diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index a8d70af436..1362a407e3 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -8,7 +8,8 @@ upstreams: sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml' kem_scheme_path: 'crypto_kem/{pqclean_scheme}' sig_scheme_path: 'crypto_sign/{pqclean_scheme}' - patches: [pqclean-dilithium-arm-randomized-signing.patch, pqclean-kyber-armneon-shake-fixes.patch, pqclean-kyber-armneon-768-1024-fixes.patch, pqclean-kyber-armneon-variable-timing-fix.patch] + patches: [pqclean-dilithium-arm-randomized-signing.patch, pqclean-kyber-armneon-shake-fixes.patch, pqclean-kyber-armneon-768-1024-fixes.patch, pqclean-kyber-armneon-variable-timing-fix.patch, + pqclean-kyber-armneon-asan.patch] ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64 - name: pqclean diff --git a/scripts/copy_from_upstream/patches/pqclean-kyber-armneon-asan.patch b/scripts/copy_from_upstream/patches/pqclean-kyber-armneon-asan.patch new file mode 100644 index 0000000000..96f6419129 --- /dev/null +++ b/scripts/copy_from_upstream/patches/pqclean-kyber-armneon-asan.patch @@ -0,0 +1,72 @@ +diff --git a/crypto_kem/kyber1024/aarch64/neon_symmetric-shake.c b/crypto_kem/kyber1024/aarch64/neon_symmetric-shake.c +index 8aced5e4..364d9fdd 100644 +--- a/crypto_kem/kyber1024/aarch64/neon_symmetric-shake.c ++++ b/crypto_kem/kyber1024/aarch64/neon_symmetric-shake.c +@@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + uint8_t y1, uint8_t y2) + { + unsigned int i; +- uint8_t extseed1[KYBER_SYMBYTES+2]; +- uint8_t extseed2[KYBER_SYMBYTES+2]; ++ uint8_t extseed1[KYBER_SYMBYTES+2+6]; ++ uint8_t extseed2[KYBER_SYMBYTES+2+6]; + + for(i=0;i<KYBER_SYMBYTES;i++){ + extseed1[i] = seed[i]; +@@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + extseed2[KYBER_SYMBYTES ] = x2; + extseed2[KYBER_SYMBYTES+1] = y2; + +- shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); ++ shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); + } + + /************************************************* +diff --git a/crypto_kem/kyber512/aarch64/neon_symmetric-shake.c b/crypto_kem/kyber512/aarch64/neon_symmetric-shake.c +index 8aced5e4..364d9fdd 100644 +--- a/crypto_kem/kyber512/aarch64/neon_symmetric-shake.c ++++ b/crypto_kem/kyber512/aarch64/neon_symmetric-shake.c +@@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + uint8_t y1, uint8_t y2) + { + unsigned int i; +- uint8_t extseed1[KYBER_SYMBYTES+2]; +- uint8_t extseed2[KYBER_SYMBYTES+2]; ++ uint8_t extseed1[KYBER_SYMBYTES+2+6]; ++ uint8_t extseed2[KYBER_SYMBYTES+2+6]; + + for(i=0;i<KYBER_SYMBYTES;i++){ + extseed1[i] = seed[i]; +@@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + extseed2[KYBER_SYMBYTES ] = x2; + extseed2[KYBER_SYMBYTES+1] = y2; + +- shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); ++ shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); + } + + /************************************************* +diff --git a/crypto_kem/kyber768/aarch64/neon_symmetric-shake.c b/crypto_kem/kyber768/aarch64/neon_symmetric-shake.c +index 8aced5e4..364d9fdd 100644 +--- a/crypto_kem/kyber768/aarch64/neon_symmetric-shake.c ++++ b/crypto_kem/kyber768/aarch64/neon_symmetric-shake.c +@@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + uint8_t y1, uint8_t y2) + { + unsigned int i; +- uint8_t extseed1[KYBER_SYMBYTES+2]; +- uint8_t extseed2[KYBER_SYMBYTES+2]; ++ uint8_t extseed1[KYBER_SYMBYTES+2+6]; ++ uint8_t extseed2[KYBER_SYMBYTES+2+6]; + + for(i=0;i<KYBER_SYMBYTES;i++){ + extseed1[i] = seed[i]; +@@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, + extseed2[KYBER_SYMBYTES ] = x2; + extseed2[KYBER_SYMBYTES+1] = y2; + +- shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); ++ shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); + } + + /************************************************* diff --git a/src/kem/kyber/oldpqclean_kyber1024_aarch64/neon_symmetric-shake.c b/src/kem/kyber/oldpqclean_kyber1024_aarch64/neon_symmetric-shake.c index 8aced5e4a4..364d9fddca 100644 --- a/src/kem/kyber/oldpqclean_kyber1024_aarch64/neon_symmetric-shake.c +++ b/src/kem/kyber/oldpqclean_kyber1024_aarch64/neon_symmetric-shake.c @@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, uint8_t y1, uint8_t y2) { unsigned int i; - uint8_t extseed1[KYBER_SYMBYTES+2]; - uint8_t extseed2[KYBER_SYMBYTES+2]; + uint8_t extseed1[KYBER_SYMBYTES+2+6]; + uint8_t extseed2[KYBER_SYMBYTES+2+6]; for(i=0;i<KYBER_SYMBYTES;i++){ extseed1[i] = seed[i]; @@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, extseed2[KYBER_SYMBYTES ] = x2; extseed2[KYBER_SYMBYTES+1] = y2; - shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); + shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); } /************************************************* diff --git a/src/kem/kyber/oldpqclean_kyber512_aarch64/neon_symmetric-shake.c b/src/kem/kyber/oldpqclean_kyber512_aarch64/neon_symmetric-shake.c index 8aced5e4a4..364d9fddca 100644 --- a/src/kem/kyber/oldpqclean_kyber512_aarch64/neon_symmetric-shake.c +++ b/src/kem/kyber/oldpqclean_kyber512_aarch64/neon_symmetric-shake.c @@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, uint8_t y1, uint8_t y2) { unsigned int i; - uint8_t extseed1[KYBER_SYMBYTES+2]; - uint8_t extseed2[KYBER_SYMBYTES+2]; + uint8_t extseed1[KYBER_SYMBYTES+2+6]; + uint8_t extseed2[KYBER_SYMBYTES+2+6]; for(i=0;i<KYBER_SYMBYTES;i++){ extseed1[i] = seed[i]; @@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, extseed2[KYBER_SYMBYTES ] = x2; extseed2[KYBER_SYMBYTES+1] = y2; - shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); + shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); } /************************************************* diff --git a/src/kem/kyber/oldpqclean_kyber768_aarch64/neon_symmetric-shake.c b/src/kem/kyber/oldpqclean_kyber768_aarch64/neon_symmetric-shake.c index 8aced5e4a4..364d9fddca 100644 --- a/src/kem/kyber/oldpqclean_kyber768_aarch64/neon_symmetric-shake.c +++ b/src/kem/kyber/oldpqclean_kyber768_aarch64/neon_symmetric-shake.c @@ -56,8 +56,8 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, uint8_t y1, uint8_t y2) { unsigned int i; - uint8_t extseed1[KYBER_SYMBYTES+2]; - uint8_t extseed2[KYBER_SYMBYTES+2]; + uint8_t extseed1[KYBER_SYMBYTES+2+6]; + uint8_t extseed2[KYBER_SYMBYTES+2+6]; for(i=0;i<KYBER_SYMBYTES;i++){ extseed1[i] = seed[i]; @@ -69,7 +69,7 @@ void neon_kyber_shake128_absorb(keccakx2_state *state, extseed2[KYBER_SYMBYTES ] = x2; extseed2[KYBER_SYMBYTES+1] = y2; - shake128x2_absorb(state, extseed1, extseed2, sizeof(extseed1)); + shake128x2_absorb(state, extseed1, extseed2, KYBER_SYMBYTES+2); } /*************************************************