diff --git a/.travis.yml b/.travis.yml index 1aaccabb..9b4b0343 100644 --- a/.travis.yml +++ b/.travis.yml @@ -109,7 +109,7 @@ matrix: # MacOS builds - name: "KEMs: MacOS + Clang" os: osx - osx_image: xcode11.2 + osx_image: xcode11.3 compiler: clang before_install: - pip3 install -r requirements.txt @@ -131,15 +131,17 @@ matrix: PQCLEAN_SKIP_SCHEMES: sphincs-haraka-128f-robust,sphincs-haraka-192s-robust,sphincs-sha256-128f-robust,sphincs-sha256-192s-robust,sphincs-shake256-128f-robust,sphincs-shake256-192s-robust,sphincs-haraka-128f-simple,sphincs-haraka-192s-simple,sphincs-sha256-128f-simple,sphincs-sha256-192s-simple,sphincs-shake256-128f-simple,sphincs-shake256-192s-simple,sphincs-haraka-128s-robust,sphincs-haraka-256f-robust,sphincs-sha256-128s-robust,sphincs-sha256-256f-robust,sphincs-shake256-128s-robust,sphincs-shake256-256f-robust,sphincs-haraka-128s-simple,sphincs-haraka-256f-simple,sphincs-sha256-128s-simple,sphincs-sha256-256f-simple,sphincs-shake256-128s-simple,sphincs-shake256-256f-simple,sphincs-haraka-192f-robust,sphincs-haraka-256s-robust,sphincs-sha256-192f-robust,sphincs-sha256-256s-robust,sphincs-shake256-192f-robust,sphincs-shake256-256s-robust,sphincs-haraka-192f-simple,sphincs-haraka-256s-simple,sphincs-sha256-192f-simple,sphincs-sha256-256s-simple,sphincs-shake256-192f-simple,sphincs-shake256-256s-simple addons: homebrew: + update: true packages: - astyle - ccache - name: "KEMs: MacOS + GCC9" os: osx - osx_image: xcode11.2 + osx_image: xcode11.3 compiler: gcc addons: homebrew: + update: true packages: - astyle - ccache @@ -167,7 +169,7 @@ matrix: - "cd test && travis_wait 60 python3 -m pytest --numprocesses=auto" - name: "SIGs on MacOS + Clang" os: osx - osx_image: xcode11.2 + osx_image: xcode11.3 compiler: clang before_install: - pip3 install -r requirements.txt @@ -189,15 +191,17 @@ matrix: PQCLEAN_SKIP_SCHEMES: sphincs-haraka-128f-robust,sphincs-haraka-192s-robust,sphincs-sha256-128f-robust,sphincs-sha256-192s-robust,sphincs-shake256-128f-robust,sphincs-shake256-192s-robust,sphincs-haraka-128f-simple,sphincs-haraka-192s-simple,sphincs-sha256-128f-simple,sphincs-sha256-192s-simple,sphincs-shake256-128f-simple,sphincs-shake256-192s-simple,sphincs-haraka-128s-robust,sphincs-haraka-256f-robust,sphincs-sha256-128s-robust,sphincs-sha256-256f-robust,sphincs-shake256-128s-robust,sphincs-shake256-256f-robust,sphincs-haraka-128s-simple,sphincs-haraka-256f-simple,sphincs-sha256-128s-simple,sphincs-sha256-256f-simple,sphincs-shake256-128s-simple,sphincs-shake256-256f-simple,sphincs-haraka-192f-robust,sphincs-haraka-256s-robust,sphincs-sha256-192f-robust,sphincs-sha256-256s-robust,sphincs-shake256-192f-robust,sphincs-shake256-256s-robust,sphincs-haraka-192f-simple,sphincs-haraka-256s-simple,sphincs-sha256-192f-simple,sphincs-sha256-256s-simple,sphincs-shake256-192f-simple,sphincs-shake256-256s-simple addons: homebrew: + update: true packages: - astyle - ccache - name: "SIGs on MacOS + GCC9" os: osx - osx_image: xcode11.2 + osx_image: xcode11.3 compiler: gcc addons: homebrew: + update: true packages: - astyle - ccache diff --git a/crypto_kem/ledakemlt12/leaktime/rng.c b/crypto_kem/ledakemlt12/leaktime/rng.c index f9d22b97..0febbf62 100644 --- a/crypto_kem/ledakemlt12/leaktime/rng.c +++ b/crypto_kem/ledakemlt12/leaktime/rng.c @@ -81,7 +81,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s memcpy(x + offset, ctx->buffer + ctx->buffer_pos, xlen); ctx->buffer_pos += xlen; - return RNG_SUCCESS; + goto end; } // take what's in the buffer @@ -103,6 +103,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s } } +end: aes256_ctx_release(&ctx256); return RNG_SUCCESS; diff --git a/crypto_kem/ledakemlt32/leaktime/rng.c b/crypto_kem/ledakemlt32/leaktime/rng.c index 3c12deb4..99193987 100644 --- a/crypto_kem/ledakemlt32/leaktime/rng.c +++ b/crypto_kem/ledakemlt32/leaktime/rng.c @@ -81,7 +81,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s memcpy(x + offset, ctx->buffer + ctx->buffer_pos, xlen); ctx->buffer_pos += xlen; - return RNG_SUCCESS; + goto end; } // take what's in the buffer @@ -103,6 +103,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s } } +end: aes256_ctx_release(&ctx256); return RNG_SUCCESS; diff --git a/crypto_kem/ledakemlt52/leaktime/rng.c b/crypto_kem/ledakemlt52/leaktime/rng.c index 760bb2b4..7354c8e0 100644 --- a/crypto_kem/ledakemlt52/leaktime/rng.c +++ b/crypto_kem/ledakemlt52/leaktime/rng.c @@ -81,7 +81,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s memcpy(x + offset, ctx->buffer + ctx->buffer_pos, xlen); ctx->buffer_pos += xlen; - return RNG_SUCCESS; + goto end; } // take what's in the buffer @@ -103,6 +103,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s } } +end: aes256_ctx_release(&ctx256); return RNG_SUCCESS; diff --git a/crypto_kem/newhope1024cca/clean/poly.c b/crypto_kem/newhope1024cca/clean/poly.c index 10ec5535..efa8fbb5 100644 --- a/crypto_kem/newhope1024cca/clean/poly.c +++ b/crypto_kem/newhope1024cca/clean/poly.c @@ -225,6 +225,7 @@ void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(poly *a, const unsigned char *see } } } + shake128_ctx_release(&state); } } diff --git a/crypto_kem/newhope1024cpa/clean/poly.c b/crypto_kem/newhope1024cpa/clean/poly.c index f9b4cce8..3f64de42 100644 --- a/crypto_kem/newhope1024cpa/clean/poly.c +++ b/crypto_kem/newhope1024cpa/clean/poly.c @@ -225,6 +225,7 @@ void PQCLEAN_NEWHOPE1024CPA_CLEAN_poly_uniform(poly *a, const unsigned char *see } } } + shake128_ctx_release(&state); } } diff --git a/crypto_kem/newhope512cca/clean/poly.c b/crypto_kem/newhope512cca/clean/poly.c index aa3175f0..39ec8e59 100644 --- a/crypto_kem/newhope512cca/clean/poly.c +++ b/crypto_kem/newhope512cca/clean/poly.c @@ -221,6 +221,7 @@ void PQCLEAN_NEWHOPE512CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed } } } + shake128_ctx_release(&state); } } diff --git a/crypto_kem/newhope512cpa/clean/poly.c b/crypto_kem/newhope512cpa/clean/poly.c index 6bd47ae6..3f03fdcf 100644 --- a/crypto_kem/newhope512cpa/clean/poly.c +++ b/crypto_kem/newhope512cpa/clean/poly.c @@ -221,6 +221,7 @@ void PQCLEAN_NEWHOPE512CPA_CLEAN_poly_uniform(poly *a, const unsigned char *seed } } } + shake128_ctx_release(&state); } } diff --git a/crypto_sign/dilithium2/avx2/sign.c b/crypto_sign/dilithium2/avx2/sign.c index beaca17c..3b7b8c75 100644 --- a/crypto_sign/dilithium2/avx2/sign.c +++ b/crypto_sign/dilithium2/avx2/sign.c @@ -95,6 +95,7 @@ void PQCLEAN_DILITHIUM2_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium2/clean/sign.c b/crypto_sign/dilithium2/clean/sign.c index f1557978..24187654 100644 --- a/crypto_sign/dilithium2/clean/sign.c +++ b/crypto_sign/dilithium2/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM2_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium3/avx2/sign.c b/crypto_sign/dilithium3/avx2/sign.c index 1084b653..b605203a 100644 --- a/crypto_sign/dilithium3/avx2/sign.c +++ b/crypto_sign/dilithium3/avx2/sign.c @@ -107,6 +107,7 @@ void PQCLEAN_DILITHIUM3_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium3/clean/sign.c b/crypto_sign/dilithium3/clean/sign.c index 6a7ceef0..1715c42f 100644 --- a/crypto_sign/dilithium3/clean/sign.c +++ b/crypto_sign/dilithium3/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM3_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium4/avx2/sign.c b/crypto_sign/dilithium4/avx2/sign.c index b489c463..641adef6 100644 --- a/crypto_sign/dilithium4/avx2/sign.c +++ b/crypto_sign/dilithium4/avx2/sign.c @@ -122,6 +122,7 @@ void PQCLEAN_DILITHIUM4_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium4/clean/sign.c b/crypto_sign/dilithium4/clean/sign.c index ab2da1c2..aebe76be 100644 --- a/crypto_sign/dilithium4/clean/sign.c +++ b/crypto_sign/dilithium4/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM4_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/test/test_valgrind.py b/test/test_valgrind.py index b4b5ed7b..32715b41 100644 --- a/test/test_valgrind.py +++ b/test/test_valgrind.py @@ -54,6 +54,7 @@ def test_valgrind(implementation: pqclean.Implementation, impl_path, test_dir, helpers.run_subprocess( ['valgrind', '--error-exitcode=1', + '--leak-check=yes', *(['--exit-on-first-error=yes'] if valgrind_supports_exit_early() else []),