Update mlkem-native to v1.1.0 (open-quantum-safe#2376)

* Update mlkem-native to v1.1.0 [full tests] [extended tests]

Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>

* ML-KEM: Remove constant-time passes whitelist [full tests] [extended tests]

This commit removes the constant time passes which for ML-KEM that is used
to suppress the false positives of the constant-time tests.
This is no longer needed with mlkem-native as mlkem-native does explicit
declassifications for public data that is being branched on.

Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>

---------

Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com>
Signed-off-by: Will Bates <william.bates11@outlook.com>

Author: 2 people

README.md

@@ -63,7 +63,7 @@ All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes
 | FrodoKEM           | Under [ISO](https://frodokem.org/) consideration                                                                                                                                                                                          | [`microsoft/PQCrypto-LWEKE@a2f9dec`](https://github.com/microsoft/PQCrypto-LWEKE/commit/a2f9dec8917ccc3464b3378d46b140fa7353320d)         |
 | HQC                | Selected by [NIST](https://pqc-hqc.org/doc/hqc_specifications_2025_08_22.pdf) for upcoming standardization                                                                                                                                | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181)                           |
 | Kyber              | Selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Kyber-Round3.zip) as basis for ML-KEM (FIPS 203)                                                                     | [`pq-crystals/kyber@441c051`](https://github.com/pq-crystals/kyber/commit/441c0519a07e8b86c8d079954a6b10bd31d29efc)                       |
-| ML-KEM             | Standardized by [NIST](https://csrc.nist.gov/pubs/fips/203/final)                                                                                                                                                                         | [`pq-code-package/mlkem-native@048fc2a`](https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa) |
+| ML-KEM             | Standardized by [NIST](https://csrc.nist.gov/pubs/fips/203/final)                                                                                                                                                                         | [`pq-code-package/mlkem-native@d2cae2b`](https://github.com/pq-code-package/mlkem-native/commit/d2cae2be522a67bfae26100fdb520576f1b2ef90) |
 | NTRU               | Not selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Round3.zip), under standardization consideration by [NTT](https://info.isl.ntt.co.jp/crypt/ntru/index.html) | [`PQClean/PQClean@4c9e5a3`](https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6)                           |
 | NTRU-Prime         | Not selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Prime-Round3.zip)                                                                                           | [`openssh/openssh-portable`](https://github.com/openssh/openssh-portable/blob/1cc936b2fabffeac7fff14ca1070d7d7a317ab7b/sntrup761.c)       |
 

docs/algorithms/kem/ml_kem.md

@@ -7,14 +7,14 @@
 - **Authors' website**: https://pq-crystals.org/kyber/ and https://csrc.nist.gov/pubs/fips/203
 - **Specification version**: ML-KEM.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
+  - **Source**: https://github.com/pq-code-package/mlkem-native/commit/d2cae2be522a67bfae26100fdb520576f1b2ef90
   - **Implementation license (SPDX-Identifier)**: MIT or Apache-2.0 or ISC
 - **Optimized Implementation sources**:
   - **x86_64**:<a name="x86_64"></a>
-      - **Source**: https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
+      - **Source**: https://github.com/pq-code-package/mlkem-native/commit/d2cae2be522a67bfae26100fdb520576f1b2ef90
       - **Implementation license (SPDX-Identifier)**: MIT or Apache-2.0 or ISC
   - **aarch64**:<a name="aarch64"></a>
-      - **Source**: https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
+      - **Source**: https://github.com/pq-code-package/mlkem-native/commit/d2cae2be522a67bfae26100fdb520576f1b2ef90
       - **Implementation license (SPDX-Identifier)**: MIT or Apache-2.0 or ISC
   - **cupqc-cuda**:<a name="cupqc-cuda"></a>
       - **Source**: https://github.com/open-quantum-safe/liboqs-cupqc-meta/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e

docs/algorithms/kem/ml_kem.yml

@@ -18,7 +18,7 @@ nist-round: FIPS203
 standardization-status: Standardized by [NIST](https://csrc.nist.gov/pubs/fips/203/final)
 spec-version: ML-KEM
 primary-upstream:
-  source: https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
+  source: https://github.com/pq-code-package/mlkem-native/commit/d2cae2be522a67bfae26100fdb520576f1b2ef90
   spdx-license-identifier: MIT or Apache-2.0 or ISC
 optimized-upstreams:
   cupqc-cuda:

scripts/copy_from_upstream/copy_from_upstream.yml

@@ -33,11 +33,11 @@ upstreams:
   -
     name: mlkem-native
     git_url: https://github.com/pq-code-package/mlkem-native.git
-    git_branch: v1.0.0
-    git_commit: 048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
+    git_branch: v1.1.0
+    git_commit: d2cae2be522a67bfae26100fdb520576f1b2ef90
     kem_meta_path: 'integration/liboqs/{pretty_name_full}_META.yml'
     kem_scheme_path: '.'
-    patches: [mlkem-native-encaps-derand.patch]
+    patches: []
     preserve_folder_structure: True
   -
     name: cupqc