From a8666ded711e59e5c88f8d5f254fd18020bacae2 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 8 Jun 2023 06:22:50 +0200 Subject: [PATCH] enable arbitrary p and x hybrids (#177) * enable arbitrary p and x hybrids * tested cloudflare config (weak classic hybrid) OK --- .gitignore | 1 + ALGORITHMS.md | 85 ++--- README.md | 35 +- oqs-template/ALGORITHMS.md/ids.fragment | 20 +- oqs-template/README.md/algs.fragment | 3 +- oqs-template/generate.py | 34 +- oqs-template/generate.yml | 4 + oqs-template/oqs-kem-info.md | 2 + .../oqs_kmgmt.c/keymgmt_functions.fragment | 7 + .../oqsprov/oqs_prov.h/alg_functions.fragment | 11 +- .../oqsprov/oqsprov.c/kem_functions.fragment | 7 +- .../oqsprov.c/keymgmt_functions.fragment | 5 +- .../codepoint_patching.fragment | 20 +- .../group_assignments.fragment | 5 +- .../group_names.fragment | 11 +- oqsprov/oqs_kmgmt.c | 70 +++- oqsprov/oqs_prov.h | 90 +++-- oqsprov/oqsprov.c | 154 ++++++--- oqsprov/oqsprov_capabilities.c | 311 +++++++++--------- oqsprov/oqsprov_keys.c | 31 +- scripts/fullbuild.sh | 3 +- test/oqs_test_tlssig.c | 2 +- 22 files changed, 535 insertions(+), 376 deletions(-) diff --git a/.gitignore b/.gitignore index 6e1f4a12..6226d6ff 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ # checked out OSSL variants openssl*/* +openssl # checked out liboqs liboqs # installed SW diff --git a/ALGORITHMS.md b/ALGORITHMS.md index f02ab5ae..e4eb0ab5 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -10,49 +10,50 @@ As standardization for these algorithms within TLS is not done, all TLS code poi # Code points / algorithm IDs - |Algorithm name | default ID | enabled | environment variable | |---------------|:----------:|:-------:|----------------------| -| frodo640aes | 0x0200 | Yes | OQS_CODEPOINT_FRODO640AES -| p256_frodo640aes | 0x2F00 | Yes | OQS_CODEPOINT_P256_FRODO640AES -| x25519_frodo640aes | 0x2F80 | Yes | OQS_CODEPOINT_X25519_FRODO640AES -| frodo640shake | 0x0201 | Yes | OQS_CODEPOINT_FRODO640SHAKE -| p256_frodo640shake | 0x2F01 | Yes | OQS_CODEPOINT_P256_FRODO640SHAKE -| x25519_frodo640shake | 0x2F81 | Yes | OQS_CODEPOINT_X25519_FRODO640SHAKE -| frodo976aes | 0x0202 | Yes | OQS_CODEPOINT_FRODO976AES -| p384_frodo976aes | 0x2F02 | Yes | OQS_CODEPOINT_P384_FRODO976AES -| x448_frodo976aes | 0x2F82 | Yes | OQS_CODEPOINT_X448_FRODO976AES -| frodo976shake | 0x0203 | Yes | OQS_CODEPOINT_FRODO976SHAKE -| p384_frodo976shake | 0x2F03 | Yes | OQS_CODEPOINT_P384_FRODO976SHAKE -| x448_frodo976shake | 0x2F83 | Yes | OQS_CODEPOINT_X448_FRODO976SHAKE -| frodo1344aes | 0x0204 | Yes | OQS_CODEPOINT_FRODO1344AES -| p521_frodo1344aes | 0x2F04 | Yes | OQS_CODEPOINT_P521_FRODO1344AES -| frodo1344shake | 0x0205 | Yes | OQS_CODEPOINT_FRODO1344SHAKE -| p521_frodo1344shake | 0x2F05 | Yes | OQS_CODEPOINT_P521_FRODO1344SHAKE -| kyber512 | 0x023A | Yes | OQS_CODEPOINT_KYBER512 -| p256_kyber512 | 0x2F3A | Yes | OQS_CODEPOINT_P256_KYBER512 -| x25519_kyber512 | 0x2F39 | Yes | OQS_CODEPOINT_X25519_KYBER512 -| kyber768 | 0x023C | Yes | OQS_CODEPOINT_KYBER768 -| p384_kyber768 | 0x2F3C | Yes | OQS_CODEPOINT_P384_KYBER768 -| x448_kyber768 | 0x2F90 | Yes | OQS_CODEPOINT_X448_KYBER768 -| kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 -| p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 -| bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 -| p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 -| x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 -| bikel3 | 0x0242 | Yes | OQS_CODEPOINT_BIKEL3 -| p384_bikel3 | 0x2F42 | Yes | OQS_CODEPOINT_P384_BIKEL3 -| x448_bikel3 | 0x2FAF | Yes | OQS_CODEPOINT_X448_BIKEL3 -| bikel5 | 0x0243 | Yes | OQS_CODEPOINT_BIKEL5 -| p521_bikel5 | 0x2F43 | Yes | OQS_CODEPOINT_P521_BIKEL5 -| hqc128 | 0x022C | Yes | OQS_CODEPOINT_HQC128 -| p256_hqc128 | 0x2F2C | Yes | OQS_CODEPOINT_P256_HQC128 -| x25519_hqc128 | 0x2FAC | Yes | OQS_CODEPOINT_X25519_HQC128 -| hqc192 | 0x022D | Yes | OQS_CODEPOINT_HQC192 -| p384_hqc192 | 0x2F2D | Yes | OQS_CODEPOINT_P384_HQC192 -| x448_hqc192 | 0x2FAD | Yes | OQS_CODEPOINT_X448_HQC192 -| hqc256 | 0x022E | Yes | OQS_CODEPOINT_HQC256 -| p521_hqc256 | 0x2F2E | Yes | OQS_CODEPOINT_P521_HQC256 +| frodo640aes | 0x0200 | Yes | OQS_CODEPOINT_FRODO640AES | +| p256_frodo640aes | 0x2F00 | Yes | OQS_CODEPOINT_P256_FRODO640AES | +| x25519_frodo640aes | 0x2F80 | Yes | OQS_CODEPOINT_X25519_FRODO640AES | +| frodo640shake | 0x0201 | Yes | OQS_CODEPOINT_FRODO640SHAKE | +| p256_frodo640shake | 0x2F01 | Yes | OQS_CODEPOINT_P256_FRODO640SHAKE | +| x25519_frodo640shake | 0x2F81 | Yes | OQS_CODEPOINT_X25519_FRODO640SHAKE | +| frodo976aes | 0x0202 | Yes | OQS_CODEPOINT_FRODO976AES | +| p384_frodo976aes | 0x2F02 | Yes | OQS_CODEPOINT_P384_FRODO976AES | +| x448_frodo976aes | 0x2F82 | Yes | OQS_CODEPOINT_X448_FRODO976AES | +| frodo976shake | 0x0203 | Yes | OQS_CODEPOINT_FRODO976SHAKE | +| p384_frodo976shake | 0x2F03 | Yes | OQS_CODEPOINT_P384_FRODO976SHAKE | +| x448_frodo976shake | 0x2F83 | Yes | OQS_CODEPOINT_X448_FRODO976SHAKE | +| frodo1344aes | 0x0204 | Yes | OQS_CODEPOINT_FRODO1344AES | +| p521_frodo1344aes | 0x2F04 | Yes | OQS_CODEPOINT_P521_FRODO1344AES | +| frodo1344shake | 0x0205 | Yes | OQS_CODEPOINT_FRODO1344SHAKE | +| p521_frodo1344shake | 0x2F05 | Yes | OQS_CODEPOINT_P521_FRODO1344SHAKE | +| kyber512 | 0x023A | Yes | OQS_CODEPOINT_KYBER512 | +| p256_kyber512 | 0x2F3A | Yes | OQS_CODEPOINT_P256_KYBER512 | +| x25519_kyber512 | 0x2F39 | Yes | OQS_CODEPOINT_X25519_KYBER512 | +| kyber768 | 0x023C | Yes | OQS_CODEPOINT_KYBER768 | +| p384_kyber768 | 0x2F3C | Yes | OQS_CODEPOINT_P384_KYBER768 | +| x448_kyber768 | 0x2F90 | Yes | OQS_CODEPOINT_X448_KYBER768 | +| x25519_kyber768 | 25497 | Yes | OQS_CODEPOINT_X25519_KYBER768 | +| p256_kyber768 | 25498 | Yes | OQS_CODEPOINT_P256_KYBER768 | +| kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 | +| p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 | +| bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 | +| p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 | +| x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 | +| bikel3 | 0x0242 | Yes | OQS_CODEPOINT_BIKEL3 | +| p384_bikel3 | 0x2F42 | Yes | OQS_CODEPOINT_P384_BIKEL3 | +| x448_bikel3 | 0x2FAF | Yes | OQS_CODEPOINT_X448_BIKEL3 | +| bikel5 | 0x0243 | Yes | OQS_CODEPOINT_BIKEL5 | +| p521_bikel5 | 0x2F43 | Yes | OQS_CODEPOINT_P521_BIKEL5 | +| hqc128 | 0x022C | Yes | OQS_CODEPOINT_HQC128 | +| p256_hqc128 | 0x2F2C | Yes | OQS_CODEPOINT_P256_HQC128 | +| x25519_hqc128 | 0x2FAC | Yes | OQS_CODEPOINT_X25519_HQC128 | +| hqc192 | 0x022D | Yes | OQS_CODEPOINT_HQC192 | +| p384_hqc192 | 0x2F2D | Yes | OQS_CODEPOINT_P384_HQC192 | +| x448_hqc192 | 0x2FAD | Yes | OQS_CODEPOINT_X448_HQC192 | +| hqc256 | 0x022E | Yes | OQS_CODEPOINT_HQC256 | +| p521_hqc256 | 0x2F2E | Yes | OQS_CODEPOINT_P521_HQC256 | | dilithium2 | 0xfea0 |Yes| OQS_CODEPOINT_DILITHIUM2 | p256_dilithium2 | 0xfea1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2 | rsa3072_dilithium2 | 0xfea2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2 @@ -194,4 +195,4 @@ By setting `OQS_ENCODING__ALGNAME` environment variables, the corresp If no environment variable is set, or if an unknown value is set, the default is 'no' encoding, meaning that key serialization uses the 'raw' keys of the crypto implementations. If unknown values are set as environment variables, a run-time error will be raised. -The test script `scripts/runtests_encodings.sh` (instead of `scripts/runtests.sh`) can be used for a test run with all supported encodings activated. \ No newline at end of file +The test script `scripts/runtests_encodings.sh` (instead of `scripts/runtests.sh`) can be used for a test run with all supported encodings activated. diff --git a/README.md b/README.md index fbc9f672..4c16855a 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Status Currently this provider fully enables quantum-safe cryptography for KEM key establishment in TLS1.3 including management of such keys via the OpenSSL (3.0) provider interface and hybrid KEM schemes. Also, QSC -signatures including CMS functionality are available via the OpenSSL +signatures including CMS and CMP functionality are available via the OpenSSL EVP interface. Key persistence is provided via the encode/decode mechanism and X.509 data structures. Also available is support for TLS1.3 signature functionality via the [OpenSSL3 fetchable signature @@ -33,15 +33,15 @@ Algorithms This implementation makes available the following quantum safe algorithms: -- **BIKE**: `bikel1`, `bikel3`, `bikel5` -- **CRYSTALS-Kyber**: `kyber512`, `kyber768`, `kyber1024` -- **FrodoKEM**: `frodo640aes`, `frodo640shake`, `frodo976aes`, `frodo976shake`, `frodo1344aes`, `frodo1344shake` -- **HQC**: `hqc128`, `hqc192`, `hqc256`† -- **CRYSTALS-Dilithium**:`dilithium2`\*, `dilithium3`\*, `dilithium5`\* -- **Falcon**:`falcon512`\*, `falcon1024`\* +- **BIKE**: `bikel1`, `p256_bikel1`, `x25519_bikel1`, `bikel3`, `p384_bikel3`, `x448_bikel3`, `bikel5`, `p521_bikel5` +- **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `x448_kyber768`, `x25519_kyber768`, `p256_kyber768`, `kyber1024`, `p521_kyber1024` +- **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `x448_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `x448_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` +- **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `x448_hqc192`, `hqc256`, `p521_hqc256`† +- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* +- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* -- **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `sphincssha2256fsimple`, `sphincssha2256ssimple` -- **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple` +- **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` +- **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple` @@ -57,15 +57,16 @@ TLS operations. This designation can be changed by modifying the "enabled" flags in the main [algorithm configuration file](oqs-template/generate.yml) and re-running the generator script `python3 oqs-template/generate.py`. +It is possible to select only algorithms of a specific bit strength by using +the openssl property selection mechanism on the key "oqsprovider.security_bits", +e.g., as such: `openssl list -kem-algorithms -propquery oqsprovider.security_bits=256`. +The bit strength of hybrid algorithms is always defined by the bit strength +of the classic algorithm. + In order to enable parallel use of classic and quantum-safe cryptography this provider also provides different hybrid algorithms, combining classic -and quantum-safe methods at their respective bit strength: - -- if `` claims NIST L1 or L2 security, oqs-provider provides the methods `p256_` and `x25519_`, which combines `` with EC curve p256 and X25519, respectively. -- if `` claims NIST L3 or L4 security, oqs-provider provides the methods `p384_` and `x448_`, which combines `` with EC curve p384 and X448, respectively. -- if `` claims NIST L5 security, oqs-provider provides the method `p521_`, which combines `` with EC curve p521. - -For example, since `kyber768` [claims NIST L3 security](https://github.com/open-quantum-safe/liboqs/blob/main/docs/algorithms/kem/kyber.md), the hybrids `x448_kyber768` and `p384_kyber768` are available. +and quantum-safe methods: These are listed above with a prefix denoting a +classic algorithm, e.g., for elliptic curve: "p256_". A full list of algorithms, their interoperability code points and OIDs as well as a method to dynamically adapt them are documented in [ALGORITHMS.md](ALGORITHMS.md). @@ -73,7 +74,7 @@ as a method to dynamically adapt them are documented in [ALGORITHMS.md](ALGORITH *Note:* `oqsprovider` depends for TLS session setup and hybrid operations on OpenSSL providers for classic crypto operations. Therefore it is essential that a provider such as `default` or `fips` is configured to be active. See -`tests/oqs.cnf` for an example. +`tests/oqs.cnf` or `scripts/openssl-ca.cnf` for examples. Building and testing -- Quick start ----------------------------------- diff --git a/oqs-template/ALGORITHMS.md/ids.fragment b/oqs-template/ALGORITHMS.md/ids.fragment index c598c0fb..d48d78e8 100644 --- a/oqs-template/ALGORITHMS.md/ids.fragment +++ b/oqs-template/ALGORITHMS.md/ids.fragment @@ -1,23 +1,11 @@ -{% macro ecx_name(bits) -%} -{%- if bits == 128 -%} x25519 {%- endif -%} -{%- if bits == 192 -%} x448 {%- endif -%} -{%- if bits == 256 -%} {%- print("Impossible bit setting for ECX hybrid") -%} {%- endif -%} -{%- endmacro -%} - -{% macro ecp_name(bits) -%} -{%- if bits == 128 -%} p256 {%- endif -%} -{%- if bits == 192 -%} p384 {%- endif -%} -{%- if bits == 256 -%} p521 {%- endif -%} -{%- endmacro %} |Algorithm name | default ID | enabled | environment variable | |---------------|:----------:|:-------:|----------------------| {%- for kem in config['kems'] %} -| {{ kem['name_group'] }} | {{ kem['nid'] }} | Yes | OQS_CODEPOINT_{{ kem['name_group']|upper }} -| {{ ecp_name(kem['bit_security']) }}_{{ kem['name_group'] }} | {{ kem['nid_hybrid'] }} | Yes | OQS_CODEPOINT_{{ ecp_name(kem['bit_security'])|upper }}_{{ kem['name_group']|upper }} -{%- if 'nid_ecx_hybrid' in kem %} -| {{ ecx_name(kem['bit_security']) }}_{{ kem['name_group'] }} | {{ kem['nid_ecx_hybrid'] }} | Yes | OQS_CODEPOINT_{{ ecx_name(kem['bit_security'])|upper }}_{{ kem['name_group']|upper }} -{%- endif -%} +| {{ kem['name_group'] }} | {{ kem['nid'] }} | Yes | OQS_CODEPOINT_{{ kem['name_group']|upper }} | +{%- for hybrid in kem['hybrids'] %} +| {{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }} | {{ hybrid['nid'] }} | Yes | OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }} | +{%- endfor %} {%- endfor %} {%- for sig in config['sigs'] %} {%- for variant in sig['variants'] %} diff --git a/oqs-template/README.md/algs.fragment b/oqs-template/README.md/algs.fragment index 246f610b..f900d930 100644 --- a/oqs-template/README.md/algs.fragment +++ b/oqs-template/README.md/algs.fragment @@ -1,5 +1,5 @@ {%- for family, kems in config['kems'] | groupby('family') %} -- **{{ family }}**: {% for kem in kems -%} `{{ kem['name_group'] }}` {%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} +- **{{ family }}**: {% for kem in kems -%} `{{ kem['name_group'] }}` {%- for hybrid in kem['hybrids'] -%}, `{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}`{%- endfor -%}{%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} {%- endfor %} {%- for sig in config['sigs'] %} {% if sig['variants']|length > 0 -%} @@ -7,6 +7,7 @@ {%- for variant in sig['variants'] -%} `{{ variant['name'] }}` {%- if variant['enable'] -%} \* {%- endif -%} +{%- for classical_alg in variant['mix_with'] -%} , `{{ classical_alg['name']}}_{{ variant['name'] }}`{%- if variant['enable'] -%} \* {%- endif -%}{%- endfor -%} {%- if not loop.last %}, {% endif -%} {%- endfor -%} {%- endif -%} diff --git a/oqs-template/generate.py b/oqs-template/generate.py index 77669fbc..9d64efeb 100644 --- a/oqs-template/generate.py +++ b/oqs-template/generate.py @@ -97,6 +97,22 @@ def complete_config(config): print("Cannot find security level for {:s} {:s}".format(kem['family'], kem['name_group'])) exit(1) kem['bit_security'] = bits_level + + # now add hybrid_nid to hybrid_groups + phyb = {} + if (bits_level == 128): + phyb['hybrid_group']='p256' + elif (bits_level == 192): + phyb['hybrid_group']='p384' + elif (bits_level == 256): + phyb['hybrid_group']='p521' + else: + print("Warning: Unknown bit level for %s. Cannot assign hybrid." % (kem['group_name'])) + exit(1) + phyb['bit_security']=bits_level + phyb['nid']=kem['nid_hybrid'] + kem['hybrids'].insert(0, phyb) + for famsig in config['sigs']: for sig in famsig['variants']: bits_level = nist_to_bits(get_sig_nistlevel(famsig, sig)) @@ -176,8 +192,17 @@ def load_config(include_disabled_sigs=False): sig['variants']=newvars for kem in config['kems']: + kem['hybrids'] = [] try: for extra_nid_current in kem['extra_nids']['current']: + extra_hybrid = extra_nid_current + if extra_nid_current['hybrid_group'] == "x25519" or extra_nid_current['hybrid_group'] == "p256": + extra_hybrid['bit_security']=128 + if extra_nid_current['hybrid_group'] == "x448" or extra_nid_current['hybrid_group'] == "p384": + extra_hybrid['bit_security']=192 + if extra_nid_current['hybrid_group'] == "p521": + extra_hybrid['bit_security']=256 + kem['hybrids'].append(extra_hybrid) if 'hybrid_group' in extra_nid_current and extra_nid_current['hybrid_group'] in ["x25519", "x448"]: extra_hyb_nid = extra_nid_current['nid'] if 'nid_ecx_hybrid' in kem: @@ -185,12 +210,15 @@ def load_config(include_disabled_sigs=False): kem['name_group'], ":", extra_hyb_nid, "in generate.yml,", kem['nid_ecx_hybrid'], "in generate_extras.yml, using generate.yml entry.") kem['nid_ecx_hybrid'] = extra_hyb_nid - break - except: + except KeyError as ke: pass return config -config = load_config() +# extend config with "hybrid_groups" array: +config = load_config() # extend config with "hybrid_groups" array + +# complete config with "bit_security" and "hybrid_group from +# nid_hybrid information config = complete_config(config) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 19bd80af..0f6939b2 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -112,6 +112,10 @@ kems: current: - hybrid_group: "x448" nid: '0x2F90' + - hybrid_group: "x25519" + nid: '25497' + - hybrid_group: "p256" + nid: '25498' old: - implementation_version: NIST Round 2 submission nist-round: 2 diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index 67671fc7..cb422a24 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -43,6 +43,8 @@ | CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x023C | | | CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F3C | secp384_r1 | | CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F90 | x448 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 25497 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 25498 | p256 | | CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x0240 | | | CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x2F40 | secp521_r1 | | CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x023E | | diff --git a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment index 89500938..93e6dbb8 100644 --- a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment @@ -8,5 +8,12 @@ MAKE_SIG_KEYMGMT_FUNCTIONS({{ classical_alg['name'] }}_{{variant['name']}}) {%- endfor %} {% for kem in config['kems'] %} MAKE_KEM_KEYMGMT_FUNCTIONS({{kem['name_group']}}, {{kem['oqs_alg']}}, {{kem['bit_security']}}) +{% for hybrid in kem['hybrids'] %} +{% if hybrid['hybrid_group'].startswith('p') -%} +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}) +{%- else %} +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}) +{%- endif %} +{%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment index c04cd9ab..e18eb388 100644 --- a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment @@ -8,11 +8,12 @@ extern const OSSL_DISPATCH oqs_{{ classical_alg['name'] }}_{{ variant['name'] }} {%- endfor %} {% for kem in config['kems'] %} extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_keymgmt_functions[]; +{% for hybrid in kem['hybrids'] %} +{% if hybrid['hybrid_group'].startswith('p') -%} +extern const OSSL_DISPATCH oqs_ecp_{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}_keymgmt_functions[]; +{%- else -%} +extern const OSSL_DISPATCH oqs_ecx_{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}_keymgmt_functions[]; +{%- endif %} {%- endfor %} -{% for kem in config['kems'] %} -extern const OSSL_DISPATCH oqs_ecp_{{ kem['name_group'] }}_keymgmt_functions[]; -{%- endfor %} -{% for kem in config['kems'] %} -extern const OSSL_DISPATCH oqs_ecx_{{ kem['name_group'] }}_keymgmt_functions[]; {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment b/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment index 2f434c61..4f7c9cc3 100644 --- a/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment @@ -1,6 +1,9 @@ -{% for kem in config['kems'] %} +{%- for kem in config['kems'] %} #ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} -{% if kem['bit_security'] == 256 %} KEMALG2({{kem['name_group']}}, {{kem['bit_security']}}),{% else %} KEMALG3({{kem['name_group']}}, {{kem['bit_security']}}),{% endif %} + KEMBASEALG({{kem['name_group']}}, {{kem['bit_security']}}) +{%- for hybrid in kem['hybrids'] %} + KEMHYBALG({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['bit_security']}}) +{%- endfor %} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment index 05297d92..ff90ecad 100644 --- a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment @@ -10,7 +10,10 @@ {%- endfor %} {% for kem in config['kems'] %} #ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} -{% if kem['bit_security'] == 256 %} KEMKMALG2({{ kem['name_group'] }}, {{ kem['bit_security'] }}){% else %} KEMKMALG3({{ kem['name_group'] }}, {{ kem['bit_security'] }}){% endif %}, + KEMKMALG({{ kem['name_group'] }}, {{ kem['bit_security'] }}) +{% for hybrid in kem['hybrids'] %} +{% if hybrid['hybrid_group'].startswith('x') %} KEMKMHYBALG({{ hybrid['hybrid_group']}}_{{kem['name_group'] }}, {{ hybrid['bit_security'] }}, ecx){% else %} KEMKMHYBALG({{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}, {{ hybrid['bit_security'] }}, ecp){% endif %} +{%- endfor %} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment b/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment index 876f2e1c..e7afc6b7 100644 --- a/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment +++ b/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment @@ -1,23 +1,11 @@ -{% macro ecx_name(bits) -%} -{%- if bits == 128 -%} X25519 {%- endif -%} -{%- if bits == 192 -%} X448 {%- endif -%} -{%- if bits == 256 -%} {%- print("Impossible bit setting for ECX hybrid") -%} {%- endif -%} -{%- endmacro -%} - -{% macro ecp_name(bits) -%} -{%- if bits == 128 -%} P256 {%- endif -%} -{%- if bits == 192 -%} P384 {%- endif -%} -{%- if bits == 256 -%} P521 {%- endif -%} -{%- endmacro %} - {% set cnt = namespace(val=-1) %} {%- for kem in config['kems'] %} {%- set cnt.val = cnt.val + 1 %} if (getenv("OQS_CODEPOINT_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id = atoi(getenv("OQS_CODEPOINT_{{ kem['name_group']|upper }}")); - if (getenv("OQS_CODEPOINT_{{ ecp_name(kem['bit_security']) }}_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_{{ ecp_name(kem['bit_security']) }}_{{ kem['name_group']|upper }}")); - {%- if 'nid_ecx_hybrid' in kem %} - if (getenv("OQS_CODEPOINT_{{ ecx_name(kem['bit_security']) }}_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_{{ ecx_name(kem['bit_security']) }}_{{ kem['name_group']|upper }}")); - {%- endif %} +{%- for hybrid in kem['hybrids'] %} + {%- set cnt.val = cnt.val + 1 %} + if (getenv("OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id = atoi(getenv("OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}")); +{%- endfor %} {%- endfor %} {% set cnt = namespace(val=-1) %} {%- for sig in config['sigs'] %} diff --git a/oqs-template/oqsprov/oqsprov_capabilities.c/group_assignments.fragment b/oqs-template/oqsprov/oqsprov_capabilities.c/group_assignments.fragment index ddf43683..227c59e2 100644 --- a/oqs-template/oqsprov/oqsprov_capabilities.c/group_assignments.fragment +++ b/oqs-template/oqsprov/oqsprov_capabilities.c/group_assignments.fragment @@ -1,4 +1,7 @@ {% for kem in config['kems'] %} - { {{ kem['nid'] }}, {{ kem['nid_hybrid'] }}, {% if 'nid_ecx_hybrid' in kem %}{{kem['nid_ecx_hybrid']}}{% else %}0 {% endif %}, {{ kem['bit_security'] }}, TLS1_3_VERSION, 0, -1, -1, 1 }, + { {{ kem['nid'] }}, {{ kem['bit_security'] }}, TLS1_3_VERSION, 0, -1, -1, 1 }, +{% for hybrid in kem['hybrids'] %} + { {{ hybrid['nid'] }}, {{ kem['bit_security'] }}, TLS1_3_VERSION, 0, -1, -1, 1 }, +{%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment b/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment index 684e06ef..fce50615 100644 --- a/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment +++ b/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment @@ -2,11 +2,12 @@ {% for kem in config['kems'] -%} {%- set cnt.val = cnt.val + 1 %} #ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} - OQS_GROUP_ENTRY({{kem['name_group']}}, {{kem['name_group']}}, {{kem['name_group']}}, {{kem['bit_security']}}, {{ cnt.val }}), - OQS_GROUP_ENTRY_ECP({{kem['name_group']}}, {{kem['name_group']}}, {{kem['name_group']}}, {{kem['bit_security']}}, {{ cnt.val }}), -{%- if 'nid_ecx_hybrid' in kem %} - OQS_GROUP_ENTRY_ECX({{kem['name_group']}}, {{kem['name_group']}}, {{kem['name_group']}}, {{kem['bit_security']}}, {{ cnt.val }}), -{%- endif %} + OQS_GROUP_ENTRY({{kem['name_group']}}, {{kem['name_group']}}, {{kem['name_group']}}, {{ cnt.val }}), +{% for hybrid in kem['hybrids'] %} + {%- set cnt.val = cnt.val + 1 %} + OQS_GROUP_ENTRY({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{ cnt.val }}), + +{%- endfor %} #endif {%- endfor %} diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 97f67cda..f7f13525 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -805,16 +805,18 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, int selectio { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, (void (*)(void))oqsx_gen_settable_params }, \ { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))oqsx_load }, \ { 0, NULL } \ - }; \ + }; + +#define MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(tokalg, tokoqsalg, bit_security) \ \ static void *ecp_##tokalg##_new_key(void *provctx) \ { \ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, ECP_NAME(bit_security, tokalg), KEY_TYPE_ECP_HYB_KEM, NULL, bit_security, -1); \ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, "" #tokalg "", KEY_TYPE_ECP_HYB_KEM, NULL, bit_security, -1); \ } \ \ static void *ecp_##tokalg##_gen_init(void *provctx, int selection) \ { \ - return oqsx_gen_init(provctx, selection, tokoqsalg, ECP_NAME(bit_security, tokalg), KEY_TYPE_ECP_HYB_KEM, bit_security, -1); \ + return oqsx_gen_init(provctx, selection, tokoqsalg, "" #tokalg "", KEY_TYPE_ECP_HYB_KEM, bit_security, -1); \ } \ \ const OSSL_DISPATCH oqs_ecp_##tokalg##_keymgmt_functions[] = { \ @@ -837,16 +839,17 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, int selectio { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, (void (*)(void))oqsx_gen_settable_params }, \ { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))oqsx_load }, \ { 0, NULL } \ - }; \ - \ + }; + +#define MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(tokalg, tokoqsalg, bit_security) \ static void *ecx_##tokalg##_new_key(void *provctx) \ { \ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, ECX_NAME(bit_security, tokalg), KEY_TYPE_ECX_HYB_KEM, NULL, bit_security, -1); \ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, "" #tokalg "", KEY_TYPE_ECX_HYB_KEM, NULL, bit_security, -1); \ } \ \ static void *ecx_##tokalg##_gen_init(void *provctx, int selection) \ { \ - return oqsx_gen_init(provctx, selection, tokoqsalg, ECX_NAME(bit_security, tokalg), KEY_TYPE_ECX_HYB_KEM, bit_security, -1); \ + return oqsx_gen_init(provctx, selection, tokoqsalg, "" #tokalg "", KEY_TYPE_ECX_HYB_KEM, bit_security, -1); \ } \ \ const OSSL_DISPATCH oqs_ecx_##tokalg##_keymgmt_functions[] = { \ @@ -897,18 +900,71 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber512, OQS_KEM_alg_kyber_512, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber512, OQS_KEM_alg_kyber_512, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber512, OQS_KEM_alg_kyber_512, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber768, OQS_KEM_alg_kyber_768, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_kyber768, OQS_KEM_alg_kyber_768, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_kyber768, OQS_KEM_alg_kyber_768, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber768, OQS_KEM_alg_kyber_768, 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber768, OQS_KEM_alg_kyber_768, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber1024, OQS_KEM_alg_kyber_1024, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_kyber1024, OQS_KEM_alg_kyber_1024, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel1, OQS_KEM_alg_bike_l1, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_bikel1, OQS_KEM_alg_bike_l1, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_bikel1, OQS_KEM_alg_bike_l1, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel3, OQS_KEM_alg_bike_l3, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_bikel3, OQS_KEM_alg_bike_l3, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_bikel3, OQS_KEM_alg_bike_l3, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel5, OQS_KEM_alg_bike_l5, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_bikel5, OQS_KEM_alg_bike_l5, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(hqc128, OQS_KEM_alg_hqc_128, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_hqc128, OQS_KEM_alg_hqc_128, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_hqc128, OQS_KEM_alg_hqc_128, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(hqc192, OQS_KEM_alg_hqc_192, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_hqc192, OQS_KEM_alg_hqc_192, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_hqc192, OQS_KEM_alg_hqc_192, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(hqc256, OQS_KEM_alg_hqc_256, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_hqc256, OQS_KEM_alg_hqc_256, 256) ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index be2b63a5..ac5302fc 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -9,9 +9,6 @@ /* Internal OQS functions for other submodules: not for application use */ -/* Set this define to create support for x25519_kyber768 as done by cloudflare */ -// #define CLOUDFLARE - #ifndef OQSX_H # define OQSX_H @@ -69,21 +66,6 @@ goto gt; \ } -#define ECP_NAME(secbits, oqsname) \ - (secbits == 128 ? "p256_" #oqsname "" : \ - secbits == 192 ? "p384_" #oqsname "" : \ - "p521_" #oqsname "") - -#ifdef CLOUDFLARE -#define ECX_NAME(secbits, oqsname) \ - (((secbits == 128) || (!strcmp("kyber768", ""#oqsname""))) ? "x25519_" #oqsname "" : \ - "x448_" #oqsname "") -#else -#define ECX_NAME(secbits, oqsname) \ - ((secbits == 128) ? "x25519_" #oqsname "" : \ - "x448_" #oqsname "") -#endif - typedef struct prov_oqs_ctx_st { const OSSL_CORE_HANDLE *handle; OSSL_LIB_CTX *libctx; /* For all provider modules */ @@ -435,52 +417,62 @@ extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_keymgmt_functions[];extern extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_frodo640aes_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_frodo640aes_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640shake_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_frodo640shake_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_frodo640shake_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo976aes_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_frodo976aes_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_frodo976aes_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo976shake_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_frodo976shake_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_frodo976shake_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo1344aes_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p521_frodo1344aes_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo1344shake_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p521_frodo1344shake_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_kyber512_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_kyber512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_kyber512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_kyber768_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_kyber768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_kyber768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_kyber768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_p256_kyber768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_kyber1024_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p521_kyber1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_bikel1_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_bikel1_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_bikel1_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_bikel3_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_bikel3_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_bikel3_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_bikel5_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p521_bikel5_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_hqc128_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_hqc128_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_hqc128_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_hqc192_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_hqc192_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_hqc192_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_hqc256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo640aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo640shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo976aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo976shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo1344aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_frodo1344shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_kyber512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_kyber768_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_kyber1024_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_bikel1_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_bikel3_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_bikel5_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_hqc128_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_hqc192_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_hqc256_keymgmt_functions[]; - -extern const OSSL_DISPATCH oqs_ecx_frodo640aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_frodo640shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_frodo976aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_frodo976shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_frodo1344aes_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_frodo1344shake_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_kyber512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_kyber768_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_kyber1024_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_bikel1_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_bikel3_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_bikel5_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_hqc128_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_hqc192_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_hqc256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_p521_hqc256_keymgmt_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_END /* BIO function declarations */ diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 79dbcb29..fdcce98c 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -157,20 +157,17 @@ int oqs_patch_encodings(void) { #endif #define SIGALG(NAMES, SECBITS, FUNC) { NAMES, "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", FUNC } -#define KEMALG3(NAMES, SECBITS) \ - { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_generic_kem_functions }, \ - { ECP_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_hybrid_kem_functions }, \ - { ECX_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_hybrid_kem_functions } -#define KEMKMALG3(NAMES, SECBITS) \ - { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"" , oqs_##NAMES##_keymgmt_functions }, \ - { ECP_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_ecp_##NAMES##_keymgmt_functions }, \ - { ECX_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_ecx_##NAMES##_keymgmt_functions } -#define KEMALG2(NAMES, SECBITS) \ - { "" #NAMES "", "provider=oqsprovider", oqs_generic_kem_functions }, \ - { ECP_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_hybrid_kem_functions } -#define KEMKMALG2(NAMES, SECBITS) \ - { "" #NAMES "", "provider=oqsprovider", oqs_##NAMES##_keymgmt_functions }, \ - { ECP_NAME(SECBITS, NAMES), "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_ecp_##NAMES##_keymgmt_functions } +#define KEMBASEALG(NAMES, SECBITS) \ + { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_generic_kem_functions }, + +#define KEMHYBALG(NAMES, SECBITS) \ + { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"", oqs_hybrid_kem_functions }, + +#define KEMKMALG(NAMES, SECBITS) \ + { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"" , oqs_##NAMES##_keymgmt_functions }, + +#define KEMKMHYBALG(NAMES, SECBITS, HYBTYPE) \ + { "" #NAMES "", "provider=oqsprovider,oqsprovider.security_bits="#SECBITS"" , oqs_##HYBTYPE##_##NAMES##_keymgmt_functions }, /* Functions provided by the core */ static OSSL_FUNC_core_gettable_params_fn *c_gettable_params = NULL; @@ -236,49 +233,76 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { ///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_START #ifdef OQS_ENABLE_KEM_frodokem_640_aes - KEMALG3(frodo640aes, 128), + KEMBASEALG(frodo640aes, 128) + KEMHYBALG(p256_frodo640aes, 128) + KEMHYBALG(x25519_frodo640aes, 128) #endif #ifdef OQS_ENABLE_KEM_frodokem_640_shake - KEMALG3(frodo640shake, 128), + KEMBASEALG(frodo640shake, 128) + KEMHYBALG(p256_frodo640shake, 128) + KEMHYBALG(x25519_frodo640shake, 128) #endif #ifdef OQS_ENABLE_KEM_frodokem_976_aes - KEMALG3(frodo976aes, 192), + KEMBASEALG(frodo976aes, 192) + KEMHYBALG(p384_frodo976aes, 192) + KEMHYBALG(x448_frodo976aes, 192) #endif #ifdef OQS_ENABLE_KEM_frodokem_976_shake - KEMALG3(frodo976shake, 192), + KEMBASEALG(frodo976shake, 192) + KEMHYBALG(p384_frodo976shake, 192) + KEMHYBALG(x448_frodo976shake, 192) #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_aes - KEMALG2(frodo1344aes, 256), + KEMBASEALG(frodo1344aes, 256) + KEMHYBALG(p521_frodo1344aes, 256) #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_shake - KEMALG2(frodo1344shake, 256), + KEMBASEALG(frodo1344shake, 256) + KEMHYBALG(p521_frodo1344shake, 256) #endif #ifdef OQS_ENABLE_KEM_kyber_512 - KEMALG3(kyber512, 128), + KEMBASEALG(kyber512, 128) + KEMHYBALG(p256_kyber512, 128) + KEMHYBALG(x25519_kyber512, 128) #endif #ifdef OQS_ENABLE_KEM_kyber_768 - KEMALG3(kyber768, 192), + KEMBASEALG(kyber768, 192) + KEMHYBALG(p384_kyber768, 192) + KEMHYBALG(x448_kyber768, 192) + KEMHYBALG(x25519_kyber768, 128) + KEMHYBALG(p256_kyber768, 128) #endif #ifdef OQS_ENABLE_KEM_kyber_1024 - KEMALG2(kyber1024, 256), + KEMBASEALG(kyber1024, 256) + KEMHYBALG(p521_kyber1024, 256) #endif #ifdef OQS_ENABLE_KEM_bike_l1 - KEMALG3(bikel1, 128), + KEMBASEALG(bikel1, 128) + KEMHYBALG(p256_bikel1, 128) + KEMHYBALG(x25519_bikel1, 128) #endif #ifdef OQS_ENABLE_KEM_bike_l3 - KEMALG3(bikel3, 192), + KEMBASEALG(bikel3, 192) + KEMHYBALG(p384_bikel3, 192) + KEMHYBALG(x448_bikel3, 192) #endif #ifdef OQS_ENABLE_KEM_bike_l5 - KEMALG2(bikel5, 256), + KEMBASEALG(bikel5, 256) + KEMHYBALG(p521_bikel5, 256) #endif #ifdef OQS_ENABLE_KEM_hqc_128 - KEMALG3(hqc128, 128), + KEMBASEALG(hqc128, 128) + KEMHYBALG(p256_hqc128, 128) + KEMHYBALG(x25519_hqc128, 128) #endif #ifdef OQS_ENABLE_KEM_hqc_192 - KEMALG3(hqc192, 192), + KEMBASEALG(hqc192, 192) + KEMHYBALG(p384_hqc192, 192) + KEMHYBALG(x448_hqc192, 192) #endif #ifdef OQS_ENABLE_KEM_hqc_256 - KEMALG2(hqc256, 256), + KEMBASEALG(hqc256, 256) + KEMHYBALG(p521_hqc256, 256) #endif ///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END { NULL, NULL, NULL } @@ -329,49 +353,91 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { #endif #ifdef OQS_ENABLE_KEM_frodokem_640_aes - KEMKMALG3(frodo640aes, 128), + KEMKMALG(frodo640aes, 128) + + KEMKMHYBALG(p256_frodo640aes, 128, ecp) + KEMKMHYBALG(x25519_frodo640aes, 128, ecx) #endif #ifdef OQS_ENABLE_KEM_frodokem_640_shake - KEMKMALG3(frodo640shake, 128), + KEMKMALG(frodo640shake, 128) + + KEMKMHYBALG(p256_frodo640shake, 128, ecp) + KEMKMHYBALG(x25519_frodo640shake, 128, ecx) #endif #ifdef OQS_ENABLE_KEM_frodokem_976_aes - KEMKMALG3(frodo976aes, 192), + KEMKMALG(frodo976aes, 192) + + KEMKMHYBALG(p384_frodo976aes, 192, ecp) + KEMKMHYBALG(x448_frodo976aes, 192, ecx) #endif #ifdef OQS_ENABLE_KEM_frodokem_976_shake - KEMKMALG3(frodo976shake, 192), + KEMKMALG(frodo976shake, 192) + + KEMKMHYBALG(p384_frodo976shake, 192, ecp) + KEMKMHYBALG(x448_frodo976shake, 192, ecx) #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_aes - KEMKMALG2(frodo1344aes, 256), + KEMKMALG(frodo1344aes, 256) + + KEMKMHYBALG(p521_frodo1344aes, 256, ecp) #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_shake - KEMKMALG2(frodo1344shake, 256), + KEMKMALG(frodo1344shake, 256) + + KEMKMHYBALG(p521_frodo1344shake, 256, ecp) #endif #ifdef OQS_ENABLE_KEM_kyber_512 - KEMKMALG3(kyber512, 128), + KEMKMALG(kyber512, 128) + + KEMKMHYBALG(p256_kyber512, 128, ecp) + KEMKMHYBALG(x25519_kyber512, 128, ecx) #endif #ifdef OQS_ENABLE_KEM_kyber_768 - KEMKMALG3(kyber768, 192), + KEMKMALG(kyber768, 192) + + KEMKMHYBALG(p384_kyber768, 192, ecp) + KEMKMHYBALG(x448_kyber768, 192, ecx) + KEMKMHYBALG(x25519_kyber768, 128, ecx) + KEMKMHYBALG(p256_kyber768, 128, ecp) #endif #ifdef OQS_ENABLE_KEM_kyber_1024 - KEMKMALG2(kyber1024, 256), + KEMKMALG(kyber1024, 256) + + KEMKMHYBALG(p521_kyber1024, 256, ecp) #endif #ifdef OQS_ENABLE_KEM_bike_l1 - KEMKMALG3(bikel1, 128), + KEMKMALG(bikel1, 128) + + KEMKMHYBALG(p256_bikel1, 128, ecp) + KEMKMHYBALG(x25519_bikel1, 128, ecx) #endif #ifdef OQS_ENABLE_KEM_bike_l3 - KEMKMALG3(bikel3, 192), + KEMKMALG(bikel3, 192) + + KEMKMHYBALG(p384_bikel3, 192, ecp) + KEMKMHYBALG(x448_bikel3, 192, ecx) #endif #ifdef OQS_ENABLE_KEM_bike_l5 - KEMKMALG2(bikel5, 256), + KEMKMALG(bikel5, 256) + + KEMKMHYBALG(p521_bikel5, 256, ecp) #endif #ifdef OQS_ENABLE_KEM_hqc_128 - KEMKMALG3(hqc128, 128), + KEMKMALG(hqc128, 128) + + KEMKMHYBALG(p256_hqc128, 128, ecp) + KEMKMHYBALG(x25519_hqc128, 128, ecx) #endif #ifdef OQS_ENABLE_KEM_hqc_192 - KEMKMALG3(hqc192, 192), + KEMKMALG(hqc192, 192) + + KEMKMHYBALG(p384_hqc192, 192, ecp) + KEMKMHYBALG(x448_hqc192, 192, ecx) #endif #ifdef OQS_ENABLE_KEM_hqc_256 - KEMKMALG2(hqc256, 256), + KEMKMALG(hqc256, 256) + + KEMKMHYBALG(p521_hqc256, 256, ecp) #endif ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END //ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index d5ed8a38..a83411c1 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -24,8 +24,6 @@ typedef struct oqs_group_constants_st { unsigned int group_id; /* Group ID */ - unsigned int group_id_ecp_hyb; /* Group ID of hybrid with ECP */ - unsigned int group_id_ecx_hyb; /* Group ID of hybrid with ECX */ unsigned int secbits; /* Bits of security */ int mintls; /* Minimum TLS version, -1 unsupported */ int maxtls; /* Maximum TLS version (or 0 for undefined) */ @@ -37,26 +35,68 @@ typedef struct oqs_group_constants_st { static OQS_GROUP_CONSTANTS oqs_group_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_START - { 0x0200, 0x2F00, 0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0201, 0x2F01, 0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0202, 0x2F02, 0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0203, 0x2F03, 0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0204, 0x2F04, 0 , 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0205, 0x2F05, 0 , 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023A, 0x2F3A, 0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023C, 0x2F3C, 0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023D, 0x2F3D, 0 , 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0241, 0x2F41, 0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0242, 0x2F42, 0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0243, 0x2F43, 0 , 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x022C, 0x2F2C, 0x2FAC, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x022D, 0x2F2D, 0x2FAD, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x022E, 0x2F2E, 0 , 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0200, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F00, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0201, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F01, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0202, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F02, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0203, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F03, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0204, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F04, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 25497, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 25498, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0242, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F42, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x022C, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F2C, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAC, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x022D, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F2D, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAD, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x022E, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + + { 0x2F2E, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END }; // Adds entries for tlsname, `ecx`_tlsname and `ecp`_tlsname -#define OQS_GROUP_ENTRY(tlsname, realname, algorithm, sb, idx) \ +#define OQS_GROUP_ENTRY(tlsname, realname, algorithm, idx) \ { \ OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME, \ #tlsname, \ @@ -84,134 +124,95 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { OSSL_PARAM_END \ } -#define OQS_GROUP_ENTRY_ECP(tlsname, realname, algorithm, sb, idx) \ - { \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME, \ - ECP_NAME(sb, tlsname), \ - sizeof(ECP_NAME(sb, tlsname))), \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL, \ - ECP_NAME(sb, realname), \ - sizeof(ECP_NAME(sb, realname))), \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, \ - ECP_NAME(sb, algorithm), \ - sizeof(ECP_NAME(sb, algorithm))), \ - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, \ - (unsigned int *)&oqs_group_list[idx].group_id_ecp_hyb), \ - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, \ - (unsigned int *)&oqs_group_list[idx].secbits), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, \ - (unsigned int *)&oqs_group_list[idx].mintls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, \ - (unsigned int *)&oqs_group_list[idx].maxtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, \ - (unsigned int *)&oqs_group_list[idx].mindtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, \ - (unsigned int *)&oqs_group_list[idx].maxdtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_IS_KEM, \ - (unsigned int *)&oqs_group_list[idx].is_kem), \ - OSSL_PARAM_END \ - } - -#define OQS_GROUP_ENTRY_ECX(tlsname, realname, algorithm, sb, idx) \ - { \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME, \ - ECX_NAME(sb, tlsname), \ - sizeof(ECX_NAME(sb, tlsname))), \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL, \ - ECX_NAME(sb, realname), \ - sizeof(ECX_NAME(sb, realname))), \ - OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, \ - ECX_NAME(sb, algorithm), \ - sizeof(ECX_NAME(sb, algorithm))), \ - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, \ - (unsigned int *)&oqs_group_list[idx].group_id_ecx_hyb), \ - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, \ - (unsigned int *)&oqs_group_list[idx].secbits), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, \ - (unsigned int *)&oqs_group_list[idx].mintls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, \ - (unsigned int *)&oqs_group_list[idx].maxtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, \ - (unsigned int *)&oqs_group_list[idx].mindtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, \ - (unsigned int *)&oqs_group_list[idx].maxdtls), \ - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_IS_KEM, \ - (unsigned int *)&oqs_group_list[idx].is_kem), \ - OSSL_PARAM_END \ - } - static const OSSL_PARAM oqs_param_group_list[][11] = { ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_START #ifdef OQS_ENABLE_KEM_frodokem_640_aes - OQS_GROUP_ENTRY(frodo640aes, frodo640aes, frodo640aes, 128, 0), - OQS_GROUP_ENTRY_ECP(frodo640aes, frodo640aes, frodo640aes, 128, 0), - OQS_GROUP_ENTRY_ECX(frodo640aes, frodo640aes, frodo640aes, 128, 0), + OQS_GROUP_ENTRY(frodo640aes, frodo640aes, frodo640aes, 0), + + OQS_GROUP_ENTRY(p256_frodo640aes, p256_frodo640aes, p256_frodo640aes, 1), + OQS_GROUP_ENTRY(x25519_frodo640aes, x25519_frodo640aes, x25519_frodo640aes, 2), #endif #ifdef OQS_ENABLE_KEM_frodokem_640_shake - OQS_GROUP_ENTRY(frodo640shake, frodo640shake, frodo640shake, 128, 1), - OQS_GROUP_ENTRY_ECP(frodo640shake, frodo640shake, frodo640shake, 128, 1), - OQS_GROUP_ENTRY_ECX(frodo640shake, frodo640shake, frodo640shake, 128, 1), + OQS_GROUP_ENTRY(frodo640shake, frodo640shake, frodo640shake, 3), + + OQS_GROUP_ENTRY(p256_frodo640shake, p256_frodo640shake, p256_frodo640shake, 4), + OQS_GROUP_ENTRY(x25519_frodo640shake, x25519_frodo640shake, x25519_frodo640shake, 5), #endif #ifdef OQS_ENABLE_KEM_frodokem_976_aes - OQS_GROUP_ENTRY(frodo976aes, frodo976aes, frodo976aes, 192, 2), - OQS_GROUP_ENTRY_ECP(frodo976aes, frodo976aes, frodo976aes, 192, 2), - OQS_GROUP_ENTRY_ECX(frodo976aes, frodo976aes, frodo976aes, 192, 2), + OQS_GROUP_ENTRY(frodo976aes, frodo976aes, frodo976aes, 6), + + OQS_GROUP_ENTRY(p384_frodo976aes, p384_frodo976aes, p384_frodo976aes, 7), + OQS_GROUP_ENTRY(x448_frodo976aes, x448_frodo976aes, x448_frodo976aes, 8), #endif #ifdef OQS_ENABLE_KEM_frodokem_976_shake - OQS_GROUP_ENTRY(frodo976shake, frodo976shake, frodo976shake, 192, 3), - OQS_GROUP_ENTRY_ECP(frodo976shake, frodo976shake, frodo976shake, 192, 3), - OQS_GROUP_ENTRY_ECX(frodo976shake, frodo976shake, frodo976shake, 192, 3), + OQS_GROUP_ENTRY(frodo976shake, frodo976shake, frodo976shake, 9), + + OQS_GROUP_ENTRY(p384_frodo976shake, p384_frodo976shake, p384_frodo976shake, 10), + OQS_GROUP_ENTRY(x448_frodo976shake, x448_frodo976shake, x448_frodo976shake, 11), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_aes - OQS_GROUP_ENTRY(frodo1344aes, frodo1344aes, frodo1344aes, 256, 4), - OQS_GROUP_ENTRY_ECP(frodo1344aes, frodo1344aes, frodo1344aes, 256, 4), + OQS_GROUP_ENTRY(frodo1344aes, frodo1344aes, frodo1344aes, 12), + + OQS_GROUP_ENTRY(p521_frodo1344aes, p521_frodo1344aes, p521_frodo1344aes, 13), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_shake - OQS_GROUP_ENTRY(frodo1344shake, frodo1344shake, frodo1344shake, 256, 5), - OQS_GROUP_ENTRY_ECP(frodo1344shake, frodo1344shake, frodo1344shake, 256, 5), + OQS_GROUP_ENTRY(frodo1344shake, frodo1344shake, frodo1344shake, 14), + + OQS_GROUP_ENTRY(p521_frodo1344shake, p521_frodo1344shake, p521_frodo1344shake, 15), #endif #ifdef OQS_ENABLE_KEM_kyber_512 - OQS_GROUP_ENTRY(kyber512, kyber512, kyber512, 128, 6), - OQS_GROUP_ENTRY_ECP(kyber512, kyber512, kyber512, 128, 6), - OQS_GROUP_ENTRY_ECX(kyber512, kyber512, kyber512, 128, 6), + OQS_GROUP_ENTRY(kyber512, kyber512, kyber512, 16), + + OQS_GROUP_ENTRY(p256_kyber512, p256_kyber512, p256_kyber512, 17), + OQS_GROUP_ENTRY(x25519_kyber512, x25519_kyber512, x25519_kyber512, 18), #endif #ifdef OQS_ENABLE_KEM_kyber_768 - OQS_GROUP_ENTRY(kyber768, kyber768, kyber768, 192, 7), - OQS_GROUP_ENTRY_ECP(kyber768, kyber768, kyber768, 192, 7), - OQS_GROUP_ENTRY_ECX(kyber768, kyber768, kyber768, 192, 7), + OQS_GROUP_ENTRY(kyber768, kyber768, kyber768, 19), + + OQS_GROUP_ENTRY(p384_kyber768, p384_kyber768, p384_kyber768, 20), + OQS_GROUP_ENTRY(x448_kyber768, x448_kyber768, x448_kyber768, 21), + OQS_GROUP_ENTRY(x25519_kyber768, x25519_kyber768, x25519_kyber768, 22), + OQS_GROUP_ENTRY(p256_kyber768, p256_kyber768, p256_kyber768, 23), #endif #ifdef OQS_ENABLE_KEM_kyber_1024 - OQS_GROUP_ENTRY(kyber1024, kyber1024, kyber1024, 256, 8), - OQS_GROUP_ENTRY_ECP(kyber1024, kyber1024, kyber1024, 256, 8), + OQS_GROUP_ENTRY(kyber1024, kyber1024, kyber1024, 24), + + OQS_GROUP_ENTRY(p521_kyber1024, p521_kyber1024, p521_kyber1024, 25), #endif #ifdef OQS_ENABLE_KEM_bike_l1 - OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 128, 9), - OQS_GROUP_ENTRY_ECP(bikel1, bikel1, bikel1, 128, 9), - OQS_GROUP_ENTRY_ECX(bikel1, bikel1, bikel1, 128, 9), + OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 26), + + OQS_GROUP_ENTRY(p256_bikel1, p256_bikel1, p256_bikel1, 27), + OQS_GROUP_ENTRY(x25519_bikel1, x25519_bikel1, x25519_bikel1, 28), #endif #ifdef OQS_ENABLE_KEM_bike_l3 - OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 192, 10), - OQS_GROUP_ENTRY_ECP(bikel3, bikel3, bikel3, 192, 10), - OQS_GROUP_ENTRY_ECX(bikel3, bikel3, bikel3, 192, 10), + OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 29), + + OQS_GROUP_ENTRY(p384_bikel3, p384_bikel3, p384_bikel3, 30), + OQS_GROUP_ENTRY(x448_bikel3, x448_bikel3, x448_bikel3, 31), #endif #ifdef OQS_ENABLE_KEM_bike_l5 - OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 256, 11), - OQS_GROUP_ENTRY_ECP(bikel5, bikel5, bikel5, 256, 11), + OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 32), + + OQS_GROUP_ENTRY(p521_bikel5, p521_bikel5, p521_bikel5, 33), #endif #ifdef OQS_ENABLE_KEM_hqc_128 - OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 128, 12), - OQS_GROUP_ENTRY_ECP(hqc128, hqc128, hqc128, 128, 12), - OQS_GROUP_ENTRY_ECX(hqc128, hqc128, hqc128, 128, 12), + OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 34), + + OQS_GROUP_ENTRY(p256_hqc128, p256_hqc128, p256_hqc128, 35), + OQS_GROUP_ENTRY(x25519_hqc128, x25519_hqc128, x25519_hqc128, 36), #endif #ifdef OQS_ENABLE_KEM_hqc_192 - OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 192, 13), - OQS_GROUP_ENTRY_ECP(hqc192, hqc192, hqc192, 192, 13), - OQS_GROUP_ENTRY_ECX(hqc192, hqc192, hqc192, 192, 13), + OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 37), + + OQS_GROUP_ENTRY(p384_hqc192, p384_hqc192, p384_hqc192, 38), + OQS_GROUP_ENTRY(x448_hqc192, x448_hqc192, x448_hqc192, 39), #endif #ifdef OQS_ENABLE_KEM_hqc_256 - OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 256, 14), - OQS_GROUP_ENTRY_ECP(hqc256, hqc256, hqc256, 256, 14), + OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 40), + + OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 41), #endif ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END }; @@ -255,48 +256,48 @@ static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { int oqs_patch_codepoints() { ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_START - - if (getenv("OQS_CODEPOINT_FRODO640AES")) oqs_group_list[0].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640AES")); - if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) oqs_group_list[0].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) oqs_group_list[0].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); - if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) oqs_group_list[1].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) oqs_group_list[1].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) oqs_group_list[1].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO976AES")) oqs_group_list[2].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); - if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) oqs_group_list[2].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); - if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) oqs_group_list[2].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); - if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) oqs_group_list[3].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) oqs_group_list[3].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) oqs_group_list[3].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO1344AES")) oqs_group_list[4].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) oqs_group_list[4].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) oqs_group_list[5].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) oqs_group_list[5].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_KYBER512")) oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); - if (getenv("OQS_CODEPOINT_P256_KYBER512")) oqs_group_list[6].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); - if (getenv("OQS_CODEPOINT_X25519_KYBER512")) oqs_group_list[6].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); - if (getenv("OQS_CODEPOINT_KYBER768")) oqs_group_list[7].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); - if (getenv("OQS_CODEPOINT_P384_KYBER768")) oqs_group_list[7].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); - if (getenv("OQS_CODEPOINT_X448_KYBER768")) oqs_group_list[7].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); - if (getenv("OQS_CODEPOINT_KYBER1024")) oqs_group_list[8].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); - if (getenv("OQS_CODEPOINT_P521_KYBER1024")) oqs_group_list[8].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); - if (getenv("OQS_CODEPOINT_BIKEL1")) oqs_group_list[9].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); - if (getenv("OQS_CODEPOINT_P256_BIKEL1")) oqs_group_list[9].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); - if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) oqs_group_list[9].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); - if (getenv("OQS_CODEPOINT_BIKEL3")) oqs_group_list[10].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); - if (getenv("OQS_CODEPOINT_P384_BIKEL3")) oqs_group_list[10].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); - if (getenv("OQS_CODEPOINT_X448_BIKEL3")) oqs_group_list[10].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); - if (getenv("OQS_CODEPOINT_BIKEL5")) oqs_group_list[11].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); - if (getenv("OQS_CODEPOINT_P521_BIKEL5")) oqs_group_list[11].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); - if (getenv("OQS_CODEPOINT_HQC128")) oqs_group_list[12].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); - if (getenv("OQS_CODEPOINT_P256_HQC128")) oqs_group_list[12].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); - if (getenv("OQS_CODEPOINT_X25519_HQC128")) oqs_group_list[12].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); - if (getenv("OQS_CODEPOINT_HQC192")) oqs_group_list[13].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); - if (getenv("OQS_CODEPOINT_P384_HQC192")) oqs_group_list[13].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); - if (getenv("OQS_CODEPOINT_X448_HQC192")) oqs_group_list[13].group_id_ecx_hyb = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); - if (getenv("OQS_CODEPOINT_HQC256")) oqs_group_list[14].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); - if (getenv("OQS_CODEPOINT_P521_HQC256")) oqs_group_list[14].group_id_ecp_hyb = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); + if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) oqs_group_list[1].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) oqs_group_list[2].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); + if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) oqs_group_list[3].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) oqs_group_list[4].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) oqs_group_list[5].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO976AES")) oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); + if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) oqs_group_list[7].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); + if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) oqs_group_list[8].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); + if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) oqs_group_list[9].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) oqs_group_list[10].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) oqs_group_list[11].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO1344AES")) oqs_group_list[12].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) oqs_group_list[13].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) oqs_group_list[14].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) oqs_group_list[15].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_KYBER512")) oqs_group_list[16].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); + if (getenv("OQS_CODEPOINT_P256_KYBER512")) oqs_group_list[17].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); + if (getenv("OQS_CODEPOINT_X25519_KYBER512")) oqs_group_list[18].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); + if (getenv("OQS_CODEPOINT_KYBER768")) oqs_group_list[19].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); + if (getenv("OQS_CODEPOINT_P384_KYBER768")) oqs_group_list[20].group_id = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); + if (getenv("OQS_CODEPOINT_X448_KYBER768")) oqs_group_list[21].group_id = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); + if (getenv("OQS_CODEPOINT_X25519_KYBER768")) oqs_group_list[22].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER768")); + if (getenv("OQS_CODEPOINT_P256_KYBER768")) oqs_group_list[23].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER768")); + if (getenv("OQS_CODEPOINT_KYBER1024")) oqs_group_list[24].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); + if (getenv("OQS_CODEPOINT_P521_KYBER1024")) oqs_group_list[25].group_id = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); + if (getenv("OQS_CODEPOINT_BIKEL1")) oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); + if (getenv("OQS_CODEPOINT_P256_BIKEL1")) oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); + if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) oqs_group_list[28].group_id = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); + if (getenv("OQS_CODEPOINT_BIKEL3")) oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); + if (getenv("OQS_CODEPOINT_P384_BIKEL3")) oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); + if (getenv("OQS_CODEPOINT_X448_BIKEL3")) oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); + if (getenv("OQS_CODEPOINT_BIKEL5")) oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); + if (getenv("OQS_CODEPOINT_P521_BIKEL5")) oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); + if (getenv("OQS_CODEPOINT_HQC128")) oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); + if (getenv("OQS_CODEPOINT_P256_HQC128")) oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); + if (getenv("OQS_CODEPOINT_X25519_HQC128")) oqs_group_list[36].group_id = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); + if (getenv("OQS_CODEPOINT_HQC192")) oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); + if (getenv("OQS_CODEPOINT_P384_HQC192")) oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); + if (getenv("OQS_CODEPOINT_X448_HQC192")) oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); + if (getenv("OQS_CODEPOINT_HQC256")) oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); + if (getenv("OQS_CODEPOINT_P521_HQC256")) oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); if (getenv("OQS_CODEPOINT_DILITHIUM2")) oqs_sigalg_list[0].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM2")); if (getenv("OQS_CODEPOINT_P256_DILITHIUM2")) oqs_sigalg_list[1].code_point = atoi(getenv("OQS_CODEPOINT_P256_DILITHIUM2")); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 235a3a4e..8d18b95d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -487,12 +487,16 @@ static const OQSX_EVP_INFO nids_sig[] = { { EVP_PKEY_RSA, NID_rsaEncryption , 0, 398, 1770, 0, 384}, // 128 bit }; +// These two array need to stay synced: +static const char* OQSX_ECP_NAMES[] = { "p256", "p384", "p521", 0 }; static const OQSX_EVP_INFO nids_ecp[] = { { EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65 , 121, 32, 0}, // 128 bit { EVP_PKEY_EC, NID_secp384r1 , 0, 97 , 167, 48, 0}, // 192 bit { EVP_PKEY_EC, NID_secp521r1 , 0, 133, 223, 66, 0} // 256 bit }; +// These two array need to stay synced: +static const char* OQSX_ECX_NAMES[] = { "x25519", "x448", 0 }; static const OQSX_EVP_INFO nids_ecx[] = { { EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit { EVP_PKEY_X448, 0, 1, 56, 56, 56, 0}, // 192 bit @@ -535,10 +539,15 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, char* algna return ret; } -static const int oqshybkem_init_ecp(int bit_security, OQSX_EVP_CTX *evp_ctx) +static const int oqshybkem_init_ecp(char* tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; - int idx = (bit_security - 128) / 64; + int idx = 0; + while(idx < sizeof(OQSX_ECP_NAMES)) { + if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) + break; + idx++; + } ON_ERR_GOTO(idx < 0 || idx > 2, err); evp_ctx->evp_info = &nids_ecp[idx]; @@ -559,10 +568,16 @@ static const int oqshybkem_init_ecp(int bit_security, OQSX_EVP_CTX *evp_ctx) return ret; } -static const int oqshybkem_init_ecx(int bit_security, OQSX_EVP_CTX *evp_ctx) +static const int oqshybkem_init_ecx(char* tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; - int idx = (bit_security - 128) / 64; + int idx = 0; + + while(idx < sizeof(OQSX_ECX_NAMES)) { + if (!strncmp(tls_name, OQSX_ECX_NAMES[idx], 4)) + break; + idx++; + } ON_ERR_GOTO(idx < 0 || idx > 2, err); evp_ctx->evp_info = &nids_ecx[idx]; @@ -580,7 +595,7 @@ static const int oqshybkem_init_ecx(int bit_security, OQSX_EVP_CTX *evp_ctx) return ret; } -static const int (*init_kex_fun[])(int, OQSX_EVP_CTX *) = { +static const int (*init_kex_fun[])(char *, OQSX_EVP_CTX *) = { oqshybkem_init_ecp, oqshybkem_init_ecx }; @@ -656,11 +671,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char* oqs_name, char* tls_name, int ON_ERR_GOTO(!evp_ctx, err); ret2 = (init_kex_fun[primitive - KEY_TYPE_ECP_HYB_KEM]) -#ifdef CLOUDFLARE - (((!strcmp("Kyber768", oqs_name)&&(primitive==KEY_TYPE_ECX_HYB_KEM)))?128:bit_security, evp_ctx); -#else - (bit_security, evp_ctx); -#endif + (tls_name, evp_ctx); ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->keyParam || !evp_ctx->ctx, err); ret->numkeys = 2; diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index 15f0c5fc..d601f34f 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -97,7 +97,8 @@ fi if [ ! -f "_build/lib/oqsprovider.$SHLIBEXT" ]; then echo "oqsprovider (_build/lib/oqsprovider.$SHLIBEXT) not built: Building..." # for full debug build add: -DCMAKE_BUILD_TYPE=Debug - BUILD_TYPE="-DCMAKE_BUILD_TYPE=Debug" + #BUILD_TYPE="-DCMAKE_BUILD_TYPE=Debug" + BUILD_TYPE="" # for omitting public key in private keys add -DNOPUBKEY_IN_PRIVKEY=ON if [ -z "$OPENSSL_INSTALL" ]; then cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build diff --git a/test/oqs_test_tlssig.c b/test/oqs_test_tlssig.c index 4eba2649..12aa6885 100644 --- a/test/oqs_test_tlssig.c +++ b/test/oqs_test_tlssig.c @@ -143,7 +143,7 @@ int main(int argc, char *argv[]) // crashes: EVP_SIGNATURE_do_all_provided(libctx, test_oqs_sigs, &errcnt); OSSL_PROVIDER_do_all(libctx, test_provider_signatures, &errcnt); #else - fprintf(stderr, "TLS-SIG handshake test not enabled. Update upstream code.\n"); + fprintf(stderr, "TLS-SIG handshake test not enabled. Update OpenSSL to more current version.\n"); #endif OSSL_LIB_CTX_free(libctx);