Create liboqs 0.12.0 release candidate 1 (#2006)

* Update version numbers for 0.12.0-rc1

Signed-off-by: Douglas Stebila <[email protected]>

* Update list of supported versions

Signed-off-by: Douglas Stebila <[email protected]>

* Update release notes for 0.12.0-rc1

Fixes #1990 and #2004.

Signed-off-by: Douglas Stebila <[email protected]>

* Fix typo and workding [skip ci]

Co-authored-by: Spencer Wilson <[email protected]>
Signed-off-by: Douglas Stebila <[email protected]>

* Revise wording on API removal

Signed-off-by: Douglas Stebila <[email protected]>

* Update release date for rc1 [skip ci]

Signed-off-by: Douglas Stebila <[email protected]>

---------

Signed-off-by: Douglas Stebila <[email protected]>
Signed-off-by: Douglas Stebila <[email protected]>
Co-authored-by: Spencer Wilson <[email protected]>

CMakeLists.txt

@@ -41,9 +41,9 @@ set(CMAKE_C_STANDARD_REQUIRED ON)
 set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 set(CMAKE_C_VISIBILITY_PRESET hidden)
 set(OQS_VERSION_MAJOR 0)
-set(OQS_VERSION_MINOR 11)
-set(OQS_VERSION_PATCH 1)
-set(OQS_VERSION_PRE_RELEASE "-dev")
+set(OQS_VERSION_MINOR 12)
+set(OQS_VERSION_PATCH 0)
+set(OQS_VERSION_PRE_RELEASE "-rc1")
 set(OQS_VERSION_TEXT "${OQS_VERSION_MAJOR}.${OQS_VERSION_MINOR}.${OQS_VERSION_PATCH}${OQS_VERSION_PRE_RELEASE}")
 set(OQS_COMPILE_BUILD_TARGET "${CMAKE_SYSTEM_PROCESSOR}-${CMAKE_HOST_SYSTEM}")
 set(OQS_MINIMAL_GCC_VERSION "7.1.0")

RELEASE.md

@@ -1,5 +1,5 @@
-liboqs version 0.11.0
-=====================
+liboqs version 0.12.0-rc1
+=========================
 
 About
 -----
@@ -27,107 +27,85 @@ liboqs can also be used in the following programming languages via language-spec
 Release notes
 =============
 
-This is version 0.11.0 of liboqs. It was released on September 27, 2024.
+This is release candidate 1 for version 0.12.0 of liboqs. It was released on November 29, 2024.
 
-This release updates ML-KEM implementations to their [final FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) versions. This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1](https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures) along with stateful hash-based signature schemes [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2).
+This release updates the ML-DSA implementation to the [final FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
 
-LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in [CONFIGURE.md](https://github.com/open-quantum-safe/liboqs/blob/0.11.0/CONFIGURE.md#stateful-hash-based-signatures).
+Deprecation notice
+==================
+
+This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
+
+The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at https://github.com/open-quantum-safe/liboqs/issues/2001.
 
 What's New
 ----------
 
-This release continues from the 0.10.1 release of liboqs.
+This release continues from the 0.11.0 release of liboqs.
 
 ### Key encapsulation mechanisms
 
-- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2).
-- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
-- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer.
+- HQC: Fixed correctness bug in decapsulation. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
+- Kyber: This is the last release of liboqs to include Kyber.
+- ML-KEM: Improved testing of ML-KEM.
 
 ### Digital signature schemes
 
-- LMS/XMSS: Added implementations of stateful hash-based signature schemes: [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554).
-- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1.
-- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1.
+- LMS: Fixed crashing bug.
+- ML-DSA: Removed FIPS 204-ipd (initial public draft) and replaced it with FIPS 204 final version.
+- Added new API for digital signatures with context strings; see https://github.com/open-quantum-safe/liboqs/issues/2001 for plan to remove old API without context string.
+- Added fuzzing tests for signature schemes.
+- Added benchmarking for stateful hash-based signature schemes.
 
 ### Other changes
 
-- Added callback API to use custom implementations of AES, SHA2, and SHA3.
-- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.
+- Updated CBOM format to version 1.6.
+- Added a function `OQS_thread_stop` to be called by multi-threaded applications to properly deallocate resources in a threaded execution.
+- Added preprocessor macros conveying liboqs version information.
 
 ---
 
 Detailed changelog
 ------------------
 
-* [NFCI] Move Keccak rhotates tables to rodata by @aaupov in https://github.com/open-quantum-safe/liboqs/pull/1739
-* Document Fix by @pi-314159 in https://github.com/open-quantum-safe/liboqs/pull/1735
-* Add option to dynamically load libcrypto.so.* by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1603
-* Allow windows linking of test programs by @matlimatli in https://github.com/open-quantum-safe/liboqs/pull/1751
-* Refactor OpenSSL Implementation of SHA3 SHAKE to use new Squeeze API by @Eddy-M-K in https://github.com/open-quantum-safe/liboqs/pull/1694
-* remove "maximum" words for most length fields by @wangweij in https://github.com/open-quantum-safe/liboqs/pull/1747
-* add compile_commands.json to .gitignore by @carsonRadtke in https://github.com/open-quantum-safe/liboqs/pull/1754
-* Fix linking of test programs on msys by @d0p1s4m4 in https://github.com/open-quantum-safe/liboqs/pull/1758
-* restrict Windows platform support documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1762
-* Add workflow dispatch to action by @ryjones in https://github.com/open-quantum-safe/liboqs/pull/1778
-* Bump jinja2 from 3.1.3 to 3.1.4 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1782
-* Algorithm selection clarification by @beldmit in https://github.com/open-quantum-safe/liboqs/pull/1784
-* Use OPENSSL_cleanse if OpenSSL is used by @bencemali in https://github.com/open-quantum-safe/liboqs/pull/1773
-* Errors not printed out when OPENSSL_NO_STDIO is set by @bencemali in https://github.com/open-quantum-safe/liboqs/pull/1774
-* Add Stateful Signature (XMSS and LMS) by @ashman-p in https://github.com/open-quantum-safe/liboqs/pull/1650
-* Forward-declare OQS_SIG in sig_stfl.h by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1820
-* Move Linux ARM64 "build" test from CircleCI to GitHub Actions by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1814
-* Fix test_alg_info.py on Windows platform by @qnfm in https://github.com/open-quantum-safe/liboqs/pull/1821
-* Increment version string to 0.10.2-dev by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1813
-* Add XMSS-SHA256_{10, 16, 20}_192 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1817
-* Add XMSS-SHAKE256_{10, 16, 20}_192 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1818
-* Add XMSS-SHAKE256_{10, 16, 20}_256 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1819
-* Create scorecard.yml (OpenSSF) by @planetf1 in https://github.com/open-quantum-safe/liboqs/pull/1708
-* Expose callback API for replacing low-level cryptographic primitives by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1832
-* Add MAYO signature scheme from NIST onramp by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1707
-* Bump zipp from 3.4.0 to 3.19.1 in /scripts/copy_from_upstream in the pip group by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1836
-* Update and fix CI status badges by @anvega in https://github.com/open-quantum-safe/liboqs/pull/1844
-* Use `cmake -LA -N` instead of `cmake -LA` in CI by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1848
-* Fix passes.json entries for MAYO by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1852
-* ML-KEM NIST tests, fix order of d and z by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1854
-* Move from CircleCI to GitHub Actions by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1849
-* Add a convenience script for consistent astyle formatting by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1861
-* Quick fixes from Trail of Bits audit Week 1 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1869
-* Check return value of fscanf in LMS/XMSS KAT tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1874
-* Fix downstream CI trigger by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1857
-* Don't hardcode OPENSSL_ROOT_DIR to /usr on Linux by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1873
-* Fix overflow in stateful sigs tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1887
-* Integrate Kyber from libjade  by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1745
-* Use explicit_memset if available. NetBSD has support for it: by @loganaden in https://github.com/open-quantum-safe/liboqs/pull/1872
-* Disable erroring TravisCI build by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1901
-* Update OpenSSH downstream branch to OQS-v9 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1898
-* Fix incorrect formatting in unix.yml by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1902
-* CMakeLists: add ppc case to known archs by @barracuda156 in https://github.com/open-quantum-safe/liboqs/pull/1816
-* Remove old ad hoc CI for Apple M1 by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1907
-* Add ML-KEM / FIPS203 final by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1899
-* Update checkout action in weekly.yml by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1908
-* Add CROSS by @rtjk in https://github.com/open-quantum-safe/liboqs/pull/1881
-* Refactor liboqs CI and update Ubuntu images by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1909
-* Check workflows for issues during CI by @jplomas in https://github.com/open-quantum-safe/liboqs/pull/1916
-* Patch Kyber to fix ASAN error on ARM64 by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1922
-* Change README links to be doxygen-friendly by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1927
+## What's Changed
+
+* 0.11.0 release by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1939
+* Bump version to 0.11.1-dev by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1940
+* Remove hardcoded build patch from test script by @iyanmv in https://github.com/open-quantum-safe/liboqs/pull/1938
+* Don't include dlfcn.h for Windows by @steenrasmussen in https://github.com/open-quantum-safe/liboqs/pull/1936
+* Update CBOM format to upstream v1.6 by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1834
+* Downgrade zephyr container to v0.26.14 to avoid build failures by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1949
+* Fix for Zephyr CI by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1953
+* Add a basic fuzz testing harness for Dilithium2 by @nathaniel-brough in https://github.com/open-quantum-safe/liboqs/pull/1905
+* [#1823] replace malloc/calloc/strdup/free with openssl allocator by @songlingatpan in https://github.com/open-quantum-safe/liboqs/pull/1926
+* Add benchmarking for stateful hash based schemes: speed_sig_stfl by @cr-marcstevens in https://github.com/open-quantum-safe/liboqs/pull/1952
+* Update CODEOWNERS by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1943
+* Add new API to cleanup OpenSSL threads. by @ashman-p in https://github.com/open-quantum-safe/liboqs/pull/1959
+* Adapt existing sig fuzz harness including more algorithms by @nathaniel-brough in https://github.com/open-quantum-safe/liboqs/pull/1955
+* add C++ linking test by @aidenfoxivey in https://github.com/open-quantum-safe/liboqs/pull/1971
+* Make random/functions deterministic during fuzzing by @nathaniel-brough in https://github.com/open-quantum-safe/liboqs/pull/1974
+* Remove SPHINCS+ aarch64 code by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1972
+* Remove macos-12 runner due to GitHub deprecation. by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1977
+* Revert "Disable erroring TravisCI build" by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1960
+* imported fix from CROSS upstream: endianness-aware csprng by @rtjk in https://github.com/open-quantum-safe/liboqs/pull/1983
+* chore: Add CI badges to README.md by @ChinoUkaegbu in https://github.com/open-quantum-safe/liboqs/pull/1987
+* Update PLATFORMS.md / re-enable CROSS on s390x by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1988
+* Avoid OpenSSL functions are unconditionally called at OQS_destroy by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1982
+* Test Improvements for ML-KEM by @abhinav-thales in https://github.com/open-quantum-safe/liboqs/pull/1947
+* Fix LMS crash by @ashman-p in https://github.com/open-quantum-safe/liboqs/pull/1998
+* Set ML-KEM alg_version to "FIPS203" by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1997
+* Add ML-DSA / FIPS 204 final by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1919
+* Add defines for OQS version components by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/2000
 
 ## New Contributors
-* @aaupov made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1739
-* @pi-314159 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1735
-* @ueno made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1603
-* @matlimatli made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1751
-* @Eddy-M-K made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1694
-* @wangweij made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1747
-* @carsonRadtke made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1754
-* @d0p1s4m4 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1758
-* @ryjones made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1778
-* @bencemali made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1773
-* @qnfm made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1821
-* @anvega made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1844
-* @loganaden made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1872
-* @barracuda156 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1816
-* @rtjk made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1881
-* @jplomas made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1916
-
-**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.10.1...0.11.0
+
+* @steenrasmussen made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1936
+* @nathaniel-brough made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1905
+* @songlingatpan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1926
+* @cr-marcstevens made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1952
+* @aidenfoxivey made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1971
+* @ChinoUkaegbu made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1987
+* @abhinav-thales made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1947
+
+**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.11.0...0.12.0-rc1

SECURITY.md

@@ -8,10 +8,8 @@ Using any code prior to 0.10.1 is strongly discouraged due to a [known security
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 0.11.0  | :white_check_mark: |
-| < 0.11  | :x:                |
+| 0.12.0  | :white_check_mark: |
+| < 0.12  | :x:                |
 
 ## Reporting a Vulnerability
 Please follow [this information to report a vulnerability](https://openquantumsafe.org/liboqs/security.html#reporting-security-bugs).
-
-

src/CMakeLists.txt

@@ -121,7 +121,7 @@ set_target_properties(oqs
     ARCHIVE_OUTPUT_DIRECTORY "${PROJECT_BINARY_DIR}/lib"
     LIBRARY_OUTPUT_DIRECTORY "${PROJECT_BINARY_DIR}/lib"
     VERSION ${OQS_VERSION_TEXT}
-    SOVERSION 6
+    SOVERSION 7
     # For Windows DLLs
     RUNTIME_OUTPUT_DIRECTORY "${PROJECT_BINARY_DIR}/bin")