Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make internal API available to (only) test programs #1667

Merged
merged 9 commits into from
Jan 22, 2024
Merged

Make internal API available to (only) test programs #1667

merged 9 commits into from
Jan 22, 2024

Conversation

SWilson4
Copy link
Member

This PR serves three purposes:

  1. to separate and define the OQS "internal API"
  2. to make the internal API available to our test programs, and
  3. to ensure that the internal API is not made available to library users.

It does so by doing the following:

  • Move the NIST DRBG to the OQS internal API.
  • Build the OQS internal API code (AES, SHA2, SHA3, and the NIST DRBG) as a separate oqs-internal library, with visibility set to "default".
  • Don't install the internal API headers in the CMake include directory.
  • Remove the internal API .h files from oqs.h and .Doxyfile.
  • Add #include statements as necessary to address compilation failures due to the above.
  • Link test programs against both oqs and oqs-internal.

This will hopefully make testing easier and in particular will unblock PR #1560. I've added it to the 0.10.0 milestone for the latter reason.

Fixes #1648.

  • Does this PR change the input/output behaviour of a cryptographic algorithm (i.e., does it change known answer test values)? (If so, a version bump will be required from x.y.z to x.(y+1).0.)
  • Does this PR change the list of algorithms available -- either adding, removing, or renaming? Does this PR otherwise change an API? (If so, PRs in fully supported downstream projects dependent on these, i.e., oqs-provider and OQS-OpenSSH will also need to be ready for review and merge by the time this is merged.)

Yes, the API is changed, but it's not much. The NIST DRBG is no longer exposed in the public API. This means changes to two public API functions: OQS_randombytes_switch_algorithm will now error when passed the string "NIST-KAT" (with or without capitalization) and OQS_randombytes_nist_kat_init_256bit has been deleted.

@SWilson4 SWilson4 added this to the 0.10.0 milestone Jan 16, 2024
@SWilson4
Copy link
Member Author

I also should mention that I deleted the nistseedexpander PQClean shim, which is no longer needed since #1585.

@SWilson4 SWilson4 mentioned this pull request Jan 16, 2024
Merged
4 tasks
baentsch
baentsch reviewed Jan 18, 2024
View reviewed changes
Copy link
Member

@baentsch baentsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @SWilson4 for this PR: After a first review, it looks good to me -- and reduces the "OQS support interface width" as (I think is) desirable. Allow me a bit more time to "test-drive" this branch in an oqs-provider setup. If you feel there's other sub-projects that may benefit from such test, be my guest :)

baentsch
baentsch approved these changes Jan 22, 2024
View reviewed changes
Copy link
Member

@baentsch baentsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested to work fine downstream. Thanks again for the reduction in potential support effort!

@SWilson4 SWilson4 merged commit cc453db into main Jan 22, 2024
56 checks passed
@SWilson4 SWilson4 deleted the sw-internal-api branch January 22, 2024 14:03
@SWilson4 SWilson4 mentioned this pull request Feb 5, 2024
Merged
This was referenced Mar 11, 2024
Closed
Merged
@BrewTestBot BrewTestBot mentioned this pull request Mar 23, 2024
Merged
@SWilson4 SWilson4 mentioned this pull request May 15, 2024
Merged
ueno added a commit to ueno/liboqs that referenced this pull request Jul 8, 2024
@ueno
Restore headers for low-level symmetric primitives
5b741d9 
This restores the now-private headers as public again after open-quantum-safe#1667,
exposing the API to select alternative implementation through
callbacks, e.g., OQS_AES_set_callbacks.  Note the other functions in
those headers are still not exposed as they are declared without
OQS_API.

Signed-off-by: Daiki Ueno <[email protected]>
@ueno ueno mentioned this pull request Jul 8, 2024
Merged
2 tasks
ueno added a commit to ueno/liboqs that referenced this pull request Jul 9, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
efd860b 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/liboqs that referenced this pull request Jul 9, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
a7e169c 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/liboqs that referenced this pull request Jul 10, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
2b373e7 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/liboqs that referenced this pull request Jul 10, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
1c2cdb3 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/liboqs that referenced this pull request Jul 10, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
27ae0ae 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/liboqs that referenced this pull request Jul 10, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives
b929e79 
This makes the callback API to replace low-level cryptographic
implementation public again after open-quantum-safe#1667.

Signed-off-by: Daiki Ueno <[email protected]>
SWilson4 pushed a commit that referenced this pull request Jul 11, 2024
@ueno
Expose callback API for replacing low-level cryptographic primitives (#…
26feef2 
…1832)

This makes the callback API to replace low-level cryptographic
implementation public again after #1667.

Signed-off-by: Daiki Ueno <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baentsch baentsch baentsch approved these changes

@dstebila dstebila dstebila approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.10.0
Development

Successfully merging this pull request may close these issues.

Better separate internal and public APIs
3 participants
@SWilson4 @dstebila @baentsch