From d3b4ce1ba664fd8982eb23cf1c2b68ff8fb6d62d Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Thu, 31 Oct 2024 15:36:34 +0800 Subject: [PATCH 01/20] [build] use .a of liboqs Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 275 ++------------------------------------- RELEASE.md | 16 --- examples/KEMExample.java | 16 ++- liboqs | 1 + pom.xml | 7 +- 5 files changed, 29 insertions(+), 286 deletions(-) delete mode 100644 RELEASE.md create mode 160000 liboqs diff --git a/README.md b/README.md index 2f2472a..5529be5 100644 --- a/README.md +++ b/README.md @@ -1,284 +1,27 @@ -[![CircleCI Build Status](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master.svg?style=svg)](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master) +代码由https://github.com/open-quantum-safe/liboqs-java,修改得到 -# liboqs-java: Java wrapper for liboqs - -**liboqs-java** offers a Java wrapper providing quantum-resistant cryptographic algorithms via [liboqs](https://github.com/open-quantum-safe/liboqs/). - - -## Overview - -The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. - -**liboqs** is an open source C library for quantum-resistant cryptographic algorithms. See more about liboqs at https://github.com/open-quantum-safe/liboqs, including a list of supported algorithms. - -**liboqs-java** is an open source Java wrapper for the liboqs C library that provides: -* a common API for post-quantum key encapsulation mechanisms and digital signature schemes -* a collection of open source implementations of post-quantum cryptography algorithms - -The OQS project also provides prototype integrations into application-level protocols to enable testing of quantum-resistant cryptography. - -More information on OQS can be found on https://openquantumsafe.org. - - - -## liboqs-java - -This solution implements a Java wrapper for the C OQS library. It contains the following directories: - -* __`src/main/c/`:__ Native C JNI wrapper code that interfaces with liboqs. - -* __`src/main/java/org/openquantumsafe/`:__ Java wrappers for the liboqs C library. - -* __`src/test/java/org/openquantumsafe/`:__ Unit tests. - -* __`examples/`:__ Key encapsulation, digital signatures and rand examples. - - -`liboqs-java` defines four main classes: **`KeyEncapsulation`** and **`Signature`**, providing post-quantum key encapsulation and signature mechanisms, respectively, and **`KEMs`** and **`Sigs`**, containing only static member functions that provide information related to the available key encapsulation mechanisms or signature mechanism, respectively. - -`KeyEncapsulation` and/or `Signature` must be instantiated with a string identifying one of mechanisms supported by liboqs; these can be enumerated using the `KEMs.get_enabled_KEMs()` and `Sigs.get_enabled_sigs()` methods. - -Support for alternative RNGs is provided via the `randombytes` functions. - -The examples in the [examples](./examples/) directory are self-explanatory and provide more details about the wrapper's API. - - - -## Limitations and security -`liboqs` and `liboqs-java` are designed for prototyping and evaluating quantum-resistant cryptography. Security of proposed quantum-resistant algorithms may rapidly change as research advances, and may ultimately be completely insecure against either classical or quantum computers. - -We believe that the NIST Post-Quantum Cryptography standardization project is currently the best avenue to identifying potentially quantum-resistant algorithms. `liboqs` does not intend to "pick winners", and we strongly recommend that applications and protocols rely on the outcomes of the NIST standardization project when deploying post-quantum cryptography. - -We acknowledge that some parties may want to begin deploying post-quantum cryptography prior to the conclusion of the NIST standardization project. We strongly recommend that any attempts to do make use of so-called hybrid cryptography, in which post-quantum public-key algorithms are used alongside traditional public key algorithms (like RSA or elliptic curves) so that the solution is at least no less secure than existing traditional cryptography. - -`liboqs-java` is provided "as is", without warranty of any kind. See [LICENSE](./LICENSE) for the full disclaimer. - - - -## Building -Builds have been tested on Linux (Ubuntu 18.04 LTS, 19.10, and 20.04) and macOS Mojave with OpenJDK 8, 9, 11. - -### Pre-requisites -To build the Java OQS wrapper you need a Java Development Kit (JDK), such as [OpenJDK](https://openjdk.java.net/) >= 8 and [Apache Maven](https://maven.apache.org/). - -To build `liboqs-java` first download or clone this java wrapper into a `liboqs-java` folder, e.g., - -``` -git clone -b master https://github.com/open-quantum-safe/liboqs-java.git -``` - -### Building the OQS dependency - -#### Linux/MacOS -First, you must build the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs/) according to the liboqs building instructions with shared library support enabled (add `-DBUILD_SHARED_LIBS=ON` to the `cmake` command), followed (optionally) by a `sudo ninja install` to ensure that the compiled library is visible system-wide (by default it installs under `/usr/local/include` and `/usr/local/lib` on Linux/macOS). +这是本地构建用的代码,需要在linux环境运行,需求jdk1.8, gcc, cmake, ninja-build, maven, openssl +1. (已经编译完成,可跳过) 编译liboqs的C代码库 ``` -git clone -b main https://github.com/open-quantum-safe/liboqs.git cd liboqs mkdir build && cd build -cmake -GNinja -DBUILD_SHARED_LIBS=ON .. +cmake -GNinja .. ninja -sudo ninja install ``` - -### Building the Java OQS wrapper - -To build the `liboqs-java` wrapper type for different operating systems add the `-P ` flag, where ` = {linux, macosx}`. - -For instance, to build `liboqs-java` for MacOS, type: +2. 编译liboqs-java ``` -$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" +mvn package -P linux ``` -The above command will compile the C and Java files and also run the unit tests. -To build without running the default unit tests you can use the `-Dmaven.test.skip=true` command line option as follows: +3. 安装至maven本地仓库 ``` -$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" -Dmaven.test.skip=true +mvn install ``` -The default profile for building is `linux`, so when building on Linux the `-P ` command line option may be omitted. - -You may also omit the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` options in case you installed liboqs in `/usr/local` (true if you ran `sudo ninja install` after building liboqs). - -Both the above commands will create a `target` directory with the build files, as well as a `src/main/resources` directory that will contain the `liboqs-jni.so` native library. Finally, a `liboqs-java.jar` will be created inside the `target` directory that will contain all the class files as well as the `liboqs-jni.so` native library. - - -### Building and running the examples - -The examples include: - -1. **Key Encapsulation example:** - - ![alt text][KEM-overview] - -1. **Digital Signatures example:** - - ![alt text][DS-overview] - -1. **Rand example:** - Print random bytes from - * NIST-KAT - * OpenSSL - * System (default) - -#### Linux/MacOS - -##### 1) Key Encapsulation example - -To compile and run the KEM example, type: +4. 可以运行KEM示例: ``` $ javac -cp target/liboqs-java.jar examples/KEMExample.java $ java -cp target/liboqs-java.jar:examples/ KEMExample ``` - -``` -Supported KEMs: -BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed - -Enabled KEMs: -BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed - -KEM Details: - Name: Kyber512 - Version: https://github.com/pq-crystals/kyber/commit/74cad307858b61e434490c75f812cb9b9ef7279b - Claimed NIST level: 1 - Is IND-CCA: true - Length public key (bytes): 800 - Length secret key (bytes): 1632 - Length ciphertext (bytes): 768 - Length shared secret (bytes): 32 - -Client public key: -C8 58 3B 21 02 A0 4D B0 ... 95 57 A7 E9 42 C0 45 C4 - -It took 1 millisecs to generate the key pair. -It took 0 millisecs to encapsulate the secret. -It took 0 millisecs to decapsulate the secret. - -Client shared secret: -16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF - -Server shared secret: -16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF - -Shared secrets coincide? true -``` - -##### 2) Signatures example - -``` -$ javac -cp target/liboqs-java.jar examples/SigExample.java -$ java -cp target/liboqs-java.jar:examples/ SigExample -``` - -``` -Supported signatures: -Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 - -Enabled signatures: -Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 - -Signature Details: - Name: Dilithium2 - Version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409 - Claimed NIST level: 2 - Is IND-CCA: true - Length public key (bytes): 1312 - Length secret key (bytes): 2528 - Maximum length signature (bytes): 2420 - -Signer public key: -0E 47 54 30 E7 47 6D E6 ... 82 6E 4C C3 87 AA 6E FD - -It took 0 millisecs to generate the key pair. -It took 1 millisecs to sign the message. -It took 0 millisecs to verify the signature. - -Signature: -0C 2E 2D E2 81 C5 DC 10 ... 00 00 00 00 03 13 29 3B - -Valid signature? true -``` - -##### 3) Rand example - -``` -$ javac -cp target/liboqs-java.jar examples/RandExample.java -$ java -cp target/liboqs-java.jar:examples/ RandExample -``` - -``` -NIST-KAT: BF E7 5C 34 F9 1C 54 44 30 CD B1 61 5B FF 3D 92 31 17 38 BD 71 61 0C 22 CD F7 B8 23 D9 7C 27 F3 -OpenSSL: 86 B6 46 9C 56 44 6B FB F8 B1 37 F0 86 4D 4D 74 0F FD 51 99 82 D6 89 02 40 B9 45 CF F9 3A 4D 70 -System (default): 37 55 6F 4F 03 53 BB 71 E8 70 C2 3D DF 85 69 57 30 CE FA 11 EF 50 8A F5 AE 25 35 6F 91 CF EC 1D -``` - - -## Troubleshooting -* __Compiler errors__ - - * Cannot find `jni.h`: - ``` - fatal error: jni.h: No such file or directory - 2 | #include - compilation terminated. - ``` - Try setting the `JAVA_HOME` environment variable. - Then, try `ls $JAVA_HOME` to check whether the directory is empty or has contents. If it is empty, set `JAVA_HOME` to a correct JDK. - - * Cannot find `oqs/oqs.h` - ``` - fatal error: oqs.h: No such file or directory - 5 | #include - compilation terminated. - ``` - Try providing the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` command line options to maven as mentioned in the [build instructions](https://github.com/open-quantum-safe/liboqs-java#building-the-java-oqs-wrapper). - -* __Runtime errors__ - * If Java cannot find native library: - ``` - Exception in thread "main" java.lang.ExceptionInInitializerError - at ... - Caused by: java.lang.NullPointerException - at org.openquantumsafe.Common.loadNativeLibrary(Common.java:51) - at ... - ``` - try passing to the java library path the directory that contains the native library (e.g., `java -Djava.library.path=src/main/resources/ -cp target/liboqs-java.jar:examples/ KEMExample`). - - * If Java cannot find `liboqs`: - ``` - Exception in thread "main" java.lang.UnsatisfiedLinkError: - ./liboqs-java/build/liboqs-jni.so: liboqs.so.0: cannot open shared object file: No such file or directory - ``` - try setting the `LD_LIBRARY_PATH` environment variable with the installation location of the `liboqs` shared library, i.e., - ``` - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" - ``` - - * If a hotspot "irrecoverable stack overflow" error is shown: - ``` - An irrecoverable stack overflow has occurred. - Please check if any of your loaded .so files has enabled executable stack (see man page execstack(8)) - # - # A fatal error has been detected by the Java Runtime Environment: - ``` - This could happen for algorithms that use a large stack size. Try adding the `-Xss` option to specify a different thread stack size. For example, `-Xss5m`. - - -## Team -The Open Quantum Safe project is led by [Douglas Stebila](https://www.douglas.stebila.ca/research/) and [Michele Mosca](http://faculty.iqc.uwaterloo.ca/mmosca/) at the University of Waterloo. - -Contributors to the liboqs-java wrapper include: -* Dimitris Mouris ([@jimouris](https://github.com/jimouris)) (University of Delaware) -* Christian Paquin ([@christianpaquin](https://github.com/christianpaquin)) (Microsoft Research) - -## License -`liboqs-java` is licensed under the MIT License; see [LICENSE](./LICENSE) for details. - - -[KEM-overview]: ./images/KEM.png -[DS-overview]: ./images/digital-signature.png - -[badge-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=svg -[badge-circleci]: https://img.shields.io/circleci/build/github/open-quantum-safe/liboqs-java?logo=circleci diff --git a/RELEASE.md b/RELEASE.md deleted file mode 100644 index 4858b5b..0000000 --- a/RELEASE.md +++ /dev/null @@ -1,16 +0,0 @@ -liboqs-java version 0.1.0 -========================= - -About ------ - -The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. - -**liboqs** is an open source C library for quantum-resistant cryptographic algorithms. See more about liboqs at [https://github.com/open-quantum-safe/liboqs/](https://github.com/open-quantum-safe/liboqs/), including a list of supported algorithms. - -**liboqs-java** is an open source Java wrapper for the liboqs C library for quantum-resistant cryptographic algorithms. Details about liboqs-java can be found in [README.md](https://github.com/open-quantum-safe/liboqs-java/blob/master/README.md). See in particular limitations on intended use. - -Release notes -============= - -The initial release of liboqs-java was released on July 8, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs-java/releases/tag/0.1.0. diff --git a/examples/KEMExample.java b/examples/KEMExample.java index 65f7065..96db53f 100644 --- a/examples/KEMExample.java +++ b/examples/KEMExample.java @@ -1,6 +1,7 @@ import org.openquantumsafe.*; import java.util.ArrayList; import java.util.Arrays; +import java.util.Base64; public class KEMExample { @@ -13,7 +14,7 @@ public static void main(String[] args) { Common.print_list(KEMs.get_enabled_KEMs()); System.out.println(); - String kem_name = "Kyber512"; + String kem_name = "ML-KEM-768"; KeyEncapsulation client = new KeyEncapsulation(kem_name); client.print_details(); System.out.println(); @@ -38,6 +39,19 @@ public static void main(String[] args) { byte[] shared_secret_client = client.decap_secret(ciphertext); System.out.println("It took " + (System.currentTimeMillis() - t) + " millisecs to decapsulate the secret."); + byte[] secret_key = client.export_secret_key(); + System.out.println("\nSecret key (Base64):"); + System.out.println(Base64.getEncoder().encodeToString(secret_key)); + + System.out.println("\nShared secrets coincide? " + Arrays.equals(shared_secret_client, shared_secret_server)); + + System.out.println("\nShared secrets (Base64):"); + System.out.println(Base64.getEncoder().encodeToString(shared_secret_server)); + System.out.println("\nPublic key (Base64):"); + System.out.println(Base64.getEncoder().encodeToString(client_public_key)); + System.out.println("\nCiphertext (Base64):"); + System.out.println(Base64.getEncoder().encodeToString(ciphertext)); + client.dispose_KEM(); server.dispose_KEM(); diff --git a/liboqs b/liboqs new file mode 160000 index 0000000..c1cb633 --- /dev/null +++ b/liboqs @@ -0,0 +1 @@ +Subproject commit c1cb63379ca593567411b7f5c15296d3f00309c4 diff --git a/pom.xml b/pom.xml index b80ea94..0b6aa4f 100644 --- a/pom.xml +++ b/pom.xml @@ -62,8 +62,8 @@ liboqs-jni so - /usr/local/include - /usr/local/lib + ${project.basedir}/liboqs/build/include + ${project.basedir}/liboqs/build/lib -I${JAVA_HOME}/include -I${JAVA_HOME}/include/linux @@ -124,7 +124,8 @@ ${lib_name} ${lib_name_ext} - -loqs + ${liboqs.lib.dir}/liboqs.a + -lcrypto From b05c353580ca1b4fb17122da4c2000fc6db63a63 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Thu, 31 Oct 2024 16:01:16 +0800 Subject: [PATCH 02/20] [3rd] add link to liboqs Signed-off-by: Adije Shen <1534656015@qq.com> --- liboqs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/liboqs b/liboqs index c1cb633..2fe93f4 160000 --- a/liboqs +++ b/liboqs @@ -1 +1 @@ -Subproject commit c1cb63379ca593567411b7f5c15296d3f00309c4 +Subproject commit 2fe93f4873302c3757e5a596ae5122754a09380c From 96f06c862ea311dccadfa876a7af4a0f8236062d Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 15:23:17 +0800 Subject: [PATCH 03/20] mv liboqs as a submodule Signed-off-by: Adije Shen <1534656015@qq.com> --- .gitmodules | 3 +++ README.md | 34 +++++++++++++++++++--------------- 2 files changed, 22 insertions(+), 15 deletions(-) create mode 100644 .gitmodules diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..23939aa --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "liboqs"] + path = liboqs + url = https://github.com/AdijeShen/liboqs diff --git a/README.md b/README.md index 5529be5..85e6a71 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,31 @@ -代码由https://github.com/open-quantum-safe/liboqs-java,修改得到 +代码由https://github.com/open-quantum-safe/liboqs-java,修改得到,相比起原本的`liboqs-java`库,这个库里面使用了`liboqs.a`,而不是`liboqs.so`,所以不需要将`liboqs`安装到系统目录,只需要从`./liboqs/`文件夹编译得到`liboqs.a`即可。 这是本地构建用的代码,需要在linux环境运行,需求jdk1.8, gcc, cmake, ninja-build, maven, openssl -1. (已经编译完成,可跳过) 编译liboqs的C代码库 +## linux下构建指南 +1. 下载代码 +```bash +git clone --recursive https://github.com/AdijeShen/liboqs-java ``` + +2. 编译liboqs的C代码库得到liboqs.a +```bash cd liboqs -mkdir build && cd build -cmake -GNinja .. -ninja +cmake -S . -B build +cmake --build build -j4 +cd .. ``` +这一步会生成`liboqs/build/liboqs.a`文件 -2. 编译liboqs-java -``` -mvn package -P linux +3. 编译liboqs-java +```bash +mvn package ``` -3. 安装至maven本地仓库 -``` -mvn install -``` +这一步会生成`target/liboqs-java.jar`和`target/classes/liboqs-jni.so`文件 4. 可以运行KEM示例: -``` -$ javac -cp target/liboqs-java.jar examples/KEMExample.java -$ java -cp target/liboqs-java.jar:examples/ KEMExample +```bash +javac -cp target/liboqs-java.jar examples/KEMExample.java +java -cp target/liboqs-java.jar:examples/ KEMExample ``` From 8ca6e19eb30b402d8a697185b6666ce725624fa0 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 15:27:09 +0800 Subject: [PATCH 04/20] [doc] update the doc Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 85e6a71..7104505 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,42 @@ -代码由https://github.com/open-quantum-safe/liboqs-java,修改得到,相比起原本的`liboqs-java`库,这个库里面使用了`liboqs.a`,而不是`liboqs.so`,所以不需要将`liboqs`安装到系统目录,只需要从`./liboqs/`文件夹编译得到`liboqs.a`即可。 +# liboqs-java -这是本地构建用的代码,需要在linux环境运行,需求jdk1.8, gcc, cmake, ninja-build, maven, openssl +This project is forked from [open-quantum-safe/liboqs-java](https://github.com/open-quantum-safe/liboqs-java). The main difference is that this version uses `liboqs.a` instead of `liboqs.so`, eliminating the need to install liboqs in the system directory. It only requires compiling `liboqs.a` from the `./liboqs/` folder. -## linux下构建指南 -1. 下载代码 +## Description +liboqs-java is a Java wrapper for liboqs, providing an interface to quantum-resistant cryptographic algorithms. + +## Prerequisites +This code needs to be built in a Linux environment with the following requirements: +- JDK 1.8 +- GCC +- CMake +- ninja-build +- Maven +- OpenSSL + +## Build Instructions for Linux + +1. Clone the repository with submodules ```bash git clone --recursive https://github.com/AdijeShen/liboqs-java ``` -2. 编译liboqs的C代码库得到liboqs.a +2. Build the liboqs C library to generate liboqs.a ```bash cd liboqs cmake -S . -B build cmake --build build -j4 cd .. ``` -这一步会生成`liboqs/build/liboqs.a`文件 +This step will generate the `liboqs/build/liboqs.a` file. -3. 编译liboqs-java +3. Build liboqs-java ```bash mvn package ``` +This step will generate `target/liboqs-java.jar` and `target/classes/liboqs-jni.so`. -这一步会生成`target/liboqs-java.jar`和`target/classes/liboqs-jni.so`文件 - -4. 可以运行KEM示例: +4. Run the KEM example: ```bash javac -cp target/liboqs-java.jar examples/KEMExample.java java -cp target/liboqs-java.jar:examples/ KEMExample From 3ca2143807cf56008f647e32ecce5cd9f3128481 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 16:25:31 +0800 Subject: [PATCH 05/20] unify windows and unix operation Signed-off-by: Adije Shen <1534656015@qq.com> --- guide_for_windows.md | 79 ++++++++++++++++++++++++++++++++ pom.xml | 106 +++++++++++++++++++++++++++++++++++++------ 2 files changed, 172 insertions(+), 13 deletions(-) create mode 100644 guide_for_windows.md diff --git a/guide_for_windows.md b/guide_for_windows.md new file mode 100644 index 0000000..68bf98f --- /dev/null +++ b/guide_for_windows.md @@ -0,0 +1,79 @@ +# liboqs-java windows 安装流程(详细版) + +## 安装liboqs库 + +- 安装mingw-w64的GCC 11.5.0版本(这个版本应该无所谓) + +[WinLibs - GCC+MinGW-w64 compiler for Windows](https://winlibs.com/#download-release) + +这个下载zip之后,直接解压到需要安装的目录,中间不要有空格,然后加入环境变量。 + +控制面板->系统->系统信息->高级系统设置->高级->环境变量->PATH + +PATH新增一行`E:\develop\mingw64\bin` + +> 或者用命令行 setx PATH = E:\develop\mingw64\bin;%PATH% (不推荐) + +- 安装cmake(我是通过winget命令行安装的,可以界面安装[https://cmake.org/download/],要把cmake加入到PATH环境变量中) + +```bash +winget install cmake +``` + +- 打开命令行看下是否安装成功 + +```bash +$ C:\Users\adije>gcc --version +gcc (MinGW-W64 x86_64-ucrt-posix-seh, built by Brecht Sanders) 11.5.0 +Copyright (C) 2021 Free Software Foundation, Inc. +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +$ C:\Users\adije>cmake --version +cmake version 3.30.5 + +CMake suite maintained and supported by Kitware (kitware.com/cmake). +``` + +- 从git上面下载了liboqs-java的代码 + +```bash +git clone --recursive https://github.com/AdijeShen/liboqs-java +``` + +- 编译liboqs + +```bash +cd liboqs +cmake -G "MinGW Makefiles" -DCMAKE_C_COMPILER=gcc -DBUILD_SHARED_LIBS=OFF -S . -B build +cmake --build build -j 4 +cmake --install build +cd .. +``` + +## 使用liboqs-java + +- 首先需要安装maven[https://maven.apache.org/](3.8.8)和jdk[https://www.openlogic.com/openjdk-downloads](1.8),这个可以直接下载安装包安装,然后加入环境变量。 + +检查安装成功 + +```bash +$ java -version +openjdk version "1.8.0_432-432" +OpenJDK Runtime Environment (build 1.8.0_432-432-b06) +OpenJDK 64-Bit Server VM (build 25.432-b06, mixed mode) + +$ mvn -version +Apache Maven 3.8.8 (4c87b05d9aedce574290d1acc98575ed5eb6cd39) +Maven home: E:\develop\apache-maven-3.8.8 +Java version: 1.8.0_432-432, vendor: OpenLogic-OpenJDK, runtime: E:\develop\jdk8\jre +Default locale: zh_CN, platform encoding: GBK +OS name: "windows 11", version: "10.0", arch: "amd64", family: "windows" +``` + +然后下载liboqs-java + +```bash +git clone --recursive https://github.com/AdijeShen/liboqs-java +``` + diff --git a/pom.xml b/pom.xml index 0b6aa4f..87d6985 100644 --- a/pom.xml +++ b/pom.xml @@ -9,16 +9,28 @@ 1.0 liboqs-java: Java wrapper for liboqs liboqs-java offers a Java wrapper providing quantum-resistant cryptographic algorithms via liboqs. - UTF-8 UTF-8 + + + + - + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.1 + + + org.apache.maven.plugins + maven-jar-plugin + 3.2.0 + org.junit.jupiter junit-jupiter-params @@ -32,7 +44,6 @@ test - macosx @@ -48,6 +59,11 @@ /usr/local/include /usr/local/lib -I${JAVA_HOME}/include -I${JAVA_HOME}/include/darwin + generic-classic + gcc + + -shared -L${liboqs.lib.dir} + ${liboqs.lib.dir}/liboqs.a -lcrypto @@ -65,10 +81,37 @@ ${project.basedir}/liboqs/build/include ${project.basedir}/liboqs/build/lib -I${JAVA_HOME}/include -I${JAVA_HOME}/include/linux + generic-classic + gcc + + -shared -L${liboqs.lib.dir} + ${liboqs.lib.dir}/liboqs.a -lcrypto + + + + windows + + + platform + windows + + + + oqs-jni + dll + + ${basedir}\liboqs\build\include + ${basedir}\liboqs\build\lib + true + -I"${JAVA_HOME}\include" -I"${JAVA_HOME}\include\win32" + mingw + g++ + + -shared -L${liboqs.lib.dir} -ladvapi32 + ${liboqs.lib.dir}\liboqs.a - @@ -76,7 +119,7 @@ maven-surefire-plugin 2.22.0 - -Xss10M -Djava.library.path=${project.build.outputDirectory} + -Xss10M -Djava.library.path=${basedir}/src/main/resources/ @@ -87,6 +130,23 @@ 1.8 + + maven-antrun-plugin + 3.0.0 + + + initialize + + + + + + + run + + + + org.codehaus.mojo native-maven-plugin @@ -106,8 +166,8 @@ - generic-classic - gcc + ${compiler.provider} + ${compiler.executable} ${java.os.include} -fPIC @@ -116,16 +176,15 @@ -I${liboqs.include.dir} ${project.build.outputDirectory} - gcc + ${linker.executable} - -shared - -L${liboqs.lib.dir} + ${linker.start.option} ${lib_name} ${lib_name_ext} - ${liboqs.lib.dir}/liboqs.a - -lcrypto + ${linker.end.option} + @@ -140,6 +199,27 @@ + + maven-resources-plugin + 3.1.0 + + + copy-resources + process-classes + + copy-resources + + + ${project.build.outputDirectory} + + + ${basedir}/src/main/resources/ + + + + + + - + \ No newline at end of file From 74f18beccf915cf1939336f067f14a5e4bd08655 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 16:54:46 +0800 Subject: [PATCH 06/20] add guide for windows Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 82 ++++++++++++++++++++++++++++++++++++++++---- guide_for_windows.md | 79 ------------------------------------------ 2 files changed, 76 insertions(+), 85 deletions(-) delete mode 100644 guide_for_windows.md diff --git a/README.md b/README.md index 7104505..6468ad4 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,77 @@ # liboqs-java -This project is forked from [open-quantum-safe/liboqs-java](https://github.com/open-quantum-safe/liboqs-java). The main difference is that this version uses `liboqs.a` instead of `liboqs.so`, eliminating the need to install liboqs in the system directory. It only requires compiling `liboqs.a` from the `./liboqs/` folder. +This project is forked from [open-quantum-safe/liboqs-java](https://github.com/open-quantum-safe/liboqs-java). The main difference is that this version uses `liboqs.a` instead of `liboqs.so` or `liboqs.dll`, eliminating the need to install liboqs in the system directory. It only requires compiling `liboqs.a` from the `./liboqs/` folder. -## Description -liboqs-java is a Java wrapper for liboqs, providing an interface to quantum-resistant cryptographic algorithms. +## Windows Build -## Prerequisites +### Prerequisites +- MinGW-w64 GCC (version 11.5.0 or later) +- CMake +- JDK 1.8 +- Maven 3.8.8 +- Git + +### Installation Steps + +1. Install MinGW-w64 GCC: +- Download from [WinLibs](https://winlibs.com/#download-release) +- Extract the ZIP file to a directory without spaces +- Add the bin directory to PATH environment variable (e.g., `E:\develop\mingw64\bin`) + - Via Control Panel → System → System Info → Advanced System Settings → Advanced → Environment Variables → PATH + - Or via command line: `setx PATH "E:\develop\mingw64\bin;%PATH%"` (not recommended) + +2. Install CMake: +- Either via winget: `winget install cmake` +- Or download from [cmake.org](https://cmake.org/download/) +- Ensure CMake is added to PATH + +3. Verify installations: +```bash +gcc --version +cmake --version +``` + +4. Clone the repository: +```bash +git clone --recursive https://github.com/AdijeShen/liboqs-java +``` + +5. Build liboqs: +```bash +cd liboqs +cmake -G "MinGW Makefiles" -DCMAKE_C_COMPILER=gcc -DBUILD_SHARED_LIBS=OFF -S . -B build +cmake --build build -j 4 +cmake --install build +cd .. +``` + +6. Install Java dependencies: +- Install JDK 1.8 from [OpenLogic](https://www.openlogic.com/openjdk-downloads) +- Install Maven 3.8.8 from [Maven](https://maven.apache.org/) +- Add both to PATH environment variables + +7. Verify Java installations: +```bash +java -version +mvn -version +``` + +8. Build the package: +```bash +mvn package -P linux +``` + +9. Run the KEM example: +```bash +javac -cp target/liboqs-java.jar examples/KEMExample.java +java -cp "target/liboqs-java.jar;examples/" KEMExample +``` + +Note: For Windows paths in Java commands, use semicolon (;) as the path separator instead of colon (:) used in Linux. + +## linux build + +### Prerequisites This code needs to be built in a Linux environment with the following requirements: - JDK 1.8 - GCC @@ -14,7 +80,7 @@ This code needs to be built in a Linux environment with the following requiremen - Maven - OpenSSL -## Build Instructions for Linux +### Build Instructions for Linux 1. Clone the repository with submodules ```bash @@ -32,7 +98,7 @@ This step will generate the `liboqs/build/liboqs.a` file. 3. Build liboqs-java ```bash -mvn package +mvn package -P linux ``` This step will generate `target/liboqs-java.jar` and `target/classes/liboqs-jni.so`. @@ -41,3 +107,7 @@ This step will generate `target/liboqs-java.jar` and `target/classes/liboqs-jni. javac -cp target/liboqs-java.jar examples/KEMExample.java java -cp target/liboqs-java.jar:examples/ KEMExample ``` + +## How to use liboqs-java + +Check this repo out for how to use liboqs-java in your project: [oqs-java-kem-test](https://github.com/AdijeShen/oqs-java-kem-test) \ No newline at end of file diff --git a/guide_for_windows.md b/guide_for_windows.md deleted file mode 100644 index 68bf98f..0000000 --- a/guide_for_windows.md +++ /dev/null @@ -1,79 +0,0 @@ -# liboqs-java windows 安装流程(详细版) - -## 安装liboqs库 - -- 安装mingw-w64的GCC 11.5.0版本(这个版本应该无所谓) - -[WinLibs - GCC+MinGW-w64 compiler for Windows](https://winlibs.com/#download-release) - -这个下载zip之后,直接解压到需要安装的目录,中间不要有空格,然后加入环境变量。 - -控制面板->系统->系统信息->高级系统设置->高级->环境变量->PATH - -PATH新增一行`E:\develop\mingw64\bin` - -> 或者用命令行 setx PATH = E:\develop\mingw64\bin;%PATH% (不推荐) - -- 安装cmake(我是通过winget命令行安装的,可以界面安装[https://cmake.org/download/],要把cmake加入到PATH环境变量中) - -```bash -winget install cmake -``` - -- 打开命令行看下是否安装成功 - -```bash -$ C:\Users\adije>gcc --version -gcc (MinGW-W64 x86_64-ucrt-posix-seh, built by Brecht Sanders) 11.5.0 -Copyright (C) 2021 Free Software Foundation, Inc. -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - -$ C:\Users\adije>cmake --version -cmake version 3.30.5 - -CMake suite maintained and supported by Kitware (kitware.com/cmake). -``` - -- 从git上面下载了liboqs-java的代码 - -```bash -git clone --recursive https://github.com/AdijeShen/liboqs-java -``` - -- 编译liboqs - -```bash -cd liboqs -cmake -G "MinGW Makefiles" -DCMAKE_C_COMPILER=gcc -DBUILD_SHARED_LIBS=OFF -S . -B build -cmake --build build -j 4 -cmake --install build -cd .. -``` - -## 使用liboqs-java - -- 首先需要安装maven[https://maven.apache.org/](3.8.8)和jdk[https://www.openlogic.com/openjdk-downloads](1.8),这个可以直接下载安装包安装,然后加入环境变量。 - -检查安装成功 - -```bash -$ java -version -openjdk version "1.8.0_432-432" -OpenJDK Runtime Environment (build 1.8.0_432-432-b06) -OpenJDK 64-Bit Server VM (build 25.432-b06, mixed mode) - -$ mvn -version -Apache Maven 3.8.8 (4c87b05d9aedce574290d1acc98575ed5eb6cd39) -Maven home: E:\develop\apache-maven-3.8.8 -Java version: 1.8.0_432-432, vendor: OpenLogic-OpenJDK, runtime: E:\develop\jdk8\jre -Default locale: zh_CN, platform encoding: GBK -OS name: "windows 11", version: "10.0", arch: "amd64", family: "windows" -``` - -然后下载liboqs-java - -```bash -git clone --recursive https://github.com/AdijeShen/liboqs-java -``` - From 5ac25dc9c3ed7197db0c92082bf89e8b0ee790b4 Mon Sep 17 00:00:00 2001 From: Huajie Shen <1534656015@qq.com> Date: Fri, 1 Nov 2024 17:02:57 +0800 Subject: [PATCH 07/20] Update README.md Signed-off-by: Huajie Shen <1534656015@qq.com> Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6468ad4..bc789e0 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ mvn -version 8. Build the package: ```bash -mvn package -P linux +mvn package -P windows ``` 9. Run the KEM example: @@ -110,4 +110,4 @@ java -cp target/liboqs-java.jar:examples/ KEMExample ## How to use liboqs-java -Check this repo out for how to use liboqs-java in your project: [oqs-java-kem-test](https://github.com/AdijeShen/oqs-java-kem-test) \ No newline at end of file +Check this repo out for how to use liboqs-java in your project: [oqs-java-kem-test](https://github.com/AdijeShen/oqs-java-kem-test) From ba3e5fc79a8c1d2b4b92746109f63eaec8b10e2a Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 17:47:35 +0800 Subject: [PATCH 08/20] keep the origin README file format Signed-off-by: Adije Shen <1534656015@qq.com> --- .gitmodules | 2 +- README.md | 321 ++++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 299 insertions(+), 24 deletions(-) diff --git a/.gitmodules b/.gitmodules index 23939aa..1ca2416 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,3 @@ [submodule "liboqs"] path = liboqs - url = https://github.com/AdijeShen/liboqs + url = https://github.com/open-quantum-safe/liboqs diff --git a/README.md b/README.md index bc789e0..2fc164c 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,72 @@ -# liboqs-java +[![CircleCI Build Status](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master.svg?style=svg)](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master) -This project is forked from [open-quantum-safe/liboqs-java](https://github.com/open-quantum-safe/liboqs-java). The main difference is that this version uses `liboqs.a` instead of `liboqs.so` or `liboqs.dll`, eliminating the need to install liboqs in the system directory. It only requires compiling `liboqs.a` from the `./liboqs/` folder. +# liboqs-java: Java wrapper for liboqs -## Windows Build +**liboqs-java** offers a Java wrapper providing quantum-resistant cryptographic algorithms via [liboqs](https://github.com/open-quantum-safe/liboqs/). -### Prerequisites + +## Overview + +The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. + +**liboqs** is an open source C library for quantum-resistant cryptographic algorithms. See more about liboqs at https://github.com/open-quantum-safe/liboqs, including a list of supported algorithms. + +**liboqs-java** is an open source Java wrapper for the liboqs C library that provides: +* a common API for post-quantum key encapsulation mechanisms and digital signature schemes +* a collection of open source implementations of post-quantum cryptography algorithms + +The OQS project also provides prototype integrations into application-level protocols to enable testing of quantum-resistant cryptography. + +More information on OQS can be found on https://openquantumsafe.org. + + + +## liboqs-java + +This solution implements a Java wrapper for the C OQS library. It contains the following directories: + +* __`src/main/c/`:__ Native C JNI wrapper code that interfaces with liboqs. + +* __`src/main/java/org/openquantumsafe/`:__ Java wrappers for the liboqs C library. + +* __`src/test/java/org/openquantumsafe/`:__ Unit tests. + +* __`examples/`:__ Key encapsulation, digital signatures and rand examples. + + +`liboqs-java` defines four main classes: **`KeyEncapsulation`** and **`Signature`**, providing post-quantum key encapsulation and signature mechanisms, respectively, and **`KEMs`** and **`Sigs`**, containing only static member functions that provide information related to the available key encapsulation mechanisms or signature mechanism, respectively. + +`KeyEncapsulation` and/or `Signature` must be instantiated with a string identifying one of mechanisms supported by liboqs; these can be enumerated using the `KEMs.get_enabled_KEMs()` and `Sigs.get_enabled_sigs()` methods. + +Support for alternative RNGs is provided via the `randombytes` functions. + +The examples in the [examples](./examples/) directory are self-explanatory and provide more details about the wrapper's API. + + + +## Limitations and security +`liboqs` and `liboqs-java` are designed for prototyping and evaluating quantum-resistant cryptography. Security of proposed quantum-resistant algorithms may rapidly change as research advances, and may ultimately be completely insecure against either classical or quantum computers. + +We believe that the NIST Post-Quantum Cryptography standardization project is currently the best avenue to identifying potentially quantum-resistant algorithms. `liboqs` does not intend to "pick winners", and we strongly recommend that applications and protocols rely on the outcomes of the NIST standardization project when deploying post-quantum cryptography. + +We acknowledge that some parties may want to begin deploying post-quantum cryptography prior to the conclusion of the NIST standardization project. We strongly recommend that any attempts to do make use of so-called hybrid cryptography, in which post-quantum public-key algorithms are used alongside traditional public key algorithms (like RSA or elliptic curves) so that the solution is at least no less secure than existing traditional cryptography. + +`liboqs-java` is provided "as is", without warranty of any kind. See [LICENSE](./LICENSE) for the full disclaimer. + + + +## Building +Builds have been tested on Linux (Ubuntu 18.04 LTS, 19.10, and 20.04) and macOS Mojave with OpenJDK 8, 9, 11. +### Windows Build + +#### Prerequisites - MinGW-w64 GCC (version 11.5.0 or later) - CMake - JDK 1.8 - Maven 3.8.8 - Git -### Installation Steps +#### Installation Steps 1. Install MinGW-w64 GCC: - Download from [WinLibs](https://winlibs.com/#download-release) @@ -33,7 +88,7 @@ cmake --version 4. Clone the repository: ```bash -git clone --recursive https://github.com/AdijeShen/liboqs-java +git clone --recursive https://github.com/open-quantum-safe/liboqs-java ``` 5. Build liboqs: @@ -61,18 +116,18 @@ mvn -version mvn package -P windows ``` -9. Run the KEM example: -```bash -javac -cp target/liboqs-java.jar examples/KEMExample.java -java -cp "target/liboqs-java.jar;examples/" KEMExample -``` +### Pre-requisites +To build the Java OQS wrapper you need a Java Development Kit (JDK), such as [OpenJDK](https://openjdk.java.net/) >= 8 and [Apache Maven](https://maven.apache.org/). + +To build `liboqs-java` first download or clone this java wrapper into a `liboqs-java` folder, e.g., -Note: For Windows paths in Java commands, use semicolon (;) as the path separator instead of colon (:) used in Linux. +``` +git clone -b master https://github.com/open-quantum-safe/liboqs-java.git +``` -## linux build +### Linux/MacOS -### Prerequisites -This code needs to be built in a Linux environment with the following requirements: +#### Prerequisites - JDK 1.8 - GCC - CMake @@ -80,7 +135,10 @@ This code needs to be built in a Linux environment with the following requiremen - Maven - OpenSSL -### Build Instructions for Linux +#### Build Instructions + +First, you must build the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs/) according to the liboqs building instructions with shared library support enabled (add `-DBUILD_SHARED_LIBS=ON` to the `cmake` command), followed (optionally) by a `sudo ninja install` to ensure that the compiled library is visible system-wide (by default it installs under `/usr/local/include` and `/usr/local/lib` on Linux/macOS). + 1. Clone the repository with submodules ```bash @@ -98,16 +156,233 @@ This step will generate the `liboqs/build/liboqs.a` file. 3. Build liboqs-java ```bash -mvn package -P linux +mvn package -P ``` This step will generate `target/liboqs-java.jar` and `target/classes/liboqs-jni.so`. -4. Run the KEM example: -```bash -javac -cp target/liboqs-java.jar examples/KEMExample.java -java -cp target/liboqs-java.jar:examples/ KEMExample + +### Building the Java OQS wrapper + +To build the `liboqs-java` wrapper type for different operating systems add the `-P ` flag, where ` = {linux, macosx, windows}`. + +For instance, to build `liboqs-java` for MacOS, type: +``` +$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" +``` +The above command will compile the C and Java files and also run the unit tests. + +To build without running the default unit tests you can use the `-Dmaven.test.skip=true` command line option as follows: ``` +$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" -Dmaven.test.skip=true +``` + +The default profile for building is `linux`, so when building on Linux the `-P ` command line option may be omitted. + +You may also omit the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` options in case you installed liboqs in `/usr/local` (true if you ran `sudo --install build` after building liboqs). + +Both the above commands will create a `target` directory with the build files, as well as a `src/main/resources` directory that will contain the `liboqs-jni.so` native library. Finally, a `liboqs-java.jar` will be created inside the `target` directory that will contain all the class files as well as the `liboqs-jni.so` native library. + + +### Building and running the examples + +The examples include: + +1. **Key Encapsulation example:** + + ![alt text][KEM-overview] + +1. **Digital Signatures example:** + + ![alt text][DS-overview] + +1. **Rand example:** + Print random bytes from + * NIST-KAT + * OpenSSL + * System (default) + +#### 1) Key Encapsulation example + +To compile and run the KEM example, type: + +##### Windows + +``` +$ javac -cp target/liboqs-java.jar examples\KEMExample.java +$ java -cp "target\liboqs-java.jar;examples\" KEMExample +``` + +##### Linux/MacOS + +``` +$ javac -cp target/liboqs-java.jar examples/KEMExample.java +$ java -cp target/liboqs-java.jar:examples/ KEMExample +``` + +``` +Supported KEMs: +BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed + +Enabled KEMs: +BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed + +KEM Details: + Name: Kyber512 + Version: https://github.com/pq-crystals/kyber/commit/74cad307858b61e434490c75f812cb9b9ef7279b + Claimed NIST level: 1 + Is IND-CCA: true + Length public key (bytes): 800 + Length secret key (bytes): 1632 + Length ciphertext (bytes): 768 + Length shared secret (bytes): 32 + +Client public key: +C8 58 3B 21 02 A0 4D B0 ... 95 57 A7 E9 42 C0 45 C4 + +It took 1 millisecs to generate the key pair. +It took 0 millisecs to encapsulate the secret. +It took 0 millisecs to decapsulate the secret. + +Client shared secret: +16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF + +Server shared secret: +16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF + +Shared secrets coincide? true +``` + +#### 2) Signatures example + +##### Windows + +``` +$ javac -cp target/liboqs-java.jar examples/SigExample.java +$ java -cp "target/liboqs-java.jar;examples\" SigExample +``` + +##### Linux/MacOS + +``` +$ javac -cp target/liboqs-java.jar examples/SigExample.java +$ java -cp target/liboqs-java.jar:examples/ SigExample +``` + +``` +Supported signatures: +Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 + +Enabled signatures: +Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 + +Signature Details: + Name: Dilithium2 + Version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409 + Claimed NIST level: 2 + Is IND-CCA: true + Length public key (bytes): 1312 + Length secret key (bytes): 2528 + Maximum length signature (bytes): 2420 + +Signer public key: +0E 47 54 30 E7 47 6D E6 ... 82 6E 4C C3 87 AA 6E FD + +It took 0 millisecs to generate the key pair. +It took 1 millisecs to sign the message. +It took 0 millisecs to verify the signature. + +Signature: +0C 2E 2D E2 81 C5 DC 10 ... 00 00 00 00 03 13 29 3B + +Valid signature? true +``` + +#### 3) Rand example + +##### Windows + +``` +$ javac -cp target/liboqs-java.jar examples\RandExample.java +$ java -cp "target/liboqs-java.jar;examples\" RandExample +``` + +##### Linux/MacOS +``` +$ javac -cp target/liboqs-java.jar examples/RandExample.java +$ java -cp target/liboqs-java.jar:examples/ RandExample +``` + +``` +NIST-KAT: BF E7 5C 34 F9 1C 54 44 30 CD B1 61 5B FF 3D 92 31 17 38 BD 71 61 0C 22 CD F7 B8 23 D9 7C 27 F3 +OpenSSL: 86 B6 46 9C 56 44 6B FB F8 B1 37 F0 86 4D 4D 74 0F FD 51 99 82 D6 89 02 40 B9 45 CF F9 3A 4D 70 +System (default): 37 55 6F 4F 03 53 BB 71 E8 70 C2 3D DF 85 69 57 30 CE FA 11 EF 50 8A F5 AE 25 35 6F 91 CF EC 1D +``` + + +## Troubleshooting +* __Compiler errors__ + + * Cannot find `jni.h`: + ``` + fatal error: jni.h: No such file or directory + 2 | #include + compilation terminated. + ``` + Try setting the `JAVA_HOME` environment variable. + Then, try `ls $JAVA_HOME` to check whether the directory is empty or has contents. If it is empty, set `JAVA_HOME` to a correct JDK. + + * Cannot find `oqs/oqs.h` + ``` + fatal error: oqs.h: No such file or directory + 5 | #include + compilation terminated. + ``` + Try providing the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` command line options to maven as mentioned in the [build instructions](https://github.com/open-quantum-safe/liboqs-java#building-the-java-oqs-wrapper). + +* __Runtime errors__ + * If Java cannot find native library: + ``` + Exception in thread "main" java.lang.ExceptionInInitializerError + at ... + Caused by: java.lang.NullPointerException + at org.openquantumsafe.Common.loadNativeLibrary(Common.java:51) + at ... + ``` + try passing to the java library path the directory that contains the native library (e.g., `java -Djava.library.path=src/main/resources/ -cp target/liboqs-java.jar:examples/ KEMExample`). + + * If Java cannot find `liboqs`: + ``` + Exception in thread "main" java.lang.UnsatisfiedLinkError: + ./liboqs-java/build/liboqs-jni.so: liboqs.so.0: cannot open shared object file: No such file or directory + ``` + try setting the `LD_LIBRARY_PATH` environment variable with the installation location of the `liboqs` shared library, i.e., + ``` + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" + ``` + + * If a hotspot "irrecoverable stack overflow" error is shown: + ``` + An irrecoverable stack overflow has occurred. + Please check if any of your loaded .so files has enabled executable stack (see man page execstack(8)) + # + # A fatal error has been detected by the Java Runtime Environment: + ``` + This could happen for algorithms that use a large stack size. Try adding the `-Xss` option to specify a different thread stack size. For example, `-Xss5m`. + + +## Team +The Open Quantum Safe project is led by [Douglas Stebila](https://www.douglas.stebila.ca/research/) and [Michele Mosca](http://faculty.iqc.uwaterloo.ca/mmosca/) at the University of Waterloo. + +Contributors to the liboqs-java wrapper include: +* Dimitris Mouris ([@jimouris](https://github.com/jimouris)) (University of Delaware) +* Christian Paquin ([@christianpaquin](https://github.com/christianpaquin)) (Microsoft Research) + +## License +`liboqs-java` is licensed under the MIT License; see [LICENSE](./LICENSE) for details. + -## How to use liboqs-java +[KEM-overview]: ./images/KEM.png +[DS-overview]: ./images/digital-signature.png -Check this repo out for how to use liboqs-java in your project: [oqs-java-kem-test](https://github.com/AdijeShen/oqs-java-kem-test) +[badge-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=svg +[badge-circleci]: https://img.shields.io/circleci/build/github/open-quantum-safe/liboqs-java?logo=circleci \ No newline at end of file From cd73db7c4c01bcda9e9a78b648670074e7fc6489 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Fri, 1 Nov 2024 17:54:26 +0800 Subject: [PATCH 09/20] Update README Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/README.md b/README.md index 2fc164c..e3723a0 100644 --- a/README.md +++ b/README.md @@ -137,12 +137,9 @@ git clone -b master https://github.com/open-quantum-safe/liboqs-java.git #### Build Instructions -First, you must build the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs/) according to the liboqs building instructions with shared library support enabled (add `-DBUILD_SHARED_LIBS=ON` to the `cmake` command), followed (optionally) by a `sudo ninja install` to ensure that the compiled library is visible system-wide (by default it installs under `/usr/local/include` and `/usr/local/lib` on Linux/macOS). - - 1. Clone the repository with submodules ```bash -git clone --recursive https://github.com/AdijeShen/liboqs-java +git clone --recursive https://github.com/open-quantum-safe/liboqs-java ``` 2. Build the liboqs C library to generate liboqs.a From 31d9b66a4ef0374c4d251540c1605dc8768570c1 Mon Sep 17 00:00:00 2001 From: Huajie Shen <1534656015@qq.com> Date: Fri, 1 Nov 2024 20:49:35 +0800 Subject: [PATCH 10/20] Add RELEASE.md Signed-off-by: Huajie Shen <1534656015@qq.com> Signed-off-by: Adije Shen <1534656015@qq.com> --- RELEASE.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 RELEASE.md diff --git a/RELEASE.md b/RELEASE.md new file mode 100644 index 0000000..4858b5b --- /dev/null +++ b/RELEASE.md @@ -0,0 +1,16 @@ +liboqs-java version 0.1.0 +========================= + +About +----- + +The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. + +**liboqs** is an open source C library for quantum-resistant cryptographic algorithms. See more about liboqs at [https://github.com/open-quantum-safe/liboqs/](https://github.com/open-quantum-safe/liboqs/), including a list of supported algorithms. + +**liboqs-java** is an open source Java wrapper for the liboqs C library for quantum-resistant cryptographic algorithms. Details about liboqs-java can be found in [README.md](https://github.com/open-quantum-safe/liboqs-java/blob/master/README.md). See in particular limitations on intended use. + +Release notes +============= + +The initial release of liboqs-java was released on July 8, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs-java/releases/tag/0.1.0. From 6faf0ca97793e98f7e9d77ec3bd12b859ba22b21 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Thu, 20 Mar 2025 18:53:04 +0800 Subject: [PATCH 11/20] delete gitmodules Signed-off-by: Adije Shen <1534656015@qq.com> --- .gitmodules | 3 --- liboqs | 1 - 2 files changed, 4 deletions(-) delete mode 100644 .gitmodules delete mode 160000 liboqs diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index 1ca2416..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "liboqs"] - path = liboqs - url = https://github.com/open-quantum-safe/liboqs diff --git a/liboqs b/liboqs deleted file mode 160000 index 2fe93f4..0000000 --- a/liboqs +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 2fe93f4873302c3757e5a596ae5122754a09380c From 0ae298835bd6152ea716710df23f86716d6463e6 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Mon, 16 Dec 2024 21:14:54 -0500 Subject: [PATCH 12/20] Move CI to GitHub Actions (#30) * Port workflows from CircleCI to GitHub Actions * Add CI job for workflow linting * Update README badge --------- Signed-off-by: Spencer Wilson Signed-off-by: Adije Shen <1534656015@qq.com> --- .circleci/config.yml | 88 -------------------------------------- .github/workflows/java.yml | 47 ++++++++++++++++++++ README.md | 2 +- 3 files changed, 48 insertions(+), 89 deletions(-) delete mode 100644 .circleci/config.yml create mode 100644 .github/workflows/java.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 5e49da8..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,88 +0,0 @@ -version: 2.1 - -jobs: - ubuntu_build: - description: A template for running liboqs-java tests on the OQS x64 Ubuntu Bionic Docker VM - docker: - - image: openquantumsafe/ci-ubuntu-focal-x86_64:latest - auth: - username: $DOCKER_LOGIN - password: $DOCKER_PASSWORD - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - run: - name: Clone liboqs - command: git clone --branch main --single-branch --depth 1 https://github.com/open-quantum-safe/liboqs.git - - run: - name: Build liboqs - command: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && ninja install - working_directory: liboqs - - run: - name: Resolve all maven project dependencies - command: mvn dependency:go-offline - - run: - name: Build liboqs-java and run tests - command: export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" && mvn package - - run: - name: Compile KEM, Signatures and Rand examples - command: > - javac -cp target/liboqs-java.jar examples/KEMExample.java && - javac -cp target/liboqs-java.jar examples/SigExample.java && - javac -cp target/liboqs-java.jar examples/RandExample.java - - run: - name: Run KEM, Signatures and Rand examples - command: > - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ KEMExample && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ SigExample && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ RandExample - - openjdk-11: - description: A template for running liboqs-java tests on the CircleCI OpenJDK VM - docker: - - image: cimg/openjdk:11.0.9 - auth: - username: $DOCKER_LOGIN - password: $DOCKER_PASSWORD - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - run: - name: Install dependencies to build liboqs - command: sudo apt update -qq && sudo apt install cmake build-essential ninja-build libssl-dev - - run: - name: Clone liboqs - command: git clone --branch main --single-branch --depth 1 https://github.com/open-quantum-safe/liboqs.git - - run: - name: Build liboqs - command: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install - working_directory: liboqs - - run: - name: Resolve all maven project dependencies - command: mvn dependency:go-offline - - run: - name: Build liboqs-java and run tests - command: export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" && mvn package - - run: - name: Compile KEM, Signatures and Rand examples - command: > - javac -cp target/liboqs-java.jar examples/KEMExample.java && - javac -cp target/liboqs-java.jar examples/SigExample.java && - javac -cp target/liboqs-java.jar examples/RandExample.java - - run: - name: Run KEM, Signatures and Rand examples - command: > - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ KEMExample && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ SigExample && - java -Djava.library.path=target/ -cp target/liboqs-java.jar:examples/ RandExample - -workflows: - version: 2.1 - build: - jobs: - - ubuntu_build: - name: ubuntu-build - context: openquantumsafe - - openjdk-11: - name: openjdk-11 - context: openquantumsafe diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml new file mode 100644 index 0000000..19c3dff --- /dev/null +++ b/.github/workflows/java.yml @@ -0,0 +1,47 @@ +name: liboqs-java CI + +on: + push: + branches: ["**"] + pull_request: + branches: ["**"] + repository_dispatch: + types: ["**"] + +jobs: + workflowcheck: + name: Check validity of GitHub workflows + runs-on: ubuntu-latest + container: openquantumsafe/ci-ubuntu-latest:latest + steps: + - name: Checkout code + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + - name: Ensure GitHub actions are valid + run: actionlint -shellcheck "" # run *without* shellcheck + + build-and-test: + needs: workflowcheck + name: OQS Ubuntu + runs-on: ubuntu-latest + container: openquantumsafe/ci-ubuntu-focal:latest + steps: + - name: Checkout liboqs-java + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + - name: Checkout liboqs main + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + with: + repository: open-quantum-safe/liboqs + path: liboqs + ref: main + - name: Build liboqs + run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && ninja install + working-directory: liboqs + - name: Resolve all maven project dependencies + run: mvn dependency:go-offline + - name: Build liboqs-java and run tests + run: export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" && mvn package + - name: Compile KEM, Signatures and Rand examples + run: | + javac -cp target/liboqs-java.jar examples/KEMExample.java && + javac -cp target/liboqs-java.jar examples/SigExample.java && + javac -cp target/liboqs-java.jar examples/RandExample.java diff --git a/README.md b/README.md index e3723a0..f78af01 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![CircleCI Build Status](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master.svg?style=svg)](https://circleci.com/gh/open-quantum-safe/liboqs-java/tree/master) +[![GitHub Actions Build Status](https://github.com/open-quantum-safe/liboqs-java/actions/workflows/java.yml/badge.svg)](https://github.com/open-quantum-safe/liboqs-java/actions/workflows/java.yml) # liboqs-java: Java wrapper for liboqs From bb4624cdc069594381e87310210da05adb5ea068 Mon Sep 17 00:00:00 2001 From: John Gray <55205977+johngray-dev@users.noreply.github.com> Date: Mon, 13 Jan 2025 14:45:07 -0500 Subject: [PATCH 13/20] Add support for the ML-DSA Context (#31) Signed-off-by: John Gray Signed-off-by: Adije Shen <1534656015@qq.com> --- RELEASE.md | 4 +- pom.xml | 2 +- src/main/c/Signature.c | 79 ++++++++++++++++ src/main/c/Signature.h | 40 ++++---- .../java/org/openquantumsafe/Signature.java | 94 +++++++++++++++++++ .../java/org/openquantumsafe/SigTest.java | 42 +++++++++ 6 files changed, 235 insertions(+), 26 deletions(-) diff --git a/RELEASE.md b/RELEASE.md index 4858b5b..98f791b 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,4 +1,4 @@ -liboqs-java version 0.1.0 +liboqs-java version 0.2.0 ========================= About @@ -14,3 +14,5 @@ Release notes ============= The initial release of liboqs-java was released on July 8, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs-java/releases/tag/0.1.0. + +Release 0.2.0 from January 2025 added support for Signature and Verify API's which accept a Context String. diff --git a/pom.xml b/pom.xml index 87d6985..db21250 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.openquantumsafe liboqs-java jar - 1.0 + 2.0 liboqs-java: Java wrapper for liboqs liboqs-java offers a Java wrapper providing quantum-resistant cryptographic algorithms via liboqs. diff --git a/src/main/c/Signature.c b/src/main/c/Signature.c index e2203c1..00efd07 100644 --- a/src/main/c/Signature.c +++ b/src/main/c/Signature.c @@ -122,6 +122,7 @@ JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_sign OQS_SIG *sig = (OQS_SIG *) getHandle(env, obj, "native_sig_handle_"); size_t len_sig; + OQS_STATUS rv_ = OQS_SIG_sign(sig, (uint8_t*)signature_native, &len_sig, (uint8_t*)message_native, message_len, (uint8_t*)secret_key_native); @@ -173,3 +174,81 @@ JNIEXPORT jboolean JNICALL Java_org_openquantumsafe_Signature_verify return (rv_ == OQS_SUCCESS) ? JNI_TRUE : JNI_FALSE; } + +/* + * Class: org_openquantumsafe_Signature + * Method: sign_with_ctx_str + * Signature: ([BLjava/lang/Long;[BJ[B)I + */ +JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_sign_1with_1ctx_1str + (JNIEnv * env, jobject obj, jbyteArray jsignature, jobject sig_len_obj, + jbyteArray jmessage, jlong message_len, jbyteArray jctx, jlong ctx_len, + jbyteArray jsecret_key) +{ + // Convert to jbyte arrays + jbyte *signature_native = (*env)->GetByteArrayElements(env, jsignature, 0); + jbyte *message_native = (*env)->GetByteArrayElements(env, jmessage, 0); + jbyte *ctx_native = (*env)->GetByteArrayElements(env, jctx, 0); + jbyte *secret_key_native = (*env)->GetByteArrayElements(env, jsecret_key, 0); + + OQS_SIG *sig = (OQS_SIG *) getHandle(env, obj, "native_sig_handle_"); + size_t len_sig; + OQS_STATUS rv_ = OQS_SIG_sign_with_ctx_str(sig, (uint8_t*)signature_native, &len_sig, + (uint8_t*)message_native, message_len, + (uint8_t*)ctx_native, ctx_len, + (uint8_t*)secret_key_native); + + // fill java signature bytes + (*env)->SetByteArrayRegion(env, jsignature, 0, len_sig, (jbyte*) signature_native); + + // fill java object signature length + jfieldID value_fid = (*env)->GetFieldID(env, + (*env)->GetObjectClass(env, sig_len_obj), + "value", "Ljava/lang/Object;"); + jclass cls = (*env)->FindClass(env, "java/lang/Long"); + jobject jlong_obj = (*env)->NewObject(env, cls, + (*env)->GetMethodID(env, cls, "", "(J)V"), + (jlong) len_sig); + (*env)->SetObjectField(env, sig_len_obj, value_fid, jlong_obj); + + // Release C memory + (*env)->ReleaseByteArrayElements(env, jsignature, signature_native, 0); + (*env)->ReleaseByteArrayElements(env, jmessage, message_native, JNI_ABORT); + (*env)->ReleaseByteArrayElements(env, jctx, ctx_native, JNI_ABORT); + (*env)->ReleaseByteArrayElements(env, jsecret_key, secret_key_native, JNI_ABORT); + + return (rv_ == OQS_SUCCESS) ? 0 : -1; +} + +/* + * Class: org_openquantumsafe_Signature + * Method: verify_with_ctx_str + * Signature: ([BJ[BJ[B)Z + */ +JNIEXPORT jboolean JNICALL Java_org_openquantumsafe_Signature_verify_1with_1ctx_1str + (JNIEnv *env, jobject obj, jbyteArray jmessage, jlong message_len, + jbyteArray jsignature, jlong signature_len, jbyteArray jctx, jlong ctx_len, + jbyteArray jpublic_key) +{ + // Convert to jbyte arrays + jbyte *message_native = (*env)->GetByteArrayElements(env, jmessage, 0); + jbyte *signature_native = (*env)->GetByteArrayElements(env, jsignature, 0); + jbyte *ctx_native = (*env)->GetByteArrayElements(env, jctx, 0); + jbyte *public_key_native = (*env)->GetByteArrayElements(env, jpublic_key, 0); + + OQS_SIG *sig = (OQS_SIG *) getHandle(env, obj, "native_sig_handle_"); + OQS_STATUS rv_ = OQS_SIG_verify_with_ctx_str(sig, (uint8_t*) message_native, message_len, + (uint8_t*) signature_native, signature_len, + (uint8_t*) ctx_native, ctx_len, + (uint8_t*) public_key_native); + + // Release C memory + (*env)->ReleaseByteArrayElements(env, jsignature, signature_native, JNI_ABORT); + (*env)->ReleaseByteArrayElements(env, jmessage, message_native, JNI_ABORT); + (*env)->ReleaseByteArrayElements(env, jctx, ctx_native, JNI_ABORT); + (*env)->ReleaseByteArrayElements(env, jpublic_key, public_key_native, JNI_ABORT); + + return (rv_ == OQS_SUCCESS) ? JNI_TRUE : JNI_FALSE; +} + + diff --git a/src/main/c/Signature.h b/src/main/c/Signature.h index 611c4f8..9a36969 100644 --- a/src/main/c/Signature.h +++ b/src/main/c/Signature.h @@ -41,43 +41,35 @@ JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_generate_1keypair /* * Class: org_openquantumsafe_Signature - * Method: import_secret_key - * Signature: ([B)V - */ -JNIEXPORT void JNICALL Java_org_openquantumsafe_Signature_import_1secret_1key - (JNIEnv *, jobject, jbyteArray); - -/* - * Class: org_openquantumsafe_Signature - * Method: export_public_key - * Signature: ([B)V + * Method: sign + * Signature: ([BLorg/openquantumsafe/Signature/Mutable;[BJ[B)I */ -JNIEXPORT void JNICALL Java_org_openquantumsafe_Signature_export_1public_1key - (JNIEnv *, jobject, jbyteArray); +JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_sign + (JNIEnv *, jobject, jbyteArray, jobject, jbyteArray, jlong, jbyteArray); /* * Class: org_openquantumsafe_Signature - * Method: export_secret_key - * Signature: ([B)V + * Method: verify + * Signature: ([BJ[BJ[B)Z */ -JNIEXPORT void JNICALL Java_org_openquantumsafe_Signature_export_1secret_1key - (JNIEnv *, jobject, jbyteArray); +JNIEXPORT jboolean JNICALL Java_org_openquantumsafe_Signature_verify + (JNIEnv *, jobject, jbyteArray, jlong, jbyteArray, jlong, jbyteArray); /* * Class: org_openquantumsafe_Signature - * Method: sign - * Signature: ([BLjava/lang/Long;[BJ[B)I + * Method: sign_with_ctx_str + * Signature: ([BLorg/openquantumsafe/Signature/Mutable;[BJ[BJ[B)I */ -JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_sign - (JNIEnv *, jobject, jbyteArray, jobject, jbyteArray, jlong, jbyteArray); +JNIEXPORT jint JNICALL Java_org_openquantumsafe_Signature_sign_1with_1ctx_1str + (JNIEnv *, jobject, jbyteArray, jobject, jbyteArray, jlong, jbyteArray, jlong, jbyteArray); /* * Class: org_openquantumsafe_Signature - * Method: verify - * Signature: ([BJ[BJ[B)Z + * Method: verify_with_ctx_str + * Signature: ([BJ[BJ[BJ[B)Z */ -JNIEXPORT jboolean JNICALL Java_org_openquantumsafe_Signature_verify - (JNIEnv *, jobject, jbyteArray, jlong, jbyteArray, jlong, jbyteArray); +JNIEXPORT jboolean JNICALL Java_org_openquantumsafe_Signature_verify_1with_1ctx_1str + (JNIEnv *, jobject, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong, jbyteArray); #ifdef __cplusplus } diff --git a/src/main/java/org/openquantumsafe/Signature.java b/src/main/java/org/openquantumsafe/Signature.java index e4128e8..2055877 100644 --- a/src/main/java/org/openquantumsafe/Signature.java +++ b/src/main/java/org/openquantumsafe/Signature.java @@ -146,6 +146,51 @@ private native int sign(byte[] signature, Mutable signature_len_ret, private native boolean verify(byte[] message, long message_len, byte[] signature, long signature_len, byte[] public_key); + + /** + * \brief Wrapper for OQS_API OQS_STATUS OQS_SIG_sign_with_ctx_str(const OQS_SIG *sig, + * uint8_t *signature, + * size_t *signature_len, + * const uint8_t *message, + * size_t message_len, + * const uint8_t *ctx, + * size_t ctx_len, + * const uint8_t *secret_key); + * \param signature + * \param signature_len_ret + * \param message + * \param message_len + * \param ctx + * \param ctx_len + * \param secret_key + * \return Status + */ + private native int sign_with_ctx_str(byte[] signature, Mutable signature_len_ret, + byte[] message, long message_len, byte[] ctx, long ctx_len, + byte[] secret_key); + + /** + * \brief Wrapper for OQS_API OQS_STATUS OQS_SIG_verify_with_ctx_str(const OQS_SIG *sig, + * const uint8_t *message, + * size_t message_len, + * const uint8_t *signature, + * size_t signature_len, + * const uint8_t *ctx, + * size_t ctx_len, + * const uint8_t *public_key); + * \param message + * \param message_len + * \param signature + * \param signature_len + * \param ctx + * \param ctx_len + * \param public_key + * \return True if the signature is valid, false otherwise + */ + private native boolean verify_with_ctx_str(byte[] message, long message_len, + byte[] signature, long signature_len, + byte[] ctx, long ctx_len, + byte[] public_key); /** * \brief Invoke native free_sig @@ -220,6 +265,55 @@ public boolean verify(byte[] message, byte[] signature, byte[] public_key) return verify(message, message.length, signature, signature.length, public_key); } + + /** + * \brief Invoke native sign method + * \param message + * \param ctx + * \return signature + */ + public byte[] sign(byte[] message, byte[] ctx) throws RuntimeException { + if (this.secret_key_.length != alg_details_.length_secret_key) { + throw new RuntimeException("Incorrect secret key length, " + + "make sure you specify one in the " + + "constructor or run generate_keypair()"); + } + byte[] signature = new byte[(int) alg_details_.max_length_signature]; + Mutable signature_len_ret = new Mutable<>(); + int ctx_len = (ctx == null) ? 0 : ctx.length; + int rv_= sign_with_ctx_str(signature, signature_len_ret, + message, message.length, + ctx, ctx_len, + this.secret_key_); + long actual_signature_len = signature_len_ret.value; + byte[] actual_signature = new byte[(int) actual_signature_len]; + System.arraycopy(signature, 0, + actual_signature, 0, (int) actual_signature_len); + if (rv_ != 0) throw new RuntimeException("Cannot sign message"); + return actual_signature; + } + + /** + * \brief Invoke native verify method + * \param message + * \param signature + * \param ctx + * \param public_key + * \return True if the signature is valid, false otherwise + */ + public boolean verify(byte[] message, byte[] signature, byte[] ctx, byte[] public_key) + throws RuntimeException { + if (public_key.length != alg_details_.length_public_key) { + throw new RuntimeException("Incorrect public key length"); + } + if (signature.length > alg_details_.max_length_signature) { + throw new RuntimeException("Incorrect signature length"); + } + + int ctx_len = (ctx == null) ? 0 : ctx.length; + + return verify_with_ctx_str(message, message.length, signature, signature.length, ctx, ctx_len, public_key); + } /** * \brief Print Signature. If a SignatureDetails object is not diff --git a/src/test/java/org/openquantumsafe/SigTest.java b/src/test/java/org/openquantumsafe/SigTest.java index 07fa4fa..d1f283f 100644 --- a/src/test/java/org/openquantumsafe/SigTest.java +++ b/src/test/java/org/openquantumsafe/SigTest.java @@ -5,9 +5,12 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; + +// import static org.junit.Assert.fail; import static org.junit.jupiter.api.Assertions.assertTrue; import java.util.ArrayList; +import java.util.Arrays; import java.util.stream.Stream; public class SigTest { @@ -22,6 +25,7 @@ public class SigTest { public static void init(){ System.out.println("Initialize list of enabled Signatures"); enabled_sigs = Sigs.get_enabled_sigs(); + System.out.println("Enabled signatures: [" + enabled_sigs + "]" ); } /** @@ -53,6 +57,36 @@ public void testAllSigs(String sig_name) { sb.append("\033[0;32m").append("PASSED").append("\033[0m"); System.out.println(sb.toString()); } + + /** + * Test Sigs with context. + */ + @ParameterizedTest(name = "Testing {arguments}") + @MethodSource("getContextSupportedAlgsAsStream") + public void testSigsWithContext(String sig_name) { + byte[] context = "01234567890".getBytes(); + StringBuilder sb = new StringBuilder(); + sb.append(sig_name); + sb.append(String.format("%1$" + (40 - sig_name.length()) + "s", "")); + + // Create signer and verifier + Signature signer = new Signature(sig_name); + Signature verifier = new Signature(sig_name); + + // Generate signer key pair + byte[] signer_public_key = signer.generate_keypair(); + + // Sign the message + byte[] signature = signer.sign(message, context); + + // Verify the signature + boolean is_valid = verifier.verify(message, signature, context, signer_public_key); + assertTrue(is_valid, sig_name); + + // If successful print Sig name, otherwise an exception will be thrown + sb.append("\033[0;32m").append("PASSED").append("\033[0m"); + System.out.println(sb.toString()); + } /** * Test the MechanismNotSupported Exception @@ -69,4 +103,12 @@ private static Stream getEnabledSigsAsStream() { return enabled_sigs.parallelStream(); } + /** + * Method to convert the list of ML-DSA Sigs to a stream for input to testAllSigs + */ + private static Stream getContextSupportedAlgsAsStream() { + return Arrays.asList( + "ML-DSA-44", "ML-DSA-65", "ML-DSA-87" + ).parallelStream(); + } } From cada551ff9b512e1c7f926816c86ca10265a266c Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Fri, 24 Jan 2025 09:39:58 -0500 Subject: [PATCH 14/20] Update README, examples, and CI before 0.2.0 release (#32) * Update to latest CI image Signed-off-by: Spencer Wilson * Install jdk package and set JAVA_HOME Signed-off-by: Spencer Wilson * Add macOS job Signed-off-by: Spencer Wilson * Update README.md and example files Signed-off-by: Spencer Wilson * Remove unnecessary install Signed-off-by: Spencer Wilson --------- Signed-off-by: Spencer Wilson --- .github/workflows/java.yml | 37 +++++++++++++++++++++-- README.md | 60 ++++++++++++++++++++------------------ examples/KEMExample.java | 2 +- examples/SigExample.java | 2 +- 4 files changed, 67 insertions(+), 34 deletions(-) diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml index 19c3dff..42a9a5a 100644 --- a/.github/workflows/java.yml +++ b/.github/workflows/java.yml @@ -19,11 +19,10 @@ jobs: - name: Ensure GitHub actions are valid run: actionlint -shellcheck "" # run *without* shellcheck - build-and-test: + linux: needs: workflowcheck - name: OQS Ubuntu runs-on: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal:latest + container: openquantumsafe/ci-ubuntu-latest:latest steps: - name: Checkout liboqs-java uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 @@ -45,3 +44,35 @@ jobs: javac -cp target/liboqs-java.jar examples/KEMExample.java && javac -cp target/liboqs-java.jar examples/SigExample.java && javac -cp target/liboqs-java.jar examples/RandExample.java + + macos: + needs: workflowcheck + runs-on: macos-latest + steps: + - name: Install Python + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5 + with: + python-version: '3.12' + - name: Checkout liboqs-java + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + - name: Checkout liboqs main + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + with: + repository: open-quantum-safe/liboqs + path: liboqs + ref: main + - name: Install liboqs dependencies + run: env HOMEBREW_NO_AUTO_UPDATE=1 brew install ninja && pip3 install --require-hashes --break-system-packages -r .github/workflows/requirements.txt + working-directory: liboqs + - name: Build liboqs + run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install + working-directory: liboqs + - name: Resolve all maven project dependencies + run: mvn dependency:go-offline + - name: Build liboqs-java and run tests + run: export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:/usr/local/lib" && mvn -P macosx package + - name: Compile KEM, Signatures and Rand examples + run: | + javac -cp target/liboqs-java.jar examples/KEMExample.java && + javac -cp target/liboqs-java.jar examples/SigExample.java && + javac -cp target/liboqs-java.jar examples/RandExample.java diff --git a/README.md b/README.md index f78af01..7fdc712 100644 --- a/README.md +++ b/README.md @@ -164,13 +164,13 @@ To build the `liboqs-java` wrapper type for different operating systems add the For instance, to build `liboqs-java` for MacOS, type: ``` -$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" +mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" ``` The above command will compile the C and Java files and also run the unit tests. To build without running the default unit tests you can use the `-Dmaven.test.skip=true` command line option as follows: ``` -$ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" -Dmaven.test.skip=true +mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" -Dmaven.test.skip=true ``` The default profile for building is `linux`, so when building on Linux the `-P ` command line option may be omitted. @@ -194,7 +194,6 @@ The examples include: 1. **Rand example:** Print random bytes from - * NIST-KAT * OpenSSL * System (default) @@ -212,20 +211,20 @@ $ java -cp "target\liboqs-java.jar;examples\" KEMExample ##### Linux/MacOS ``` -$ javac -cp target/liboqs-java.jar examples/KEMExample.java -$ java -cp target/liboqs-java.jar:examples/ KEMExample +javac -cp target/liboqs-java.jar examples/KEMExample.java +java -cp target/liboqs-java.jar:examples/ KEMExample ``` ``` Supported KEMs: -BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed +BIKE-L1 BIKE-L3 BIKE-L5 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 ML-KEM-512 ML-KEM-768 ML-KEM-1024 sntrup761 FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE Enabled KEMs: -BIKE-L1 BIKE-L3 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 Kyber512-90s Kyber768-90s Kyber1024-90s NTRU-HPS-2048-509 NTRU-HPS-2048-677 NTRU-HPS-4096-821 NTRU-HRSS-701 ntrulpr653 ntrulpr761 ntrulpr857 sntrup653 sntrup761 sntrup857 LightSaber-KEM Saber-KEM FireSaber-KEM FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE SIDH-p434 SIDH-p503 SIDH-p610 SIDH-p751 SIDH-p434-compressed SIDH-p503-compressed SIDH-p610-compressed SIDH-p751-compressed SIKE-p434 SIKE-p503 SIKE-p610 SIKE-p751 SIKE-p434-compressed SIKE-p503-compressed SIKE-p610-compressed SIKE-p751-compressed +BIKE-L1 BIKE-L3 BIKE-L5 Classic-McEliece-348864 Classic-McEliece-348864f Classic-McEliece-460896 Classic-McEliece-460896f Classic-McEliece-6688128 Classic-McEliece-6688128f Classic-McEliece-6960119 Classic-McEliece-6960119f Classic-McEliece-8192128 Classic-McEliece-8192128f HQC-128 HQC-192 HQC-256 Kyber512 Kyber768 Kyber1024 ML-KEM-512 ML-KEM-768 ML-KEM-1024 sntrup761 FrodoKEM-640-AES FrodoKEM-640-SHAKE FrodoKEM-976-AES FrodoKEM-976-SHAKE FrodoKEM-1344-AES FrodoKEM-1344-SHAKE KEM Details: - Name: Kyber512 - Version: https://github.com/pq-crystals/kyber/commit/74cad307858b61e434490c75f812cb9b9ef7279b + Name: ML-KEM-512 + Version: FIPS203 Claimed NIST level: 1 Is IND-CCA: true Length public key (bytes): 800 @@ -234,17 +233,17 @@ KEM Details: Length shared secret (bytes): 32 Client public key: -C8 58 3B 21 02 A0 4D B0 ... 95 57 A7 E9 42 C0 45 C4 +A8 37 25 CA 79 A5 55 42 ... AF 43 3A 54 6C 3C 34 30 It took 1 millisecs to generate the key pair. It took 0 millisecs to encapsulate the secret. It took 0 millisecs to decapsulate the secret. Client shared secret: -16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF +7D 3B BB C7 29 45 4B 2F ... 58 87 1D BB BD 35 9C 79 Server shared secret: -16 7F 9B 18 18 F9 F0 FE ... 70 F3 F6 4A C1 30 2C FF +7D 3B BB C7 29 45 4B 2F ... 58 87 1D BB BD 35 9C 79 Shared secrets coincide? true ``` @@ -261,35 +260,35 @@ $ java -cp "target/liboqs-java.jar;examples\" SigExample ##### Linux/MacOS ``` -$ javac -cp target/liboqs-java.jar examples/SigExample.java -$ java -cp target/liboqs-java.jar:examples/ SigExample +javac -cp target/liboqs-java.jar examples/SigExample.java +java -cp target/liboqs-java.jar:examples/ SigExample ``` ``` Supported signatures: -Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 +Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small Enabled signatures: -Dilithium2 Dilithium3 Dilithium5 Dilithium2-AES Dilithium3-AES Dilithium5-AES Falcon-512 Falcon-1024 Rainbow-I-Classic Rainbow-I-Circumzenithal Rainbow-I-Compressed Rainbow-III-Classic Rainbow-III-Circumzenithal Rainbow-III-Compressed Rainbow-V-Classic Rainbow-V-Circumzenithal Rainbow-V-Compressed SPHINCS+-Haraka-128f-robust SPHINCS+-Haraka-128f-simple SPHINCS+-Haraka-128s-robust SPHINCS+-Haraka-128s-simple SPHINCS+-Haraka-192f-robust SPHINCS+-Haraka-192f-simple SPHINCS+-Haraka-192s-robust SPHINCS+-Haraka-192s-simple SPHINCS+-Haraka-256f-robust SPHINCS+-Haraka-256f-simple SPHINCS+-Haraka-256s-robust SPHINCS+-Haraka-256s-simple SPHINCS+-SHA256-128f-robust SPHINCS+-SHA256-128f-simple SPHINCS+-SHA256-128s-robust SPHINCS+-SHA256-128s-simple SPHINCS+-SHA256-192f-robust SPHINCS+-SHA256-192f-simple SPHINCS+-SHA256-192s-robust SPHINCS+-SHA256-192s-simple SPHINCS+-SHA256-256f-robust SPHINCS+-SHA256-256f-simple SPHINCS+-SHA256-256s-robust SPHINCS+-SHA256-256s-simple SPHINCS+-SHAKE256-128f-robust SPHINCS+-SHAKE256-128f-simple SPHINCS+-SHAKE256-128s-robust SPHINCS+-SHAKE256-128s-simple SPHINCS+-SHAKE256-192f-robust SPHINCS+-SHAKE256-192f-simple SPHINCS+-SHAKE256-192s-robust SPHINCS+-SHAKE256-192s-simple SPHINCS+-SHAKE256-256f-robust SPHINCS+-SHAKE256-256f-simple SPHINCS+-SHAKE256-256s-robust SPHINCS+-SHAKE256-256s-simple picnic_L1_FS picnic_L1_UR picnic_L1_full picnic_L3_FS picnic_L3_UR picnic_L3_full picnic_L5_FS picnic_L5_UR picnic_L5_full picnic3_L1 picnic3_L3 picnic3_L5 +Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small Signature Details: - Name: Dilithium2 - Version: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409 + Name: ML-DSA-44 + Version: FIPS204 Claimed NIST level: 2 Is IND-CCA: true Length public key (bytes): 1312 - Length secret key (bytes): 2528 + Length secret key (bytes): 2560 Maximum length signature (bytes): 2420 Signer public key: -0E 47 54 30 E7 47 6D E6 ... 82 6E 4C C3 87 AA 6E FD +CB CB 70 FF 1E B3 BA 26 ... A7 CF 7C 70 89 A1 1A 40 -It took 0 millisecs to generate the key pair. +It took 1 millisecs to generate the key pair. It took 1 millisecs to sign the message. It took 0 millisecs to verify the signature. Signature: -0C 2E 2D E2 81 C5 DC 10 ... 00 00 00 00 03 13 29 3B +ED 6F 67 B6 2E C9 31 FC ... 00 00 00 00 0F 21 2A 38 Valid signature? true ``` @@ -305,14 +304,13 @@ $ java -cp "target/liboqs-java.jar;examples\" RandExample ##### Linux/MacOS ``` -$ javac -cp target/liboqs-java.jar examples/RandExample.java -$ java -cp target/liboqs-java.jar:examples/ RandExample +javac -cp target/liboqs-java.jar examples/RandExample.java +java -cp target/liboqs-java.jar:examples/ RandExample ``` ``` -NIST-KAT: BF E7 5C 34 F9 1C 54 44 30 CD B1 61 5B FF 3D 92 31 17 38 BD 71 61 0C 22 CD F7 B8 23 D9 7C 27 F3 -OpenSSL: 86 B6 46 9C 56 44 6B FB F8 B1 37 F0 86 4D 4D 74 0F FD 51 99 82 D6 89 02 40 B9 45 CF F9 3A 4D 70 -System (default): 37 55 6F 4F 03 53 BB 71 E8 70 C2 3D DF 85 69 57 30 CE FA 11 EF 50 8A F5 AE 25 35 6F 91 CF EC 1D +OpenSSL: 19 0D 77 20 82 BA 59 69 38 32 3A 81 1B 50 6A A0 6F 81 14 35 06 14 9F 72 4F 6F D2 5F 68 E8 F7 40 +System (default): 81 2B 43 75 8A 22 63 21 28 D2 2D 1C 36 A1 19 19 22 AA E0 86 9A EE 6C A0 8C 52 E7 89 31 9C A3 6B ``` @@ -352,10 +350,11 @@ System (default): 37 55 6F 4F 03 53 BB 71 E8 70 C2 3D DF 85 69 57 30 CE FA 11 Exception in thread "main" java.lang.UnsatisfiedLinkError: ./liboqs-java/build/liboqs-jni.so: liboqs.so.0: cannot open shared object file: No such file or directory ``` - try setting the `LD_LIBRARY_PATH` environment variable with the installation location of the `liboqs` shared library, i.e., + On Linux, try setting the `LD_LIBRARY_PATH` environment variable with the installation location of the `liboqs` shared library, i.e., ``` export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" ``` + On macOS, the corresponding environment variable is `DYLD_LIBRARY_PATH`. * If a hotspot "irrecoverable stack overflow" error is shown: ``` @@ -380,6 +379,9 @@ Contributors to the liboqs-java wrapper include: [KEM-overview]: ./images/KEM.png [DS-overview]: ./images/digital-signature.png +<<<<<<< HEAD [badge-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=svg -[badge-circleci]: https://img.shields.io/circleci/build/github/open-quantum-safe/liboqs-java?logo=circleci \ No newline at end of file +[badge-circleci]: https://img.shields.io/circleci/build/github/open-quantum-safe/liboqs-java?logo=circleci +======= +>>>>>>> 1d7530e (Update README, examples, and CI before 0.2.0 release (#32)) diff --git a/examples/KEMExample.java b/examples/KEMExample.java index 96db53f..369ead1 100644 --- a/examples/KEMExample.java +++ b/examples/KEMExample.java @@ -14,7 +14,7 @@ public static void main(String[] args) { Common.print_list(KEMs.get_enabled_KEMs()); System.out.println(); - String kem_name = "ML-KEM-768"; + String kem_name = "ML-KEM-512"; KeyEncapsulation client = new KeyEncapsulation(kem_name); client.print_details(); System.out.println(); diff --git a/examples/SigExample.java b/examples/SigExample.java index c132d79..896e1a1 100644 --- a/examples/SigExample.java +++ b/examples/SigExample.java @@ -15,7 +15,7 @@ public static void main(String[] args) { byte[] message = "This is the message to sign".getBytes(); - String sig_name = "Dilithium2"; + String sig_name = "ML-DSA-44"; Signature signer = new Signature(sig_name); signer.print_details(); System.out.println(); From f24f634ff0f4cee362f3f8e015f327ff6d535e91 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Wed, 19 Mar 2025 16:44:03 -0400 Subject: [PATCH 15/20] Support derandomized key generation for ML-KEM (#33) * Support derandomized key generation for ML-KEM Signed-off-by: Spencer Wilson * Update example output in README.md Signed-off-by: Spencer Wilson --------- Signed-off-by: Spencer Wilson Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 17 +++---- src/main/c/KeyEncapsulation.c | 28 +++++++++++ .../org/openquantumsafe/KeyEncapsulation.java | 38 ++++++++++++++- .../java/org/openquantumsafe/KEMTest.java | 46 +++++++++++++++++++ 4 files changed, 120 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 7fdc712..922bb0f 100644 --- a/README.md +++ b/README.md @@ -231,19 +231,20 @@ KEM Details: Length secret key (bytes): 1632 Length ciphertext (bytes): 768 Length shared secret (bytes): 32 + Length keypair seed (bytes): 64 Client public key: -A8 37 25 CA 79 A5 55 42 ... AF 43 3A 54 6C 3C 34 30 +A4 E7 5D DB AB 9D FA 13 ... 32 9C 08 3F 71 D6 BA 41 It took 1 millisecs to generate the key pair. It took 0 millisecs to encapsulate the secret. It took 0 millisecs to decapsulate the secret. Client shared secret: -7D 3B BB C7 29 45 4B 2F ... 58 87 1D BB BD 35 9C 79 +5C BE 27 50 C8 7E 61 36 ... 07 60 EA 4C 3E 25 90 3F Server shared secret: -7D 3B BB C7 29 45 4B 2F ... 58 87 1D BB BD 35 9C 79 +5C BE 27 50 C8 7E 61 36 ... 07 60 EA 4C 3E 25 90 3F Shared secrets coincide? true ``` @@ -266,10 +267,10 @@ java -cp target/liboqs-java.jar:examples/ SigExample ``` Supported signatures: -Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small +Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small OV-Is OV-Ip OV-III OV-V OV-Is-pkc OV-Ip-pkc OV-III-pkc OV-V-pkc OV-Is-pkc-skc OV-Ip-pkc-skc OV-III-pkc-skc OV-V-pkc-skc Enabled signatures: -Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small +Dilithium2 Dilithium3 Dilithium5 ML-DSA-44 ML-DSA-65 ML-DSA-87 Falcon-512 Falcon-1024 Falcon-padded-512 Falcon-padded-1024 SPHINCS+-SHA2-128f-simple SPHINCS+-SHA2-128s-simple SPHINCS+-SHA2-192f-simple SPHINCS+-SHA2-192s-simple SPHINCS+-SHA2-256f-simple SPHINCS+-SHA2-256s-simple SPHINCS+-SHAKE-128f-simple SPHINCS+-SHAKE-128s-simple SPHINCS+-SHAKE-192f-simple SPHINCS+-SHAKE-192s-simple SPHINCS+-SHAKE-256f-simple SPHINCS+-SHAKE-256s-simple MAYO-1 MAYO-2 MAYO-3 MAYO-5 cross-rsdp-128-balanced cross-rsdp-128-fast cross-rsdp-128-small cross-rsdp-192-balanced cross-rsdp-192-fast cross-rsdp-192-small cross-rsdp-256-balanced cross-rsdp-256-fast cross-rsdp-256-small cross-rsdpg-128-balanced cross-rsdpg-128-fast cross-rsdpg-128-small cross-rsdpg-192-balanced cross-rsdpg-192-fast cross-rsdpg-192-small cross-rsdpg-256-balanced cross-rsdpg-256-fast cross-rsdpg-256-small OV-Is OV-Ip OV-III OV-V OV-Is-pkc OV-Ip-pkc OV-III-pkc OV-V-pkc OV-Is-pkc-skc OV-Ip-pkc-skc OV-III-pkc-skc OV-V-pkc-skc Signature Details: Name: ML-DSA-44 @@ -281,14 +282,14 @@ Signature Details: Maximum length signature (bytes): 2420 Signer public key: -CB CB 70 FF 1E B3 BA 26 ... A7 CF 7C 70 89 A1 1A 40 +2F F1 7A 8F FF EA 04 AA ... FD 51 A2 A0 80 5C 61 2B It took 1 millisecs to generate the key pair. -It took 1 millisecs to sign the message. +It took 0 millisecs to sign the message. It took 0 millisecs to verify the signature. Signature: -ED 6F 67 B6 2E C9 31 FC ... 00 00 00 00 0F 21 2A 38 +C0 41 9D 4D A9 B1 5F 4C ... 00 00 00 00 0A 20 2E 41 Valid signature? true ``` diff --git a/src/main/c/KeyEncapsulation.c b/src/main/c/KeyEncapsulation.c index 32fe42b..83833b8 100644 --- a/src/main/c/KeyEncapsulation.c +++ b/src/main/c/KeyEncapsulation.c @@ -85,6 +85,10 @@ JNIEXPORT jobject JNICALL Java_org_openquantumsafe_KeyEncapsulation_get_1KEM_1de jfieldID _length_shared_secret = (*env)->GetFieldID(env, cls, "length_shared_secret", "J"); (*env)->SetLongField(env, _nativeKED, _length_shared_secret, (jlong) kem->length_shared_secret); + // long length_keypair_seed; + jfieldID _length_keypair_seed = (*env)->GetFieldID(env, cls, "length_keypair_seed", "J"); + (*env)->SetLongField(env, _nativeKED, _length_keypair_seed, (jlong) kem->length_keypair_seed); + return _nativeKED; } @@ -110,6 +114,30 @@ JNIEXPORT jint JNICALL Java_org_openquantumsafe_KeyEncapsulation_generate_1keypa return (rv_ == OQS_SUCCESS) ? 0 : -1; } +/* + * Class: org_openquantumsafe_KeyEncapsulation + * Method: generate_keypair + * Signature: ([B[B)I + */ +JNIEXPORT jint JNICALL Java_org_openquantumsafe_KeyEncapsulation_generate_1keypair_1derand + (JNIEnv *env, jobject obj, jbyteArray jpublic_key, jbyteArray jsecret_key, jbyteArray jseed) +{ + jbyte *public_key_native = (*env)->GetByteArrayElements(env, jpublic_key, 0); + jbyte *secret_key_native = (*env)->GetByteArrayElements(env, jsecret_key, 0); + jbyte *seed_native = (*env)->GetByteArrayElements(env, jseed, 0); + + // Get pointer to KEM + OQS_KEM *kem = (OQS_KEM *) getHandle(env, obj, "native_kem_handle_"); + + // Invoke liboqs KEM keypair generation function + OQS_STATUS rv_ = OQS_KEM_keypair_derand(kem, (uint8_t*) public_key_native, (uint8_t*) secret_key_native, (uint8_t*) seed_native); + + (*env)->ReleaseByteArrayElements(env, jpublic_key, public_key_native, 0); + (*env)->ReleaseByteArrayElements(env, jsecret_key, secret_key_native, 0); + (*env)->ReleaseByteArrayElements(env, jseed, seed_native, JNI_ABORT); + return (rv_ == OQS_SUCCESS) ? 0 : -1; +} + /* * Class: org_openquantumsafe_KeyEncapsulation * Method: encap_secret diff --git a/src/main/java/org/openquantumsafe/KeyEncapsulation.java b/src/main/java/org/openquantumsafe/KeyEncapsulation.java index 3980ff5..2a88327 100644 --- a/src/main/java/org/openquantumsafe/KeyEncapsulation.java +++ b/src/main/java/org/openquantumsafe/KeyEncapsulation.java @@ -20,6 +20,7 @@ class KeyEncapsulationDetails { long length_secret_key; long length_ciphertext; long length_shared_secret; + long length_keypair_seed; /** * \brief Print KEM algorithm details @@ -33,7 +34,9 @@ void printKeyEncapsulation() { "\n Length public key (bytes): " + this.length_public_key + "\n Length secret key (bytes): " + this.length_secret_key + "\n Length ciphertext (bytes): " + this.length_ciphertext + - "\n Length shared secret (bytes): " + this.length_shared_secret + "\n Length shared secret (bytes): " + this.length_shared_secret + + "\n Length keypair seed (bytes): " + + ((this.length_keypair_seed > 0) ? this.length_keypair_seed : "N/A") ); } @@ -114,6 +117,18 @@ public KeyEncapsulation(String alg_name, byte[] secret_key) */ private native int generate_keypair(byte[] public_key, byte[] secret_key); + /** + * \brief Wrapper for OQS_API OQS_STATUS OQS_KEM_keypair_derand(const OQS_KEM *kem, + * uint8_t *public_key, uint8_t *secret_key, + * const uint8_t *seed); + * \param Public key + * \param Secret key + * \param Seed + * \return Status + */ + private native int generate_keypair_derand(byte[] public_key, + byte[] secret_key, byte[] seed); + /** * \brief Wrapper for OQS_API OQS_STATUS OQS_KEM_encaps(const OQS_KEM *kem, * uint8_t *ciphertext, @@ -159,6 +174,27 @@ public byte[] generate_keypair() throws RuntimeException { return this.public_key_; } + /** + * \brief Invoke native generate_keypair_derand method using the PK and SK lengths + * from alg_details_. Check return value and if != 0 throw Exception. + */ + public byte[] generate_keypair(byte[] seed) throws RuntimeException { + if (seed.length != alg_details_.length_keypair_seed) { + throw new RuntimeException("Incorrect seed length"); + } + + int rv_ = generate_keypair_derand(this.public_key_, this.secret_key_, seed); + if (rv_ != 0) throw new RuntimeException("Cannot generate keypair from seed"); + return this.public_key_; + } + + /** + * \brief Return seed length + */ + public long get_keypair_seed_length() { + return alg_details_.length_keypair_seed; + } + /** * \brief Return public key */ diff --git a/src/test/java/org/openquantumsafe/KEMTest.java b/src/test/java/org/openquantumsafe/KEMTest.java index 5e1511d..1a5e682 100644 --- a/src/test/java/org/openquantumsafe/KEMTest.java +++ b/src/test/java/org/openquantumsafe/KEMTest.java @@ -8,6 +8,7 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals; import java.util.ArrayList; +import java.util.Arrays; import java.util.stream.Stream; public class KEMTest { @@ -56,6 +57,43 @@ public void testAllKEMs(String kem_name) { System.out.println(sb.toString()); } + /** + * Test KEMs with derandomized keypair generation. + */ + @ParameterizedTest(name = "Testing {arguments}") + @MethodSource("getDerandSupportedKEMsAsStream") + public void testKEMsWithDerand(String kem_name) { + StringBuilder sb = new StringBuilder(); + sb.append(kem_name); + sb.append(" (derand)"); + sb.append(String.format("%1$" + (40 - kem_name.length() - 9) + "s", "")); + + // Create client and server + KeyEncapsulation client = new KeyEncapsulation(kem_name); + KeyEncapsulation server = new KeyEncapsulation(kem_name); + + // Generate seed + byte[] seed = Rand.randombytes(client.get_keypair_seed_length()); + + // Generate client key pair + byte[] client_public_key = client.generate_keypair(seed); + + // Server: encapsulate secret with client's public key + Pair server_pair = server.encap_secret(client_public_key); + byte[] ciphertext = server_pair.getLeft(); + byte[] shared_secret_server = server_pair.getRight(); + + // Client: decapsulate + byte[] shared_secret_client = client.decap_secret(ciphertext); + + // Check if equal + assertArrayEquals(shared_secret_client, shared_secret_server, kem_name); + + // If successful print KEM name, otherwise an exception will be thrown + sb.append("\033[0;32m").append("PASSED").append("\033[0m"); + System.out.println(sb.toString()); + } + /** * Test the MechanismNotSupported Exception */ @@ -71,4 +109,12 @@ private static Stream getEnabledKEMsAsStream() { return enabled_kems.parallelStream(); } + /** + * Method to convert the list of derand-supported KEMs to a stream for input to testAllSigs + */ + private static Stream getDerandSupportedKEMsAsStream() { + return Arrays.asList( + "ML-KEM-512", "ML-KEM-768", "ML-KEM-1024" + ).parallelStream(); + } } From a73e1fa6e99f0df312343552048fa900ab078da4 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Thu, 20 Mar 2025 19:20:29 +0800 Subject: [PATCH 16/20] add back the windows installation guide Signed-off-by: Adije Shen <1534656015@qq.com> --- README.md | 86 +++++++++++++++++++++++++++++++++++++++++++++---------- pom.xml | 10 +++---- 2 files changed, 76 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 922bb0f..e2cd357 100644 --- a/README.md +++ b/README.md @@ -125,6 +125,64 @@ To build `liboqs-java` first download or clone this java wrapper into a `liboqs- git clone -b master https://github.com/open-quantum-safe/liboqs-java.git ``` +### Windows Build + +#### Prerequisites + +- MinGW-w64 GCC (version 11.5.0 or later) +- CMake +- JDK 1.8 +- Maven 3.8.8 +- Git + +#### Installation Steps + +1. Install MinGW-w64 GCC: +- Download from [WinLibs](https://winlibs.com/#download-release) +- Extract the ZIP file to a directory without spaces +- Add the bin directory to PATH environment variable (e.g., `E:\develop\mingw64\bin`) + - Via Control Panel → System → System Info → Advanced System Settings → Advanced → Environment Variables → PATH + - Or via command line: `setx PATH "E:\develop\mingw64\bin;%PATH%"` (not recommended) + +2. Install CMake: +- Either via winget: `winget install cmake` +- Or download from [cmake.org](https://cmake.org/download/) +- Ensure CMake is added to PATH + +3. Verify installations (by open cmd and type): +```bash +gcc --version +cmake --version +``` + +4. Build liboqs: +```bash +git clone https://github.com/open-quantum-safe/liboqs/ +cmake -G "MinGW Makefiles" -DCMAKE_C_COMPILER=gcc -DBUILD_SHARED_LIBS=OFF -S . -B build +cmake --build build -j4 +cd .. +``` + +5. Install Java dependencies: +- Install JDK 1.8 from [OpenLogic](https://www.openlogic.com/openjdk-downloads) +- Install Maven 3.8.8 from [Maven](https://maven.apache.org/) +- Add both to PATH environment variables +- Verify Java installations: +```bash +java -version +mvn -version +``` + +If you clone the liboqs under `liboqs-java` directory, then you can run the following command to build the package: +```bash +mvn package -P windows +``` + +Or else, you should run +```bash +mvn package -P windows -Dliboqs.include.dir="\liboqs\build\include" -Dliboqs.lib.dir="\liboqs\build\lib" +``` + ### Linux/MacOS #### Prerequisites @@ -137,26 +195,20 @@ git clone -b master https://github.com/open-quantum-safe/liboqs-java.git #### Build Instructions -1. Clone the repository with submodules -```bash -git clone --recursive https://github.com/open-quantum-safe/liboqs-java -``` +First, you must build the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs/) according to the liboqs building instructions with static library, followed (optionally) by a `sudo cmake --install build` to ensure that the compiled library is visible system-wide (by default it installs under `/usr/local/include` and `/usr/local/lib` on Linux/macOS). -2. Build the liboqs C library to generate liboqs.a +1. Build the liboqs C library to generate liboqs.a ```bash -cd liboqs +cd +git clone https://github.com/open-quantum-safe/liboqs/ cmake -S . -B build cmake --build build -j4 +#optional +sudo cmake --install build cd .. ``` -This step will generate the `liboqs/build/liboqs.a` file. - -3. Build liboqs-java -```bash -mvn package -P -``` -This step will generate `target/liboqs-java.jar` and `target/classes/liboqs-jni.so`. +This step will generate the `liboqs/build/liboqs.a` file. ### Building the Java OQS wrapper @@ -168,6 +220,11 @@ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir ``` The above command will compile the C and Java files and also run the unit tests. +For those who doen't want the `liboqs` library to install system wide. You **have to** change `` to `/liboqs/build/include` to and `` to `/liboqs/build/lib` +``` +mvn package -P macosx -Dliboqs.include.dir="/liboqs/build/include" -Dliboqs.lib.dir="/liboqs/build/lib" +``` + To build without running the default unit tests you can use the `-Dmaven.test.skip=true` command line option as follows: ``` mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir="/usr/local/lib" -Dmaven.test.skip=true @@ -175,11 +232,10 @@ mvn package -P macosx -Dliboqs.include.dir="/usr/local/include" -Dliboqs.lib.dir The default profile for building is `linux`, so when building on Linux the `-P ` command line option may be omitted. -You may also omit the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` options in case you installed liboqs in `/usr/local` (true if you ran `sudo --install build` after building liboqs). +You may also omit the `-Dliboqs.include.dir` and `-Dliboqs.lib.dir` options in case you installed liboqs in `/usr/local` (true if you ran `sudo cmake --install build` after building liboqs). Both the above commands will create a `target` directory with the build files, as well as a `src/main/resources` directory that will contain the `liboqs-jni.so` native library. Finally, a `liboqs-java.jar` will be created inside the `target` directory that will contain all the class files as well as the `liboqs-jni.so` native library. - ### Building and running the examples The examples include: diff --git a/pom.xml b/pom.xml index db21250..a6c3143 100644 --- a/pom.xml +++ b/pom.xml @@ -61,7 +61,7 @@ -I${JAVA_HOME}/include -I${JAVA_HOME}/include/darwin generic-classic gcc - + -shared -L${liboqs.lib.dir} ${liboqs.lib.dir}/liboqs.a -lcrypto @@ -78,12 +78,12 @@ liboqs-jni so - ${project.basedir}/liboqs/build/include - ${project.basedir}/liboqs/build/lib + /usr/local/include + /usr/local/lib -I${JAVA_HOME}/include -I${JAVA_HOME}/include/linux generic-classic gcc - + -shared -L${liboqs.lib.dir} ${liboqs.lib.dir}/liboqs.a -lcrypto @@ -106,7 +106,7 @@ -I"${JAVA_HOME}\include" -I"${JAVA_HOME}\include\win32" mingw g++ - + -shared -L${liboqs.lib.dir} -ladvapi32 ${liboqs.lib.dir}\liboqs.a From d91cbe50b6f47004eedf2d491fc5e1294dd7acd5 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Sun, 23 Mar 2025 09:18:30 +0800 Subject: [PATCH 17/20] merge Signed-off-by: adijeshen <1534656015@qq.com> --- README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/README.md b/README.md index e2cd357..8462bcf 100644 --- a/README.md +++ b/README.md @@ -436,9 +436,6 @@ Contributors to the liboqs-java wrapper include: [KEM-overview]: ./images/KEM.png [DS-overview]: ./images/digital-signature.png -<<<<<<< HEAD [badge-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=svg [badge-circleci]: https://img.shields.io/circleci/build/github/open-quantum-safe/liboqs-java?logo=circleci -======= ->>>>>>> 1d7530e (Update README, examples, and CI before 0.2.0 release (#32)) From 79090b5c24ae191ddf587b9f65ebaa8a518e1166 Mon Sep 17 00:00:00 2001 From: adijeshen <1534656015@qq.com> Date: Sun, 23 Mar 2025 09:34:42 +0800 Subject: [PATCH 18/20] add windows CI Signed-off-by: adijeshen <1534656015@qq.com> --- .github/workflows/java.yml | 58 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 56 insertions(+), 2 deletions(-) diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml index 42a9a5a..cecfaa0 100644 --- a/.github/workflows/java.yml +++ b/.github/workflows/java.yml @@ -33,7 +33,7 @@ jobs: path: liboqs ref: main - name: Build liboqs - run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && ninja install + run: mkdir build && cd build && cmake .. -G"Ninja" -DOQS_BUILD_ONLY_LIB=ON && ninja install working-directory: liboqs - name: Resolve all maven project dependencies run: mvn dependency:go-offline @@ -65,7 +65,7 @@ jobs: run: env HOMEBREW_NO_AUTO_UPDATE=1 brew install ninja && pip3 install --require-hashes --break-system-packages -r .github/workflows/requirements.txt working-directory: liboqs - name: Build liboqs - run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install + run: mkdir build && cd build && cmake .. -G"Ninja" -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install working-directory: liboqs - name: Resolve all maven project dependencies run: mvn dependency:go-offline @@ -76,3 +76,57 @@ jobs: javac -cp target/liboqs-java.jar examples/KEMExample.java && javac -cp target/liboqs-java.jar examples/SigExample.java && javac -cp target/liboqs-java.jar examples/RandExample.java + + windows: + needs: workflowcheck + runs-on: windows-latest + steps: + - name: Install MSYS2 + uses: msys2/setup-msys2@v2 + with: + update: true + install: >- + mingw-w64-x86_64-gcc + mingw-w64-x86_64-ninja + mingw-w64-x86_64-cmake + make + + - name: Set up JDK + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: '17' + cache: 'maven' + + - name: Checkout liboqs-java + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + + - name: Checkout liboqs main + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + with: + repository: open-quantum-safe/liboqs + path: liboqs + ref: main + + - name: Build liboqs (static library) + shell: msys2 {0} + run: | + cd liboqs + mkdir build + cd build + cmake .. -G "Ninja" -DOQS_BUILD_ONLY_LIB=ON -DBUILD_SHARED_LIBS=OFF + ninja + + - name: Resolve Maven dependencies + run: mvn dependency:go-offline + + - name: Build liboqs-java and run tests + run: | + $env:Path += ";$env:GITHUB_WORKSPACE\liboqs\build\lib" + mvn -P windows -Dliboqs.include.dir="$env:GITHUB_WORKSPACE\liboqs\build\include" -Dliboqs.lib.dir="$env:GITHUB_WORKSPACE\liboqs\build\lib" package + + - name: Compile KEM, Signatures and Rand examples + run: | + javac -cp target\liboqs-java.jar examples\KEMExample.java + javac -cp target\liboqs-java.jar examples\SigExample.java + javac -cp target\liboqs-java.jar examples\RandExample.java From 13d3a24bae11bfa1fc5cb9f44697c3ed368dde10 Mon Sep 17 00:00:00 2001 From: Adije Shen <1534656015@qq.com> Date: Wed, 2 Apr 2025 09:18:45 +0800 Subject: [PATCH 19/20] change CI Signed-off-by: root Signed-off-by: Adije Shen <1534656015@qq.com> --- .github/workflows/java.yml | 38 +++++++++++++++++--------------------- 1 file changed, 17 insertions(+), 21 deletions(-) diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml index 4a2f6ce..66d8823 100644 --- a/.github/workflows/java.yml +++ b/.github/workflows/java.yml @@ -33,11 +33,7 @@ jobs: path: liboqs ref: main - name: Build liboqs -<<<<<<< HEAD run: mkdir build && cd build && cmake .. -G"Ninja" -DOQS_BUILD_ONLY_LIB=ON && ninja install -======= - run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && ninja install ->>>>>>> upstream/master working-directory: liboqs - name: Resolve all maven project dependencies run: mvn dependency:go-offline @@ -66,30 +62,34 @@ jobs: path: liboqs ref: main - name: Install liboqs dependencies - run: env HOMEBREW_NO_AUTO_UPDATE=1 brew install ninja && pip3 install --require-hashes --break-system-packages -r .github/workflows/requirements.txt - working-directory: liboqs + run: | + env HOMEBREW_NO_AUTO_UPDATE=1 brew install ninja openssl@3 + echo "OPENSSL_ROOT_DIR=$(brew --prefix openssl@3)" >> $GITHUB_ENV + export LDFLAGS="-L$(brew --prefix openssl@3)/lib" + echo "LDFLAGS=$LDFLAGS" - name: Build liboqs -<<<<<<< HEAD run: mkdir build && cd build && cmake .. -G"Ninja" -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install -======= - run: mkdir build && cd build && cmake .. -G"Ninja" -DBUILD_SHARED_LIBS=ON -DOQS_BUILD_ONLY_LIB=ON && sudo ninja install ->>>>>>> upstream/master working-directory: liboqs - name: Resolve all maven project dependencies run: mvn dependency:go-offline - name: Build liboqs-java and run tests - run: export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:/usr/local/lib" && mvn -P macosx package + run: | + export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:/usr/local/lib" + export OPENSSL_PATH=$(brew --prefix openssl@3)/lib + mvn -P macosx "-Dlinker.end.option=/usr/local/lib/liboqs.a -L$OPENSSL_PATH -lcrypto" package - name: Compile KEM, Signatures and Rand examples run: | javac -cp target/liboqs-java.jar examples/KEMExample.java && javac -cp target/liboqs-java.jar examples/SigExample.java && javac -cp target/liboqs-java.jar examples/RandExample.java -<<<<<<< HEAD windows: needs: workflowcheck runs-on: windows-latest steps: + - name: Checkout liboqs-java + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 + - name: Install MSYS2 uses: msys2/setup-msys2@v2 with: @@ -101,15 +101,12 @@ jobs: make - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'temurin' - java-version: '17' + java-version: '8' cache: 'maven' - - name: Checkout liboqs-java - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Checkout liboqs main uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 with: @@ -132,12 +129,11 @@ jobs: - name: Build liboqs-java and run tests run: | $env:Path += ";$env:GITHUB_WORKSPACE\liboqs\build\lib" - mvn -P windows -Dliboqs.include.dir="$env:GITHUB_WORKSPACE\liboqs\build\include" -Dliboqs.lib.dir="$env:GITHUB_WORKSPACE\liboqs\build\lib" package - + $includeDir = "$env:GITHUB_WORKSPACE\liboqs\build\include" + $libDir = "$env:GITHUB_WORKSPACE\liboqs\build\lib" + mvn -Pwindows "-Dliboqs.include.dir=$includeDir" "-Dliboqs.lib.dir=$libDir" package - name: Compile KEM, Signatures and Rand examples run: | javac -cp target\liboqs-java.jar examples\KEMExample.java javac -cp target\liboqs-java.jar examples\SigExample.java javac -cp target\liboqs-java.jar examples\RandExample.java -======= ->>>>>>> upstream/master From 1203576ee9c1b175924c77f5ee98a1de27de0422 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Fri, 13 Jun 2025 11:05:00 -0400 Subject: [PATCH 20/20] Update README.md Signed-off-by: Spencer Wilson --- README.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/README.md b/README.md index 021333a..d648a20 100644 --- a/README.md +++ b/README.md @@ -56,18 +56,6 @@ We acknowledge that some parties may want to begin deploying post-quantum crypto ## Building -Builds have been tested on Linux (Ubuntu 18.04 LTS, 19.10, and 20.04) and macOS Mojave with OpenJDK 8, 9, 11. -### Windows Build - -#### Prerequisites -- MinGW-w64 GCC (version 11.5.0 or later) -- CMake -- JDK 1.8 -- Maven 3.8.8 -- Git - -#### Installation Steps - Builds are tested in GitHub Actions on Linux (Ubuntu 24.04 with OpenJDK 21) and macOS ([macos-latest runner](https://docs.github.com/en/actions/using-github-hosted-runners/using-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories), at macOS Sonoma with Java 21 as of liboqs-java 0.2.0 release). ### Pre-requisites