liboqs
liboqs copied to clipboard
open-quantum-safe
C library for prototyping and experimenting with quantum-resistant cryptography
In several places throughout the codebase, `memset` is being used instead of `OQS_MEM_CLEANSE`. When the data being reset is secret, this is undesirable, as a compiler may optimize out the...
To prevent issues similar to #1862. @trailofbits used the following query to detect #1862: ```ql import cpp from FunctionCall call, Function f where f = call.getTarget() and // function name...
This would prevent new instances of #1866 from being introduced into the codebase. Suggested by @trailofbits in Week 1 of their audit of `liboqs`.
This is a follow up to #1855 After creating the new [project board](https://github.com/orgs/open-quantum-safe/projects/7/views/1) for tracking issues I found that some automation is not directly supported in the projects workflow feature....
**Describe the bug** I build liboqs-0.8.0-dev with and without OQS_USE_SHA3_OPENSSL=ON. With OQS_USE_SHA3_OPENSSL=ON I see 9 minutes for running tests and without - just 2 min. Fedora 37, OpenSSL 3.0.x **To...
We should have a document describing the intended threat model that liboqs aims to be secure against. This would include issues such as constant time behaviour, and what is in...
This isn't something to change in this PR, but something I noticed just from looking at this code during review. Now that we have the ability to set callbacks, could...
We have two `liboqs` APIs: the public one, exposed to users via `oqs.h`, and the internal one, used for non-exposed common code (e.g., SHA3). We should document this API split...
Metadata
Owner
Metadata
C library for prototyping and experimenting with quantum-resistant cryptography