Merge branch 'open-quantum-safe:main' into main

Author: rben-dev

README.md

@@ -70,7 +70,7 @@ All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes
 #### Signature schemes
 | Algorithm family   | Standardization status                                                                                                                                               | Primary implementation                                                                                                                      |
 |:-------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------|
-| CROSS              | Under [NIST](https://www.cross-crypto.com/CROSS_Specification_v2.2.pdf) consideration                                                                                | [`CROSS-signature/CROSS-lib-oqs@c8f7411`](https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f) |
+| CROSS              | Under [NIST](https://www.cross-crypto.com/CROSS_Specification_v2.2.pdf) consideration                                                                                | [`CROSS-signature/CROSS-lib-oqs@a21ebc3`](https://github.com/CROSS-signature/CROSS-lib-oqs/commit/a21ebc314e06b0972a9bbcf2813a185ecb2917f1) |
 | Falcon             | Selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Falcon-Round3.zip) for upcoming standardization | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181)                             |
 | MAYO               | Under [NIST](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/mayo-spec-round2-web.pdf) consideration                              | [`PQCMayo/MAYO-C@4b7cd94`](https://github.com/PQCMayo/MAYO-C/commit/4b7cd94c96b9522864efe40c6ad1fa269584a807)                               |
 | ML-DSA             | Standardized by [NIST](https://csrc.nist.gov/pubs/fips/204/final)                                                                                                    | [`pq-code-package/mldsa-native@f48f164`](https://github.com/pq-code-package/mldsa-native/commit/f48f164cefb07f4ffa519ddda7cee670b8ee3517)   |

docs/algorithms/sig/cross.md

@@ -7,11 +7,11 @@
 - **Authors' website**: https://www.cross-crypto.com/
 - **Specification version**: 2.2 + PQClean and OQS patches.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f
+  - **Source**: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/a21ebc314e06b0972a9bbcf2813a185ecb2917f1
   - **Implementation license (SPDX-Identifier)**: CC0-1.0
 - **Optimized Implementation sources**:
   - **avx2**:<a name="avx2"></a>
-      - **Source**: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f
+      - **Source**: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/a21ebc314e06b0972a9bbcf2813a185ecb2917f1
       - **Implementation license (SPDX-Identifier)**: CC0-1.0
 
 

docs/algorithms/sig/cross.yml

@@ -26,7 +26,7 @@ standardization-status: Under [NIST](https://www.cross-crypto.com/CROSS_Specific
   consideration
 spec-version: 2.2 + PQClean and OQS patches
 primary-upstream:
-  source: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f
+  source: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/a21ebc314e06b0972a9bbcf2813a185ecb2917f1
   spdx-license-identifier: CC0-1.0
 parameter-sets:
 - name: cross-rsdp-128-balanced

scripts/copy_from_upstream/copy_from_upstream.yml

@@ -75,7 +75,7 @@ upstreams:
     name: upcross
     git_url: https://github.com/CROSS-signature/CROSS-lib-oqs.git
     git_branch: master
-    git_commit: c8f7411fed136f0e37600973fa3dbed53465e54f
+    git_commit: a21ebc314e06b0972a9bbcf2813a185ecb2917f1
     sig_meta_path: 'generate/crypto_sign/{pqclean_scheme}/META.yml'
     sig_scheme_path: 'generate/crypto_sign/{pqclean_scheme}'
   -

src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify

src/sig/cross/upcross_cross-rsdp-128-balanced_clean/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify

src/sig/cross/upcross_cross-rsdp-128-fast_avx2/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify

src/sig/cross/upcross_cross-rsdp-128-fast_clean/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify

src/sig/cross/upcross_cross-rsdp-128-small_avx2/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify

src/sig/cross/upcross_cross-rsdp-128-small_clean/sign.c

@@ -125,15 +125,14 @@ int crypto_sign_verify(const unsigned char *sig,                // in parameter
                        const unsigned char *pk                  // in parameter
                       ) {
 
-	/* PQClean-edit: unused parameter */
-	(void)siglen;
-
 	/* verify returns 1 if signature is ok, 0 otherwise */
 	int ok = CROSS_verify((const pk_t * const) pk,               // in parameter
 	                      (const char *const) m,                 // in parameter
 	                      (const size_t) mlen,                   // in parameter
 	                      (const CROSS_sig_t *const) sig);       // in parameter
 
+	/* liboqs-edit: check signature length */
+	ok = ok && (siglen == sizeof(CROSS_sig_t));
 
 	return ok - 1; // NIST convention: 0 == zero errors, -1 == error condition
 } // end crypto_sign_verify