-
Notifications
You must be signed in to change notification settings - Fork 447
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[#1823] replace malloc/calloc/strdup/free with openssl allocator #1926
base: main
Are you sure you want to change the base?
[#1823] replace malloc/calloc/strdup/free with openssl allocator #1926
Conversation
…sl allocator Signed-off-by: Songling Han <shan@paloaltonetworks.com>
a93e625
to
b61754c
Compare
I will commit another change for copy_from_upstream. |
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Conceptually LGTM, but CI needs to pass; please see https://github.com/open-quantum-safe/liboqs/blob/main/CONTRIBUTING.md#coding-style
@baentsch Question: 'bike', 'frodokem', 'ntruprime' is not from upstream. |
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Good point. @dstebila : There's surely upstreams for these algorithms, but they're not captured by OQS automation/copy_from_upstream. Question: Are these projects still maintained (and where) or is it OK to change code straight in |
…KEM, and NTRUPrime Signed-off-by: Songling Han <shan@paloaltonetworks.com>
FrodoKEM is maintained at https://github.com/microsoft/PQCrypto-LWEKE/; I exported the code from there any manually added it to liboqs, as we didn't have as robust a copy_from_upstream at the time. FrodoKEM also needs to do an update from upstream, as there have been new variants introduced in the last year, but I don't have a plan for this update. So to avoid blocking on that, I would say it's fine to make the FrodoKEM changes directly here in this repository. NTRUPrime had been coming from PQClean, but they have stopped supporting it. We only are keeping one variant of NTRUPrime because of its use in OpenSSH. I think we consider a timeline for sunsetting it. But in the interim, I think changes to NTRUPrime can be done directly here in this repository. BIKE was contributed directly by the team at AWS. Our main contact for that has been @dkostic, but I'm not sure if he's still the right contact. Pinging @brian-jarvis-aws for some input. |
done |
I'd prefer to see those as a second PR, since those changes may be less mechanical and might require a closer look. |
I suggest we defer merging this until after the 0.11.0 release, otherwise we would need to cut a new release candidate and push the release back a week. |
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Addressed the comment in the latest PR. Please review it. |
Correct. We should phase out direct calls to malloc, free, calloc, strdup, and realloc. |
|
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Addressed the comment by adding code in test_code_conventions.py. |
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
It seems the conflicts issue only occurs for certain openssl version/platform. Didn't see conflicts any more after revert. |
@SWilson4 Addressed your 2 comments. |
It's always a good idea to run those to preclude CI finding issues. See e.g. this CI workflow. @SWilson4 : Maybe a sensible addition to CONTRIBUTING.md? |
@songlingatpan please see a single comment I just added (creating an issue to track a problem pointed out by @SWilson4 ) @SWilson4 would you please mark all your comments resolved that you consider such? Makes reviewing reviews easier (at least for me). |
No need additional code changes for upstream: |
@SWilson4 |
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Signed-off-by: Songling Han <shan@paloaltonetworks.com>
Replaced malloc, calloc, strdup, and free with the OpenSSL memory allocator to enable the caller to customize memory allocator, addressing issue #1823. This PR does not change the existing behavior or algorithms.