal-submitters: +@@ -25,14 +27,18 @@ implementations: + version: https://github.com/pq-crystals/kyber/tree/standard + folder_name: ref + compile_opts: -DKYBER_K=4 ++ signature_keypair_derand: pqcrystals_ml_kem_1024_ipd_ref_keypair_derand + signature_keypair: pqcrystals_ml_kem_1024_ipd_ref_keypair ++ signature_enc_derand: pqcrystals_ml_kem_1024_ipd_ref_enc_derand + signature_enc: pqcrystals_ml_kem_1024_ipd_ref_enc + signature_dec: pqcrystals_ml_kem_1024_ipd_ref_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c reduce.c ntt.c cbd.c verify.c kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h ntt.h cbd.h verify.h symmetric.h symmetric-shake.c + - name: avx2 + version: https://github.com/pq-crystals/kyber/tree/standard + compile_opts: -DKYBER_K=4 ++ signature_keypair_derand: pqcrystals_ml_kem_1024_ipd_avx2_keypair_derand + signature_keypair: pqcrystals_ml_kem_1024_ipd_avx2_keypair ++ signature_enc_derand: pqcrystals_ml_kem_1024_ipd_avx2_enc_derand + signature_enc: pqcrystals_ml_kem_1024_ipd_avx2_enc + signature_dec: pqcrystals_ml_kem_1024_ipd_avx2_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c fq.S shuffle.S ntt.S invntt.S basemul.S consts.c rejsample.c cbd.c verify.c align.h kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h fq.inc shuffle.inc ntt.h consts.h rejsample.h cbd.h verify.h symmetric.h symmetric-shake.c +diff --git a/ML-KEM-512-ipd_META.yml b/ML-KEM-512-ipd_META.yml +index d20f0b1..aa2644e 100644 +--- a/ML-KEM-512-ipd_META.yml ++++ b/ML-KEM-512-ipd_META.yml +@@ -6,6 +6,8 @@ length-public-key: 800 + length-ciphertext: 768 + length-secret-key: 1632 + length-shared-secret: 32 ++length-keypair-coins: 64 ++length-encaps-coins: 32 + nistkat-sha256: 76aae1fa3f8367522700b22da635a5bc4ced4298edb0eb9947aa3ba60d62676f + testvectors-sha256: e1ac6fb45e2511f4170a3527c0c50dcd61336f47113df7a299a61ef8394bd669 + principal-submitters: +@@ -25,14 +27,18 @@ implementations: + version: https://github.com/pq-crystals/kyber/tree/standard + folder_name: ref + compile_opts: -DKYBER_K=2 ++ signature_keypair_derand: pqcrystals_ml_kem_512_ipd_ref_keypair_derand + signature_keypair: pqcrystals_ml_kem_512_ipd_ref_keypair ++ signature_enc_derand: pqcrystals_ml_kem_512_ipd_ref_enc_derand + signature_enc: pqcrystals_ml_kem_512_ipd_ref_enc + signature_dec: pqcrystals_ml_kem_512_ipd_ref_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c reduce.c ntt.c cbd.c verify.c kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h ntt.h cbd.h verify.h symmetric.h symmetric-shake.c + - name: avx2 + version: https://github.com/pq-crystals/kyber/tree/standard + compile_opts: -DKYBER_K=2 ++ signature_keypair_derand: pqcrystals_ml_kem_512_ipd_avx2_keypair_derand + signature_keypair: pqcrystals_ml_kem_512_ipd_avx2_keypair ++ signature_enc_derand: pqcrystals_ml_kem_512_ipd_avx2_enc_derand + signature_enc: pqcrystals_ml_kem_512_ipd_avx2_enc + signature_dec: pqcrystals_ml_kem_512_ipd_avx2_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c fq.S shuffle.S ntt.S invntt.S basemul.S consts.c rejsample.c cbd.c verify.c align.h kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h fq.inc shuffle.inc ntt.h consts.h rejsample.h cbd.h verify.h symmetric.h symmetric-shake.c +diff --git a/ML-KEM-768-ipd_META.yml b/ML-KEM-768-ipd_META.yml +index e768cd5..70426db 100644 +--- a/ML-KEM-768-ipd_META.yml ++++ b/ML-KEM-768-ipd_META.yml +@@ -6,6 +6,8 @@ length-public-key: 1184 + length-ciphertext: 1088 + length-secret-key: 2400 + length-shared-secret: 32 ++length-keypair-coins: 64 ++length-encaps-coins: 32 + nistkat-sha256: c7e76b4b30c786b5b70c152a446e7832c1cb42b3816ec048dbeaf7041211b310 + testvectors-sha256: 2586721a714c439f6fef26e29ee1c4c67c6207186f810617f278e6ce3e67ea0d + principal-submitters: +@@ -25,14 +27,18 @@ implementations: + version: https://github.com/pq-crystals/kyber/tree/standard + folder_name: ref + compile_opts: -DKYBER_K=3 ++ signature_keypair_derand: pqcrystals_ml_kem_768_ipd_ref_keypair_derand + signature_keypair: pqcrystals_ml_kem_768_ipd_ref_keypair ++ signature_enc_derand: pqcrystals_ml_kem_768_ipd_ref_enc_derand + signature_enc: pqcrystals_ml_kem_768_ipd_ref_enc + signature_dec: pqcrystals_ml_kem_768_ipd_ref_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c reduce.c ntt.c cbd.c verify.c kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h ntt.h cbd.h verify.h symmetric.h symmetric-shake.c + - name: avx2 + version: https://github.com/pq-crystals/kyber/tree/standard + compile_opts: -DKYBER_K=3 ++ signature_keypair_derand: pqcrystals_ml_kem_768_ipd_avx2_keypair_derand + signature_keypair: pqcrystals_ml_kem_768_ipd_avx2_keypair ++ signature_enc_derand: pqcrystals_ml_kem_768_ipd_avx2_enc_derand + signature_enc: pqcrystals_ml_kem_768_ipd_avx2_enc + signature_dec: pqcrystals_ml_kem_768_ipd_avx2_dec + sources: ../LICENSE kem.c indcpa.c polyvec.c poly.c fq.S shuffle.S ntt.S invntt.S basemul.S consts.c rejsample.c cbd.c verify.c align.h kem.h params.h api.h indcpa.h polyvec.h poly.h reduce.h fq.inc shuffle.inc ntt.h consts.h rejsample.h cbd.h verify.h symmetric.h symmetric-shake.c diff --git a/scripts/copy_from_upstream/src/kem/family/kem_family.h b/scripts/copy_from_upstream/src/kem/family/kem_family.h index caa7cd7471..ad5c38c43a 100644 --- a/scripts/copy_from_upstream/src/kem/family/kem_family.h +++ b/scripts/copy_from_upstream/src/kem/family/kem_family.h @@ -11,8 +11,20 @@ #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key {{ scheme['metadata']['length-secret-key'] }} #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext {{ scheme['metadata']['length-ciphertext'] }} #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret {{ scheme['metadata']['length-shared-secret'] }} +{%- if scheme['metadata']['length-keypair-coins'] is defined %} +#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_coins {{ scheme['metadata']['length-keypair-coins'] }} +{%- else %} +#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_coins 0 +{%- endif %} +{%- if scheme['metadata']['length-encaps-coins'] is defined %} +#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_coins {{ scheme['metadata']['length-encaps-coins'] }} +{%- else %} +#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_coins 0 +{%- endif %} OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void); +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); {% if 'alias_scheme' in scheme %} @@ -20,8 +32,12 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *s #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_secret_key OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_ciphertext OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_shared_secret OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret +#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_keypair_coins OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_coins +#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_encaps_coins OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_coins OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void); +#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair_derand OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair +#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps_derand OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_decaps OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps {% endif -%} diff --git a/scripts/copy_from_upstream/src/kem/family/kem_scheme.c b/scripts/copy_from_upstream/src/kem/family/kem_scheme.c index a78b30fb5a..1ef8a487c3 100644 --- a/scripts/copy_from_upstream/src/kem/family/kem_scheme.c +++ b/scripts/copy_from_upstream/src/kem/family/kem_scheme.c @@ -25,8 +25,12 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) { kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key; kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext; kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_coins; + kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand; kem->keypair = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair; + kem->encaps_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand; kem->encaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps; kem->decaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps; @@ -56,8 +60,12 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) { kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_secret_key; kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_ciphertext; kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_encaps_coins; + kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair_derand; kem->keypair = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair; + kem->encaps_derand = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps_derand; kem->encaps = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps; kem->decaps = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_decaps; @@ -68,14 +76,23 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) { {%- for impl in scheme['metadata']['implementations'] if impl['name'] == scheme['default_implementation'] %} + {%- if impl['signature_keypair_derand'] %} + {%- set cleankeypairderand = scheme['metadata'].update({'default_keypair_derand_signature': impl['signature_keypair_derand']}) %} +extern int {{ scheme['metadata']['default_keypair_derand_signature'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *coins); + {%- endif %} + {%- if impl['signature_keypair'] %} {%- set cleankeypair = scheme['metadata'].update({'default_keypair_signature': impl['signature_keypair']}) -%} {%- else %} {%- set cleankeypair = scheme['metadata'].update({'default_keypair_signature': "PQCLEAN_"+scheme['pqclean_scheme_c']|upper+"_"+scheme['default_implementation']|upper+"_crypto_kem_keypair"}) -%} {%- endif %} - extern int {{ scheme['metadata']['default_keypair_signature'] }}(uint8_t *pk, uint8_t *sk); + {%- if impl['signature_enc_derand'] %} + {%- set cleanencderand = scheme['metadata'].update({'default_enc_derand_signature': impl['signature_enc_derand']}) %} +extern int {{ scheme['metadata']['default_enc_derand_signature'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); + {%- endif %} + {%- if impl['signature_enc'] %} {%- set cleanenc = scheme['metadata'].update({'default_enc_signature': impl['signature_enc']}) -%} {%- else %} @@ -95,12 +112,20 @@ extern int {{ scheme['metadata']['default_dec_signature'] }}(uint8_t *ss, const {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} #if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %} + {%- if impl['signature_keypair_derand'] %} +extern int {{ impl['signature_keypair_derand'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *coins); + {%- endif %} + {%- if impl['signature_keypair'] %} extern int {{ impl['signature_keypair'] }}(uint8_t *pk, uint8_t *sk); {%- else %} extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); {%- endif %} + {%- if impl['signature_enc_derand'] %} +extern int {{ impl['signature_enc_derand'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); + {%- endif %} + {%- if impl['signature_enc'] %} extern int {{ impl['signature_enc'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk); {%- else %} @@ -115,6 +140,47 @@ extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper #endif {%- endfor %} +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { +{%- if scheme['derandomized_keypair'] %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %} + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %} + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_keypair_derand'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_keypair_derand'] }}(public_key, secret_key, coins); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair_derand(public_key, secret_key, coins); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, coins); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, coins); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} + {%- else %} + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; + {%- endif %} +} + OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key) { {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} {%- if loop.first %} @@ -149,6 +215,48 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t * {%- endif %} } +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { +{%- if scheme['derandomized_encaps'] %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %} + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %} + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_enc_derand'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_enc_derand'] }}(ciphertext, shared_secret, public_key, coins); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc_derand(ciphertext, shared_secret, public_key, coins); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_enc_derand_signature'] }}(ciphertext, shared_secret, public_key, coins); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_enc_derand_signature'] }}(ciphertext, shared_secret, public_key, coins); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} + {%- else %} + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; + {%- endif %} +} + OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} {%- if loop.first %} diff --git a/scripts/copy_from_upstream/update_upstream_alg_docs.py b/scripts/copy_from_upstream/update_upstream_alg_docs.py index 706c2ed7fd..b6a9270eda 100755 --- a/scripts/copy_from_upstream/update_upstream_alg_docs.py +++ b/scripts/copy_from_upstream/update_upstream_alg_docs.py @@ -169,6 +169,12 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key") oqs_scheme_yaml['length-shared-secret'] = rhs_if_not_equal(oqs_scheme_yaml['length-shared-secret'], upstream_yaml['length-shared-secret'], "length-shared-secret") + if "length-keypair-coins" in oqs_scheme_yaml: + oqs_scheme_yaml['length-keypair-coins'] = rhs_if_not_equal(oqs_scheme_yaml['length-keypair-coins'], upstream_yaml['length-keypair-coins'], "length-keypair-coins") + + if "length-encaps-coins'" in oqs_scheme_yaml: + oqs_scheme_yaml['length-encaps-coins'] = rhs_if_not_equal(oqs_scheme_yaml['length-encaps-coins'], upstream_yaml['length-encaps-coins'], "length-encaps-coins") + _upstream_yaml = upstream_yaml for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']): upstream_yaml = _upstream_yaml diff --git a/scripts/update_docs_from_yaml.py b/scripts/update_docs_from_yaml.py index a07a81c2d0..96147d3cbe 100644 --- a/scripts/update_docs_from_yaml.py +++ b/scripts/update_docs_from_yaml.py @@ -69,7 +69,9 @@ def do_it(liboqs_root): 'Public key size (bytes)', 'Secret key size (bytes)', 'Ciphertext size (bytes)', - 'Shared secret size (bytes)']] + 'Shared secret size (bytes)', + 'Keypair coins (bytes)', + 'Encapsulation coins (bytes)']] for parameter_set in kem_yaml['parameter-sets']: table.append([parameter_set['name'], parameter_set['alias'] if 'alias' in parameter_set else "NA", @@ -78,7 +80,9 @@ def do_it(liboqs_root): parameter_set['length-public-key'], parameter_set['length-secret-key'], parameter_set['length-ciphertext'], - parameter_set['length-shared-secret']]) + parameter_set['length-shared-secret'], + parameter_set['length-keypair-coins'] if 'length-keypair-coins' in parameter_set else "0", + parameter_set['length-encaps-coins'] if 'length-encaps-coins' in parameter_set else "0"]) out_md.write(tabulate.tabulate(table, tablefmt="pipe", headers="firstrow", colalign=("center",))) out_md.write('\n') diff --git a/src/kem/bike/additional_r4/kem.c b/src/kem/bike/additional_r4/kem.c index 1b5e810804..e62bea52e8 100644 --- a/src/kem/bike/additional_r4/kem.c +++ b/src/kem/bike/additional_r4/kem.c @@ -270,3 +270,25 @@ OQS_API int decaps(OUT unsigned char * ss, return SUCCESS; } + +OQS_API int keypair_derand(OUT unsigned char * pk, + OUT unsigned char * sk, + IN const unsigned char *coins) +{ + (void)pk; + (void)sk; + (void)coins; + return OQS_ERROR; +} + +OQS_API int encaps_derand(OUT unsigned char * ct, + OUT unsigned char * ss, + IN const unsigned char *pk, + IN const unsigned char *coins) +{ + (void)ct; + (void)ss; + (void)pk; + (void)coins; + return OQS_ERROR; +} diff --git a/src/kem/bike/functions_renaming.h b/src/kem/bike/functions_renaming.h index 20c1d4a66a..5e6e9fc50e 100644 --- a/src/kem/bike/functions_renaming.h +++ b/src/kem/bike/functions_renaming.h @@ -44,8 +44,10 @@ #define RENAME_FUNC_NAME(fname) EVALUATOR(FUNC_PREFIX, fname) #define keypair RENAME_FUNC_NAME(keypair) +#define keypair_derand RENAME_FUNC_NAME(keypair_derand) #define decaps RENAME_FUNC_NAME(decaps) #define encaps RENAME_FUNC_NAME(encaps) +#define encaps_derand RENAME_FUNC_NAME(encaps_derand) #define aes_ctr_prf RENAME_FUNC_NAME(aes_ctr_prf) #define sample_uniform_r_bits_with_fixed_prf_context RENAME_FUNC_NAME(sample_uniform_r_bits_with_fixed_prf_context) diff --git a/src/kem/bike/kem_bike.c b/src/kem/bike/kem_bike.c index def6358e3d..bcc8532aa3 100644 --- a/src/kem/bike/kem_bike.c +++ b/src/kem/bike/kem_bike.c @@ -20,8 +20,12 @@ OQS_KEM *OQS_KEM_bike_l1_new(void) { kem->length_secret_key = OQS_KEM_bike_l1_length_secret_key; kem->length_ciphertext = OQS_KEM_bike_l1_length_ciphertext; kem->length_shared_secret = OQS_KEM_bike_l1_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_bike_l1_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_bike_l1_length_encaps_coins; + kem->keypair_derand = OQS_KEM_bike_l1_keypair_derand; kem->keypair = OQS_KEM_bike_l1_keypair; + kem->encaps_derand = OQS_KEM_bike_l1_encaps_derand; kem->encaps = OQS_KEM_bike_l1_encaps; kem->decaps = OQS_KEM_bike_l1_decaps; @@ -45,8 +49,12 @@ OQS_KEM *OQS_KEM_bike_l3_new(void) { kem->length_secret_key = OQS_KEM_bike_l3_length_secret_key; kem->length_ciphertext = OQS_KEM_bike_l3_length_ciphertext; kem->length_shared_secret = OQS_KEM_bike_l3_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_bike_l3_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_bike_l3_length_encaps_coins; + kem->keypair_derand = OQS_KEM_bike_l3_keypair_derand; kem->keypair = OQS_KEM_bike_l3_keypair; + kem->encaps_derand = OQS_KEM_bike_l3_encaps_derand; kem->encaps = OQS_KEM_bike_l3_encaps; kem->decaps = OQS_KEM_bike_l3_decaps; @@ -70,8 +78,12 @@ OQS_KEM *OQS_KEM_bike_l5_new(void) { kem->length_secret_key = OQS_KEM_bike_l5_length_secret_key; kem->length_ciphertext = OQS_KEM_bike_l5_length_ciphertext; kem->length_shared_secret = OQS_KEM_bike_l5_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_bike_l5_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_bike_l5_length_encaps_coins; + kem->keypair_derand = OQS_KEM_bike_l5_keypair_derand; kem->keypair = OQS_KEM_bike_l5_keypair; + kem->encaps_derand = OQS_KEM_bike_l5_encaps_derand; kem->encaps = OQS_KEM_bike_l5_encaps; kem->decaps = OQS_KEM_bike_l5_decaps; diff --git a/src/kem/bike/kem_bike.h b/src/kem/bike/kem_bike.h index a85d950ed0..827cf202dc 100644 --- a/src/kem/bike/kem_bike.h +++ b/src/kem/bike/kem_bike.h @@ -11,8 +11,12 @@ #define OQS_KEM_bike_l1_length_public_key 1541 #define OQS_KEM_bike_l1_length_ciphertext 1573 #define OQS_KEM_bike_l1_length_shared_secret 32 +#define OQS_KEM_bike_l1_length_keypair_coins 0 +#define OQS_KEM_bike_l1_length_encaps_coins 0 OQS_KEM *OQS_KEM_bike_l1_new(void); +OQS_API OQS_STATUS OQS_KEM_bike_l1_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l1_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_bike_l1_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l1_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_bike_l1_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key); #endif @@ -22,8 +26,12 @@ OQS_API OQS_STATUS OQS_KEM_bike_l1_decaps(uint8_t *shared_secret, const unsigned #define OQS_KEM_bike_l3_length_public_key 3083 #define OQS_KEM_bike_l3_length_ciphertext 3115 #define OQS_KEM_bike_l3_length_shared_secret 32 +#define OQS_KEM_bike_l3_length_keypair_coins 0 +#define OQS_KEM_bike_l3_length_encaps_coins 0 OQS_KEM *OQS_KEM_bike_l3_new(void); +OQS_API OQS_STATUS OQS_KEM_bike_l3_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l3_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_bike_l3_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l3_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_bike_l3_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key); #endif @@ -33,8 +41,12 @@ OQS_API OQS_STATUS OQS_KEM_bike_l3_decaps(uint8_t *shared_secret, const unsigned #define OQS_KEM_bike_l5_length_public_key 5122 #define OQS_KEM_bike_l5_length_ciphertext 5154 #define OQS_KEM_bike_l5_length_shared_secret 32 +#define OQS_KEM_bike_l5_length_keypair_coins 0 +#define OQS_KEM_bike_l5_length_encaps_coins 0 OQS_KEM *OQS_KEM_bike_l5_new(void); +OQS_API OQS_STATUS OQS_KEM_bike_l5_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l5_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_bike_l5_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_bike_l5_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_bike_l5_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/classic_mceliece/kem_classic_mceliece.h b/src/kem/classic_mceliece/kem_classic_mceliece.h index 2bbd969820..5ed68dfe8c 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece.h +++ b/src/kem/classic_mceliece/kem_classic_mceliece.h @@ -10,8 +10,12 @@ #define OQS_KEM_classic_mceliece_348864_length_secret_key 6492 #define OQS_KEM_classic_mceliece_348864_length_ciphertext 96 #define OQS_KEM_classic_mceliece_348864_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_348864_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_348864_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_348864_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -21,8 +25,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_decaps(uint8_t *shared_secret #define OQS_KEM_classic_mceliece_348864f_length_secret_key 6492 #define OQS_KEM_classic_mceliece_348864f_length_ciphertext 96 #define OQS_KEM_classic_mceliece_348864f_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_348864f_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_348864f_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_348864f_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -32,8 +40,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_decaps(uint8_t *shared_secre #define OQS_KEM_classic_mceliece_460896_length_secret_key 13608 #define OQS_KEM_classic_mceliece_460896_length_ciphertext 156 #define OQS_KEM_classic_mceliece_460896_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_460896_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_460896_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_460896_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -43,8 +55,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_decaps(uint8_t *shared_secret #define OQS_KEM_classic_mceliece_460896f_length_secret_key 13608 #define OQS_KEM_classic_mceliece_460896f_length_ciphertext 156 #define OQS_KEM_classic_mceliece_460896f_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_460896f_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_460896f_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_460896f_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -54,8 +70,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_decaps(uint8_t *shared_secre #define OQS_KEM_classic_mceliece_6688128_length_secret_key 13932 #define OQS_KEM_classic_mceliece_6688128_length_ciphertext 208 #define OQS_KEM_classic_mceliece_6688128_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_6688128_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_6688128_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_6688128_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -65,8 +85,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_decaps(uint8_t *shared_secre #define OQS_KEM_classic_mceliece_6688128f_length_secret_key 13932 #define OQS_KEM_classic_mceliece_6688128f_length_ciphertext 208 #define OQS_KEM_classic_mceliece_6688128f_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_6688128f_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_6688128f_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_6688128f_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -76,8 +100,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_decaps(uint8_t *shared_secr #define OQS_KEM_classic_mceliece_6960119_length_secret_key 13948 #define OQS_KEM_classic_mceliece_6960119_length_ciphertext 194 #define OQS_KEM_classic_mceliece_6960119_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_6960119_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_6960119_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_6960119_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -87,8 +115,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_decaps(uint8_t *shared_secre #define OQS_KEM_classic_mceliece_6960119f_length_secret_key 13948 #define OQS_KEM_classic_mceliece_6960119f_length_ciphertext 194 #define OQS_KEM_classic_mceliece_6960119f_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_6960119f_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_6960119f_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_6960119f_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -98,8 +130,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_decaps(uint8_t *shared_secr #define OQS_KEM_classic_mceliece_8192128_length_secret_key 14120 #define OQS_KEM_classic_mceliece_8192128_length_ciphertext 208 #define OQS_KEM_classic_mceliece_8192128_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_8192128_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_8192128_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_8192128_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -109,8 +145,12 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_decaps(uint8_t *shared_secre #define OQS_KEM_classic_mceliece_8192128f_length_secret_key 14120 #define OQS_KEM_classic_mceliece_8192128f_length_ciphertext 208 #define OQS_KEM_classic_mceliece_8192128f_length_shared_secret 32 +#define OQS_KEM_classic_mceliece_8192128f_length_keypair_coins 0 +#define OQS_KEM_classic_mceliece_8192128f_length_encaps_coins 0 OQS_KEM *OQS_KEM_classic_mceliece_8192128f_new(void); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_348864.c b/src/kem/classic_mceliece/kem_classic_mceliece_348864.c index 87b74a1b98..fa1ddc939e 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_348864.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_348864.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_348864_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_348864_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_348864_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_348864_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_348864_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_348864_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_348864_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_348864_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_348864_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_348864_encaps; kem->decaps = OQS_KEM_classic_mceliece_348864_decaps; return kem; } - extern int PQCLEAN_MCELIECE348864_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE348864_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE348864_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE348864_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE348864_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_348864_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_348864_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_348864f.c b/src/kem/classic_mceliece/kem_classic_mceliece_348864f.c index a3c347af8f..9214c68fd3 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_348864f.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_348864f.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_348864f_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_348864f_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_348864f_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_348864f_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_348864f_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_348864f_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_348864f_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_348864f_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_348864f_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_348864f_encaps; kem->decaps = OQS_KEM_classic_mceliece_348864f_decaps; return kem; } - extern int PQCLEAN_MCELIECE348864F_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE348864F_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE348864F_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE348864F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE348864F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_348864f_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_348864f_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_460896.c b/src/kem/classic_mceliece/kem_classic_mceliece_460896.c index 839f8d4535..caf84ae876 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_460896.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_460896.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_460896_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_460896_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_460896_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_460896_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_460896_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_460896_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_460896_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_460896_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_460896_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_460896_encaps; kem->decaps = OQS_KEM_classic_mceliece_460896_decaps; return kem; } - extern int PQCLEAN_MCELIECE460896_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE460896_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE460896_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE460896_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE460896_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_460896_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_460896_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_460896f.c b/src/kem/classic_mceliece/kem_classic_mceliece_460896f.c index 0629166487..082ae47b16 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_460896f.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_460896f.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_460896f_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_460896f_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_460896f_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_460896f_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_460896f_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_460896f_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_460896f_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_460896f_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_460896f_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_460896f_encaps; kem->decaps = OQS_KEM_classic_mceliece_460896f_decaps; return kem; } - extern int PQCLEAN_MCELIECE460896F_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE460896F_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE460896F_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE460896F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE460896F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_460896f_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_460896f_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_6688128.c b/src/kem/classic_mceliece/kem_classic_mceliece_6688128.c index 91a70105dc..0073ded5fb 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_6688128.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_6688128.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_6688128_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_6688128_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_6688128_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_6688128_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_6688128_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_6688128_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_6688128_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_6688128_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_6688128_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_6688128_encaps; kem->decaps = OQS_KEM_classic_mceliece_6688128_decaps; return kem; } - extern int PQCLEAN_MCELIECE6688128_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE6688128_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE6688128_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE6688128_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE6688128_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_6688128f.c b/src/kem/classic_mceliece/kem_classic_mceliece_6688128f.c index d97e5c3501..73ba3a6fb6 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_6688128f.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_6688128f.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_6688128f_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_6688128f_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_6688128f_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_6688128f_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_6688128f_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_6688128f_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_6688128f_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_6688128f_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_6688128f_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_6688128f_encaps; kem->decaps = OQS_KEM_classic_mceliece_6688128f_decaps; return kem; } - extern int PQCLEAN_MCELIECE6688128F_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE6688128F_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE6688128F_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE6688128F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss extern int PQCLEAN_MCELIECE6688128F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128f_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair(uint8_t *public_key #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128f_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_6960119.c b/src/kem/classic_mceliece/kem_classic_mceliece_6960119.c index 70d828fcdd..656d384ebe 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_6960119.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_6960119.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_6960119_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_6960119_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_6960119_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_6960119_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_6960119_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_6960119_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_6960119_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_6960119_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_6960119_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_6960119_encaps; kem->decaps = OQS_KEM_classic_mceliece_6960119_decaps; return kem; } - extern int PQCLEAN_MCELIECE6960119_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE6960119_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE6960119_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE6960119_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE6960119_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_6960119f.c b/src/kem/classic_mceliece/kem_classic_mceliece_6960119f.c index 5c4bfa71a7..afe983578c 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_6960119f.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_6960119f.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_6960119f_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_6960119f_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_6960119f_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_6960119f_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_6960119f_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_6960119f_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_6960119f_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_6960119f_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_6960119f_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_6960119f_encaps; kem->decaps = OQS_KEM_classic_mceliece_6960119f_decaps; return kem; } - extern int PQCLEAN_MCELIECE6960119F_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE6960119F_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE6960119F_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE6960119F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss extern int PQCLEAN_MCELIECE6960119F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119f_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair(uint8_t *public_key #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119f_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_8192128.c b/src/kem/classic_mceliece/kem_classic_mceliece_8192128.c index 4dc8fe263b..cf8f742ad6 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_8192128.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_8192128.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_8192128_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_8192128_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_8192128_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_8192128_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_8192128_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_8192128_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_8192128_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_8192128_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_8192128_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_8192128_encaps; kem->decaps = OQS_KEM_classic_mceliece_8192128_decaps; return kem; } - extern int PQCLEAN_MCELIECE8192128_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE8192128_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE8192128_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE8192128_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, extern int PQCLEAN_MCELIECE8192128_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair(uint8_t *public_key, #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/classic_mceliece/kem_classic_mceliece_8192128f.c b/src/kem/classic_mceliece/kem_classic_mceliece_8192128f.c index 81981c1fad..7507ac2bff 100644 --- a/src/kem/classic_mceliece/kem_classic_mceliece_8192128f.c +++ b/src/kem/classic_mceliece/kem_classic_mceliece_8192128f.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_classic_mceliece_8192128f_new(void) { kem->length_secret_key = OQS_KEM_classic_mceliece_8192128f_length_secret_key; kem->length_ciphertext = OQS_KEM_classic_mceliece_8192128f_length_ciphertext; kem->length_shared_secret = OQS_KEM_classic_mceliece_8192128f_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_classic_mceliece_8192128f_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_classic_mceliece_8192128f_length_encaps_coins; + kem->keypair_derand = OQS_KEM_classic_mceliece_8192128f_keypair_derand; kem->keypair = OQS_KEM_classic_mceliece_8192128f_keypair; + kem->encaps_derand = OQS_KEM_classic_mceliece_8192128f_encaps_derand; kem->encaps = OQS_KEM_classic_mceliece_8192128f_encaps; kem->decaps = OQS_KEM_classic_mceliece_8192128f_decaps; return kem; } - extern int PQCLEAN_MCELIECE8192128F_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_MCELIECE8192128F_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_MCELIECE8192128F_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -40,6 +43,13 @@ extern int PQCLEAN_MCELIECE8192128F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss extern int PQCLEAN_MCELIECE8192128F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128f_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +66,14 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair(uint8_t *public_key #endif } +OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128f_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/frodokem/external/frodo1344aes_params.h b/src/kem/frodokem/external/frodo1344aes_params.h index 33ec73d897..d36b5d6b4c 100644 --- a/src/kem/frodokem/external/frodo1344aes_params.h +++ b/src/kem/frodokem/external/frodo1344aes_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_1344_aes_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_1344_aes_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_1344_aes_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_1344_aes_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_1344_aes_length_encaps_coins // Parameters for "FrodoKEM-1344" #define PARAMS_N 1344 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake256 #define USE_AES128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_1344_aes_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_1344_aes_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_1344_aes_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_1344_aes_encaps #define crypto_kem_dec OQS_KEM_frodokem_1344_aes_decaps diff --git a/src/kem/frodokem/external/frodo1344shake_params.h b/src/kem/frodokem/external/frodo1344shake_params.h index a65bb45c38..049ea56c69 100644 --- a/src/kem/frodokem/external/frodo1344shake_params.h +++ b/src/kem/frodokem/external/frodo1344shake_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_1344_shake_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_1344_shake_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_1344_shake_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_1344_shake_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_1344_shake_length_encaps_coins // Parameters for "FrodoKEM-1344" #define PARAMS_N 1344 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake256 #define USE_SHAKE128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_1344_shake_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_1344_shake_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_1344_shake_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_1344_shake_encaps #define crypto_kem_dec OQS_KEM_frodokem_1344_shake_decaps diff --git a/src/kem/frodokem/external/frodo640aes_params.h b/src/kem/frodokem/external/frodo640aes_params.h index 0883ef1f98..a75d3f5eb7 100644 --- a/src/kem/frodokem/external/frodo640aes_params.h +++ b/src/kem/frodokem/external/frodo640aes_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_640_aes_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_640_aes_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_640_aes_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_640_aes_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_640_aes_length_encaps_coins // Parameters for "FrodoKEM-640" #define PARAMS_N 640 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake128 #define USE_AES128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_640_aes_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_640_aes_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_640_aes_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_640_aes_encaps #define crypto_kem_dec OQS_KEM_frodokem_640_aes_decaps diff --git a/src/kem/frodokem/external/frodo640shake_params.h b/src/kem/frodokem/external/frodo640shake_params.h index 0fb179d072..9bd0b9e9e1 100644 --- a/src/kem/frodokem/external/frodo640shake_params.h +++ b/src/kem/frodokem/external/frodo640shake_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_640_shake_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_640_shake_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_640_shake_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_640_shake_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_640_shake_length_encaps_coins // Parameters for "FrodoKEM-640" #define PARAMS_N 640 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake128 #define USE_SHAKE128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_640_shake_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_640_shake_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_640_shake_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_640_shake_encaps #define crypto_kem_dec OQS_KEM_frodokem_640_shake_decaps diff --git a/src/kem/frodokem/external/frodo976aes_params.h b/src/kem/frodokem/external/frodo976aes_params.h index f7e2ff4990..b4a3ec4b11 100644 --- a/src/kem/frodokem/external/frodo976aes_params.h +++ b/src/kem/frodokem/external/frodo976aes_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_976_aes_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_976_aes_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_976_aes_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_976_aes_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_976_aes_length_encaps_coins // Parameters for "FrodoKEM-976" #define PARAMS_N 976 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake256 #define USE_AES128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_976_aes_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_976_aes_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_976_aes_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_976_aes_encaps #define crypto_kem_dec OQS_KEM_frodokem_976_aes_decaps diff --git a/src/kem/frodokem/external/frodo976shake_params.h b/src/kem/frodokem/external/frodo976shake_params.h index 6f76dc0508..504e1de081 100644 --- a/src/kem/frodokem/external/frodo976shake_params.h +++ b/src/kem/frodokem/external/frodo976shake_params.h @@ -4,6 +4,8 @@ #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_976_shake_length_secret_key #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_976_shake_length_ciphertext #define CRYPTO_BYTES OQS_KEM_frodokem_976_shake_length_shared_secret +#define CRYPTO_KEYPAIRCOINBYTES OQS_KEM_frodokem_976_shake_length_keypair_coins +#define CRYPTO_ENCCOINBYTES OQS_KEM_frodokem_976_shake_length_encaps_coins // Parameters for "FrodoKEM-976" #define PARAMS_N 976 @@ -27,7 +29,9 @@ #define shake OQS_SHA3_shake256 #define USE_SHAKE128_FOR_A +#define crypto_kem_keypair_derand OQS_KEM_frodokem_976_shake_keypair_derand #define crypto_kem_keypair OQS_KEM_frodokem_976_shake_keypair +#define crypto_kem_enc_derand OQS_KEM_frodokem_976_shake_encaps_derand #define crypto_kem_enc OQS_KEM_frodokem_976_shake_encaps #define crypto_kem_dec OQS_KEM_frodokem_976_shake_decaps diff --git a/src/kem/frodokem/external/kem.c b/src/kem/frodokem/external/kem.c index 0cbbeb79a9..966f90717c 100644 --- a/src/kem/frodokem/external/kem.c +++ b/src/kem/frodokem/external/kem.c @@ -6,6 +6,15 @@ #include +OQS_STATUS crypto_kem_keypair_derand(unsigned char *pk, unsigned char *sk, const unsigned char *coins) +{ + (void)pk; + (void)sk; + (void)coins; + return OQS_ERROR; +} + + OQS_STATUS crypto_kem_keypair(unsigned char* pk, unsigned char* sk) { // FrodoKEM's key generation // Outputs: public key pk ( BYTES_SEED_A + (PARAMS_LOGQ*PARAMS_N*PARAMS_NBAR)/8 bytes) @@ -63,6 +72,16 @@ OQS_STATUS crypto_kem_keypair(unsigned char* pk, unsigned char* sk) } +OQS_STATUS crypto_kem_enc_derand(unsigned char *ct, unsigned char *ss, const unsigned char *pk, const unsigned char *coins) +{ + (void)ct; + (void)ss; + (void)pk; + (void)coins; + return OQS_ERROR; +} + + OQS_STATUS crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { // FrodoKEM's key encapsulation const uint8_t *pk_seedA = &pk[0]; @@ -206,7 +225,7 @@ OQS_STATUS crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsi // If (Bp == BBp & C == CC) then ss = F(ct || k'), else ss = F(ct || s) // Needs to avoid branching on secret data as per: - // Qian Guo, Thomas Johansson, Alexander Nilsson. A key-recovery timing attack on post-quantum + // Qian Guo, Thomas Johansson, Alexander Nilsson. A key-recovery timing attack on post-quantum // primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM. In CRYPTO 2020. int8_t selector = ct_verify(Bp, BBp, PARAMS_N*PARAMS_NBAR) | ct_verify(C, CC, PARAMS_NBAR*PARAMS_NBAR); // If (selector == 0) then load k' to do ss = F(ct || k'), else if (selector == -1) load s to do ss = F(ct || s) diff --git a/src/kem/frodokem/kem_frodokem.h b/src/kem/frodokem/kem_frodokem.h index 2967cbb201..1e853fda41 100644 --- a/src/kem/frodokem/kem_frodokem.h +++ b/src/kem/frodokem/kem_frodokem.h @@ -10,8 +10,12 @@ #define OQS_KEM_frodokem_640_aes_length_secret_key 19888 #define OQS_KEM_frodokem_640_aes_length_ciphertext 9720 #define OQS_KEM_frodokem_640_aes_length_shared_secret 16 +#define OQS_KEM_frodokem_640_aes_length_keypair_coins 0 +#define OQS_KEM_frodokem_640_aes_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_640_aes_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -21,8 +25,12 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(uint8_t *shared_secret, const #define OQS_KEM_frodokem_640_shake_length_secret_key 19888 #define OQS_KEM_frodokem_640_shake_length_ciphertext 9720 #define OQS_KEM_frodokem_640_shake_length_shared_secret 16 +#define OQS_KEM_frodokem_640_shake_length_keypair_coins 0 +#define OQS_KEM_frodokem_640_shake_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_640_shake_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -32,8 +40,12 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_decaps(uint8_t *shared_secret, con #define OQS_KEM_frodokem_976_aes_length_secret_key 31296 #define OQS_KEM_frodokem_976_aes_length_ciphertext 15744 #define OQS_KEM_frodokem_976_aes_length_shared_secret 24 +#define OQS_KEM_frodokem_976_aes_length_keypair_coins 0 +#define OQS_KEM_frodokem_976_aes_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_976_aes_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -43,8 +55,12 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_decaps(uint8_t *shared_secret, const #define OQS_KEM_frodokem_976_shake_length_secret_key 31296 #define OQS_KEM_frodokem_976_shake_length_ciphertext 15744 #define OQS_KEM_frodokem_976_shake_length_shared_secret 24 +#define OQS_KEM_frodokem_976_shake_length_keypair_coins 0 +#define OQS_KEM_frodokem_976_shake_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_976_shake_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -54,8 +70,12 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_decaps(uint8_t *shared_secret, con #define OQS_KEM_frodokem_1344_aes_length_secret_key 43088 #define OQS_KEM_frodokem_1344_aes_length_ciphertext 21632 #define OQS_KEM_frodokem_1344_aes_length_shared_secret 32 +#define OQS_KEM_frodokem_1344_aes_length_keypair_coins 0 +#define OQS_KEM_frodokem_1344_aes_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_1344_aes_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -65,8 +85,12 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_decaps(uint8_t *shared_secret, cons #define OQS_KEM_frodokem_1344_shake_length_secret_key 43088 #define OQS_KEM_frodokem_1344_shake_length_ciphertext 21632 #define OQS_KEM_frodokem_1344_shake_length_shared_secret 32 +#define OQS_KEM_frodokem_1344_shake_length_keypair_coins 0 +#define OQS_KEM_frodokem_1344_shake_length_encaps_coins 0 OQS_KEM *OQS_KEM_frodokem_1344_shake_new(void); +OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/frodokem/kem_frodokem1344aes.c b/src/kem/frodokem/kem_frodokem1344aes.c index 607061545b..a535d384b2 100644 --- a/src/kem/frodokem/kem_frodokem1344aes.c +++ b/src/kem/frodokem/kem_frodokem1344aes.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_1344_aes_new(void) { kem->length_secret_key = OQS_KEM_frodokem_1344_aes_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_1344_aes_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_1344_aes_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_1344_aes_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_1344_aes_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_1344_aes_keypair_derand; kem->keypair = OQS_KEM_frodokem_1344_aes_keypair; + kem->encaps_derand = OQS_KEM_frodokem_1344_aes_encaps_derand; kem->encaps = OQS_KEM_frodokem_1344_aes_encaps; kem->decaps = OQS_KEM_frodokem_1344_aes_decaps; diff --git a/src/kem/frodokem/kem_frodokem1344shake.c b/src/kem/frodokem/kem_frodokem1344shake.c index c4a20c727d..83ef730a07 100644 --- a/src/kem/frodokem/kem_frodokem1344shake.c +++ b/src/kem/frodokem/kem_frodokem1344shake.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_1344_shake_new(void) { kem->length_secret_key = OQS_KEM_frodokem_1344_shake_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_1344_shake_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_1344_shake_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_1344_shake_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_1344_shake_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_1344_shake_keypair_derand; kem->keypair = OQS_KEM_frodokem_1344_shake_keypair; + kem->encaps_derand = OQS_KEM_frodokem_1344_shake_encaps_derand; kem->encaps = OQS_KEM_frodokem_1344_shake_encaps; kem->decaps = OQS_KEM_frodokem_1344_shake_decaps; diff --git a/src/kem/frodokem/kem_frodokem640aes.c b/src/kem/frodokem/kem_frodokem640aes.c index 2d9b38bf9c..53e55b8d9f 100644 --- a/src/kem/frodokem/kem_frodokem640aes.c +++ b/src/kem/frodokem/kem_frodokem640aes.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_640_aes_new(void) { kem->length_secret_key = OQS_KEM_frodokem_640_aes_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_640_aes_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_640_aes_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_640_aes_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_640_aes_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_640_aes_keypair_derand; kem->keypair = OQS_KEM_frodokem_640_aes_keypair; + kem->encaps_derand = OQS_KEM_frodokem_640_aes_encaps_derand; kem->encaps = OQS_KEM_frodokem_640_aes_encaps; kem->decaps = OQS_KEM_frodokem_640_aes_decaps; diff --git a/src/kem/frodokem/kem_frodokem640shake.c b/src/kem/frodokem/kem_frodokem640shake.c index 29db4de20f..697f617af8 100644 --- a/src/kem/frodokem/kem_frodokem640shake.c +++ b/src/kem/frodokem/kem_frodokem640shake.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_640_shake_new(void) { kem->length_secret_key = OQS_KEM_frodokem_640_shake_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_640_shake_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_640_shake_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_640_shake_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_640_shake_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_640_shake_keypair_derand; kem->keypair = OQS_KEM_frodokem_640_shake_keypair; + kem->encaps_derand = OQS_KEM_frodokem_640_shake_encaps_derand; kem->encaps = OQS_KEM_frodokem_640_shake_encaps; kem->decaps = OQS_KEM_frodokem_640_shake_decaps; diff --git a/src/kem/frodokem/kem_frodokem976aes.c b/src/kem/frodokem/kem_frodokem976aes.c index 3d6b07a07c..bfd992d413 100644 --- a/src/kem/frodokem/kem_frodokem976aes.c +++ b/src/kem/frodokem/kem_frodokem976aes.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_976_aes_new(void) { kem->length_secret_key = OQS_KEM_frodokem_976_aes_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_976_aes_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_976_aes_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_976_aes_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_976_aes_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_976_aes_keypair_derand; kem->keypair = OQS_KEM_frodokem_976_aes_keypair; + kem->encaps_derand = OQS_KEM_frodokem_976_aes_encaps_derand; kem->encaps = OQS_KEM_frodokem_976_aes_encaps; kem->decaps = OQS_KEM_frodokem_976_aes_decaps; diff --git a/src/kem/frodokem/kem_frodokem976shake.c b/src/kem/frodokem/kem_frodokem976shake.c index 6cda90384f..7087ee0dc8 100644 --- a/src/kem/frodokem/kem_frodokem976shake.c +++ b/src/kem/frodokem/kem_frodokem976shake.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_frodokem_976_shake_new(void) { kem->length_secret_key = OQS_KEM_frodokem_976_shake_length_secret_key; kem->length_ciphertext = OQS_KEM_frodokem_976_shake_length_ciphertext; kem->length_shared_secret = OQS_KEM_frodokem_976_shake_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_frodokem_976_shake_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_frodokem_976_shake_length_encaps_coins; + kem->keypair_derand = OQS_KEM_frodokem_976_shake_keypair_derand; kem->keypair = OQS_KEM_frodokem_976_shake_keypair; + kem->encaps_derand = OQS_KEM_frodokem_976_shake_encaps_derand; kem->encaps = OQS_KEM_frodokem_976_shake_encaps; kem->decaps = OQS_KEM_frodokem_976_shake_decaps; diff --git a/src/kem/hqc/kem_hqc.h b/src/kem/hqc/kem_hqc.h index b1f022374d..5989df8dec 100644 --- a/src/kem/hqc/kem_hqc.h +++ b/src/kem/hqc/kem_hqc.h @@ -10,8 +10,12 @@ #define OQS_KEM_hqc_128_length_secret_key 2305 #define OQS_KEM_hqc_128_length_ciphertext 4433 #define OQS_KEM_hqc_128_length_shared_secret 64 +#define OQS_KEM_hqc_128_length_keypair_coins 0 +#define OQS_KEM_hqc_128_length_encaps_coins 0 OQS_KEM *OQS_KEM_hqc_128_new(void); +OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_hqc_128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_hqc_128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -21,8 +25,12 @@ OQS_API OQS_STATUS OQS_KEM_hqc_128_decaps(uint8_t *shared_secret, const uint8_t #define OQS_KEM_hqc_192_length_secret_key 4586 #define OQS_KEM_hqc_192_length_ciphertext 8978 #define OQS_KEM_hqc_192_length_shared_secret 64 +#define OQS_KEM_hqc_192_length_keypair_coins 0 +#define OQS_KEM_hqc_192_length_encaps_coins 0 OQS_KEM *OQS_KEM_hqc_192_new(void); +OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_hqc_192_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_192_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_hqc_192_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -32,8 +40,12 @@ OQS_API OQS_STATUS OQS_KEM_hqc_192_decaps(uint8_t *shared_secret, const uint8_t #define OQS_KEM_hqc_256_length_secret_key 7317 #define OQS_KEM_hqc_256_length_ciphertext 14421 #define OQS_KEM_hqc_256_length_shared_secret 64 +#define OQS_KEM_hqc_256_length_keypair_coins 0 +#define OQS_KEM_hqc_256_length_encaps_coins 0 OQS_KEM *OQS_KEM_hqc_256_new(void); +OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_hqc_256_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_hqc_256_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_hqc_256_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/hqc/kem_hqc_128.c b/src/kem/hqc/kem_hqc_128.c index edabb8c2f2..bcef0ea81d 100644 --- a/src/kem/hqc/kem_hqc_128.c +++ b/src/kem/hqc/kem_hqc_128.c @@ -22,22 +22,40 @@ OQS_KEM *OQS_KEM_hqc_128_new(void) { kem->length_secret_key = OQS_KEM_hqc_128_length_secret_key; kem->length_ciphertext = OQS_KEM_hqc_128_length_ciphertext; kem->length_shared_secret = OQS_KEM_hqc_128_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_hqc_128_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_hqc_128_length_encaps_coins; + kem->keypair_derand = OQS_KEM_hqc_128_keypair_derand; kem->keypair = OQS_KEM_hqc_128_keypair; + kem->encaps_derand = OQS_KEM_hqc_128_encaps_derand; kem->encaps = OQS_KEM_hqc_128_encaps; kem->decaps = OQS_KEM_hqc_128_decaps; return kem; } - extern int PQCLEAN_HQC128_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_HQC128_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_HQC128_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); +OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair(uint8_t *public_key, uint8_t *secret_key) { return (OQS_STATUS) PQCLEAN_HQC128_CLEAN_crypto_kem_keypair(public_key, secret_key); } +OQS_API OQS_STATUS OQS_KEM_hqc_128_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { return (OQS_STATUS) PQCLEAN_HQC128_CLEAN_crypto_kem_enc(ciphertext, shared_secret, public_key); } diff --git a/src/kem/hqc/kem_hqc_192.c b/src/kem/hqc/kem_hqc_192.c index 3da83c5e9e..55c16c7e53 100644 --- a/src/kem/hqc/kem_hqc_192.c +++ b/src/kem/hqc/kem_hqc_192.c @@ -22,22 +22,40 @@ OQS_KEM *OQS_KEM_hqc_192_new(void) { kem->length_secret_key = OQS_KEM_hqc_192_length_secret_key; kem->length_ciphertext = OQS_KEM_hqc_192_length_ciphertext; kem->length_shared_secret = OQS_KEM_hqc_192_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_hqc_192_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_hqc_192_length_encaps_coins; + kem->keypair_derand = OQS_KEM_hqc_192_keypair_derand; kem->keypair = OQS_KEM_hqc_192_keypair; + kem->encaps_derand = OQS_KEM_hqc_192_encaps_derand; kem->encaps = OQS_KEM_hqc_192_encaps; kem->decaps = OQS_KEM_hqc_192_decaps; return kem; } - extern int PQCLEAN_HQC192_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_HQC192_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_HQC192_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); +OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair(uint8_t *public_key, uint8_t *secret_key) { return (OQS_STATUS) PQCLEAN_HQC192_CLEAN_crypto_kem_keypair(public_key, secret_key); } +OQS_API OQS_STATUS OQS_KEM_hqc_192_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_192_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { return (OQS_STATUS) PQCLEAN_HQC192_CLEAN_crypto_kem_enc(ciphertext, shared_secret, public_key); } diff --git a/src/kem/hqc/kem_hqc_256.c b/src/kem/hqc/kem_hqc_256.c index a80197c228..bf8f9ef29b 100644 --- a/src/kem/hqc/kem_hqc_256.c +++ b/src/kem/hqc/kem_hqc_256.c @@ -22,22 +22,40 @@ OQS_KEM *OQS_KEM_hqc_256_new(void) { kem->length_secret_key = OQS_KEM_hqc_256_length_secret_key; kem->length_ciphertext = OQS_KEM_hqc_256_length_ciphertext; kem->length_shared_secret = OQS_KEM_hqc_256_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_hqc_256_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_hqc_256_length_encaps_coins; + kem->keypair_derand = OQS_KEM_hqc_256_keypair_derand; kem->keypair = OQS_KEM_hqc_256_keypair; + kem->encaps_derand = OQS_KEM_hqc_256_encaps_derand; kem->encaps = OQS_KEM_hqc_256_encaps; kem->decaps = OQS_KEM_hqc_256_decaps; return kem; } - extern int PQCLEAN_HQC256_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); extern int PQCLEAN_HQC256_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int PQCLEAN_HQC256_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); +OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair(uint8_t *public_key, uint8_t *secret_key) { return (OQS_STATUS) PQCLEAN_HQC256_CLEAN_crypto_kem_keypair(public_key, secret_key); } +OQS_API OQS_STATUS OQS_KEM_hqc_256_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_hqc_256_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { return (OQS_STATUS) PQCLEAN_HQC256_CLEAN_crypto_kem_enc(ciphertext, shared_secret, public_key); } diff --git a/src/kem/kem.c b/src/kem/kem.c index 0a340e4f38..6dd11e1c68 100644 --- a/src/kem/kem.c +++ b/src/kem/kem.c @@ -511,6 +511,14 @@ OQS_API OQS_KEM *OQS_KEM_new(const char *method_name) { } } +OQS_API OQS_STATUS OQS_KEM_keypair_derand(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + if (kem == NULL) { + return OQS_ERROR; + } else { + return kem->keypair_derand(public_key, secret_key, coins); + } +} + OQS_API OQS_STATUS OQS_KEM_keypair(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key) { if (kem == NULL) { return OQS_ERROR; @@ -519,6 +527,15 @@ OQS_API OQS_STATUS OQS_KEM_keypair(const OQS_KEM *kem, uint8_t *public_key, uint } } +OQS_API OQS_STATUS OQS_KEM_encaps_derand(const OQS_KEM *kem, uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + if (kem == NULL) { + return OQS_ERROR; + } else { + return kem->encaps_derand(ciphertext, shared_secret, public_key, coins); + } +} + + OQS_API OQS_STATUS OQS_KEM_encaps(const OQS_KEM *kem, uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { if (kem == NULL) { return OQS_ERROR; diff --git a/src/kem/kem.h b/src/kem/kem.h index 36ae08daba..fe54852847 100644 --- a/src/kem/kem.h +++ b/src/kem/kem.h @@ -163,6 +163,24 @@ typedef struct OQS_KEM { size_t length_ciphertext; /** The length, in bytes, of shared secrets for this KEM. */ size_t length_shared_secret; + /** The length, in bytes, of coins for derandomized keypair generation for this KEM. */ + size_t length_keypair_coins; + /** The length, in bytes, of coins for derandomized encapsulation for this KEM. */ + size_t length_encaps_coins; + + /** + * Derandomized keypair generation algorithm. + * + * Caller is responsible for allocating sufficient memory for `public_key` and + * `secret_key`, based on the `length_*` members in this object or the per-scheme + * compile-time macros `OQS_KEM_*_length_*`. + * + * @param[out] public_key The public key represented as a byte string. + * @param[out] secret_key The secret key represented as a byte string. + * @param[in] coins The input randomness represented as a byte string. + * @return OQS_SUCCESS or OQS_ERROR + */ + OQS_STATUS (*keypair_derand)(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); /** * Keypair generation algorithm. @@ -177,6 +195,21 @@ typedef struct OQS_KEM { */ OQS_STATUS (*keypair)(uint8_t *public_key, uint8_t *secret_key); + /** + * Derandomized encapsulation algorithm. + * + * Caller is responsible for allocating sufficient memory for `ciphertext` and + * `shared_secret`, based on the `length_*` members in this object or the per-scheme + * compile-time macros `OQS_KEM_*_length_*`. + * + * @param[out] ciphertext The ciphertext (encapsulation) represented as a byte string. + * @param[out] shared_secret The shared secret represented as a byte string. + * @param[in] public_key The public key represented as a byte string. + * @param[in] coins The input randomness represented as a byte string. + * @return OQS_SUCCESS or OQS_ERROR + */ + OQS_STATUS (*encaps_derand)(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); + /** * Encapsulation algorithm. * @@ -218,6 +251,21 @@ typedef struct OQS_KEM { */ OQS_API OQS_KEM *OQS_KEM_new(const char *method_name); +/** + * Derandomized keypair generation algorithm. + * + * Caller is responsible for allocating sufficient memory for `public_key` and + * `secret_key`, based on the `length_*` members in this object or the per-scheme + * compile-time macros `OQS_KEM_*_length_*`. + * + * @param[in] kem The OQS_KEM object representing the KEM. + * @param[out] public_key The public key represented as a byte string. + * @param[out] secret_key The secret key represented as a byte string. + * @param[in] coins The input randomness represented as a byte string. + * @return OQS_SUCCESS or OQS_ERROR + */ +OQS_API OQS_STATUS OQS_KEM_keypair_derand(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); + /** * Keypair generation algorithm. * @@ -232,6 +280,22 @@ OQS_API OQS_KEM *OQS_KEM_new(const char *method_name); */ OQS_API OQS_STATUS OQS_KEM_keypair(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key); +/** + * Derandomized encapsulation algorithm. + * + * Caller is responsible for allocating sufficient memory for `ciphertext` and + * `shared_secret`, based on the `length_*` members in this object or the per-scheme + * compile-time macros `OQS_KEM_*_length_*`. + * + * @param[in] kem The OQS_KEM object representing the KEM. + * @param[out] ciphertext The ciphertext (encapsulation) represented as a byte string. + * @param[out] shared_secret The shared secret represented as a byte string. + * @param[in] public_key The public key represented as a byte string. + * @param[in] coins The input randomness represented as a byte string. + * @return OQS_SUCCESS or OQS_ERROR + */ +OQS_API OQS_STATUS OQS_KEM_encaps_derand(const OQS_KEM *kem, uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); + /** * Encapsulation algorithm. * diff --git a/src/kem/kyber/kem_kyber.h b/src/kem/kyber/kem_kyber.h index cb475aff27..ca2b8364c2 100644 --- a/src/kem/kyber/kem_kyber.h +++ b/src/kem/kyber/kem_kyber.h @@ -10,8 +10,12 @@ #define OQS_KEM_kyber_512_length_secret_key 1632 #define OQS_KEM_kyber_512_length_ciphertext 768 #define OQS_KEM_kyber_512_length_shared_secret 32 +#define OQS_KEM_kyber_512_length_keypair_coins 0 +#define OQS_KEM_kyber_512_length_encaps_coins 0 OQS_KEM *OQS_KEM_kyber_512_new(void); +OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_kyber_512_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_512_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_kyber_512_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -21,8 +25,12 @@ OQS_API OQS_STATUS OQS_KEM_kyber_512_decaps(uint8_t *shared_secret, const uint8_ #define OQS_KEM_kyber_768_length_secret_key 2400 #define OQS_KEM_kyber_768_length_ciphertext 1088 #define OQS_KEM_kyber_768_length_shared_secret 32 +#define OQS_KEM_kyber_768_length_keypair_coins 0 +#define OQS_KEM_kyber_768_length_encaps_coins 0 OQS_KEM *OQS_KEM_kyber_768_new(void); +OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_kyber_768_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_768_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_kyber_768_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif @@ -32,8 +40,12 @@ OQS_API OQS_STATUS OQS_KEM_kyber_768_decaps(uint8_t *shared_secret, const uint8_ #define OQS_KEM_kyber_1024_length_secret_key 3168 #define OQS_KEM_kyber_1024_length_ciphertext 1568 #define OQS_KEM_kyber_1024_length_shared_secret 32 +#define OQS_KEM_kyber_1024_length_keypair_coins 0 +#define OQS_KEM_kyber_1024_length_encaps_coins 0 OQS_KEM *OQS_KEM_kyber_1024_new(void); +OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_kyber_1024_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_kyber_1024_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_kyber_1024_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/kyber/kem_kyber_1024.c b/src/kem/kyber/kem_kyber_1024.c index db72b23cd5..92adb5bbf5 100644 --- a/src/kem/kyber/kem_kyber_1024.c +++ b/src/kem/kyber/kem_kyber_1024.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_kyber_1024_new(void) { kem->length_secret_key = OQS_KEM_kyber_1024_length_secret_key; kem->length_ciphertext = OQS_KEM_kyber_1024_length_ciphertext; kem->length_shared_secret = OQS_KEM_kyber_1024_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_kyber_1024_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_kyber_1024_length_encaps_coins; + kem->keypair_derand = OQS_KEM_kyber_1024_keypair_derand; kem->keypair = OQS_KEM_kyber_1024_keypair; + kem->encaps_derand = OQS_KEM_kyber_1024_encaps_derand; kem->encaps = OQS_KEM_kyber_1024_encaps; kem->decaps = OQS_KEM_kyber_1024_decaps; return kem; } - extern int pqcrystals_kyber1024_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_kyber1024_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_kyber1024_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -46,6 +49,13 @@ extern int PQCLEAN_KYBER1024_AARCH64_crypto_kem_enc(uint8_t *ct, uint8_t *ss, co extern int PQCLEAN_KYBER1024_AARCH64_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_kyber_1024_avx2) #if defined(OQS_DIST_BUILD) @@ -72,6 +82,14 @@ OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair(uint8_t *public_key, uint8_t *secr #endif } +OQS_API OQS_STATUS OQS_KEM_kyber_1024_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_1024_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_kyber_1024_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/kyber/kem_kyber_512.c b/src/kem/kyber/kem_kyber_512.c index a226787f65..9bb562dc4c 100644 --- a/src/kem/kyber/kem_kyber_512.c +++ b/src/kem/kyber/kem_kyber_512.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_kyber_512_new(void) { kem->length_secret_key = OQS_KEM_kyber_512_length_secret_key; kem->length_ciphertext = OQS_KEM_kyber_512_length_ciphertext; kem->length_shared_secret = OQS_KEM_kyber_512_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_kyber_512_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_kyber_512_length_encaps_coins; + kem->keypair_derand = OQS_KEM_kyber_512_keypair_derand; kem->keypair = OQS_KEM_kyber_512_keypair; + kem->encaps_derand = OQS_KEM_kyber_512_encaps_derand; kem->encaps = OQS_KEM_kyber_512_encaps; kem->decaps = OQS_KEM_kyber_512_decaps; return kem; } - extern int pqcrystals_kyber512_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_kyber512_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_kyber512_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -46,6 +49,13 @@ extern int PQCLEAN_KYBER512_AARCH64_crypto_kem_enc(uint8_t *ct, uint8_t *ss, con extern int PQCLEAN_KYBER512_AARCH64_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_kyber_512_avx2) #if defined(OQS_DIST_BUILD) @@ -72,6 +82,14 @@ OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair(uint8_t *public_key, uint8_t *secre #endif } +OQS_API OQS_STATUS OQS_KEM_kyber_512_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_512_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_kyber_512_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/kyber/kem_kyber_768.c b/src/kem/kyber/kem_kyber_768.c index bc21b00380..b5a5161bb5 100644 --- a/src/kem/kyber/kem_kyber_768.c +++ b/src/kem/kyber/kem_kyber_768.c @@ -22,14 +22,17 @@ OQS_KEM *OQS_KEM_kyber_768_new(void) { kem->length_secret_key = OQS_KEM_kyber_768_length_secret_key; kem->length_ciphertext = OQS_KEM_kyber_768_length_ciphertext; kem->length_shared_secret = OQS_KEM_kyber_768_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_kyber_768_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_kyber_768_length_encaps_coins; + kem->keypair_derand = OQS_KEM_kyber_768_keypair_derand; kem->keypair = OQS_KEM_kyber_768_keypair; + kem->encaps_derand = OQS_KEM_kyber_768_encaps_derand; kem->encaps = OQS_KEM_kyber_768_encaps; kem->decaps = OQS_KEM_kyber_768_decaps; return kem; } - extern int pqcrystals_kyber768_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_kyber768_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_kyber768_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); @@ -46,6 +49,13 @@ extern int PQCLEAN_KYBER768_AARCH64_crypto_kem_enc(uint8_t *ct, uint8_t *ss, con extern int PQCLEAN_KYBER768_AARCH64_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_kyber_768_avx2) #if defined(OQS_DIST_BUILD) @@ -72,6 +82,14 @@ OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair(uint8_t *public_key, uint8_t *secre #endif } +OQS_API OQS_STATUS OQS_KEM_kyber_768_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_kyber_768_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_kyber_768_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/ml_kem/kem_ml_kem.h b/src/kem/ml_kem/kem_ml_kem.h index b3e3d99cfb..0910ab34e8 100644 --- a/src/kem/ml_kem/kem_ml_kem.h +++ b/src/kem/ml_kem/kem_ml_kem.h @@ -10,8 +10,12 @@ #define OQS_KEM_ml_kem_512_ipd_length_secret_key 1632 #define OQS_KEM_ml_kem_512_ipd_length_ciphertext 768 #define OQS_KEM_ml_kem_512_ipd_length_shared_secret 32 +#define OQS_KEM_ml_kem_512_ipd_length_keypair_coins 64 +#define OQS_KEM_ml_kem_512_ipd_length_encaps_coins 32 OQS_KEM *OQS_KEM_ml_kem_512_ipd_new(void); +OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); @@ -19,8 +23,12 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_decaps(uint8_t *shared_secret, const u #define OQS_KEM_ml_kem_512_length_secret_key OQS_KEM_ml_kem_512_ipd_length_secret_key #define OQS_KEM_ml_kem_512_length_ciphertext OQS_KEM_ml_kem_512_ipd_length_ciphertext #define OQS_KEM_ml_kem_512_length_shared_secret OQS_KEM_ml_kem_512_ipd_length_shared_secret +#define OQS_KEM_ml_kem_512_length_keypair_coins OQS_KEM_ml_kem_512_ipd_length_keypair_coins +#define OQS_KEM_ml_kem_512_length_encaps_coins OQS_KEM_ml_kem_512_ipd_length_encaps_coins OQS_KEM *OQS_KEM_ml_kem_512_new(void); +#define OQS_KEM_ml_kem_512_keypair_derand OQS_KEM_ml_kem_512_ipd_keypair_derand #define OQS_KEM_ml_kem_512_keypair OQS_KEM_ml_kem_512_ipd_keypair +#define OQS_KEM_ml_kem_512_encaps_derand OQS_KEM_ml_kem_512_ipd_encaps_derand #define OQS_KEM_ml_kem_512_encaps OQS_KEM_ml_kem_512_ipd_encaps #define OQS_KEM_ml_kem_512_decaps OQS_KEM_ml_kem_512_ipd_decaps #endif @@ -30,8 +38,12 @@ OQS_KEM *OQS_KEM_ml_kem_512_new(void); #define OQS_KEM_ml_kem_768_ipd_length_secret_key 2400 #define OQS_KEM_ml_kem_768_ipd_length_ciphertext 1088 #define OQS_KEM_ml_kem_768_ipd_length_shared_secret 32 +#define OQS_KEM_ml_kem_768_ipd_length_keypair_coins 64 +#define OQS_KEM_ml_kem_768_ipd_length_encaps_coins 32 OQS_KEM *OQS_KEM_ml_kem_768_ipd_new(void); +OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); @@ -39,8 +51,12 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_decaps(uint8_t *shared_secret, const u #define OQS_KEM_ml_kem_768_length_secret_key OQS_KEM_ml_kem_768_ipd_length_secret_key #define OQS_KEM_ml_kem_768_length_ciphertext OQS_KEM_ml_kem_768_ipd_length_ciphertext #define OQS_KEM_ml_kem_768_length_shared_secret OQS_KEM_ml_kem_768_ipd_length_shared_secret +#define OQS_KEM_ml_kem_768_length_keypair_coins OQS_KEM_ml_kem_768_ipd_length_keypair_coins +#define OQS_KEM_ml_kem_768_length_encaps_coins OQS_KEM_ml_kem_768_ipd_length_encaps_coins OQS_KEM *OQS_KEM_ml_kem_768_new(void); +#define OQS_KEM_ml_kem_768_keypair_derand OQS_KEM_ml_kem_768_ipd_keypair_derand #define OQS_KEM_ml_kem_768_keypair OQS_KEM_ml_kem_768_ipd_keypair +#define OQS_KEM_ml_kem_768_encaps_derand OQS_KEM_ml_kem_768_ipd_encaps_derand #define OQS_KEM_ml_kem_768_encaps OQS_KEM_ml_kem_768_ipd_encaps #define OQS_KEM_ml_kem_768_decaps OQS_KEM_ml_kem_768_ipd_decaps #endif @@ -50,8 +66,12 @@ OQS_KEM *OQS_KEM_ml_kem_768_new(void); #define OQS_KEM_ml_kem_1024_ipd_length_secret_key 3168 #define OQS_KEM_ml_kem_1024_ipd_length_ciphertext 1568 #define OQS_KEM_ml_kem_1024_ipd_length_shared_secret 32 +#define OQS_KEM_ml_kem_1024_ipd_length_keypair_coins 64 +#define OQS_KEM_ml_kem_1024_ipd_length_encaps_coins 32 OQS_KEM *OQS_KEM_ml_kem_1024_ipd_new(void); +OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); @@ -59,8 +79,12 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_decaps(uint8_t *shared_secret, const #define OQS_KEM_ml_kem_1024_length_secret_key OQS_KEM_ml_kem_1024_ipd_length_secret_key #define OQS_KEM_ml_kem_1024_length_ciphertext OQS_KEM_ml_kem_1024_ipd_length_ciphertext #define OQS_KEM_ml_kem_1024_length_shared_secret OQS_KEM_ml_kem_1024_ipd_length_shared_secret +#define OQS_KEM_ml_kem_1024_length_keypair_coins OQS_KEM_ml_kem_1024_ipd_length_keypair_coins +#define OQS_KEM_ml_kem_1024_length_encaps_coins OQS_KEM_ml_kem_1024_ipd_length_encaps_coins OQS_KEM *OQS_KEM_ml_kem_1024_new(void); +#define OQS_KEM_ml_kem_1024_keypair_derand OQS_KEM_ml_kem_1024_ipd_keypair_derand #define OQS_KEM_ml_kem_1024_keypair OQS_KEM_ml_kem_1024_ipd_keypair +#define OQS_KEM_ml_kem_1024_encaps_derand OQS_KEM_ml_kem_1024_ipd_encaps_derand #define OQS_KEM_ml_kem_1024_encaps OQS_KEM_ml_kem_1024_ipd_encaps #define OQS_KEM_ml_kem_1024_decaps OQS_KEM_ml_kem_1024_ipd_decaps #endif diff --git a/src/kem/ml_kem/kem_ml_kem_1024_ipd.c b/src/kem/ml_kem/kem_ml_kem_1024_ipd.c index 7667187f4d..b3f1571afc 100644 --- a/src/kem/ml_kem/kem_ml_kem_1024_ipd.c +++ b/src/kem/ml_kem/kem_ml_kem_1024_ipd.c @@ -24,8 +24,12 @@ OQS_KEM *OQS_KEM_ml_kem_1024_ipd_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_1024_ipd_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_1024_ipd_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_1024_ipd_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_1024_ipd_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_1024_ipd_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_1024_ipd_keypair_derand; kem->keypair = OQS_KEM_ml_kem_1024_ipd_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_1024_ipd_encaps_derand; kem->encaps = OQS_KEM_ml_kem_1024_ipd_encaps; kem->decaps = OQS_KEM_ml_kem_1024_ipd_decaps; @@ -51,25 +55,48 @@ OQS_KEM *OQS_KEM_ml_kem_1024_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_1024_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_1024_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_1024_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_1024_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_1024_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_1024_keypair_derand; kem->keypair = OQS_KEM_ml_kem_1024_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_1024_encaps_derand; kem->encaps = OQS_KEM_ml_kem_1024_encaps; kem->decaps = OQS_KEM_ml_kem_1024_decaps; return kem; } #endif - +extern int pqcrystals_ml_kem_1024_ipd_ref_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_1024_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_1024_ipd_ref_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_1024_ipd_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_1024_ipd_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #if defined(OQS_ENABLE_KEM_ml_kem_1024_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_1024_avx2) +extern int pqcrystals_ml_kem_1024_ipd_avx2_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_1024_ipd_avx2_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_1024_ipd_avx2_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_1024_ipd_avx2_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_1024_ipd_avx2_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_1024_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_1024_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_avx2_keypair_derand(public_key, secret_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_ref_keypair_derand(public_key, secret_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_ref_keypair_derand(public_key, secret_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_ml_kem_1024_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_1024_avx2) #if defined(OQS_DIST_BUILD) @@ -86,6 +113,22 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_keypair(uint8_t *public_key, uint8_t #endif } +OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_1024_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_1024_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_avx2_enc_derand(ciphertext, shared_secret, public_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_1024_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_ml_kem_1024_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_1024_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/ml_kem/kem_ml_kem_512_ipd.c b/src/kem/ml_kem/kem_ml_kem_512_ipd.c index c9cf816630..e1568a82c3 100644 --- a/src/kem/ml_kem/kem_ml_kem_512_ipd.c +++ b/src/kem/ml_kem/kem_ml_kem_512_ipd.c @@ -24,8 +24,12 @@ OQS_KEM *OQS_KEM_ml_kem_512_ipd_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_512_ipd_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_512_ipd_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_512_ipd_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_512_ipd_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_512_ipd_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_512_ipd_keypair_derand; kem->keypair = OQS_KEM_ml_kem_512_ipd_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_512_ipd_encaps_derand; kem->encaps = OQS_KEM_ml_kem_512_ipd_encaps; kem->decaps = OQS_KEM_ml_kem_512_ipd_decaps; @@ -51,25 +55,48 @@ OQS_KEM *OQS_KEM_ml_kem_512_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_512_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_512_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_512_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_512_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_512_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_512_keypair_derand; kem->keypair = OQS_KEM_ml_kem_512_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_512_encaps_derand; kem->encaps = OQS_KEM_ml_kem_512_encaps; kem->decaps = OQS_KEM_ml_kem_512_decaps; return kem; } #endif - +extern int pqcrystals_ml_kem_512_ipd_ref_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_512_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_512_ipd_ref_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_512_ipd_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_512_ipd_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #if defined(OQS_ENABLE_KEM_ml_kem_512_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_512_avx2) +extern int pqcrystals_ml_kem_512_ipd_avx2_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_512_ipd_avx2_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_512_ipd_avx2_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_512_ipd_avx2_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_512_ipd_avx2_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_512_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_512_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_avx2_keypair_derand(public_key, secret_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_ref_keypair_derand(public_key, secret_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_ref_keypair_derand(public_key, secret_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_ml_kem_512_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_512_avx2) #if defined(OQS_DIST_BUILD) @@ -86,6 +113,22 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_keypair(uint8_t *public_key, uint8_t * #endif } +OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_512_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_512_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_avx2_enc_derand(ciphertext, shared_secret, public_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_512_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_512_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_ml_kem_512_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_512_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/ml_kem/kem_ml_kem_768_ipd.c b/src/kem/ml_kem/kem_ml_kem_768_ipd.c index da8ef0883a..0d0d8043f1 100644 --- a/src/kem/ml_kem/kem_ml_kem_768_ipd.c +++ b/src/kem/ml_kem/kem_ml_kem_768_ipd.c @@ -24,8 +24,12 @@ OQS_KEM *OQS_KEM_ml_kem_768_ipd_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_768_ipd_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_768_ipd_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_768_ipd_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_768_ipd_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_768_ipd_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_768_ipd_keypair_derand; kem->keypair = OQS_KEM_ml_kem_768_ipd_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_768_ipd_encaps_derand; kem->encaps = OQS_KEM_ml_kem_768_ipd_encaps; kem->decaps = OQS_KEM_ml_kem_768_ipd_decaps; @@ -51,25 +55,48 @@ OQS_KEM *OQS_KEM_ml_kem_768_new(void) { kem->length_secret_key = OQS_KEM_ml_kem_768_length_secret_key; kem->length_ciphertext = OQS_KEM_ml_kem_768_length_ciphertext; kem->length_shared_secret = OQS_KEM_ml_kem_768_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ml_kem_768_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ml_kem_768_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ml_kem_768_keypair_derand; kem->keypair = OQS_KEM_ml_kem_768_keypair; + kem->encaps_derand = OQS_KEM_ml_kem_768_encaps_derand; kem->encaps = OQS_KEM_ml_kem_768_encaps; kem->decaps = OQS_KEM_ml_kem_768_decaps; return kem; } #endif - +extern int pqcrystals_ml_kem_768_ipd_ref_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_768_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_768_ipd_ref_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_768_ipd_ref_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_768_ipd_ref_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #if defined(OQS_ENABLE_KEM_ml_kem_768_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_768_avx2) +extern int pqcrystals_ml_kem_768_ipd_avx2_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins); extern int pqcrystals_ml_kem_768_ipd_avx2_keypair(uint8_t *pk, uint8_t *sk); +extern int pqcrystals_ml_kem_768_ipd_avx2_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins); extern int pqcrystals_ml_kem_768_ipd_avx2_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); extern int pqcrystals_ml_kem_768_ipd_avx2_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_768_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_768_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_avx2_keypair_derand(public_key, secret_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_ref_keypair_derand(public_key, secret_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_ref_keypair_derand(public_key, secret_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_ml_kem_768_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_768_avx2) #if defined(OQS_DIST_BUILD) @@ -86,6 +113,22 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_keypair(uint8_t *public_key, uint8_t * #endif } +OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { +#if defined(OQS_ENABLE_KEM_ml_kem_768_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_768_avx2) +#if defined(OQS_DIST_BUILD) + if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) { +#endif /* OQS_DIST_BUILD */ + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_avx2_enc_derand(ciphertext, shared_secret, public_key, coins); +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); + } +#endif /* OQS_DIST_BUILD */ +#else + return (OQS_STATUS) pqcrystals_ml_kem_768_ipd_ref_enc_derand(ciphertext, shared_secret, public_key, coins); +#endif +} + OQS_API OQS_STATUS OQS_KEM_ml_kem_768_ipd_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_ml_kem_768_ipd_avx2) || defined(OQS_ENABLE_KEM_ml_kem_768_avx2) #if defined(OQS_DIST_BUILD) diff --git a/src/kem/ntruprime/kem_ntruprime.h b/src/kem/ntruprime/kem_ntruprime.h index bdbab28710..3ef6b9896c 100644 --- a/src/kem/ntruprime/kem_ntruprime.h +++ b/src/kem/ntruprime/kem_ntruprime.h @@ -10,8 +10,12 @@ #define OQS_KEM_ntruprime_sntrup761_length_secret_key 1763 #define OQS_KEM_ntruprime_sntrup761_length_ciphertext 1039 #define OQS_KEM_ntruprime_sntrup761_length_shared_secret 32 +#define OQS_KEM_ntruprime_sntrup761_length_keypair_coins 0 +#define OQS_KEM_ntruprime_sntrup761_length_encaps_coins 0 OQS_KEM *OQS_KEM_ntruprime_sntrup761_new(void); +OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins); OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); #endif diff --git a/src/kem/ntruprime/kem_ntruprime_sntrup761.c b/src/kem/ntruprime/kem_ntruprime_sntrup761.c index bc69b36209..c7a27f6272 100644 --- a/src/kem/ntruprime/kem_ntruprime_sntrup761.c +++ b/src/kem/ntruprime/kem_ntruprime_sntrup761.c @@ -22,8 +22,12 @@ OQS_KEM *OQS_KEM_ntruprime_sntrup761_new(void) { kem->length_secret_key = OQS_KEM_ntruprime_sntrup761_length_secret_key; kem->length_ciphertext = OQS_KEM_ntruprime_sntrup761_length_ciphertext; kem->length_shared_secret = OQS_KEM_ntruprime_sntrup761_length_shared_secret; + kem->length_keypair_coins = OQS_KEM_ntruprime_sntrup761_length_keypair_coins; + kem->length_encaps_coins = OQS_KEM_ntruprime_sntrup761_length_encaps_coins; + kem->keypair_derand = OQS_KEM_ntruprime_sntrup761_keypair_derand; kem->keypair = OQS_KEM_ntruprime_sntrup761_keypair; + kem->encaps_derand = OQS_KEM_ntruprime_sntrup761_encaps_derand; kem->encaps = OQS_KEM_ntruprime_sntrup761_encaps; kem->decaps = OQS_KEM_ntruprime_sntrup761_decaps; @@ -40,6 +44,13 @@ extern int PQCLEAN_SNTRUP761_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const extern int PQCLEAN_SNTRUP761_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); #endif +OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *coins) { + (void)public_key; + (void)secret_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair(uint8_t *public_key, uint8_t *secret_key) { #if defined(OQS_ENABLE_KEM_ntruprime_sntrup761_avx2) #if defined(OQS_DIST_BUILD) @@ -56,6 +67,14 @@ OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair(uint8_t *public_key, uint #endif } +OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *coins) { + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)coins; + return OQS_ERROR; +} + OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { #if defined(OQS_ENABLE_KEM_ntruprime_sntrup761_avx2) #if defined(OQS_DIST_BUILD) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index eb297a8047..622dd9c38e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -82,7 +82,10 @@ target_link_libraries(test_kem_mem PRIVATE ${TEST_DEPS}) add_executable(speed_kem speed_kem.c) target_link_libraries(speed_kem PRIVATE ${TEST_DEPS}) -set(KEM_TESTS example_kem kat_kem test_kem test_kem_mem speed_kem vectors_kem) +add_executable(test_kem_derand test_kem_derand.c) +target_link_libraries(test_kem_derand PRIVATE ${TEST_DEPS}) + +set(KEM_TESTS example_kem kat_kem test_kem test_kem_mem speed_kem vectors_kem test_kem_derand) # SIG API tests add_executable(example_sig example_sig.c) diff --git a/tests/test_cmdline.py b/tests/test_cmdline.py index ca24bf92f9..42c128c837 100644 --- a/tests/test_cmdline.py +++ b/tests/test_cmdline.py @@ -44,6 +44,14 @@ def test_sig_stfl(sig_stfl_name): [helpers.path_to_executable('test_sig_stfl'), sig_stfl_name], ) +@helpers.filtered_test +@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name()) +def test_kem_derand(kem_name): + if not(helpers.is_kem_enabled_by_name(kem_name)): pytest.skip('Not enabled') + helpers.run_subprocess( + [helpers.path_to_executable('test_kem_derand'), kem_name], + ) + if __name__ == "__main__": import sys pytest.main(sys.argv) diff --git a/tests/test_constant_time.py b/tests/test_constant_time.py index c31436480d..b368b5c419 100644 --- a/tests/test_constant_time.py +++ b/tests/test_constant_time.py @@ -266,6 +266,27 @@ def test_constant_time_sig(sig_name): ] ) +@helpers.filtered_test +@helpers.test_requires_build_options(*REQ_LIBOQS_BUILD_OPTS) +@helpers.test_requires_valgrind_version_at_least(*MIN_VALGRIND_VERSION) +@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name()) +def test_constant_time_kem_derand(kem_name): + if not(helpers.is_kem_enabled_by_name(kem_name)): pytest.skip('Not enabled') + if ('SKIP_ALGS' in os.environ) and len(os.environ['SKIP_ALGS'])>0: + for algexp in os.environ['SKIP_ALGS'].split(','): + if len(re.findall(algexp, kem_name))>0: + pytest.skip("Test disabled by alg filter") + passes = get_ct_passes('kem', kem_name) + issues = get_ct_issues('kem', kem_name) + output = helpers.run_subprocess( + VALGRIND + [ + *(['--suppressions='+f for f in passes]), + *(['--suppressions='+f for f in issues]), + helpers.path_to_executable('test_kem_derand'), + kem_name + ] + ) + if __name__ == '__main__': pytest.main(sys.argv) diff --git a/tests/test_distbuild.py b/tests/test_distbuild.py index 907b09038a..29d6035c7f 100644 --- a/tests/test_distbuild.py +++ b/tests/test_distbuild.py @@ -37,6 +37,17 @@ def test_sig(sig_name): helpers.run_subprocess(["qemu-"+platform.machine()+"-static", "-cpu", MINCPU, helpers.path_to_executable('test_sig'), sig_name]) +@helpers.filtered_test +@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name()) +@helpers.test_requires_build_options("OQS_DIST_BUILD") +@helpers.test_requires_qemu(platform.machine(), MINCPU) +def test_kem_derand(kem_name): + if not(helpers.is_kem_enabled_by_name(kem_name)): + pytest.skip('Not enabled') + + helpers.run_subprocess(["qemu-"+platform.machine()+"-static", "-cpu", MINCPU, + helpers.path_to_executable('test_kem_derand'), kem_name]) + if __name__ == "__main__": import sys pytest.main(sys.argv) diff --git a/tests/test_kem_derand.c b/tests/test_kem_derand.c new file mode 100644 index 0000000000..ca3091ce93 --- /dev/null +++ b/tests/test_kem_derand.c @@ -0,0 +1,326 @@ +// SPDX-License-Identifier: MIT + +#include +#include +#include +#include + +#include + +#if OQS_USE_PTHREADS +#include +#endif + +#ifdef OQS_ENABLE_TEST_CONSTANT_TIME +#include +#define OQS_TEST_CT_CLASSIFY(addr, len) VALGRIND_MAKE_MEM_UNDEFINED(addr, len) +#define OQS_TEST_CT_DECLASSIFY(addr, len) VALGRIND_MAKE_MEM_DEFINED(addr, len) +#else +#define OQS_TEST_CT_CLASSIFY(addr, len) +#define OQS_TEST_CT_DECLASSIFY(addr, len) +#endif + +#include "system_info.c" + +/* Displays hexadecimal strings */ +static void OQS_print_hex_string(const char *label, const uint8_t *str, size_t len) { + printf("%-20s (%4zu bytes): ", label, len); + for (size_t i = 0; i < (len); i++) { + printf("%02X", str[i]); + } + printf("\n"); +} + +typedef struct magic_s { + uint8_t val[31]; +} magic_t; + +static OQS_STATUS kem_test_correctness(const char *method_name) { + + OQS_KEM *kem = NULL; + uint8_t *public_key = NULL; + uint8_t *secret_key = NULL; + uint8_t *ciphertext = NULL; + uint8_t *shared_secret_e = NULL; + uint8_t *shared_secret_d = NULL; + uint8_t *coins_k = NULL; + uint8_t *coins_e = NULL; + OQS_STATUS rc, ret = OQS_ERROR; + int rv; + + //The magic numbers are random values. + //The length of the magic number was chosen to be 31 to break alignment + magic_t magic; + OQS_randombytes(magic.val, sizeof(magic_t)); + + kem = OQS_KEM_new(method_name); + if (kem == NULL) { + fprintf(stderr, "ERROR: OQS_KEM_new failed\n"); + goto err; + } + + printf("================================================================================\n"); + printf("Sample computation for KEM %s\n", kem->method_name); + printf("================================================================================\n"); + + public_key = malloc(kem->length_public_key + 2 * sizeof(magic_t)); + secret_key = malloc(kem->length_secret_key + 2 * sizeof(magic_t)); + ciphertext = malloc(kem->length_ciphertext + 2 * sizeof(magic_t)); + shared_secret_e = malloc(kem->length_shared_secret + 2 * sizeof(magic_t)); + shared_secret_d = malloc(kem->length_shared_secret + 2 * sizeof(magic_t)); + coins_k = malloc(kem->length_keypair_coins + 2 * sizeof(magic_t)); + coins_e = malloc(kem->length_encaps_coins + 2 * sizeof(magic_t)); + + if ((public_key == NULL) || (secret_key == NULL) || (ciphertext == NULL) || (shared_secret_e == NULL) || (shared_secret_d == NULL) || (coins_k == NULL) || (coins_e == NULL)) { + fprintf(stderr, "ERROR: malloc failed\n"); + goto err; + } + + //Set the magic numbers before + memcpy(public_key, magic.val, sizeof(magic_t)); + memcpy(secret_key, magic.val, sizeof(magic_t)); + memcpy(ciphertext, magic.val, sizeof(magic_t)); + memcpy(shared_secret_e, magic.val, sizeof(magic_t)); + memcpy(shared_secret_d, magic.val, sizeof(magic_t)); + memcpy(coins_k, magic.val, sizeof(magic_t)); + memcpy(coins_e, magic.val, sizeof(magic_t)); + + public_key += sizeof(magic_t); + secret_key += sizeof(magic_t); + ciphertext += sizeof(magic_t); + shared_secret_e += sizeof(magic_t); + shared_secret_d += sizeof(magic_t); + coins_k += sizeof(magic_t); + coins_e += sizeof(magic_t); + + + // and after + memcpy(public_key + kem->length_public_key, magic.val, sizeof(magic_t)); + memcpy(secret_key + kem->length_secret_key, magic.val, sizeof(magic_t)); + memcpy(ciphertext + kem->length_ciphertext, magic.val, sizeof(magic_t)); + memcpy(shared_secret_e + kem->length_shared_secret, magic.val, sizeof(magic_t)); + memcpy(shared_secret_d + kem->length_shared_secret, magic.val, sizeof(magic_t)); + memcpy(coins_k + kem->length_keypair_coins, magic.val, sizeof(magic_t)); + memcpy(coins_e + kem->length_encaps_coins, magic.val, sizeof(magic_t)); + + OQS_randombytes(coins_k, kem->length_keypair_coins); + OQS_randombytes(coins_e, kem->length_encaps_coins); + + rc = OQS_KEM_keypair_derand(kem, public_key, secret_key, coins_k); + OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc); + if (kem->length_keypair_coins == 0) { + // If length_keypair_coins is set to 0 for this KEM scheme, a failure is expected + if (rc != OQS_ERROR) { + fprintf(stderr, "ERROR: OQS_KEM_keypair_derand succeeded but expected a failure\n"); + goto err; + } + } else { + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: OQS_KEM_keypair_derand failed\n"); + goto err; + } + } + + OQS_TEST_CT_DECLASSIFY(public_key, kem->length_public_key); + rc = OQS_KEM_encaps_derand(kem, ciphertext, shared_secret_e, public_key, coins_e); + OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc); + if (kem->length_encaps_coins == 0) { + // If length_encaps_coins is set to 0 for this KEM scheme, a failure is expected + if (rc != OQS_ERROR) { + fprintf(stderr, "ERROR: OQS_KEM_encaps_derand succeeded but expected a failure\n"); + goto err; + } + + printf("OQS_KEM_encaps_derand correctly failed, skipping OQS_KEM_decaps\n"); + } else { + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: OQS_KEM_encaps_derand failed\n"); + goto err; + } + + // Test decaps() only if encaps() succeeds + OQS_TEST_CT_DECLASSIFY(ciphertext, kem->length_ciphertext); + rc = OQS_KEM_decaps(kem, shared_secret_d, ciphertext, secret_key); + OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc); + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: OQS_KEM_decaps failed\n"); + goto err; + } + + OQS_TEST_CT_DECLASSIFY(shared_secret_d, kem->length_shared_secret); + OQS_TEST_CT_DECLASSIFY(shared_secret_e, kem->length_shared_secret); + rv = memcmp(shared_secret_e, shared_secret_d, kem->length_shared_secret); + if (rv != 0) { + fprintf(stderr, "ERROR: shared secrets are not equal\n"); + OQS_print_hex_string("shared_secret_e", shared_secret_e, kem->length_shared_secret); + OQS_print_hex_string("shared_secret_d", shared_secret_d, kem->length_shared_secret); + goto err; + } else { + printf("shared secrets are equal\n"); + } + + // test invalid encapsulation (call should either fail or result in invalid shared secret) + OQS_randombytes(ciphertext, kem->length_ciphertext); + OQS_TEST_CT_DECLASSIFY(ciphertext, kem->length_ciphertext); + rc = OQS_KEM_decaps(kem, shared_secret_d, ciphertext, secret_key); + OQS_TEST_CT_DECLASSIFY(shared_secret_d, kem->length_shared_secret); + OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc); + if (rc == OQS_SUCCESS && memcmp(shared_secret_e, shared_secret_d, kem->length_shared_secret) == 0) { + fprintf(stderr, "ERROR: OQS_KEM_decaps succeeded on wrong input\n"); + goto err; + } + } + +#ifndef OQS_ENABLE_TEST_CONSTANT_TIME + rv = memcmp(public_key + kem->length_public_key, magic.val, sizeof(magic_t)); + rv |= memcmp(secret_key + kem->length_secret_key, magic.val, sizeof(magic_t)); + rv |= memcmp(ciphertext + kem->length_ciphertext, magic.val, sizeof(magic_t)); + rv |= memcmp(shared_secret_e + kem->length_shared_secret, magic.val, sizeof(magic_t)); + rv |= memcmp(shared_secret_d + kem->length_shared_secret, magic.val, sizeof(magic_t)); + rv |= memcmp(coins_k + kem->length_keypair_coins, magic.val, sizeof(magic_t)); + rv |= memcmp(coins_e + kem->length_encaps_coins, magic.val, sizeof(magic_t)); + rv |= memcmp(public_key - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(secret_key - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(ciphertext - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(shared_secret_e - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(shared_secret_d - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(coins_k - sizeof(magic_t), magic.val, sizeof(magic_t)); + rv |= memcmp(coins_e - sizeof(magic_t), magic.val, sizeof(magic_t)); + if (rv != 0) { + fprintf(stderr, "ERROR: Magic numbers do not match\n"); + goto err; + } +#endif + + ret = OQS_SUCCESS; + goto cleanup; + +err: + ret = OQS_ERROR; + +cleanup: + if (secret_key) { + OQS_MEM_secure_free(secret_key - sizeof(magic_t), kem->length_secret_key + 2 * sizeof(magic_t)); + } + if (shared_secret_e) { + OQS_MEM_secure_free(shared_secret_e - sizeof(magic_t), kem->length_shared_secret + 2 * sizeof(magic_t)); + } + if (shared_secret_d) { + OQS_MEM_secure_free(shared_secret_d - sizeof(magic_t), kem->length_shared_secret + 2 * sizeof(magic_t)); + } + if (public_key) { + OQS_MEM_insecure_free(public_key - sizeof(magic_t)); + } + if (ciphertext) { + OQS_MEM_insecure_free(ciphertext - sizeof(magic_t)); + } + if (coins_k) { + OQS_MEM_secure_free(coins_k - sizeof(magic_t), kem->length_keypair_coins + 2 * sizeof(magic_t)); + } + if (coins_e) { + OQS_MEM_secure_free(coins_e - sizeof(magic_t), kem->length_encaps_coins + 2 * sizeof(magic_t)); + } + OQS_KEM_free(kem); + + return ret; +} + +#ifdef OQS_ENABLE_TEST_CONSTANT_TIME +static void TEST_KEM_randombytes(uint8_t *random_array, size_t bytes_to_read) { + // We can't make direct calls to the system randombytes on some platforms, + // so we have to swap out the OQS_randombytes provider. + OQS_randombytes_switch_algorithm("system"); + OQS_randombytes(random_array, bytes_to_read); + OQS_randombytes_custom_algorithm(&TEST_KEM_randombytes); + + // OQS_TEST_CT_CLASSIFY tells Valgrind's memcheck tool to issue a warning if + // the program branches on any byte that depends on random_array. This helps us + // identify timing side-channels, as these bytes often contain secret data. + OQS_TEST_CT_CLASSIFY(random_array, bytes_to_read); +} +#endif + +#if OQS_USE_PTHREADS +struct thread_data { + char *alg_name; + OQS_STATUS rc; +}; + +void *test_wrapper(void *arg) { + struct thread_data *td = arg; + td->rc = kem_test_correctness(td->alg_name); + return NULL; +} +#endif + +int main(int argc, char **argv) { + OQS_init(); + + printf("Testing KEM algorithms using liboqs version %s\n", OQS_version()); + + if (argc != 2) { + fprintf(stderr, "Usage: test_kem_derand algname\n"); + fprintf(stderr, " algname: "); + for (size_t i = 0; i < OQS_KEM_algs_length; i++) { + if (i > 0) { + fprintf(stderr, ", "); + } + fprintf(stderr, "%s", OQS_KEM_alg_identifier(i)); + } + fprintf(stderr, "\n"); + OQS_destroy(); + return EXIT_FAILURE; + } + + print_system_info(); + + char *alg_name = argv[1]; + if (!OQS_KEM_alg_is_enabled(alg_name)) { + printf("KEM algorithm %s not enabled!\n", alg_name); + OQS_destroy(); + return EXIT_FAILURE; + } + +#ifdef OQS_ENABLE_TEST_CONSTANT_TIME + OQS_randombytes_custom_algorithm(&TEST_KEM_randombytes); +#else + OQS_randombytes_switch_algorithm("system"); +#endif + + OQS_STATUS rc; +#if OQS_USE_PTHREADS +#define MAX_LEN_KEM_NAME_ 64 + // don't run Classic McEliece in threads because of large stack usage + char no_thread_kem_patterns[][MAX_LEN_KEM_NAME_] = {"Classic-McEliece", "HQC-256-"}; + int test_in_thread = 1; + for (size_t i = 0 ; i < sizeof(no_thread_kem_patterns) / MAX_LEN_KEM_NAME_; ++i) { + if (strstr(alg_name, no_thread_kem_patterns[i]) != NULL) { + test_in_thread = 0; + break; + } + } + if (test_in_thread) { + pthread_t thread; + struct thread_data td; + td.alg_name = alg_name; + int trc = pthread_create(&thread, NULL, test_wrapper, &td); + if (trc) { + fprintf(stderr, "ERROR: Creating pthread\n"); + OQS_destroy(); + return EXIT_FAILURE; + } + pthread_join(thread, NULL); + rc = td.rc; + } else { + rc = kem_test_correctness(alg_name); + } +#else + rc = kem_test_correctness(alg_name); +#endif + if (rc != OQS_SUCCESS) { + OQS_destroy(); + return EXIT_FAILURE; + } + OQS_destroy(); + return EXIT_SUCCESS; +} diff --git a/tests/test_leaks.py b/tests/test_leaks.py index f75fece11a..f80090cc62 100644 --- a/tests/test_leaks.py +++ b/tests/test_leaks.py @@ -40,6 +40,15 @@ def test_sig_stfl_leak(sig_stfl_name): ["valgrind", "-s", "--error-exitcode=1", "--leak-check=full", "--show-leak-kinds=all", helpers.path_to_executable('test_sig_stfl'), sig_stfl_name], ) +@helpers.filtered_test +@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name()) +def test_kem_derand_leak(kem_name): + if not(helpers.is_kem_enabled_by_name(kem_name)): pytest.skip('Not enabled') + if sys.platform != "linux" or os.system("grep ubuntu /etc/os-release") != 0 or os.system("uname -a | grep x86_64") != 0: pytest.skip('Leak testing not supported on this platform') + helpers.run_subprocess( + ["valgrind", "-s", "--error-exitcode=1", "--leak-check=full", "--show-leak-kinds=all", "--vex-guest-max-insns=25", "--track-origins=yes", helpers.path_to_executable('test_kem_derand'), kem_name], + ) + if __name__ == "__main__": import sys pytest.main(sys.argv)