diff --git a/.gitignore b/.gitignore index e0b99a16..3794b9c0 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,7 @@ bin/ *.a *.so *~ + +# Object and library files on Windows +*.lib +*.obj diff --git a/README.md b/README.md index f0efbeeb..eebe2ffd 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,13 @@ # PQClean [![Build Status](https://travis-ci.com/PQClean/PQClean.svg?branch=master)](https://travis-ci.com/PQClean/PQClean) +[![Build status](https://ci.appveyor.com/api/projects/status/186ky7yb9mlqj3io?svg=true)](https://ci.appveyor.com/project/PQClean/pqclean) **PQClean**, in short, is an effort to collect **clean** implementations of the post-quantum schemes that are in the [NIST post-quantum project](https://csrc.nist.gov/projects/post-quantum-cryptography). The goal of PQClean is to provide *standalone implementations* that + * can easily be integrated into libraries such as [liboqs](https://openquantumsafe.org/#liboqs) or [libpqcrypto](https://libpqcrypto.org/); * can efficiently upstream into higher-level protocol integration efforts such as [Open Quantum Safe](https://openquantumsafe.org/#integrations); * can easily be integrated into benchmarking frameworks such as [SUPERCOP](https://bench.cr.yp.to/supercop.html); @@ -15,6 +17,7 @@ The goal of PQClean is to provide *standalone implementations* that * are suitable targets for formal verification. What PQClean is **not** aiming for is + * a build system producing an integrated library of all schemes; * including benchmarking of implementations; and * including integration into higher-level applications or protocols. @@ -33,8 +36,8 @@ _The checking of items on this list is still being developed. Checked items shou * [x] Consistent test vectors across runs * [ ] Consistent test vectors on big-endian and little-endian machines * [ ] Consistent test vectors on 32-bit and 64-bit machines -* [X] No errors/warnings reported by valgrind -* [X] No errors/warnings reported by address sanitizer +* [x] No errors/warnings reported by valgrind +* [x] No errors/warnings reported by address sanitizer * [ ] Only dependencies: * [x] `fips202.c` * [x] `sha2.c` @@ -47,12 +50,12 @@ _The checking of items on this list is still being developed. Checked items shou * [ ] No branching on secret data (dynamically checked using valgrind) * [ ] No access to secret memory locations (dynamically checked using valgrind) * [ ] Separate subdirectories (without symlinks) for each parameter set of each scheme -* [ ] Builds under Linux, MacOS, and Windows +* [x] Builds under Linux, MacOS, and Windows * [x] Linux * [x] MacOS - * [ ] Windows -* [ ] Makefile-based build for each separate scheme -* [ ] Makefile-based build for Windows (`nmake`) + * [x] Windows +* [x] Makefile-based build for each separate scheme +* [x] Makefile-based build for Windows (`nmake`) * [x] All exported symbols are namespaced with `PQCLEAN_SCHEMENAME_` * [x] Each implementation comes with a `LICENSE` file (see below) * [x] Each scheme comes with a `META.yml` file giving details about version of the algorithm, designers @@ -104,6 +107,23 @@ int crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t int crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk); ``` +## Building PQClean + +As noted above, PQClean is **not** meant to be built as a single library: it is a collection of source code that can be easily integrated into other libraries. The PQClean repository includes various test programs which do build various files, but you should not use the resulting binaries for any purpose. + +## Using source code from PQClean in your own project + +Each implementation directory in PQClean (e.g., crypto\_kem/kyber768\clean) can be extracted for use in your own project. You will need to: + +1. Copy the source code from the implementation's directory into your project. +2. Add the files to your project's build system. +3. Provide instantiations of any of the common cryptographic algorithms used by the implementation. This likely includes `common/randombytes.h` (a cryptographic random number generator), and possibly `common/sha2.h` (the SHA-2 hash function family) and `common/fips202.h` (the SHA-3 hash function family). + +Regarding #2, adding the files to your project's build system, each implementation in PQClean is accompanied by example two makefiles that show how one could build the files for that implementation: + +- The file `Makefile` which can be used with GNU Make, BSD Make, and possibly others. +- The file `Makefile.Microsoft_nmake` which can be used with Visual Studio's nmake. + ## License Each subdirectory containing implementations contains a LICENSE file stating under what license diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 00000000..bbfc9e6a --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,12 @@ +version: 1.0.{build} + +image: Visual Studio 2017 + +build: + verbosity: minimal + +init: + - call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat" + +build_script: + - scripts_windows\build_all.bat diff --git a/crypto_kem/kyber768/clean/Makefile b/crypto_kem/kyber768/clean/Makefile new file mode 100644 index 00000000..616dcbf3 --- /dev/null +++ b/crypto_kem/kyber768/clean/Makefile @@ -0,0 +1,15 @@ +# This Makefile has been tested with GNU Make and BSD Make + +LIB=libkyber768_clean.a +OBJECTS=cbd.o indcpa.o kem.o kex.o ntt.o poly.o polyvec.o precomp.o reduce.o verify.o + +CFLAGS=-Wall -Wextra -Wpedantic -Werror -std=c99 -I../../../common $(EXTRAFLAGS) + +all: $(LIB) + +$(LIB): $(OBJECTS) + $(AR) -r $@ $(OBJECTS) + +clean: + $(RM) $(OBJECTS) + $(RM) $(LIB) diff --git a/crypto_kem/kyber768/clean/Makefile.Microsoft_nmake b/crypto_kem/kyber768/clean/Makefile.Microsoft_nmake new file mode 100644 index 00000000..af4b6833 --- /dev/null +++ b/crypto_kem/kyber768/clean/Makefile.Microsoft_nmake @@ -0,0 +1,16 @@ +# This Makefile can be used with Microsoft Visual Studio's nmake using the command: +# nmake /f Makefile.Microsoft_nmake + +LIB=libkyber768_clean.lib +OBJECTS=cbd.obj indcpa.obj kem.obj kex.obj ntt.obj poly.obj polyvec.obj precomp.obj reduce.obj verify.obj + +CFLAGS=/I ..\..\..\common /W1 /WX # FIXME: ideally would use /W4 instead of /W1, but too many failures in Kyber right now + +all: $(LIB) + +$(LIB): $(OBJECTS) + LIB.EXE /OUT:$@ $** + +clean: + DEL $(OBJECTS) + DEL $(LIB) diff --git a/crypto_kem/kyber768/clean/indcpa.c b/crypto_kem/kyber768/clean/indcpa.c index 528851c7..210ad1e9 100644 --- a/crypto_kem/kyber768/clean/indcpa.c +++ b/crypto_kem/kyber768/clean/indcpa.c @@ -133,7 +133,7 @@ void PQCLEAN_KYBER768_gen_matrix(polyvec *a, const unsigned char *seed, uint16_t val; unsigned int nblocks; const unsigned int maxnblocks = 4; - uint8_t buf[SHAKE128_RATE * maxnblocks]; + uint8_t buf[SHAKE128_RATE * /* maxnblocks = */ 4]; int i, j; uint64_t state[25]; // SHAKE state unsigned char extseed[KYBER_SYMBYTES + 2]; diff --git a/scripts_windows/build_all.bat b/scripts_windows/build_all.bat new file mode 100644 index 00000000..44cec721 --- /dev/null +++ b/scripts_windows/build_all.bat @@ -0,0 +1,19 @@ +@ECHO OFF +SETLOCAL +SET EL=0 + +REM CALL "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat" +REM IF ERRORLEVEL 1 SET EL=1 + +FOR /D %%K IN (crypto_kem\*) DO ( + FOR /D %%L IN (%%K\*) DO ( + cd %%L + nmake /f Makefile.Microsoft_nmake clean + IF ERRORLEVEL 1 SET EL=2 + nmake /f Makefile.Microsoft_nmake + IF ERRORLEVEL 1 SET EL=3 + cd ..\..\.. + ) +) + +EXIT /b %EL%