From 0ac3576cf4769a7b490609d576155eb6a7db8029 Mon Sep 17 00:00:00 2001
From: WillChilds-Klein <willck93@gmail.com>
Date: Wed, 31 Jul 2024 16:41:54 +0000
Subject: [PATCH] Add PQ key exchange OIDs

The OID values are taken from OQS's [openssl provider][1].

[1]: https://github.com/open-quantum-safe/oqs-provider/blob/acd7181ae34ff05261d30d111eb5102d4f8c623a/ALGORITHMS.md?plain=1#L253-L254
---
 crypto/obj/obj_dat.h   | 18 ++++++++++++++++--
 crypto/obj/objects.txt |  6 +++---
 include/openssl/nid.h  |  2 ++
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/crypto/obj/obj_dat.h b/crypto/obj/obj_dat.h
index 3610dcd2d6..5db3a2efec 100644
--- a/crypto/obj/obj_dat.h
+++ b/crypto/obj/obj_dat.h
@@ -7218,6 +7218,18 @@ static const uint8_t kObjectData[] = {
     0x04,
     0x02,
     0x0c,
+    /* NID_SecP256r1Kyber768Draft00 */
+    0x2b,
+    0xce,
+    0x0f,
+    0x63,
+    0x34,
+    /* NID_X25519Kyber768Draft00 */
+    0x2b,
+    0xce,
+    0x0f,
+    0x63,
+    0x33,
 };
 
 static const ASN1_OBJECT kObjects[NUM_NID] = {
@@ -8883,9 +8895,9 @@ static const ASN1_OBJECT kObjects[NUM_NID] = {
     {"SHAKE128", "shake128", NID_shake128, 9, &kObjectData[6252], 0},
     {"SHAKE256", "shake256", NID_shake256, 9, &kObjectData[6261], 0},
     {"SecP256r1Kyber768Draft00", "SecP256r1Kyber768Draft00",
-     NID_SecP256r1Kyber768Draft00, 0, NULL, 0},
+     NID_SecP256r1Kyber768Draft00, 5, &kObjectData[6270], 0},
     {"X25519Kyber768Draft00", "X25519Kyber768Draft00",
-     NID_X25519Kyber768Draft00, 0, NULL, 0},
+     NID_X25519Kyber768Draft00, 5, &kObjectData[6275], 0},
     {"ffdhe3072", "ffdhe3072", NID_ffdhe3072, 0, NULL, 0},
     {"ffdhe8192", "ffdhe8192", NID_ffdhe8192, 0, NULL, 0},
     {"MLKEM512IPD", "MLKEM512IPD", NID_MLKEM512IPD, 0, NULL, 0},
@@ -11137,6 +11149,8 @@ static const uint16_t kNIDsInOIDOrder[] = {
     732 /* 1.3.132.0.37 (OBJ_sect409r1) */,
     733 /* 1.3.132.0.38 (OBJ_sect571k1) */,
     734 /* 1.3.132.0.39 (OBJ_sect571r1) */,
+    982 /* 1.3.9999.99.51 (OBJ_X25519Kyber768Draft00) */,
+    981 /* 1.3.9999.99.52 (OBJ_SecP256r1Kyber768Draft00) */,
     624 /* 2.23.42.3.0.0 (OBJ_set_rootKeyThumb) */,
     625 /* 2.23.42.3.0.1 (OBJ_set_addPolicy) */,
     626 /* 2.23.42.3.2.1 (OBJ_setAttr_Token_EMV) */,
diff --git a/crypto/obj/objects.txt b/crypto/obj/objects.txt
index 79b0aa1742..ae16d9cdec 100644
--- a/crypto/obj/objects.txt
+++ b/crypto/obj/objects.txt
@@ -133,9 +133,9 @@ secg-ellipticCurve 39		: sect571r1
  : ffdhe4096
  : ffdhe8192
 
-# PQ Groups
- : SecP256r1Kyber768Draft00
- : X25519Kyber768Draft00
+# PQ Group OIDs from OQS
+1 3 9999 99 51 : X25519Kyber768Draft00
+1 3 9999 99 52 : SecP256r1Kyber768Draft00
 
 # WAP/TLS curve OIDs (http://www.wapforum.org/)
 !Alias wap-wsg-idm-ecid wap-wsg 4
diff --git a/include/openssl/nid.h b/include/openssl/nid.h
index fa8a985717..15d262ae8a 100644
--- a/include/openssl/nid.h
+++ b/include/openssl/nid.h
@@ -4321,9 +4321,11 @@ extern "C" {
 
 #define SN_SecP256r1Kyber768Draft00 "SecP256r1Kyber768Draft00"
 #define NID_SecP256r1Kyber768Draft00 981
+#define OBJ_SecP256r1Kyber768Draft00 1L, 3L, 9999L, 99L, 52L
 
 #define SN_X25519Kyber768Draft00 "X25519Kyber768Draft00"
 #define NID_X25519Kyber768Draft00 982
+#define OBJ_X25519Kyber768Draft00 1L, 3L, 9999L, 99L, 51L
 
 #define SN_ffdhe3072 "ffdhe3072"
 #define NID_ffdhe3072 983