Merge pull request #9 from filipw/liboqs-0.15.0

Updated to liboqs 0.15.0

Author: filipw

README.md

@@ -113,8 +113,9 @@ finally
 
 ## Features
 
-- **Key Encapsulation Mechanisms (KEMs)**: ML-KEM, Kyber, BIKE, HQC, Classic McEliece, NTRU Prime, FrodoKEM
-- **Digital Signatures**: ML-DSA, Dilithium, Falcon, SPHINCS+, MAYO, CROSS, UOV
+- **Key Encapsulation Mechanisms (KEMs)**: ML-KEM, Kyber, BIKE, HQC, NTRU, Classic McEliece, NTRU Prime, FrodoKEM
+- **Digital Signatures**: ML-DSA, SLH-DSA, Falcon, SPHINCS+, MAYO, CROSS, UOV, SNOVA
+- **New Features**: Support for context strings in signatures and derandomized (deterministic) operations in KEM.
 - **Type-safe API**: Strong typing with enums for algorithms and proper resource management
 - **Memory management**: Automatic cleanup of native resources using IDisposable pattern
 - **Cross-platform**: Supports Windows x64, Windows ARM64, macOS ARM64, Linux x64, and Linux ARM64
@@ -128,19 +129,21 @@ finally
 - **Kyber**: Kyber512, Kyber768, Kyber1024
 - **BIKE**: BIKE-L1, BIKE-L3, BIKE-L5
 - **HQC**: HQC-128, HQC-192, HQC-256
+- **NTRU**: NTRU-HPS-2048-509, NTRU-HPS-2048-677, NTRU-HPS-4096-821, NTRU-HPS-4096-1229, NTRU-HRSS-701, NTRU-HRSS-1373
 - **Classic McEliece**: All 10 variants (e.g., 348864, 460896, 6688128, 6960119, 8192128 with fast variants)
 - **NTRU Prime**: sntrup761
 - **FrodoKEM**: FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE
 
 ### Digital Signatures
 
 - **ML-DSA** (NIST standardized): ML-DSA-44, ML-DSA-65, ML-DSA-87
-- **Dilithium**: Dilithium2, Dilithium3, Dilithium5
+- **SLH-DSA** (NIST standardized): All 12 pure variants (SHA2 and SHAKE, 128/192/256, fast/small)
 - **Falcon**: Falcon-512, Falcon-1024, Falcon-Padded-512, Falcon-Padded-1024
 - **SPHINCS+**: All "simple" variants (SHA2 and SHAKE, 128/192/256, fast/small)
 - **MAYO**: MAYO-1, MAYO-2, MAYO-3, MAYO-5
 - **CROSS**: All 18 variants (RSDP/RSDPG, Balanced/Fast/Small)
 - **UOV**: All 12 variants (Ip, Is, III, V; with pkc/skc variants)
+- **SNOVA**: All 12 variants
 
 ## Algorithm Availability
 
@@ -229,7 +232,7 @@ git submodule update
    This will:
    - Configure and build liboqs as a shared library
    - Copy the resulting DLL/so/dylib to the appropriate directories
-   - Enable all common quantum-resistant algorithms (ML-KEM, ML-DSA, Kyber, Dilithium, Falcon, FrodoKEM, BIKE, HQC, SPHINCS+, etc.)
+   - Enable all common quantum-resistant algorithms (ML-KEM, ML-DSA, SLH-DSA, Kyber, Falcon, FrodoKEM, BIKE, HQC, SPHINCS+, NTRU, SNOVA, etc.)
 
 2. **Build the .NET libraries:**
 
@@ -252,7 +255,7 @@ git submodule update
 
 ### Submodule Management
 
-This project uses [liboqs v0.13.0](https://github.com/Open-Quantum-Safe/liboqs/releases/tag/0.13.0) as a git submodule.
+This project uses [liboqs v0.15.0](https://github.com/Open-Quantum-Safe/liboqs/releases/tag/0.15.0) as a git submodule.
 
 **Update to latest liboqs version:**
 ```bash
@@ -287,6 +290,10 @@ LibOQS.NET supports the following platforms out of the box with no additional se
 - **Linux ARM64**
 - **macOS ARM64**
 
+> [!NOTE]
+> **Platform Limitations**: 
+> - **Windows**: `SLH-DSA` (Pure variants) are currently disabled due to a known bug in `liboqs` 0.15.0 that causes verification failures on Windows. `BIKE` is also disabled on Windows.
+
 The NuGet packages include all necessary native libraries for these platforms.
 
 ## Troubleshooting

build-dotnet-liboqs-linux.sh

@@ -42,10 +42,12 @@ CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_KYBER=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_FRODOKEM=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_BIKE=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_HQC=ON"
+CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_NTRU=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_NTRUPRIME=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_ML_DSA=ON"
-CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_DILITHIUM=ON"
+CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_SLH_DSA=ON"
+CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_SNOVA=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_FALCON=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_SPHINCS=ON"
 CMAKE_ARGS="$CMAKE_ARGS -DOQS_ENABLE_SIG_MAYO=ON"

build-dotnet-liboqs-macos.sh

@@ -44,15 +44,17 @@ cmake .. \
     -DOQS_ENABLE_KEM_FRODOKEM=ON \
     -DOQS_ENABLE_KEM_BIKE=ON \
     -DOQS_ENABLE_KEM_HQC=ON \
+    -DOQS_ENABLE_KEM_NTRU=ON \
     -DOQS_ENABLE_KEM_NTRUPRIME=ON \
     -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=ON \
     -DOQS_ENABLE_SIG_ML_DSA=ON \
-    -DOQS_ENABLE_SIG_DILITHIUM=ON \
     -DOQS_ENABLE_SIG_FALCON=ON \
+    -DOQS_ENABLE_SIG_SLH_DSA=ON \
     -DOQS_ENABLE_SIG_SPHINCS=ON \
     -DOQS_ENABLE_SIG_MAYO=ON \
     -DOQS_ENABLE_SIG_CROSS=ON \
-    -DOQS_ENABLE_SIG_UOV=ON
+    -DOQS_ENABLE_SIG_UOV=ON \
+    -DOQS_ENABLE_SIG_SNOVA=ON
 
 echo "Building liboqs..."
 cmake --build . --config "$CONFIGURATION"

build-dotnet-liboqs.ps1

@@ -50,11 +50,12 @@ try {
             "-DOQS_ENABLE_KEM_ML_KEM=ON"
             "-DOQS_ENABLE_KEM_KYBER=ON"
             "-DOQS_ENABLE_KEM_FRODOKEM=ON"
-            "-DOQS_ENABLE_KEM_HQC=ON"
+            "-DOQS_ENABLE_KEM_NTRU=ON"
             "-DOQS_ENABLE_KEM_NTRUPRIME=ON"
             "-DOQS_ENABLE_KEM_CLASSIC_MCELIECE=ON"
             "-DOQS_ENABLE_SIG_ML_DSA=ON"
-            "-DOQS_ENABLE_SIG_DILITHIUM=ON"
+            "-DOQS_ENABLE_SIG_SLH_DSA=OFF"
+            "-DOQS_ENABLE_SIG_SNOVA=ON"
             "-DOQS_ENABLE_SIG_FALCON=ON"
             "-DOQS_ENABLE_SIG_SPHINCS=ON"
             "-DOQS_ENABLE_SIG_MAYO=ON"

liboqs

@@ -259,9 +259,9 @@ public static void RunAlgorithmComparison()
 
             var secLevel = kemAlg switch
             {
-                KemAlgorithm.MlKem512 or KemAlgorithm.Kyber512 or KemAlgorithm.BikeL1 or KemAlgorithm.Hqc128 or KemAlgorithm.ClassicMcEliece348864 => "Level 1",
-                KemAlgorithm.MlKem768 or KemAlgorithm.Kyber768 or KemAlgorithm.BikeL3 or KemAlgorithm.Hqc192 or KemAlgorithm.NtruPrimeSntrup761 or KemAlgorithm.ClassicMcEliece460896 => "Level 3",
-                KemAlgorithm.MlKem1024 or KemAlgorithm.Kyber1024 or KemAlgorithm.BikeL5 or KemAlgorithm.Hqc256 or KemAlgorithm.ClassicMcEliece6688128 or KemAlgorithm.ClassicMcEliece6960119 or KemAlgorithm.ClassicMcEliece8192128 => "Level 5",
+                KemAlgorithm.MlKem512 or KemAlgorithm.Kyber512 or KemAlgorithm.BikeL1 or KemAlgorithm.Hqc128 or KemAlgorithm.ClassicMcEliece348864 or KemAlgorithm.NtruHps2048509 or KemAlgorithm.NtruHrss701 => "Level 1",
+                KemAlgorithm.MlKem768 or KemAlgorithm.Kyber768 or KemAlgorithm.BikeL3 or KemAlgorithm.Hqc192 or KemAlgorithm.NtruPrimeSntrup761 or KemAlgorithm.ClassicMcEliece460896 or KemAlgorithm.NtruHps2048677 => "Level 3",
+                KemAlgorithm.MlKem1024 or KemAlgorithm.Kyber1024 or KemAlgorithm.BikeL5 or KemAlgorithm.Hqc256 or KemAlgorithm.ClassicMcEliece6688128 or KemAlgorithm.ClassicMcEliece6960119 or KemAlgorithm.ClassicMcEliece8192128 or KemAlgorithm.NtruHps4096821 or KemAlgorithm.NtruHps40961229 or KemAlgorithm.NtruHrss1373 => "Level 5",
                 _ when kemAlg.ToString().Contains("640") => "Level 1",
                 _ when kemAlg.ToString().Contains("976") => "Level 3",
                 _ when kemAlg.ToString().Contains("1344") => "Level 5",
@@ -297,9 +297,9 @@ _ when kemAlg.ToString().Contains("1344") => "Level 5",
 
             var secLevel = sigAlg switch
             {
-                SigAlgorithm.MlDsa44 or SigAlgorithm.Dilithium2 or SigAlgorithm.Falcon512 or SigAlgorithm.FalconPadded512 => "Level 1",
-                SigAlgorithm.MlDsa65 or SigAlgorithm.Dilithium3 => "Level 3",
-                SigAlgorithm.MlDsa87 or SigAlgorithm.Dilithium5 or SigAlgorithm.Falcon1024 or SigAlgorithm.FalconPadded1024 => "Level 5",
+                SigAlgorithm.MlDsa44 or SigAlgorithm.Falcon512 or SigAlgorithm.FalconPadded512 or SigAlgorithm.SlhDsaSha2128sPure or SigAlgorithm.SlhDsaSha2128fPure or SigAlgorithm.SlhDsaShake128sPure or SigAlgorithm.SlhDsaShake128fPure => "Level 1",
+                SigAlgorithm.MlDsa65 or SigAlgorithm.SlhDsaSha2192sPure or SigAlgorithm.SlhDsaSha2192fPure or SigAlgorithm.SlhDsaShake192sPure or SigAlgorithm.SlhDsaShake192fPure => "Level 3",
+                SigAlgorithm.MlDsa87 or SigAlgorithm.Falcon1024 or SigAlgorithm.FalconPadded1024 or SigAlgorithm.SlhDsaSha2256sPure or SigAlgorithm.SlhDsaSha2256fPure or SigAlgorithm.SlhDsaShake256sPure or SigAlgorithm.SlhDsaShake256fPure => "Level 5",
                 _ when sigAlg.ToString().Contains("128") => "Level 1",
                 _ when sigAlg.ToString().Contains("192") => "Level 3",
                 _ when sigAlg.ToString().Contains("256") => "Level 5",

samples/Examples/Program.cs

@@ -21,7 +21,11 @@ public struct OqsKem
         public UIntPtr length_secret_key;
         public UIntPtr length_ciphertext;
         public UIntPtr length_shared_secret;
+        public UIntPtr length_keypair_seed;
+        public UIntPtr length_encaps_seed;
+        public IntPtr keypair_derand_function;
         public IntPtr keypair_function;
+        public IntPtr encaps_derand_function;
         public IntPtr encaps_function;
         public IntPtr decaps_function;
     }
@@ -44,12 +48,24 @@ public struct OqsKem
     [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
     public static extern Common.OqsStatus OQS_KEM_keypair(IntPtr kem, IntPtr public_key, IntPtr secret_key);
 
+    /// <summary>
+    /// Generate a keypair with a seed (derandomized)
+    /// </summary>
+    [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
+    public static extern Common.OqsStatus OQS_KEM_keypair_derand(IntPtr kem, IntPtr public_key, IntPtr secret_key, IntPtr seed);
+
     /// <summary>
     /// Encapsulate
     /// </summary>
     [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
     public static extern Common.OqsStatus OQS_KEM_encaps(IntPtr kem, IntPtr ciphertext, IntPtr shared_secret, IntPtr public_key);
 
+    /// <summary>
+    /// Encapsulate with a seed (derandomized)
+    /// </summary>
+    [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
+    public static extern Common.OqsStatus OQS_KEM_encaps_derand(IntPtr kem, IntPtr ciphertext, IntPtr shared_secret, IntPtr public_key, IntPtr seed);
+
     /// <summary>
     /// Decapsulate
     /// </summary>
@@ -87,6 +103,12 @@ public struct OqsKem
     public static readonly string OQS_KEM_alg_hqc_128 = "HQC-128";
     public static readonly string OQS_KEM_alg_hqc_192 = "HQC-192";
     public static readonly string OQS_KEM_alg_hqc_256 = "HQC-256";
+    public static readonly string OQS_KEM_alg_ntru_hps2048509 = "NTRU-HPS-2048-509";
+    public static readonly string OQS_KEM_alg_ntru_hps2048677 = "NTRU-HPS-2048-677";
+    public static readonly string OQS_KEM_alg_ntru_hps4096821 = "NTRU-HPS-4096-821";
+    public static readonly string OQS_KEM_alg_ntru_hps40961229 = "NTRU-HPS-4096-1229";
+    public static readonly string OQS_KEM_alg_ntru_hrss701 = "NTRU-HRSS-701";
+    public static readonly string OQS_KEM_alg_ntru_hrss1373 = "NTRU-HRSS-1373";
     public static readonly string OQS_KEM_alg_ntruprime_sntrup761 = "sntrup761";
     public static readonly string OQS_KEM_alg_classic_mceliece_348864 = "Classic-McEliece-348864";
     public static readonly string OQS_KEM_alg_classic_mceliece_348864f = "Classic-McEliece-348864f";

src/LibOQS.NET.Native/Kem.cs

@@ -7,7 +7,7 @@
     <Nullable>enable</Nullable>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <PackageId>LibOQS.NET.Native</PackageId>
-    <PackageVersion>0.2.0</PackageVersion>
+    <PackageVersion>0.3.0</PackageVersion>
     <Authors>filipw</Authors>
     <Description>Native P/Invoke bindings for liboqs - a C library for quantum-resistant cryptographic algorithms</Description>
     <PackageProjectUrl>https://github.com/filipw/maybe-liboqs-dotnet</PackageProjectUrl>

src/LibOQS.NET.Native/LibOQS.NET.Native.csproj

@@ -17,12 +17,16 @@ public struct OqsSig
         public IntPtr alg_version;
         public byte claimed_nist_level;
         public byte euf_cma;
+        public byte suf_cma;
+        public byte sig_with_ctx_support;
         public UIntPtr length_public_key;
         public UIntPtr length_secret_key;
         public UIntPtr length_signature;
         public IntPtr keypair_function;
         public IntPtr sign_function;
+        public IntPtr sign_with_ctx_str_function;
         public IntPtr verify_function;
+        public IntPtr verify_with_ctx_str_function;
     }
 
     /// <summary>
@@ -50,13 +54,33 @@ public struct OqsSig
     public static extern Common.OqsStatus OQS_SIG_sign(IntPtr sig, IntPtr signature, ref UIntPtr signature_len,
         IntPtr message, UIntPtr message_len, IntPtr secret_key);
 
+    /// <summary>
+    /// Sign a message with a context string
+    /// </summary>
+    [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
+    public static extern Common.OqsStatus OQS_SIG_sign_with_ctx_str(IntPtr sig, IntPtr signature, ref UIntPtr signature_len,
+        IntPtr message, UIntPtr message_len, IntPtr ctx_str, UIntPtr ctx_str_len, IntPtr secret_key);
+
     /// <summary>
     /// Verify a signature
     /// </summary>
     [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
     public static extern Common.OqsStatus OQS_SIG_verify(IntPtr sig, IntPtr message, UIntPtr message_len,
         IntPtr signature, UIntPtr signature_len, IntPtr public_key);
 
+    /// <summary>
+    /// Verify a signature with a context string
+    /// </summary>
+    [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl)]
+    public static extern Common.OqsStatus OQS_SIG_verify_with_ctx_str(IntPtr sig, IntPtr message, UIntPtr message_len,
+        IntPtr signature, UIntPtr signature_len, IntPtr ctx_str, UIntPtr ctx_str_len, IntPtr public_key);
+
+    /// <summary>
+    /// Check if a signature algorithm supports context strings
+    /// </summary>
+    [DllImport(Common.LibraryName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+    public static extern bool OQS_SIG_supports_ctx_str([MarshalAs(UnmanagedType.LPStr)] string method_name);
+
     /// <summary>
     /// Check if a signature algorithm is enabled
     /// </summary>
@@ -79,9 +103,6 @@ public static extern Common.OqsStatus OQS_SIG_verify(IntPtr sig, IntPtr message,
     public static readonly string OQS_SIG_alg_ml_dsa_44 = "ML-DSA-44";
     public static readonly string OQS_SIG_alg_ml_dsa_65 = "ML-DSA-65";
     public static readonly string OQS_SIG_alg_ml_dsa_87 = "ML-DSA-87";
-    public static readonly string OQS_SIG_alg_dilithium2 = "Dilithium2";
-    public static readonly string OQS_SIG_alg_dilithium3 = "Dilithium3";
-    public static readonly string OQS_SIG_alg_dilithium5 = "Dilithium5";
     public static readonly string OQS_SIG_alg_falcon_512 = "Falcon-512";
     public static readonly string OQS_SIG_alg_falcon_1024 = "Falcon-1024";
     public static readonly string OQS_SIG_alg_falcon_padded_512 = "Falcon-padded-512";
@@ -132,4 +153,32 @@ public static extern Common.OqsStatus OQS_SIG_verify(IntPtr sig, IntPtr message,
     public static readonly string OQS_SIG_alg_uov_ov_Ip_pkc_skc = "OV-Ip-pkc-skc";
     public static readonly string OQS_SIG_alg_uov_ov_III_pkc_skc = "OV-III-pkc-skc";
     public static readonly string OQS_SIG_alg_uov_ov_V_pkc_skc = "OV-V-pkc-skc";
+
+    // SLH-DSA identifiers
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_128s_pure = "SLH_DSA_PURE_SHA2_128S";
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_128f_pure = "SLH_DSA_PURE_SHA2_128F";
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_192s_pure = "SLH_DSA_PURE_SHA2_192S";
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_192f_pure = "SLH_DSA_PURE_SHA2_192F";
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_256s_pure = "SLH_DSA_PURE_SHA2_256S";
+    public static readonly string OQS_SIG_alg_slh_dsa_sha2_256f_pure = "SLH_DSA_PURE_SHA2_256F";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_128s_pure = "SLH_DSA_PURE_SHAKE_128S";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_128f_pure = "SLH_DSA_PURE_SHAKE_128F";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_192s_pure = "SLH_DSA_PURE_SHAKE_192S";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_192f_pure = "SLH_DSA_PURE_SHAKE_192F";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_256s_pure = "SLH_DSA_PURE_SHAKE_256S";
+    public static readonly string OQS_SIG_alg_slh_dsa_shake_256f_pure = "SLH_DSA_PURE_SHAKE_256F";
+
+    // SNOVA identifiers
+    public static readonly string OQS_SIG_alg_snova_24_5_4 = "SNOVA_24_5_4";
+    public static readonly string OQS_SIG_alg_snova_24_5_4_shake = "SNOVA_24_5_4_SHAKE";
+    public static readonly string OQS_SIG_alg_snova_24_5_4_esk = "SNOVA_24_5_4_esk";
+    public static readonly string OQS_SIG_alg_snova_24_5_4_shake_esk = "SNOVA_24_5_4_SHAKE_esk";
+    public static readonly string OQS_SIG_alg_snova_37_17_2 = "SNOVA_37_17_2";
+    public static readonly string OQS_SIG_alg_snova_25_8_3 = "SNOVA_25_8_3";
+    public static readonly string OQS_SIG_alg_snova_56_25_2 = "SNOVA_56_25_2";
+    public static readonly string OQS_SIG_alg_snova_49_11_3 = "SNOVA_49_11_3";
+    public static readonly string OQS_SIG_alg_snova_37_8_4 = "SNOVA_37_8_4";
+    public static readonly string OQS_SIG_alg_snova_24_5_5 = "SNOVA_24_5_5";
+    public static readonly string OQS_SIG_alg_snova_60_10_4 = "SNOVA_60_10_4";
+    public static readonly string OQS_SIG_alg_snova_29_6_5 = "SNOVA_29_6_5";
 }

src/LibOQS.NET.Native/Sig.cs

@@ -19,6 +19,12 @@ public class KemTests
     [InlineData(KemAlgorithm.Hqc128)]
     [InlineData(KemAlgorithm.Hqc192)]
     [InlineData(KemAlgorithm.Hqc256)]
+    [InlineData(KemAlgorithm.NtruHps2048509)]
+    [InlineData(KemAlgorithm.NtruHps2048677)]
+    [InlineData(KemAlgorithm.NtruHps4096821)]
+    [InlineData(KemAlgorithm.NtruHps40961229)]
+    [InlineData(KemAlgorithm.NtruHrss701)]
+    [InlineData(KemAlgorithm.NtruHrss1373)]
     [InlineData(KemAlgorithm.NtruPrimeSntrup761)]
     // [InlineData(KemAlgorithm.ClassicMcEliece348864)]
     // [InlineData(KemAlgorithm.ClassicMcEliece348864f)]
@@ -172,6 +178,7 @@ public void FrodoKem_ShouldSucceed(KemAlgorithm algorithm)
     [InlineData(KemAlgorithm.Kyber512)]
     [InlineData(KemAlgorithm.BikeL1)]
     [InlineData(KemAlgorithm.Hqc128)]
+    [InlineData(KemAlgorithm.NtruHps2048509)]
     [InlineData(KemAlgorithm.NtruPrimeSntrup761)]
     // [InlineData(KemAlgorithm.ClassicMcEliece348864)]
     [InlineData(KemAlgorithm.FrodoKem640Aes)]
@@ -362,4 +369,35 @@ public void FrodoKemVariants_ShouldHaveSameSizes(KemAlgorithm aesVariant, KemAlg
         Assert.Equal(ssAes1, ssAes2);
         Assert.Equal(ssShake1, ssShake2);
     }
+    [SkippableTheory]
+    [InlineData(KemAlgorithm.MlKem512)]
+    public void KemDerandomized_ShouldBeDeterministic(KemAlgorithm algorithm)
+    {
+        Skip.If(!algorithm.IsEnabled(), $"Algorithm {algorithm} is not enabled in this build.");
+        using var kem = new KemInstance(algorithm);
+        Skip.If(kem.KeypairSeedLength == 0, $"Algorithm {algorithm} does not support derandomized keypair.");
+
+        var seed = new byte[kem.KeypairSeedLength];
+        new Random(42).NextBytes(seed);
+
+        // Generate keypair twice with same seed
+        var (pk1, sk1) = kem.GenerateKeypair(seed);
+        var (pk2, sk2) = kem.GenerateKeypair(seed);
+
+        Assert.Equal(pk1, pk2);
+        Assert.Equal(sk1, sk2);
+
+        // Encapsulate twice with same seed
+        if (kem.EncapsSeedLength > 0)
+        {
+            var encapsSeed = new byte[kem.EncapsSeedLength];
+            new Random(123).NextBytes(encapsSeed);
+
+            var (ct1, ss1) = kem.Encapsulate(pk1, encapsSeed);
+            var (ct2, ss2) = kem.Encapsulate(pk1, encapsSeed);
+
+            Assert.Equal(ct1, ct2);
+            Assert.Equal(ss1, ss2);
+        }
+    }
 }