Merge pull request #52 from crt26/develop

Merge Version 0.3.1 to Main

Author: crt26

DISCLAIMER.md

@@ -0,0 +1,42 @@
+
+# Project Disclaimer
+
+## General Disclaimer
+This project is intended solely for research and benchmarking purposes. The tools and scripts provided in this repository are designed to evaluate the performance characteristics of Post-Quantum Cryptography (PQC) algorithms in controlled environments. They are not intended for production use or security-critical applications.
+
+The maintainers of this project assume no liability for any consequences resulting from the use or misuse of this repository or its components.
+
+Users are expected to understand the implications of enabling, modifying, or extending any parts of the framework, especially when integrating with cryptographic libraries and systems.
+
+## Licence Compliance
+
+This project complies with the licensing terms of all third-party software and libraries it utilises. All dependencies are downloaded and built locally during the setup process; however, this repository does include modified versions of specific source files from third-party projects where necessary.
+
+In particular:
+
+- Modified versions of the `test_kem_mem.c` and `test_sig_mem.c` files from the **Liboqs** project are distributed in this repository. These files have been adapted to support detailed memory benchmarking with reduced terminal output. The original MIT Licence is retained at the top of each modified file, and these modifications remain subject to that licence.
+
+All other third-party dependencies are incorporated dynamically during setup:
+
+- **Liboqs** and **OQS-Provider** are modified and built locally under the MIT Licence.
+- **OpenSSL** is dynamically patched and built during setup under the Apache Licence 2.0.
+- **pqax** is used without modification under the Creative Commons Zero v1.0 Universal (CC0) Licence.
+
+Users are responsible for ensuring compliance with all relevant third-party licences, particularly if redistributing binaries or integrating this project into larger systems.
+
+## HQC Algorithm Inclusion Disclaimer
+The HQC KEM algorithms are disabled by default in recent versions of the Liboqs library due to a known security issue that breaks IND-CCA2 guarantees under specific attack models.
+
+Despite this, the PQC Evaluation Tools framework provides an optional mechanism to enable HQC algorithms for the sole purpose of performance testing. When using the `--enable-hqc-algs` flag during setup, users will receive a clear warning and must explicitly confirm before HQC is included in the benchmarking environment.
+
+If HQC is enabled:
+
+- It must only be used within the provided testing tools.
+- It must not be used in any production systems or real-world cryptographic deployments.
+
+Enabling HQC is done at the user's own risk, and the project maintainers accept no responsibility for any issues arising from its inclusion.
+
+For more information, see:
+- [Liboqs Pull Request #2122](https://github.com/open-quantum-safe/liboqs/pull/2122)
+- [Liboqs Issue #2118](https://github.com/open-quantum-safe/liboqs/issues/2118)
+- [PQC-Evaluation-Tools Issue #46](https://github.com/crt26/pqc-evaluation-tools/issues/46)

DISCLAIMER.txt

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2023 Callum Turino
+Copyright (c) 2023-2025 Callum Turino
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

LICENSE

@@ -41,7 +41,8 @@ For details on the project's development and upcoming features, see the project'
   - [Parsing Script Usage](#parsing-script-usage)
   - [Parsed Results Output](#parsed-results-output)
 - [Additional Documentation](#additional-documentation)
-- [License](#license)
+  - [Project Wiki Page](#project-wiki-page)
+- [Licence](#licence)
 - [Acknowledgements](#acknowledgements)
 
 ## Supported Hardware and Software
@@ -56,7 +57,7 @@ The automated testing tool is currently only supported in the following environm
 ### Tested Dependency Libraries <!-- omit from toc -->
 This version of the repository has been fully tested with the following library versions:
 
-- Liboqs Version 0.12.0
+- Liboqs Version 0.13.0
 
 - OQS Provider Version 0.8.0
 
@@ -66,7 +67,9 @@ The repository is configured to pull the latest versions of the OQS projects whi
 
 However, as the OQS libraries are still developing projects, if any major changes have occurred to their code bases, this project's automation scripts may not be able to accommodate this. If this does happen, please report an issue to this repositories GitHub page where it will be addressed as soon as possible. In the meantime, it is possible to change the versions of the OQS libraries used by the benchmarking suite. This is detailed further in the [Installation Instructions](#installation-instructions) section.
 
-> Notice: Memory profiling for Falcon algorithm variants is currently non-functional on **ARM** systems due to issues with the scheme and the Valgrind Massif tool. Please see the [bug report](https://github.com/open-quantum-safe/liboqs/issues/1761) for details. Testing and parsing remain fully functional for all other algorithms.
+> **Notice 1:** The HQC KEM algorithms are disabled by default in recent Liboqs versions due to a disclosed IND-CCA2 vulnerability. For benchmarking purposes, the setup process includes an optional flag to enable HQC, accompanied by a user confirmation prompt and warning. For instructions on enabling HQC, see the [Advanced Setup Configuration Guide](docs/advanced-setup-configuration.md), and refer to the [Disclaimer Document](./DISCLAIMER.md) for more information on this issue.
+
+> **Notice 2:** Memory profiling for Falcon algorithm variants is currently non-functional on **ARM** systems due to issues with the scheme and the Valgrind Massif tool. Please see the [bug report](https://github.com/open-quantum-safe/liboqs/issues/1761) for details. Testing and parsing remain fully functional for all other algorithms.
 
 ## Installation Instructions
 The standard setup process uses the latest versions of the OQS libraries and performs automatic system detection and installation of the benchmarking suite. It supports various installation modes that determine which OQS libraries are downloaded and built, depending on your environment.
@@ -136,7 +139,12 @@ touch .pqc_eval_dir_marker.tmp
 ```
 
 ### Optional Setup Flags
-For advanced setup options, including `safe-mode` for using the last tested versions of the dependency libraries, custom OpenSSL `speed.c` limits, and additional build features, please refer to the [Advanced Setup Configuration Guide](docs/advanced-setup-configuration.md).
+For advanced setup options, including:
+- `safe-mode` for using the last tested versions of the dependency libraries,
+- Custom OpenSSL `speed.c` limits, 
+- Enabling HQC algorithms in Liboqs
+ 
+Please refer to the [Advanced Setup Configuration Guide](docs/advanced-setup-configuration.md).
 
 ## Automated Testing Tools
 The repository provides two categories of automated benchmarking:
@@ -150,15 +158,12 @@ The testing tools are located in the `scripts/test-scripts` directory and are fu
 ### Liboqs Performance Testing
 This tool benchmarks CPU and memory usage for various PQC algorithms supported by the Liboqs library. It produces detailed performance metrics for each tested algorithm.
 
-The test script can be executed using the following command:
-```
-./full-liboqs-test.sh
-```
-
 For detailed usage instructions, please refer to:
 
 [Automated Liboqs Performance Testing Instructions](docs/testing-tools-usage/liboqs-performance-testing.md)
 
+**Note:** HQC KEM algorithms are disabled by default in the latest Liboqs version due to a known vulnerability. The main setup script provides an option to enable HQC for benchmarking if required. Please refer to the [Advanced Setup Configuration Guide](docs/advanced-setup-configuration.md) for more information.
+
 ### OQS-Provider TLS Performance Testing
 This tool is focused on benchmarking the performance of PQC and Hybrid-PQC algorithms when integrated within OpenSSL (3.4.1) via the OQS-Provider library.
 
@@ -174,6 +179,12 @@ For detailed usage instructions, please refer to:
 
 [Automated OQS-Provider TLS Performance Testing Instructions](docs/testing-tools-usage/oqsprovider-performance-testing.md)
 
+**Note:** The following signature algorithms are excluded from the automated TLS benchmarking due to known incompatibilities with [RFC 8446](https://datatracker.ietf.org/doc/html/rfc8446):
+- UOV-based schemes (e.g., OV_Is, OV_III, and their hybrid variants)
+- CROSSrsdp256small
+
+These algorithms remain available for computational benchmarking using the Liboqs tools.
+
 ### Testing Output Files
 After the testing has been completed, unparsed results will be stored in the `test-data/up-results` directory:
 
@@ -223,6 +234,12 @@ Please refer to the [Performance Metrics Guide](docs/performance-metrics-guide.m
 - [Project Scripts](docs/developer-information/project-scripts.md)
 - [Repository Structure](docs/developer-information/repository-directory-structure.md)
 - [Performance Metrics Guide](docs/performance-metrics-guide.md)
+- [Project Disclaimer](./DISCLAIMER.md)
+
+### Project Wiki Page
+The information provided in the internal documentation is also available through the project's GitHub Wiki:
+
+[PQC-Evaluation-Tools Wiki](https://github.com/crt26/pqc-evaluation-tools/wiki)
 
 ### Helpful External Documentation Links <!-- omit from toc -->
 - [Liboqs Webpage](https://openquantumsafe.org/liboqs/)
@@ -234,17 +251,19 @@ Please refer to the [Performance Metrics Guide](docs/performance-metrics-guide.m
 - [OpenSSL(3.4.1) Documentation](https://docs.openssl.org/3.4/)
 - [TLS 1.3 RFC 8446](https://www.rfc-editor.org/rfc/rfc8446)
 
-## License
+## Licence
 
-This project is licensed under the MIT License - see the [LICENSE](LICENSE)
+This project is licensed under the MIT License – see the [LICENSE](LICENSE) file for details.
 
 ## Acknowledgements
-This project depends on:
 
-1. [Liboqs](https://github.com/open-quantum-safe/liboqs) - This project includes modified versions of files from the `liboqs` project. These modified files are subject to the `liboqs` MIT license, which can be found at the top of each modified file.
+This project depends on the following third-party software and libraries:
+
+1. **[Liboqs](https://github.com/open-quantum-safe/liboqs)** – Used to provide standalone implementations of post-quantum key encapsulation mechanisms (KEMs) and digital signature algorithms for computational performance testing. This project includes modified versions of the `test_kem_mem.c` and `test_sig_mem.c` files in order to collect detailed memory usage metrics during benchmarking with minimal terminal output. These modifications remain under the original MIT License, which is noted at the top of each modified file.
+
+2. **[OQS-Provider](https://github.com/open-quantum-safe/oqs-provider)** – Used to integrate post-quantum algorithms from `Liboqs` into OpenSSL via the provider interface, enabling TLS-based performance testing. Modifications include dynamically altering the `generate.yml` template to optionally enable all signature algorithms that are disabled by default. The provider is built locally and dynamically linked into OpenSSL. It is licensed under the MIT License.
 
-2. [OQS-Provider](https://github.com/open-quantum-safe/openssl) - This project relies on the OpenSSL provider created by the `OQS-Provider` project. The project is subject to a MIT licence, details of which can be found in the projects repositories root directory. 
+3. **[OpenSSL](https://github.com/openssl/openssl)** – Used as the core cryptographic library for TLS testing and benchmarking. This project applies runtime modifications during the build process to increase the hardcoded algorithm limits in `speed.c` (`MAX_KEM_NUM` and `MAX_SIG_NUM`) to support benchmarking of a broader algorithm set, and to append configuration directives to `openssl.cnf` to register and activate the `oqsprovider`. OpenSSL is licensed under the Apache License 2.0.
 
-3. [OpenSSL](https://github.com/openssl/openssl) - This project utilises the OpenSSL library through its own scripts and the libraries provided by the OQS Project. The OpenSSL project is  under the Apache 2.0 license, details of which can be found in the projects repositories root directory.
+4. **[pqax](https://github.com/mupq/pqax)** – Used to enable access to the ARM Performance Monitor Unit (PMU) on ARM-based systems such as Raspberry Pi. This allows precise benchmarking of CPU cycles. No modifications are made to the original source code. Pqax is licensed under the Creative Commons Zero v1.0 Universal (CC0) license, placing it in the public domain.
 
-4. [pqax](https://github.com/mupq/pqax/tree/main) - This project uses the pqax library to enable arm PMU on Raspberry Pi devices. The pqax library is licensed under the Creative Commons Zero v1.0 Universal license, which dedicates the work to the public domain.

README.md

@@ -1,14 +1,8 @@
-# Version v0.3.0 Release
-Welcome to the version 0.3.0 release of the PQC-Evaluation-Tools project!
+# Version v0.3.1 Release
+Welcome to the version 0.3.1 release of the PQC-Evaluation-Tools project!
 
 ##  Release Overview
-The version 0.3.0 release of the PQC-Evaluation-Tools suite delivers key updates focused on compatibility, stability, and usability. It adds support for the latest version of the OQS libraries and has been upgraded to use the latest version of OpenSSL (version 3.4.1).
-
-Automation has been refined with fixes to control signalling, improved handling of TLS benchmarking ports, and more robust detection of port conflicts. The suite now supports older Python versions, and script usability has been enhanced through clearer naming and new help flags.
-
-TLS speed benchmarking is now more stable, resolving issues caused by control signal timing and newer versions of the OQS-Provider library to break the OpenSSL `s_speed` tool when using all its supported algorithms. The release also includes an updated generate.yml for OQS-Provider, along with documentation improvements and general codebase clean-up.
-
-These changes make the toolset more flexible and reliable for evaluating PQC performance, particularly in TLS-based deployments.
+Version 0.3.1 is a maintenance release focused on resolving critical bugs introduced by recent changes in upstream dependencies. It addresses issues affecting algorithm detection, TLS handshake stability, and improves exception handling for computational performance testing on ARM-based systems. Additionally, a licence compliance review was completed to ensure all third-party usage remains properly attributed and documented.
 
 ## Project Features
 The project provides automation for:
@@ -23,22 +17,13 @@ The project provides automation for:
 
 - Parsing of the PQC performance data, where data from multiple machines can be parsed, averaged, and then compared against each other.
 
-## Change Log
-* Verify project support for liboqs version 0.12.0 in [#9](https://github.com/crt26/pqc-evaluation-tools/pull/9)
-* Update OQS-Provider Script and Variable Naming in [#10](https://github.com/crt26/pqc-evaluation-tools/pull/10)
-* Upgrade OpenSSL Dependency to Version 3.4.0 in [#11](https://github.com/crt26/pqc-evaluation-tools/pull/11)
-* Fix Control Signalling Issue in Automated TLS Benchmarking Scripts in [#13](https://github.com/crt26/pqc-evaluation-tools/pull/13)
-* Add Support for Older Versions of Python in [#17](https://github.com/crt26/pqc-evaluation-tools/pull/17)
-* Upgrade OpenSSL Dependency to Security Patch Version 3.4.1 in [#19](https://github.com/crt26/pqc-evaluation-tools/pull/19)
-* Make TLS Benchmarking Ports Configurable and Improve Conflict Handling in [#20](https://github.com/crt26/pqc-evaluation-tools/pull/20)
-* Update Modified OQS-Provider generate.yml File in [#22](https://github.com/crt26/pqc-evaluation-tools/pull/22)
-* Fix False Positives in Port Usage Checks & Relocate Default TLS Benchmarking Ports in [#24](https://github.com/crt26/pqc-evaluation-tools/pull/24)
-* Fix TLS Speed Benchmark Failure Caused by Excessive Algorithm Loading in [#26](https://github.com/crt26/pqc-evaluation-tools/pull/26)
-* Add Configurable Control Signal Sleep Time to Automated TLS Testing Scripts in [#29](https://github.com/crt26/pqc-evaluation-tools/pull/29)
-* Add support for help Flags in Project Scripts in [#32](https://github.com/crt26/pqc-evaluation-tools/pull/32)
-* Update and Improve Documentation and Clean Codebase in [#33](https://github.com/crt26/pqc-evaluation-tools/pull/33)
-
-**Full Changelog**: https://github.com/crt26/pqc-evaluation-tools/compare/v0.2.1...v0.3.0
+## Change Log  
+* Fix automated algorithm detection and TLS handshake failures due to UOV signature size limits in [#44](https://github.com/crt26/pqc-evaluation-tools/pull/44)  
+* Fix ARM PMU access loss after reboot on some Raspberry Pi devices in [#45](https://github.com/crt26/pqc-evaluation-tools/pull/45)  
+* Fix HQC not being enabled by default in Liboqs builds in [#47](https://github.com/crt26/pqc-evaluation-tools/pull/47)  
+* Complete licence compliance review for third-party dependencies in [#51](https://github.com/crt26/pqc-evaluation-tools/pull/51)  
+
+**Full Changelog**: https://github.com/crt26/pqc-evaluation-tools/compare/v0.3.0...v0.3.1
 
 ## Important Notes
 

RELEASE.md

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright (c) 2025 Callum Turino
+# Copyright (c) 2023-2025 Callum Turino
 # SPDX-License-Identifier: MIT
 
 # Utility script for cleaning up project files produced during PQC benchmarking.