open-quantum-safe · mraksoll4 · Jan 2, 2025 · Jan 2, 2025 · Jan 2, 2025 · Jan 2, 2025
@@ -7,9 +7,9 @@
 - **Authors' website**: https://falcon-sign.info
 - **Specification version**: 20211101.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
+  - **Source**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181 with copy_from_upstream patches
   - **Implementation license (SPDX-Identifier)**: MIT
-- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
+- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181 with copy_from_upstream patches
   - **pqclean-aarch64**:<a name="pqclean-aarch64"></a>
       - **Source**: https://github.com/PQClean/PQClean/commit/7707d1bcc8ae7f9ffd296dd13b1d76d2767d14f8
       - **Implementation license (SPDX-Identifier)**: Apache-2.0

@@ -19,6 +19,7 @@ nist-round: 3
 spec-version: 20211101
 primary-upstream:
   source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
+    with copy_from_upstream patches
   spdx-license-identifier: MIT
   upstream-ancestors:
   - https://www.falcon-sign.info

@@ -9,7 +9,7 @@ upstreams:
     kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
     sig_scheme_path: 'crypto_sign/{pqclean_scheme}'
     patches: [pqclean-dilithium-arm-randomized-signing.patch, pqclean-kyber-armneon-shake-fixes.patch, pqclean-kyber-armneon-768-1024-fixes.patch, pqclean-kyber-armneon-variable-timing-fix.patch,
-    pqclean-kyber-armneon-asan.patch]
+    pqclean-kyber-armneon-asan.patch, oldpqclean_dilithium2_aarch64_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, oldpqclean_dilithium3_aarch64_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, oldpqclean_dilithium5_aarch64_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch]
     ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64
   -
     name: pqclean
@@ -20,7 +20,7 @@ upstreams:
     sig_meta_path: 'crypto_sign/{pqclean_scheme}/META.yml'
     kem_scheme_path: 'crypto_kem/{pqclean_scheme}'
     sig_scheme_path: 'crypto_sign/{pqclean_scheme}'
-    patches: [pqclean-sphincs.patch]
+    patches: [pqclean-sphincs.patch, pqclean_falcon_512_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_512_avx2_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_512_aarch64_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_1024_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_1024_avx2_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_1024_aarch64_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_512_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_512_avx2_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_512_aarch64_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_1024_clean_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_1024_avx2_keypair_from_fixed_seed_and_pubkey_from_privkey.patch, pqclean_falcon_padded_1024_aarch64_keypair_from_fixed_seed_and_pubkey_from_privkey.patch]
     ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64, pqclean_kyber512_aarch64, pqclean_kyber1024_aarch64, pqclean_kyber768_aarch64, pqclean_dilithium2_aarch64, pqclean_dilithium3_aarch64, pqclean_dilithium5_aarch64
   -
     name: pqcrystals-kyber
@@ -45,7 +45,7 @@ upstreams:
     git_commit: 3e9b9f1412f6c7435dbeb4e10692ea58f181ee51
     sig_meta_path: '{pretty_name_full}_META.yml'
     sig_scheme_path: '.'
-    patches: [pqcrystals-dilithium-yml.patch, pqcrystals-dilithium-ref-shake-aes.patch, pqcrystals-dilithium-avx2-shake-aes.patch]
+    patches: [pqcrystals-dilithium-yml.patch, pqcrystals-dilithium-ref-shake-aes.patch, pqcrystals-dilithium-avx2-shake-aes.patch, pqcrystals_dilithium_ref_avx2_2_5_keypair_from_fixed_seed_and_pubkey_from_privkey_function.patch, fix_pqcrystals_dilithium_implementations.patch]
   -
     name: pqcrystals-dilithium-standard
     git_url: https://github.com/pq-crystals/dilithium.git

@@ -0,0 +1,67 @@
+4e6cde79c650375eb42245cf48f69b8ee7e500ba
+diff --git a/Dilithium2_META.yml b/Dilithium2_META.yml
+index f4b7e8f..a6a1a00 100644
+--- a/Dilithium2_META.yml
++++ b/Dilithium2_META.yml
+@@ -22,6 +22,8 @@ implementations:
+     folder_name: ref
+     compile_opts: -DDILITHIUM_MODE=2 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium2_ref_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium2_ref_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium2_ref_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium2_ref_signature
+     signature_verify: pqcrystals_dilithium2_ref_verify
+     sources: ../LICENSE api.h config.h params.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.c ntt.h reduce.c reduce.h rounding.c rounding.h symmetric.h symmetric-shake.c
+@@ -29,6 +31,8 @@ implementations:
+     version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409
+     compile_opts: -DDILITHIUM_MODE=2 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium2_avx2_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium2_avx2_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium2_avx2_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium2_avx2_signature
+     signature_verify: pqcrystals_dilithium2_avx2_verify
+     sources: ../LICENSE api.h config.h params.h align.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.S invntt.S pointwise.S ntt.h shuffle.S shuffle.inc consts.c consts.h rejsample.c rejsample.h rounding.c rounding.h symmetric.h symmetric-shake.c
+diff --git a/Dilithium3_META.yml b/Dilithium3_META.yml
+index f45c859..f68c064 100644
+--- a/Dilithium3_META.yml
++++ b/Dilithium3_META.yml
+@@ -22,6 +22,8 @@ implementations:
+     folder_name: ref
+     compile_opts: -DDILITHIUM_MODE=3 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium3_ref_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium3_ref_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium3_ref_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium3_ref_signature
+     signature_verify: pqcrystals_dilithium3_ref_verify
+     sources: ../LICENSE api.h config.h params.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.c ntt.h reduce.c reduce.h rounding.c rounding.h symmetric.h symmetric-shake.c
+@@ -29,6 +31,8 @@ implementations:
+     version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409
+     compile_opts: -DDILITHIUM_MODE=3 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium3_avx2_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium3_avx2_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium3_avx2_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium3_avx2_signature
+     signature_verify: pqcrystals_dilithium3_avx2_verify
+     sources: ../LICENSE api.h config.h params.h align.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.S invntt.S pointwise.S ntt.h shuffle.S shuffle.inc consts.c consts.h rejsample.c rejsample.h rounding.c rounding.h symmetric.h symmetric-shake.c
+diff --git a/Dilithium5_META.yml b/Dilithium5_META.yml
+index 618b617..71ef0a9 100644
+--- a/Dilithium5_META.yml
++++ b/Dilithium5_META.yml
+@@ -22,6 +22,8 @@ implementations:
+     folder_name: ref
+     compile_opts: -DDILITHIUM_MODE=5 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium5_ref_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium5_ref_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium5_ref_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium5_ref_signature
+     signature_verify: pqcrystals_dilithium5_ref_verify
+     sources: ../LICENSE api.h config.h params.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.c ntt.h reduce.c reduce.h rounding.c rounding.h symmetric.h symmetric-shake.c
+@@ -29,6 +31,8 @@ implementations:
+     version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409
+     compile_opts: -DDILITHIUM_MODE=5 -DDILITHIUM_RANDOMIZED_SIGNING
+     signature_keypair: pqcrystals_dilithium5_avx2_keypair
++    signature_keypair_from_fseed: pqcrystals_dilithium5_avx2_keypair_from_fseed
++    signature_pubkey_from_privkey: pqcrystals_dilithium5_avx2_pubkey_from_privkey
+     signature_signature: pqcrystals_dilithium5_avx2_signature
+     signature_verify: pqcrystals_dilithium5_avx2_verify
+     sources: ../LICENSE api.h config.h params.h align.h sign.c sign.h packing.c packing.h polyvec.c polyvec.h poly.c poly.h ntt.S invntt.S pointwise.S ntt.h shuffle.S shuffle.inc consts.c consts.h rejsample.c rejsample.h rounding.c rounding.h symmetric.h symmetric-shake.c
@@ -0,0 +1,151 @@
+c17a4b7e354bde46c24a83a65965fdcc524b5243
+diff --git a/crypto_sign/dilithium2/aarch64/api.h b/crypto_sign/dilithium2/aarch64/api.h
+index 2ce4259..b970049 100644
+--- a/crypto_sign/dilithium2/aarch64/api.h
++++ b/crypto_sign/dilithium2/aarch64/api.h
+@@ -19,6 +19,10 @@
+
+ int PQCLEAN_DILITHIUM2_AARCH64_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
+
++int PQCLEAN_DILITHIUM2_AARCH64_crypto_sign_keypair_from_fseed(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
++
++int PQCLEAN_DILITHIUM2_AARCH64_crypto_sign_pubkey_from_privkey(uint8_t *pk, const uint8_t *sk);
++
+ int PQCLEAN_DILITHIUM2_AARCH64_crypto_sign_signature(
+     uint8_t *sig, size_t *siglen,
+     const uint8_t *m, size_t mlen, const uint8_t *sk);
+diff --git a/crypto_sign/dilithium2/aarch64/sign.c b/crypto_sign/dilithium2/aarch64/sign.c
+index a299d72..537f5a5 100644
+--- a/crypto_sign/dilithium2/aarch64/sign.c
++++ b/crypto_sign/dilithium2/aarch64/sign.c
+@@ -96,6 +96,113 @@ int crypto_sign_keypair(uint8_t *pk, uint8_t *sk) {
+     return 0;
+ }
+
++/*************************************************
++* Name:        crypto_sign_keypair_from_fseed
++*
++* Description: Generates public and private key from fixed seed.
++*
++* Arguments:   - uint8_t *pk: pointer to output public key (allocated
++*                             array of CRYPTO_PUBLICKEYBYTES bytes)
++*              - uint8_t *sk: pointer to output private key (allocated
++*                             array of CRYPTO_SECRETKEYBYTES bytes)
++*              - const uint8_t *seed: Pointer to the input fixed seed. 
++*                                     Must point to an array of SEEDBYTES bytes.
++*                                     The seed provides deterministic randomness 
++*                                     for key generation and must be unique and 
++*                                     securely generated for each keypair to 
++*                                     ensure security.
++*
++* Returns 0 (success)
++**************************************************/
++int crypto_sign_keypair_from_fseed(uint8_t *pk, uint8_t *sk, const uint8_t *seed) {
++    uint8_t seedbuf[2 * SEEDBYTES + CRHBYTES];
++    uint8_t tr[SEEDBYTES];
++    const uint8_t *rho, *rhoprime, *key;
++    polyvecl mat[K];
++    polyvecl s1, s1hat;
++    polyveck s2, t1, t0;
++
++    /* Use fixed seed for randomness for rho, rhoprime and key */
++    shake256(seedbuf, 2*SEEDBYTES + CRHBYTES, seed, SEEDBYTES);
++    rho = seedbuf;
++    rhoprime = rho + SEEDBYTES;
++    key = rhoprime + CRHBYTES;
++
++    /* Expand matrix */
++    polyvec_matrix_expand(mat, rho);
++
++    /* Sample short vectors s1 and s2 */
++    polyvecl_uniform_eta(&s1, rhoprime, 0);
++    polyveck_uniform_eta(&s2, rhoprime, L);
++
++    /* Matrix-vector multiplication */
++    s1hat = s1;
++    polyvecl_ntt(&s1hat);
++    polyvec_matrix_pointwise_montgomery(&t1, mat, &s1hat);
++    polyveck_reduce(&t1);
++    polyveck_invntt_tomont(&t1);
++
++    /* Add error vector s2 */
++    polyveck_add(&t1, &t1, &s2);
++
++    /* Extract t1 and write public key */
++    polyveck_caddq(&t1);
++    polyveck_power2round(&t1, &t0, &t1);
++    pack_pk(pk, rho, &t1);
++
++    /* Compute H(rho, t1) and write secret key */
++    shake256(tr, SEEDBYTES, pk, CRYPTO_PUBLICKEYBYTES);
++    pack_sk(sk, rho, tr, key, &t0, &s1, &s2);
++
++    return 0;
++}
++
++/*************************************************
++* Name:        crypto_sign_pubkey_from_privkey
++*
++* Description: Generates public key from exist private key.
++*
++* Arguments:   - uint8_t *pk: pointer to output public key (allocated
++*                             array of CRYPTO_PUBLICKEYBYTES bytes)
++*              - const uint8_t *sk: pointer to the input private key (points
++*                                   to a read-only array of CRYPTO_SECRETKEYBYTES bytes)
++*
++* Returns 0 (success)
++**************************************************/
++int crypto_sign_pubkey_from_privkey(uint8_t *pk, const uint8_t *sk) {
++    uint8_t rho[SEEDBYTES];
++    uint8_t tr[SEEDBYTES];
++    uint8_t key[SEEDBYTES];
++    polyvecl s1, s1hat;
++    polyveck s2, t0, t1;
++    polyvecl mat[K];
++    
++    /* unpack privat key */
++    unpack_sk(rho, tr, key, &t0, &s1, &s2, sk);
++    
++    /* Expand matrix */
++    polyvec_matrix_expand(mat, rho);
++    
++    /* Matrix-vector multiplication */
++    s1hat = s1;
++    polyvecl_ntt(&s1hat);
++    polyvec_matrix_pointwise_montgomery(&t1, mat, &s1hat);
++    polyveck_reduce(&t1);
++    polyveck_invntt_tomont(&t1);
++    
++    /* Add error vector s2 */
++    polyveck_add(&t1, &t1, &s2);
++    
++    /* Extract t1 */
++    polyveck_caddq(&t1);
++    polyveck_power2round(&t1, &t0, &t1);
++    
++    /* Pack public key */
++    pack_pk(pk, rho, &t1);
++    
++    return 0;
++}
++
+ /*************************************************
+ * Name:        crypto_sign_signature
+ *
+diff --git a/crypto_sign/dilithium2/aarch64/sign.h b/crypto_sign/dilithium2/aarch64/sign.h
+index fba1bf1..2388645 100644
+--- a/crypto_sign/dilithium2/aarch64/sign.h
++++ b/crypto_sign/dilithium2/aarch64/sign.h
+@@ -21,6 +21,12 @@ void challenge(poly *c, const uint8_t seed[SEEDBYTES]);
+ #define crypto_sign_keypair DILITHIUM_NAMESPACE(crypto_sign_keypair)
+ int crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
+
++#define crypto_sign_keypair_from_fseed DILITHIUM_NAMESPACE(keypair_from_fseed)
++int crypto_sign_keypair_from_fseed(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
++
++#define crypto_sign_pubkey_from_privkey DILITHIUM_NAMESPACE(pubkey_from_privkey)
++int crypto_sign_pubkey_from_privkey(uint8_t *pk, const uint8_t *sk);
++
+ #define crypto_sign_signature DILITHIUM_NAMESPACE(crypto_sign_signature)
+ int crypto_sign_signature(uint8_t *sig, size_t *siglen,
+                           const uint8_t *m, size_t mlen,