Merge remote-tracking branch 'upstream/main'

.github/workflows/linux.yml

@@ -50,7 +50,7 @@ jobs:
       image: ${{ matrix.container }}
     env:
       MAKE_PARAMS: "-j 18"
-      LIBOQS_BRANCH: "0.10.1"
+      LIBOQS_BRANCH: "main"
     steps:
       - name: Checkout code
         uses: actions/checkout@v2
@@ -206,7 +206,7 @@ jobs:
       - name: Clone and build liboqs for linux-aarch64
         working-directory: /opt/
         run: |
-          git clone --depth=1 --branch 0.10.1 https://github.com/open-quantum-safe/liboqs.git liboqs
+          git clone --depth=1 --branch main https://github.com/open-quantum-safe/liboqs.git liboqs
           cd liboqs
           mkdir build install
           cmake --toolchain "${CMAKE_TOOLCHAIN_FILE}" \

.github/workflows/macos.yml

@@ -15,7 +15,6 @@ jobs:
         os:
           - macos-13
           - macos-12
-          - macos-11
 # eventually build for other alg sets, if CCI use is discontinued
         params:
           - oqsconfig: -DOQS_ALGS_ENABLED=STD
@@ -38,7 +37,7 @@ jobs:
         with:
           set-safe-directory: true
           repository: open-quantum-safe/liboqs
-          ref: 0.10.1
+          ref: main
           path: liboqs
       - name: Retrieve OpenSSL32 from cache
         id: cache-openssl32

ALGORITHMS.md

@@ -117,6 +117,14 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p521_sphincsshake256fsimple | 0xfecd |No| OQS_CODEPOINT_P521_SPHINCSSHAKE256FSIMPLE
 | sphincsshake256ssimple | 0xfece |No| OQS_CODEPOINT_SPHINCSSHAKE256SSIMPLE
 | p521_sphincsshake256ssimple | 0xfecf |No| OQS_CODEPOINT_P521_SPHINCSSHAKE256SSIMPLE
+| mayo1 | 0xfeee |Yes| OQS_CODEPOINT_MAYO1
+| p256_mayo1 | 0xfef2 |Yes| OQS_CODEPOINT_P256_MAYO1
+| mayo2 | 0xfeef |Yes| OQS_CODEPOINT_MAYO2
+| p256_mayo2 | 0xfef3 |Yes| OQS_CODEPOINT_P256_MAYO2
+| mayo3 | 0xfef0 |Yes| OQS_CODEPOINT_MAYO3
+| p384_mayo3 | 0xfef4 |Yes| OQS_CODEPOINT_P384_MAYO3
+| mayo5 | 0xfef1 |Yes| OQS_CODEPOINT_MAYO5
+| p521_mayo5 | 0xfef5 |Yes| OQS_CODEPOINT_P521_MAYO5
 <!--- OQS_TEMPLATE_FRAGMENT_IDS_END -->
 
 Changing code points
@@ -207,6 +215,14 @@ adapting the OIDs of all supported signature algorithms as per the table below.
 | p521_sphincsshake256fsimple | 1.3.9999.6.9.11 |No| OQS_OID_P521_SPHINCSSHAKE256FSIMPLE
 | sphincsshake256ssimple | 1.3.9999.6.9.12 |No| OQS_OID_SPHINCSSHAKE256SSIMPLE
 | p521_sphincsshake256ssimple | 1.3.9999.6.9.13 |No| OQS_OID_P521_SPHINCSSHAKE256SSIMPLE
+| mayo1 | 1.3.9999.8.1.1 |Yes| OQS_OID_MAYO1
+| p256_mayo1 | 1.3.9999.8.1.2 |Yes| OQS_OID_P256_MAYO1
+| mayo2 | 1.3.9999.8.2.1 |Yes| OQS_OID_MAYO2
+| p256_mayo2 | 1.3.9999.8.2.2 |Yes| OQS_OID_P256_MAYO2
+| mayo3 | 1.3.9999.8.3.1 |Yes| OQS_OID_MAYO3
+| p384_mayo3 | 1.3.9999.8.3.2 |Yes| OQS_OID_P384_MAYO3
+| mayo5 | 1.3.9999.8.5.1 |Yes| OQS_OID_MAYO5
+| p521_mayo5 | 1.3.9999.8.5.2 |Yes| OQS_OID_P521_MAYO5
 
 If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following list is also available:
 

README.md

@@ -51,6 +51,7 @@ This implementation makes available the following quantum safe algorithms:
 
 - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
 - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`
+- **MAYO**:`mayo1`\*, `p256_mayo1`\*, `mayo2`\*, `p256_mayo2`\*, `mayo3`\*, `p384_mayo3`\*, `mayo5`\*, `p521_mayo5`\*
 
 <!--- OQS_TEMPLATE_FRAGMENT_ALGS_END -->
 

oqs-template/generate.yml

@@ -399,7 +399,7 @@ kem_nid_end: '0x0250'
 kem_nid_hybrid_end: '0x2FFF'
 # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values
 
-# Next free signature ID: 0xfeee
+# Next free signature ID: 0xfef6
 sigs:
   # -
     # iso (1)
@@ -1469,5 +1469,50 @@ sigs:
                           'pretty_name': 'ECDSA p521',
                           'oid': '1.3.9999.6.9.8',
                           'code_point': '0xfe95'}]
-
-
+  -
+    family: 'MAYO'
+    variants:
+      -
+        name: 'mayo1'
+        pretty_name: 'MAYO-1'
+        oqs_meth: 'OQS_SIG_alg_mayo_1'
+        oid: '1.3.9999.8.1.1'
+        code_point: '0xfeee'
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.8.1.2',
+                    'code_point': '0xfef2'}]
+      -
+        name: 'mayo2'
+        pretty_name: 'MAYO-2'
+        oqs_meth: 'OQS_SIG_alg_mayo_2'
+        oid: '1.3.9999.8.2.1'
+        code_point: '0xfeef'
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.8.2.2',
+                    'code_point': '0xfef3'}]
+      -
+        name: 'mayo3'
+        pretty_name: 'MAYO-3'
+        oqs_meth: 'OQS_SIG_alg_mayo_3'
+        oid: '1.3.9999.8.3.1'
+        code_point: '0xfef0'
+        enable: true
+        mix_with: [{'name': 'p384',
+                    'pretty_name': 'ECDSA p384',
+                    'oid': '1.3.9999.8.3.2',
+                    'code_point': '0xfef4'}]
+      -
+        name: 'mayo5'
+        pretty_name: 'MAYO-5'
+        oqs_meth: 'OQS_SIG_alg_mayo_5'
+        oid: '1.3.9999.8.5.1'
+        code_point: '0xfef1'
+        enable: true
+        mix_with: [{'name': 'p521',
+                    'pretty_name': 'ECDSA p521',
+                    'oid': '1.3.9999.8.5.2',
+                    'code_point': '0xfef5'}]