diff --git a/README.md b/README.md index aa3570a16359..baeefab63936 100644 --- a/README.md +++ b/README.md @@ -65,32 +65,38 @@ If an algorithm is provided by liboqs but is not listed below, it can still be u The following quantum-safe algorithms from liboqs are supported (assuming they have been enabled in liboqs): -- **BIKE**: `bike-l1-sha512`, `bike-l3-sha512` +- **BIKE**: `bike-l1-sha512`, `bike-l3-sha512`, `bike-l5-sha512` - **ClassicMcEliece**: `classic-mceliece-348864-sha256`, `classic-mceliece-348864f-sha256`, `classic-mceliece-460896-sha512`, `classic-mceliece-460896f-sha512`, `classic-mceliece-6688128-sha512`, `classic-mceliece-6688128f-sha512`, `classic-mceliece-6960119-sha512`, `classic-mceliece-6960119f-sha512`, `classic-mceliece-8192128-sha512`, `classic-mceliece-8192128f-sha512` - **FrodoKEM**: `frodokem-640-aes-sha256`, `frodokem-976-aes-sha384`, `frodokem-1344-aes-sha512`, `frodokem-640-shake-sha256`, `frodokem-976-shake-sha384`, `frodokem-1344-shake-sha512` - **HQC**: `hqc-128-sha256`, `hqc-192-sha384`, `hqc-256-sha512`† - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512` +- **ML-KEM**: `ml-kem-512-sha256`, `ml-kem-768-sha256`, `ml-kem-1024-sha384` The following hybrid algorithms are made available: -- **BIKE**: `ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org` `ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org` +- **BIKE**: `ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org` `ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org` `ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org` - **ClassicMcEliece**: `ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org` `ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128fr4-sha512@openquantumsafe.org` - **FrodoKEM**: `ecdh-nistp256-frodokem-640-aesr2-sha256@openquantumsafe.org` `ecdh-nistp384-frodokem-976-aesr2-sha384@openquantumsafe.org` `ecdh-nistp521-frodokem-1344-aesr2-sha512@openquantumsafe.org` `ecdh-nistp256-frodokem-640-shaker2-sha256@openquantumsafe.org` `ecdh-nistp384-frodokem-976-shaker2-sha384@openquantumsafe.org` `ecdh-nistp521-frodokem-1344-shaker2-sha512@openquantumsafe.org` - **HQC**: `ecdh-nistp256-hqc-128r3-sha256@openquantumsafe.org` `ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org` `ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org` - **Kyber**: `ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org` `ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org` `ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org` +- **ML-KEM**: `ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org` `mlkem768nistp256-sha256` `mlkem1024nistp384-sha384` Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. For example, McEliece require building `oqs-openssh` with a large(r) stack provision than is default: Adding `LDFLAGS="-Wl,--stack,20000000"` to [the `./configure` command below](#step-2-build-the-fork) is required to allow cygwin-based testing to pass. +Algorithms which involve ML-KEM are provided using the names as proposed in [draft-kampanakis-curdle-ssh-pq-ke](https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/). The underlying implementation uses a liboqs API name for the final ML-KEM implementation which is currently (August 13th, 2024) aliased to ML-KEM-IPD. When the final implementation for ML-KEM becomes available, the alias will also be updated to the standardized ML-KEM implementation. + #### Digital Signature The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only select L3 signature variants are enabled by default. In general, algorithms that are enabled by default are marked with an asterisk, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation). -- **Dilithium**: `dilithium2`\*, `dilithium3`\*, `dilithium5`\* -- **Falcon**: `falcon512`\*, `falcon1024`\* +- **Dilithium**: `dilithium2`, `dilithium3`, `dilithium5` +- **Falcon**: `falcon512`\*, `falcon1024`\*, `falconpadded512`, `falconpadded1024` +- **MAYO**: `mayo1`, `mayo2`\*, `mayo3`\*, `mayo5`\* +- **ML-DSA**: `mldsa44`\*, `mldsa65`\*, `mldsa87`\* - **SPHINCS**: `sphincssha2128fsimple`\*, `sphincssha2128ssimple`, `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincssha2256fsimple`\*, `sphincssha2256ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple` @@ -101,6 +107,8 @@ The following hybrid algorithms are supported; they combine a quantum-safe algor - if `` has L3 security, the fork provides the method `ecdsa-nistp384-`, which combines `` with ECDSA using NIST's P384 curve. - if `` has L5 security, the fork provides the method `ecdsa-nistp521-`, which combines `` with ECDSA using NIST's P521 curve. +Algorithms which involve ML-DSA use a liboqs API name for the final ML-DSA implementation which is currently (August 13th, 2024) aliased to ML-DSA-IPD. When the final implementation for ML-DSA becomes available, the alias will also be updated to the standardized ML-DSA implementation. + ## Quickstart The steps below have been confirmed to work on Ubuntu 20.04.1 Focal diff --git a/kex.c b/kex.c index c13c62283b80..a64e60493f8d 100644 --- a/kex.c +++ b/kex.c @@ -131,6 +131,7 @@ static const struct kexalg kexalgs[] = { { KEX_KYBER_1024_SHA512, KEX_KEM_KYBER_1024_SHA512, 0, SSH_DIGEST_SHA512 }, { KEX_BIKE_L1_SHA512, KEX_KEM_BIKE_L1_SHA512, 0, SSH_DIGEST_SHA512 }, { KEX_BIKE_L3_SHA512, KEX_KEM_BIKE_L3_SHA512, 0, SSH_DIGEST_SHA512 }, + { KEX_BIKE_L5_SHA512, KEX_KEM_BIKE_L5_SHA512, 0, SSH_DIGEST_SHA512 }, { KEX_CLASSIC_MCELIECE_348864_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_CLASSIC_MCELIECE_348864F_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_CLASSIC_MCELIECE_460896_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_SHA512, 0, SSH_DIGEST_SHA512 }, @@ -144,6 +145,9 @@ static const struct kexalg kexalgs[] = { { KEX_HQC_128_SHA256, KEX_KEM_HQC_128_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_HQC_192_SHA384, KEX_KEM_HQC_192_SHA384, 0, SSH_DIGEST_SHA384 }, { KEX_HQC_256_SHA512, KEX_KEM_HQC_256_SHA512, 0, SSH_DIGEST_SHA512 }, + { KEX_ML_KEM_512_SHA256, KEX_KEM_ML_KEM_512_SHA256, 0, SSH_DIGEST_SHA256 }, + { KEX_ML_KEM_768_SHA256, KEX_KEM_ML_KEM_768_SHA256, 0, SSH_DIGEST_SHA256 }, + { KEX_ML_KEM_1024_SHA384, KEX_KEM_ML_KEM_1024_SHA384, 0, SSH_DIGEST_SHA384 }, #ifdef OPENSSL_HAS_ECC { KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 }, @@ -156,6 +160,7 @@ static const struct kexalg kexalgs[] = { { KEX_KYBER_1024_ECDH_NISTP521_SHA512, KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 }, { KEX_BIKE_L1_ECDH_NISTP256_SHA512, KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512, NID_X9_62_prime256v1, SSH_DIGEST_SHA512 }, { KEX_BIKE_L3_ECDH_NISTP384_SHA512, KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 }, + { KEX_BIKE_L5_ECDH_NISTP521_SHA512, KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 }, { KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 }, @@ -169,6 +174,9 @@ static const struct kexalg kexalgs[] = { { KEX_HQC_128_ECDH_NISTP256_SHA256, KEX_KEM_HQC_128_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_HQC_192_ECDH_NISTP384_SHA384, KEX_KEM_HQC_192_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 }, { KEX_HQC_256_ECDH_NISTP521_SHA512, KEX_KEM_HQC_256_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 }, + { KEX_ML_KEM_512_ECDH_NISTP256_SHA256, KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, + { KEX_ML_KEM_768_ECDH_NISTP256_SHA256, KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, + { KEX_ML_KEM_1024_ECDH_NISTP384_SHA384, KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 }, #endif /* OPENSSL_HAS_ECC */ ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ALGS_END diff --git a/kex.h b/kex.h index e7b69e7610be..0c4155a061fa 100644 --- a/kex.h +++ b/kex.h @@ -76,6 +76,7 @@ #define KEX_KYBER_1024_SHA512 "kyber-1024-sha512" #define KEX_BIKE_L1_SHA512 "bike-l1-sha512" #define KEX_BIKE_L3_SHA512 "bike-l3-sha512" +#define KEX_BIKE_L5_SHA512 "bike-l5-sha512" #define KEX_CLASSIC_MCELIECE_348864_SHA256 "classic-mceliece-348864-sha256" #define KEX_CLASSIC_MCELIECE_348864F_SHA256 "classic-mceliece-348864f-sha256" #define KEX_CLASSIC_MCELIECE_460896_SHA512 "classic-mceliece-460896-sha512" @@ -89,6 +90,9 @@ #define KEX_HQC_128_SHA256 "hqc-128-sha256" #define KEX_HQC_192_SHA384 "hqc-192-sha384" #define KEX_HQC_256_SHA512 "hqc-256-sha512" +#define KEX_ML_KEM_512_SHA256 "ml-kem-512-sha256" +#define KEX_ML_KEM_768_SHA256 "ml-kem-768-sha256" +#define KEX_ML_KEM_1024_SHA384 "ml-kem-1024-sha384" #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC #define KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256 "ecdh-nistp256-frodokem-640-aesr2-sha256@openquantumsafe.org" @@ -100,8 +104,9 @@ #define KEX_KYBER_512_ECDH_NISTP256_SHA256 "ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org" #define KEX_KYBER_768_ECDH_NISTP384_SHA384 "ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org" #define KEX_KYBER_1024_ECDH_NISTP521_SHA512 "ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org" -#define KEX_BIKE_L1_ECDH_NISTP256_SHA512 "ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org" -#define KEX_BIKE_L3_ECDH_NISTP384_SHA512 "ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org" +#define KEX_BIKE_L1_ECDH_NISTP256_SHA512 "ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org" +#define KEX_BIKE_L3_ECDH_NISTP384_SHA512 "ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org" +#define KEX_BIKE_L5_ECDH_NISTP521_SHA512 "ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org" #define KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256 "ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org" #define KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256 "ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org" #define KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512 "ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org" @@ -115,6 +120,9 @@ #define KEX_HQC_128_ECDH_NISTP256_SHA256 "ecdh-nistp256-hqc-128r3-sha256@openquantumsafe.org" #define KEX_HQC_192_ECDH_NISTP384_SHA384 "ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org" #define KEX_HQC_256_ECDH_NISTP521_SHA512 "ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org" +#define KEX_ML_KEM_512_ECDH_NISTP256_SHA256 "ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org" +#define KEX_ML_KEM_768_ECDH_NISTP256_SHA256 "mlkem768nistp256-sha256" +#define KEX_ML_KEM_1024_ECDH_NISTP384_SHA384 "mlkem1024nistp384-sha384" #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_PRETTY_NAMES_END @@ -169,6 +177,7 @@ enum kex_exchange { KEX_KEM_KYBER_1024_SHA512, KEX_KEM_BIKE_L1_SHA512, KEX_KEM_BIKE_L3_SHA512, + KEX_KEM_BIKE_L5_SHA512, KEX_KEM_CLASSIC_MCELIECE_348864_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256, KEX_KEM_CLASSIC_MCELIECE_460896_SHA512, @@ -182,6 +191,9 @@ enum kex_exchange { KEX_KEM_HQC_128_SHA256, KEX_KEM_HQC_192_SHA384, KEX_KEM_HQC_256_SHA512, + KEX_KEM_ML_KEM_512_SHA256, + KEX_KEM_ML_KEM_768_SHA256, + KEX_KEM_ML_KEM_1024_SHA384, #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, @@ -195,6 +207,7 @@ enum kex_exchange { KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512, KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512, KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512, + KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, @@ -208,6 +221,9 @@ enum kex_exchange { KEX_KEM_HQC_128_ECDH_NISTP256_SHA256, KEX_KEM_HQC_192_ECDH_NISTP384_SHA384, KEX_KEM_HQC_256_ECDH_NISTP521_SHA512, + KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256, + KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256, + KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384, #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ENUMS_END @@ -397,6 +413,10 @@ int kex_kem_bike_l1_dec(struct kex *, const struct sshbuf *, struct sshbuf **); int kex_kem_bike_l3_keypair(struct kex *); int kex_kem_bike_l3_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_bike_l3_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* bike_l5 prototypes */ +int kex_kem_bike_l5_keypair(struct kex *); +int kex_kem_bike_l5_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_bike_l5_dec(struct kex *, const struct sshbuf *, struct sshbuf **); /* classic_mceliece_348864 prototypes */ int kex_kem_classic_mceliece_348864_keypair(struct kex *); int kex_kem_classic_mceliece_348864_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); @@ -449,6 +469,18 @@ int kex_kem_hqc_192_dec(struct kex *, const struct sshbuf *, struct sshbuf **); int kex_kem_hqc_256_keypair(struct kex *); int kex_kem_hqc_256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_hqc_256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_512 prototypes */ +int kex_kem_ml_kem_512_keypair(struct kex *); +int kex_kem_ml_kem_512_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_512_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_768 prototypes */ +int kex_kem_ml_kem_768_keypair(struct kex *); +int kex_kem_ml_kem_768_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_768_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_1024 prototypes */ +int kex_kem_ml_kem_1024_keypair(struct kex *); +int kex_kem_ml_kem_1024_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_1024_dec(struct kex *, const struct sshbuf *, struct sshbuf **); #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC /* frodokem_640_aes_nistp256 prototypes */ @@ -495,6 +527,10 @@ int kex_kem_bike_l1_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, stru int kex_kem_bike_l3_ecdh_nistp384_keypair(struct kex *); int kex_kem_bike_l3_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_bike_l3_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* bike_l5_nistp521 prototypes */ +int kex_kem_bike_l5_ecdh_nistp521_keypair(struct kex *); +int kex_kem_bike_l5_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_bike_l5_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); /* classic_mceliece_348864_nistp256 prototypes */ int kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(struct kex *); int kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); @@ -547,6 +583,18 @@ int kex_kem_hqc_192_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, stru int kex_kem_hqc_256_ecdh_nistp521_keypair(struct kex *); int kex_kem_hqc_256_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_hqc_256_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_512_nistp256 prototypes */ +int kex_kem_ml_kem_512_ecdh_nistp256_keypair(struct kex *); +int kex_kem_ml_kem_512_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_512_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_768_nistp256 prototypes */ +int kex_kem_ml_kem_768_ecdh_nistp256_keypair(struct kex *); +int kex_kem_ml_kem_768_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_768_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); +/* ml_kem_1024_nistp384 prototypes */ +int kex_kem_ml_kem_1024_ecdh_nistp384_keypair(struct kex *); +int kex_kem_ml_kem_1024_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); +int kex_kem_ml_kem_1024_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_DECLARE_KEX_PROTOTYPES_END diff --git a/kexgen.c b/kexgen.c index 2eeafe6fedc7..13a4e34be540 100644 --- a/kexgen.c +++ b/kexgen.c @@ -155,6 +155,9 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_BIKE_L3_SHA512: r = kex_kem_bike_l3_keypair(kex); break; + case KEX_KEM_BIKE_L5_SHA512: + r = kex_kem_bike_l5_keypair(kex); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256: r = kex_kem_classic_mceliece_348864_keypair(kex); break; @@ -194,6 +197,15 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_HQC_256_SHA512: r = kex_kem_hqc_256_keypair(kex); break; + case KEX_KEM_ML_KEM_512_SHA256: + r = kex_kem_ml_kem_512_keypair(kex); + break; + case KEX_KEM_ML_KEM_768_SHA256: + r = kex_kem_ml_kem_768_keypair(kex); + break; + case KEX_KEM_ML_KEM_1024_SHA384: + r = kex_kem_ml_kem_1024_keypair(kex); + break; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256: @@ -229,6 +241,9 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512: r = kex_kem_bike_l3_ecdh_nistp384_keypair(kex); break; + case KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512: + r = kex_kem_bike_l5_ecdh_nistp521_keypair(kex); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256: r = kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(kex); break; @@ -268,6 +283,15 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_HQC_256_ECDH_NISTP521_SHA512: r = kex_kem_hqc_256_ecdh_nistp521_keypair(kex); break; + case KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_512_ecdh_nistp256_keypair(kex); + break; + case KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_768_ecdh_nistp256_keypair(kex); + break; + case KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384: + r = kex_kem_ml_kem_1024_ecdh_nistp384_keypair(kex); + break; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_CLIENT_SWITCH_CASES_END @@ -377,6 +401,9 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_BIKE_L3_SHA512: r = kex_kem_bike_l3_dec(kex, server_blob, &shared_secret); break; + case KEX_KEM_BIKE_L5_SHA512: + r = kex_kem_bike_l5_dec(kex, server_blob, &shared_secret); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256: r = kex_kem_classic_mceliece_348864_dec(kex, server_blob, &shared_secret); break; @@ -416,6 +443,15 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_HQC_256_SHA512: r = kex_kem_hqc_256_dec(kex, server_blob, &shared_secret); break; + case KEX_KEM_ML_KEM_512_SHA256: + r = kex_kem_ml_kem_512_dec(kex, server_blob, &shared_secret); + break; + case KEX_KEM_ML_KEM_768_SHA256: + r = kex_kem_ml_kem_768_dec(kex, server_blob, &shared_secret); + break; + case KEX_KEM_ML_KEM_1024_SHA384: + r = kex_kem_ml_kem_1024_dec(kex, server_blob, &shared_secret); + break; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256: @@ -451,6 +487,9 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512: r = kex_kem_bike_l3_ecdh_nistp384_dec(kex, server_blob, &shared_secret); break; + case KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512: + r = kex_kem_bike_l5_ecdh_nistp521_dec(kex, server_blob, &shared_secret); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256: r = kex_kem_classic_mceliece_348864_ecdh_nistp256_dec(kex, server_blob, &shared_secret); break; @@ -490,6 +529,15 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_HQC_256_ECDH_NISTP521_SHA512: r = kex_kem_hqc_256_ecdh_nistp521_dec(kex, server_blob, &shared_secret); break; + case KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_512_ecdh_nistp256_dec(kex, server_blob, &shared_secret); + break; + case KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_768_ecdh_nistp256_dec(kex, server_blob, &shared_secret); + break; + case KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384: + r = kex_kem_ml_kem_1024_ecdh_nistp384_dec(kex, server_blob, &shared_secret); + break; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_REPLY_SWITCH_CASES_END @@ -661,6 +709,10 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_bike_l3_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; + case KEX_KEM_BIKE_L5_SHA512: + r = kex_kem_bike_l5_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256: r = kex_kem_classic_mceliece_348864_enc(kex, client_pubkey, &server_pubkey, &shared_secret); @@ -713,6 +765,18 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_hqc_256_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; + case KEX_KEM_ML_KEM_512_SHA256: + r = kex_kem_ml_kem_512_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; + case KEX_KEM_ML_KEM_768_SHA256: + r = kex_kem_ml_kem_768_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; + case KEX_KEM_ML_KEM_1024_SHA384: + r = kex_kem_ml_kem_1024_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256: @@ -759,6 +823,10 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_bike_l3_ecdh_nistp384_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; + case KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512: + r = kex_kem_bike_l5_ecdh_nistp521_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256: r = kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(kex, client_pubkey, &server_pubkey, &shared_secret); @@ -811,6 +879,18 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_hqc_256_ecdh_nistp521_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; + case KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_512_ecdh_nistp256_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; + case KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256: + r = kex_kem_ml_kem_768_ecdh_nistp256_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; + case KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384: + r = kex_kem_ml_kem_1024_ecdh_nistp384_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); + break; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_INIT_SWITCH_CASES_END diff --git a/kexoqs.c b/kexoqs.c index 52651215aa30..5012bf44d3c0 100644 --- a/kexoqs.c +++ b/kexoqs.c @@ -603,6 +603,46 @@ int kex_kem_bike_l3_dec(struct kex *kex, OQS_KEM_free(kem); return r; } +/*--------------------------------------------------- + * BIKE_L5 METHODS + *--------------------------------------------------- + */ +int kex_kem_bike_l5_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} +int kex_kem_bike_l5_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_bike_l5_dec(struct kex *kex, + const struct sshbuf *server_blob, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); + OQS_KEM_free(kem); + return r; +} /*--------------------------------------------------- * CLASSIC_MCELIECE_348864 METHODS *--------------------------------------------------- @@ -1123,4 +1163,124 @@ int kex_kem_hqc_256_dec(struct kex *kex, OQS_KEM_free(kem); return r; } +/*--------------------------------------------------- + * ML_KEM_512 METHODS + *--------------------------------------------------- + */ +int kex_kem_ml_kem_512_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} +int kex_kem_ml_kem_512_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_512_dec(struct kex *kex, + const struct sshbuf *server_blob, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); + OQS_KEM_free(kem); + return r; +} +/*--------------------------------------------------- + * ML_KEM_768 METHODS + *--------------------------------------------------- + */ +int kex_kem_ml_kem_768_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} +int kex_kem_ml_kem_768_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_768_dec(struct kex *kex, + const struct sshbuf *server_blob, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); + OQS_KEM_free(kem); + return r; +} +/*--------------------------------------------------- + * ML_KEM_1024 METHODS + *--------------------------------------------------- + */ +int kex_kem_ml_kem_1024_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} +int kex_kem_ml_kem_1024_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_1024_dec(struct kex *kex, + const struct sshbuf *server_blob, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); + OQS_KEM_free(kem); + return r; +} ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_METHODS_END diff --git a/kexoqsecdh.c b/kexoqsecdh.c index 36eabce5ffc1..53a3cf7e8d40 100644 --- a/kexoqsecdh.c +++ b/kexoqsecdh.c @@ -803,6 +803,47 @@ int kex_kem_bike_l3_ecdh_nistp384_dec(struct kex *kex, OQS_KEM_free(kem); return r; } +/*--------------------------------------------------------------- + * BIKE_L5_ECDH_NISTP521 METHODS + *--------------------------------------------------------------- + */ +int kex_kem_bike_l5_ecdh_nistp521_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_bike_l5_ecdh_nistp521_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_bike_l5_ecdh_nistp521_dec(struct kex *kex, + const struct sshbuf *server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike_l5); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} /*--------------------------------------------------------------- * CLASSIC_MCELIECE_348864_ECDH_NISTP256 METHODS *--------------------------------------------------------------- @@ -1336,6 +1377,129 @@ int kex_kem_hqc_256_ecdh_nistp521_dec(struct kex *kex, OQS_KEM_free(kem); return r; } +/*--------------------------------------------------------------- + * ML_KEM_512_ECDH_NISTP256 METHODS + *--------------------------------------------------------------- + */ +int kex_kem_ml_kem_512_ecdh_nistp256_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_512_ecdh_nistp256_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_512_ecdh_nistp256_dec(struct kex *kex, + const struct sshbuf *server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_512); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} +/*--------------------------------------------------------------- + * ML_KEM_768_ECDH_NISTP256 METHODS + *--------------------------------------------------------------- + */ +int kex_kem_ml_kem_768_ecdh_nistp256_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_768_ecdh_nistp256_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_768_ecdh_nistp256_dec(struct kex *kex, + const struct sshbuf *server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_768); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} +/*--------------------------------------------------------------- + * ML_KEM_1024_ECDH_NISTP384 METHODS + *--------------------------------------------------------------- + */ +int kex_kem_ml_kem_1024_ecdh_nistp384_keypair(struct kex *kex) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_keypair(kem, kex); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_1024_ecdh_nistp384_enc(struct kex *kex, + const struct sshbuf *client_blob, + struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} + +int kex_kem_ml_kem_1024_ecdh_nistp384_dec(struct kex *kex, + const struct sshbuf *server_blobp, + struct sshbuf **shared_secretp) +{ + OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ml_kem_1024); + if (kem == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); + OQS_KEM_free(kem); + return r; +} ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_WITH_EC_METHODS_END #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ diff --git a/monitor.c b/monitor.c index f1e8baafcc24..dc0d3cbd60a7 100644 --- a/monitor.c +++ b/monitor.c @@ -1761,6 +1761,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server; @@ -1774,6 +1775,9 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server; kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server; kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_server; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server; @@ -1787,6 +1791,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server; @@ -1800,6 +1805,9 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_server; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_APPLY_KEYSTATE_END diff --git a/myproposal.h b/myproposal.h index c8ae152cad96..9a66cff8d984 100644 --- a/myproposal.h +++ b/myproposal.h @@ -58,9 +58,11 @@ "kyber-1024-sha512," \ "ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org," \ "bike-l1-sha512," \ - "ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org," \ + "ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org," \ "bike-l3-sha512," \ - "ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org," \ + "ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org," \ + "bike-l5-sha512," \ + "ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org," \ "classic-mceliece-348864-sha256," \ "ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org," \ "classic-mceliece-348864f-sha256," \ @@ -86,7 +88,13 @@ "hqc-192-sha384," \ "ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org," \ "hqc-256-sha512," \ - "ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org" + "ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org," \ + "ml-kem-512-sha256," \ + "ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org," \ + "ml-kem-768-sha256," \ + "mlkem768nistp256-sha256," \ + "ml-kem-1024-sha384," \ + "mlkem1024nistp384-sha384" /*/// OQS_TEMPLATE_FRAGMENT_ADD_SERVER_KEXS_END */ #define KEX_CLIENT_KEX KEX_SERVER_KEX diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index dfa3eabac696..811460fe5a58 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -99,7 +99,7 @@ kexs: - name: 'nistp256' openssl_nid: 'NID_X9_62_prime256v1' - pretty_name: 'ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org' + pretty_name: 'ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org' - family: 'BIKE' name: 'bike_l3' @@ -109,7 +109,17 @@ kexs: - name: 'nistp384' openssl_nid: 'NID_secp384r1' - pretty_name: 'ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org' + pretty_name: 'ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org' + - + family: 'BIKE' + name: 'bike_l5' + hash: 'sha512' + pretty_name: 'bike-l5-sha512' + mix_with: + - + name: 'nistp521' + openssl_nid: 'NID_secp521r1' + pretty_name: 'ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org' - family: 'ClassicMcEliece' name: 'classic_mceliece_348864' @@ -240,6 +250,36 @@ kexs: name: 'nistp521' openssl_nid: 'NID_secp521r1' pretty_name: 'ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org' + - + family: 'ML-KEM' + name: 'ml_kem_512' + hash: 'sha256' + pretty_name: 'ml-kem-512-sha256' + mix_with: + - + name: 'nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + pretty_name: 'ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org' + - + family: 'ML-KEM' + name: 'ml_kem_768' + hash: 'sha256' + pretty_name: 'ml-kem-768-sha256' + mix_with: + - + name: 'nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + pretty_name: 'mlkem768nistp256-sha256' + - + family: 'ML-KEM' + name: 'ml_kem_1024' + hash: 'sha384' + pretty_name: 'ml-kem-1024-sha384' + mix_with: + - + name: 'nistp384' + openssl_nid: 'NID_secp384r1' + pretty_name: 'mlkem1024nistp384-sha384' sigs: - @@ -263,10 +303,28 @@ sigs: - name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' + - + family: 'Falcon' + name: 'falcon_padded_512' + level: 1 + mix_with: + - + name: 'rsa3072' + rsa: true + - + name: 'ecdsa_nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + - + family: 'Falcon' + name: 'falcon_padded_1024' + level: 5 + mix_with: + - + name: 'ecdsa_nistp521' + openssl_nid: 'NID_secp521r1' - family: 'Dilithium' name: 'dilithium_2' - enable: true level: 1 mix_with: - @@ -278,7 +336,6 @@ sigs: - family: 'Dilithium' name: 'dilithium_3' - enable: true level: 3 mix_with: - @@ -287,7 +344,6 @@ sigs: - family: 'Dilithium' name: 'dilithium_5' - enable: true level: 5 mix_with: - @@ -403,4 +459,74 @@ sigs: - name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - + - + family: 'ML-DSA' + name: 'ml_dsa_44' + enable: true + level: 1 + mix_with: + - + name: 'rsa3072' + rsa: true + - + name: 'ecdsa_nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + - + family: 'ML-DSA' + name: 'ml_dsa_65' + enable: true + level: 3 + mix_with: + - + name: 'ecdsa_nistp384' + openssl_nid: 'NID_secp384r1' + - + family: 'ML-DSA' + name: 'ml_dsa_87' + enable: true + level: 5 + mix_with: + - + name: 'ecdsa_nistp521' + openssl_nid: 'NID_secp521r1' + - + family: 'MAYO' + name: 'mayo_1' + level: 1 + mix_with: + - + name: 'rsa3072' + rsa: true + - + name: 'ecdsa_nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + - + family: 'MAYO' + name: 'mayo_2' + enable: true + level: 1 + mix_with: + - + name: 'rsa3072' + rsa: true + - + name: 'ecdsa_nistp256' + openssl_nid: 'NID_X9_62_prime256v1' + - + family: 'MAYO' + name: 'mayo_3' + enable: true + level: 3 + mix_with: + - + name: 'ecdsa_nistp384' + openssl_nid: 'NID_secp384r1' + - + family: 'MAYO' + name: 'mayo_5' + enable: true + level: 5 + mix_with: + - + name: 'ecdsa_nistp521' + openssl_nid: 'NID_secp521r1' diff --git a/oqs-test/try_connection.py b/oqs-test/try_connection.py index 3f4ce9175c63..7671ee8d3c46 100644 --- a/oqs-test/try_connection.py +++ b/oqs-test/try_connection.py @@ -32,9 +32,11 @@ "kyber-1024-sha512", "ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org", "bike-l1-sha512", - "ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org", + "ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org", "bike-l3-sha512", - "ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org", + "ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org", + "bike-l5-sha512", + "ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org", "classic-mceliece-348864-sha256", "ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org", "classic-mceliece-348864f-sha256", @@ -61,6 +63,12 @@ "ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org", "hqc-256-sha512", "ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org", + "ml-kem-512-sha256", + "ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org", + "ml-kem-768-sha256", + "mlkem768nistp256-sha256", + "ml-kem-1024-sha384", + "mlkem1024nistp384-sha384", ##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END ] @@ -71,18 +79,25 @@ "ssh-ecdsa-nistp256-falcon512", "ssh-falcon1024", "ssh-ecdsa-nistp521-falcon1024", - "ssh-dilithium2", - "ssh-rsa3072-dilithium2", - "ssh-ecdsa-nistp256-dilithium2", - "ssh-dilithium3", - "ssh-ecdsa-nistp384-dilithium3", - "ssh-dilithium5", - "ssh-ecdsa-nistp521-dilithium5", "ssh-sphincssha2128fsimple", "ssh-rsa3072-sphincssha2128fsimple", "ssh-ecdsa-nistp256-sphincssha2128fsimple", "ssh-sphincssha2256fsimple", "ssh-ecdsa-nistp521-sphincssha2256fsimple", + "ssh-mldsa44", + "ssh-rsa3072-mldsa44", + "ssh-ecdsa-nistp256-mldsa44", + "ssh-mldsa65", + "ssh-ecdsa-nistp384-mldsa65", + "ssh-mldsa87", + "ssh-ecdsa-nistp521-mldsa87", + "ssh-mayo2", + "ssh-rsa3072-mayo2", + "ssh-ecdsa-nistp256-mayo2", + "ssh-mayo3", + "ssh-ecdsa-nistp384-mayo3", + "ssh-mayo5", + "ssh-ecdsa-nistp521-mayo5", ##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END ] diff --git a/oqs-utils.c b/oqs-utils.c index e4c5a1cfcbc9..2ca75ab7c513 100644 --- a/oqs-utils.c +++ b/oqs-utils.c @@ -5,10 +5,12 @@ int oqs_utils_is_rsa_hybrid(int keytype) { ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_START case KEY_RSA3072_FALCON_512: return 1; - case KEY_RSA3072_DILITHIUM_2: - return 1; case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: return 1; + case KEY_RSA3072_ML_DSA_44: + return 1; + case KEY_RSA3072_MAYO_2: + return 1; ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_END } return 0; @@ -21,15 +23,21 @@ int oqs_utils_is_ecdsa_hybrid(int keytype) { return 1; case KEY_ECDSA_NISTP521_FALCON_1024: return 1; - case KEY_ECDSA_NISTP256_DILITHIUM_2: + case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: + return 1; + case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: return 1; - case KEY_ECDSA_NISTP384_DILITHIUM_3: + case KEY_ECDSA_NISTP256_ML_DSA_44: return 1; - case KEY_ECDSA_NISTP521_DILITHIUM_5: + case KEY_ECDSA_NISTP384_ML_DSA_65: return 1; - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: + case KEY_ECDSA_NISTP521_ML_DSA_87: return 1; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: + case KEY_ECDSA_NISTP256_MAYO_2: + return 1; + case KEY_ECDSA_NISTP384_MAYO_3: + return 1; + case KEY_ECDSA_NISTP521_MAYO_5: return 1; ///// OQS_TEMPLATE_FRAGMENT_LIST_ECDSA_HYBRIDS_END } diff --git a/oqs-utils.h b/oqs-utils.h index 58a5c90a0e11..5225a7d85927 100644 --- a/oqs-utils.h +++ b/oqs-utils.h @@ -9,25 +9,32 @@ #define CASE_KEY_OQS \ case KEY_FALCON_512: \ case KEY_FALCON_1024: \ - case KEY_DILITHIUM_2: \ - case KEY_DILITHIUM_3: \ - case KEY_DILITHIUM_5: \ case KEY_SPHINCS_SHA2_128F_SIMPLE: \ - case KEY_SPHINCS_SHA2_256F_SIMPLE + case KEY_SPHINCS_SHA2_256F_SIMPLE: \ + case KEY_ML_DSA_44: \ + case KEY_ML_DSA_65: \ + case KEY_ML_DSA_87: \ + case KEY_MAYO_2: \ + case KEY_MAYO_3: \ + case KEY_MAYO_5 #define CASE_KEY_RSA_HYBRID \ case KEY_RSA3072_FALCON_512: \ - case KEY_RSA3072_DILITHIUM_2: \ - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE + case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: \ + case KEY_RSA3072_ML_DSA_44: \ + case KEY_RSA3072_MAYO_2 #define CASE_KEY_ECDSA_HYBRID \ case KEY_ECDSA_NISTP256_FALCON_512: \ case KEY_ECDSA_NISTP521_FALCON_1024: \ - case KEY_ECDSA_NISTP256_DILITHIUM_2: \ - case KEY_ECDSA_NISTP384_DILITHIUM_3: \ - case KEY_ECDSA_NISTP521_DILITHIUM_5: \ case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: \ - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE + case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: \ + case KEY_ECDSA_NISTP256_ML_DSA_44: \ + case KEY_ECDSA_NISTP384_ML_DSA_65: \ + case KEY_ECDSA_NISTP521_ML_DSA_87: \ + case KEY_ECDSA_NISTP256_MAYO_2: \ + case KEY_ECDSA_NISTP384_MAYO_3: \ + case KEY_ECDSA_NISTP521_MAYO_5 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_CASE_MACROS_END #define CASE_KEY_HYBRID \ diff --git a/pathnames.h b/pathnames.h index 591b8df9f5b4..0a1daf87db87 100644 --- a/pathnames.h +++ b/pathnames.h @@ -47,18 +47,25 @@ #define _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_falcon512_key" #define _PATH_HOST_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_falcon1024_key" #define _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_falcon1024_key" -#define _PATH_HOST_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_dilithium2_key" -#define _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_rsa3072_dilithium2_key" -#define _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_dilithium2_key" -#define _PATH_HOST_DILITHIUM_3_KEY_FILE SSHDIR "/ssh_host_dilithium3_key" -#define _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_dilithium3_key" -#define _PATH_HOST_DILITHIUM_5_KEY_FILE SSHDIR "/ssh_host_dilithium5_key" -#define _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_dilithium5_key" #define _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2128fsimple_key" #define _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_rsa3072_sphincssha2128fsimple_key" #define _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_sphincssha2128fsimple_key" #define _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2256fsimple_key" #define _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_sphincssha2256fsimple_key" +#define _PATH_HOST_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_mldsa44_key" +#define _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_rsa3072_mldsa44_key" +#define _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_mldsa44_key" +#define _PATH_HOST_ML_DSA_65_KEY_FILE SSHDIR "/ssh_host_mldsa65_key" +#define _PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_mldsa65_key" +#define _PATH_HOST_ML_DSA_87_KEY_FILE SSHDIR "/ssh_host_mldsa87_key" +#define _PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_mldsa87_key" +#define _PATH_HOST_MAYO_2_KEY_FILE SSHDIR "/ssh_host_mayo2_key" +#define _PATH_HOST_RSA3072_MAYO_2_KEY_FILE SSHDIR "/ssh_host_rsa3072_mayo2_key" +#define _PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_mayo2_key" +#define _PATH_HOST_MAYO_3_KEY_FILE SSHDIR "/ssh_host_mayo3_key" +#define _PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_mayo3_key" +#define _PATH_HOST_MAYO_5_KEY_FILE SSHDIR "/ssh_host_mayo5_key" +#define _PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_mayo5_key" ///// OQS_TEMPLATE_FRAGMENT_ADD_KEY_FILE_PATHS_END #define _PATH_DH_MODULI SSHDIR "/moduli" @@ -104,18 +111,25 @@ #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_falcon512" #define _PATH_SSH_CLIENT_ID_FALCON_1024 _PATH_SSH_USER_DIR "/id_falcon1024" #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_falcon1024" -#define _PATH_SSH_CLIENT_ID_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_dilithium2" -#define _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_rsa3072_dilithium2" -#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_dilithium2" -#define _PATH_SSH_CLIENT_ID_DILITHIUM_3 _PATH_SSH_USER_DIR "/id_dilithium3" -#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3 _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_dilithium3" -#define _PATH_SSH_CLIENT_ID_DILITHIUM_5 _PATH_SSH_USER_DIR "/id_dilithium5" -#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_dilithium5" #define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2128fsimple" #define _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_rsa3072_sphincssha2128fsimple" #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_sphincssha2128fsimple" #define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2256fsimple" #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_sphincssha2256fsimple" +#define _PATH_SSH_CLIENT_ID_ML_DSA_44 _PATH_SSH_USER_DIR "/id_mldsa44" +#define _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44 _PATH_SSH_USER_DIR "/id_rsa3072_mldsa44" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_mldsa44" +#define _PATH_SSH_CLIENT_ID_ML_DSA_65 _PATH_SSH_USER_DIR "/id_mldsa65" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65 _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_mldsa65" +#define _PATH_SSH_CLIENT_ID_ML_DSA_87 _PATH_SSH_USER_DIR "/id_mldsa87" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_mldsa87" +#define _PATH_SSH_CLIENT_ID_MAYO_2 _PATH_SSH_USER_DIR "/id_mayo2" +#define _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2 _PATH_SSH_USER_DIR "/id_rsa3072_mayo2" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_MAYO_2 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_mayo2" +#define _PATH_SSH_CLIENT_ID_MAYO_3 _PATH_SSH_USER_DIR "/id_mayo3" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_MAYO_3 _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_mayo3" +#define _PATH_SSH_CLIENT_ID_MAYO_5 _PATH_SSH_USER_DIR "/id_mayo5" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_MAYO_5 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_mayo5" ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILE_PATHS_END /* diff --git a/readconf.c b/readconf.c index c980f683f5b5..b3eaea6b7a65 100644 --- a/readconf.c +++ b/readconf.c @@ -2754,23 +2754,30 @@ fill_default_options(Options * options) ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILES_START add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_512, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_1024, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_2, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_3, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_5, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_44, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_65, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_87, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_MAYO_2, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_MAYO_3, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_MAYO_5, 0); #ifdef WITH_OPENSSL add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2, 0); #ifdef OPENSSL_HAS_ECC add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_MAYO_2, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_MAYO_3, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_MAYO_5, 0); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILES_END diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh index 622de5b46ec0..c709d1082325 100644 --- a/regress/keygen-comment.sh +++ b/regress/keygen-comment.sh @@ -33,11 +33,14 @@ for fmt in '' RFC4716 PKCS8 PEM; do ##### OQS_TEMPLATE_FRAGMENT_EXCLUDE_OQS_ALGS_START *falcon512*) test -z "$oldfmt" || continue ;; *falcon1024*) test -z "$oldfmt" || continue ;; - *dilithium2*) test -z "$oldfmt" || continue ;; - *dilithium3*) test -z "$oldfmt" || continue ;; - *dilithium5*) test -z "$oldfmt" || continue ;; *sphincssha2128fsimple*) test -z "$oldfmt" || continue ;; *sphincssha2256fsimple*) test -z "$oldfmt" || continue ;; + *mldsa44*) test -z "$oldfmt" || continue ;; + *mldsa65*) test -z "$oldfmt" || continue ;; + *mldsa87*) test -z "$oldfmt" || continue ;; + *mayo2*) test -z "$oldfmt" || continue ;; + *mayo3*) test -z "$oldfmt" || continue ;; + *mayo5*) test -z "$oldfmt" || continue ;; ##### OQS_TEMPLATE_FRAGMENT_EXCLUDE_OQS_ALGS_END esac comment="foo bar" diff --git a/servconf.c b/servconf.c index 414c987d6d3c..29d6f700c435 100644 --- a/servconf.c +++ b/servconf.c @@ -302,37 +302,51 @@ fill_default_server_options(ServerOptions *options) servconf_add_hostkey("[default]", 0, options, _PATH_HOST_FALCON_1024_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_DILITHIUM_2_KEY_FILE, 0); + _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_DILITHIUM_3_KEY_FILE, 0); + _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_DILITHIUM_5_KEY_FILE, 0); + _PATH_HOST_ML_DSA_44_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ML_DSA_65_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ML_DSA_87_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_MAYO_2_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_MAYO_3_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_MAYO_5_KEY_FILE, 0); #ifdef WITH_OPENSSL servconf_add_hostkey("[default]", 0, options, _PATH_HOST_RSA3072_FALCON_512_KEY_FILE, 0); - servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_RSA3072_MAYO_2_KEY_FILE, 0); #ifdef OPENSSL_HAS_ECC servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE, 0); + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE, 0); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_SERVER_ADD_HOSTKEYS_END diff --git a/sk-api.h b/sk-api.h index 064a07ead330..f51ee6555906 100644 --- a/sk-api.h +++ b/sk-api.h @@ -38,18 +38,25 @@ #define SSH_SK_ECDSA_NISTP256_FALCON_512 0x04 #define SSH_SK_FALCON_1024 0x05 #define SSH_SK_ECDSA_NISTP521_FALCON_1024 0x06 -#define SSH_SK_DILITHIUM_2 0x07 -#define SSH_SK_RSA3072_DILITHIUM_2 0x08 -#define SSH_SK_ECDSA_NISTP256_DILITHIUM_2 0x09 -#define SSH_SK_DILITHIUM_3 0x0A -#define SSH_SK_ECDSA_NISTP384_DILITHIUM_3 0x0B -#define SSH_SK_DILITHIUM_5 0x0C -#define SSH_SK_ECDSA_NISTP521_DILITHIUM_5 0x0D -#define SSH_SK_SPHINCS_SHA2_128F_SIMPLE 0x0E -#define SSH_SK_RSA3072_SPHINCS_SHA2_128F_SIMPLE 0x0F -#define SSH_SK_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE 0x10 -#define SSH_SK_SPHINCS_SHA2_256F_SIMPLE 0x11 -#define SSH_SK_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE 0x12 +#define SSH_SK_SPHINCS_SHA2_128F_SIMPLE 0x07 +#define SSH_SK_RSA3072_SPHINCS_SHA2_128F_SIMPLE 0x08 +#define SSH_SK_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE 0x09 +#define SSH_SK_SPHINCS_SHA2_256F_SIMPLE 0x0A +#define SSH_SK_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE 0x0B +#define SSH_SK_ML_DSA_44 0x0C +#define SSH_SK_RSA3072_ML_DSA_44 0x0D +#define SSH_SK_ECDSA_NISTP256_ML_DSA_44 0x0E +#define SSH_SK_ML_DSA_65 0x0F +#define SSH_SK_ECDSA_NISTP384_ML_DSA_65 0x10 +#define SSH_SK_ML_DSA_87 0x11 +#define SSH_SK_ECDSA_NISTP521_ML_DSA_87 0x12 +#define SSH_SK_MAYO_2 0x13 +#define SSH_SK_RSA3072_MAYO_2 0x14 +#define SSH_SK_ECDSA_NISTP256_MAYO_2 0x15 +#define SSH_SK_MAYO_3 0x16 +#define SSH_SK_ECDSA_NISTP384_MAYO_3 0x17 +#define SSH_SK_MAYO_5 0x18 +#define SSH_SK_ECDSA_NISTP521_MAYO_5 0x19 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_SSH_SKS_END /* Error codes */ diff --git a/ssh-add.c b/ssh-add.c index 0fb74f35ba94..4a52c62a0395 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -91,23 +91,30 @@ static char *default_files[] = { ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_ID_FILES_START _PATH_SSH_CLIENT_ID_FALCON_512, _PATH_SSH_CLIENT_ID_FALCON_1024, - _PATH_SSH_CLIENT_ID_DILITHIUM_2, - _PATH_SSH_CLIENT_ID_DILITHIUM_3, - _PATH_SSH_CLIENT_ID_DILITHIUM_5, _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE, _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE, + _PATH_SSH_CLIENT_ID_ML_DSA_44, + _PATH_SSH_CLIENT_ID_ML_DSA_65, + _PATH_SSH_CLIENT_ID_ML_DSA_87, + _PATH_SSH_CLIENT_ID_MAYO_2, + _PATH_SSH_CLIENT_ID_MAYO_3, + _PATH_SSH_CLIENT_ID_MAYO_5, #ifdef WITH_OPENSSL _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512, - _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2, _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE, + _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44, + _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2, #ifdef OPENSSL_HAS_ECC _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512, _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024, - _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2, - _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3, - _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5, _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_MAYO_2, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_MAYO_3, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_MAYO_5, #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_ID_FILES_END diff --git a/ssh-keygen.c b/ssh-keygen.c index c2866b373f92..4487a9a74add 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -220,13 +220,19 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) case KEY_ECDSA_NISTP521_FALCON_1024: *bitsp = 521; break; - case KEY_ECDSA_NISTP384_DILITHIUM_3: + case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: + *bitsp = 521; + break; + case KEY_ECDSA_NISTP384_ML_DSA_65: *bitsp = 384; break; - case KEY_ECDSA_NISTP521_DILITHIUM_5: + case KEY_ECDSA_NISTP521_ML_DSA_87: *bitsp = 521; break; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: + case KEY_ECDSA_NISTP384_MAYO_3: + *bitsp = 384; + break; + case KEY_ECDSA_NISTP521_MAYO_5: *bitsp = 521; break; ///// OQS_TEMPLATE_FRAGMENT_HANDLE_ECDSA_HYBRIDS_END @@ -334,31 +340,43 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_FALCON_1024: name = _PATH_SSH_CLIENT_ID_FALCON_1024; break; - case KEY_DILITHIUM_2: - name = _PATH_SSH_CLIENT_ID_DILITHIUM_2; - break; - case KEY_DILITHIUM_3: - name = _PATH_SSH_CLIENT_ID_DILITHIUM_3; - break; - case KEY_DILITHIUM_5: - name = _PATH_SSH_CLIENT_ID_DILITHIUM_5; - break; case KEY_SPHINCS_SHA2_128F_SIMPLE: name = _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE; break; case KEY_SPHINCS_SHA2_256F_SIMPLE: name = _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE; break; + case KEY_ML_DSA_44: + name = _PATH_SSH_CLIENT_ID_ML_DSA_44; + break; + case KEY_ML_DSA_65: + name = _PATH_SSH_CLIENT_ID_ML_DSA_65; + break; + case KEY_ML_DSA_87: + name = _PATH_SSH_CLIENT_ID_ML_DSA_87; + break; + case KEY_MAYO_2: + name = _PATH_SSH_CLIENT_ID_MAYO_2; + break; + case KEY_MAYO_3: + name = _PATH_SSH_CLIENT_ID_MAYO_3; + break; + case KEY_MAYO_5: + name = _PATH_SSH_CLIENT_ID_MAYO_5; + break; #ifdef WITH_OPENSSL case KEY_RSA3072_FALCON_512: name = _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512; break; - case KEY_RSA3072_DILITHIUM_2: - name = _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2; - break; case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: name = _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE; break; + case KEY_RSA3072_ML_DSA_44: + name = _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44; + break; + case KEY_RSA3072_MAYO_2: + name = _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2; + break; #ifdef OPENSSL_HAS_ECC case KEY_ECDSA_NISTP256_FALCON_512: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512; @@ -366,21 +384,30 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_ECDSA_NISTP521_FALCON_1024: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024; break; - case KEY_ECDSA_NISTP256_DILITHIUM_2: - name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2; - break; - case KEY_ECDSA_NISTP384_DILITHIUM_3: - name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3; - break; - case KEY_ECDSA_NISTP521_DILITHIUM_5: - name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5; - break; case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE; break; case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE; break; + case KEY_ECDSA_NISTP256_ML_DSA_44: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44; + break; + case KEY_ECDSA_NISTP384_ML_DSA_65: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65; + break; + case KEY_ECDSA_NISTP521_ML_DSA_87: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87; + break; + case KEY_ECDSA_NISTP256_MAYO_2: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_MAYO_2; + break; + case KEY_ECDSA_NISTP384_MAYO_3: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_MAYO_3; + break; + case KEY_ECDSA_NISTP521_MAYO_5: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_MAYO_5; + break; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_HANDLE_ID_FILES_END @@ -1164,23 +1191,30 @@ do_gen_all_hostkeys(struct passwd *pw) ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_TYPES_START { "falcon512", "FALCON_512", _PATH_HOST_FALCON_512_KEY_FILE }, { "falcon1024", "FALCON_1024", _PATH_HOST_FALCON_1024_KEY_FILE }, - { "dilithium2", "DILITHIUM_2", _PATH_HOST_DILITHIUM_2_KEY_FILE }, - { "dilithium3", "DILITHIUM_3", _PATH_HOST_DILITHIUM_3_KEY_FILE }, - { "dilithium5", "DILITHIUM_5", _PATH_HOST_DILITHIUM_5_KEY_FILE }, { "sphincssha2128fsimple", "SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, { "sphincssha2256fsimple", "SPHINCS_SHA2_256F_SIMPLE", _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE }, + { "mldsa44", "ML_DSA_44", _PATH_HOST_ML_DSA_44_KEY_FILE }, + { "mldsa65", "ML_DSA_65", _PATH_HOST_ML_DSA_65_KEY_FILE }, + { "mldsa87", "ML_DSA_87", _PATH_HOST_ML_DSA_87_KEY_FILE }, + { "mayo2", "MAYO_2", _PATH_HOST_MAYO_2_KEY_FILE }, + { "mayo3", "MAYO_3", _PATH_HOST_MAYO_3_KEY_FILE }, + { "mayo5", "MAYO_5", _PATH_HOST_MAYO_5_KEY_FILE }, #ifdef WITH_OPENSSL { "rsa3072_falcon512", "RSA3072_FALCON_512", _PATH_HOST_RSA3072_FALCON_512_KEY_FILE }, - { "rsa3072_dilithium2", "RSA3072_DILITHIUM_2", _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE }, { "rsa3072_sphincssha2128fsimple", "RSA3072_SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, + { "rsa3072_mldsa44", "RSA3072_ML_DSA_44", _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE }, + { "rsa3072_mayo2", "RSA3072_MAYO_2", _PATH_HOST_RSA3072_MAYO_2_KEY_FILE }, #ifdef OPENSSL_HAS_ECC { "ecdsa_nistp256_falcon512", "ECDSA_NISTP256_FALCON_512", _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE }, { "ecdsa_nistp521_falcon1024", "ECDSA_NISTP521_FALCON_1024", _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE }, - { "ecdsa_nistp256_dilithium2", "ECDSA_NISTP256_DILITHIUM_2", _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE }, - { "ecdsa_nistp384_dilithium3", "ECDSA_NISTP384_DILITHIUM_3", _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE }, - { "ecdsa_nistp521_dilithium5", "ECDSA_NISTP521_DILITHIUM_5", _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE }, { "ecdsa_nistp256_sphincssha2128fsimple", "ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, { "ecdsa_nistp521_sphincssha2256fsimple", "ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE", _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE }, + { "ecdsa_nistp256_mldsa44", "ECDSA_NISTP256_ML_DSA_44", _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE }, + { "ecdsa_nistp384_mldsa65", "ECDSA_NISTP384_ML_DSA_65", _PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE }, + { "ecdsa_nistp521_mldsa87", "ECDSA_NISTP521_ML_DSA_87", _PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE }, + { "ecdsa_nistp256_mayo2", "ECDSA_NISTP256_MAYO_2", _PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE }, + { "ecdsa_nistp384_mayo3", "ECDSA_NISTP384_MAYO_3", _PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE }, + { "ecdsa_nistp521_mayo5", "ECDSA_NISTP521_MAYO_5", _PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE }, #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_TYPES_END @@ -1682,23 +1716,30 @@ do_change_comment(struct passwd *pw, const char *identity_comment) ///// OQS_TEMPLATE_FRAGMENT_CHECK_PRIVATE_KEY_TYPE_START private->type != KEY_FALCON_512 && private->type != KEY_FALCON_1024 && - private->type != KEY_DILITHIUM_2 && - private->type != KEY_DILITHIUM_3 && - private->type != KEY_DILITHIUM_5 && private->type != KEY_SPHINCS_SHA2_128F_SIMPLE && private->type != KEY_SPHINCS_SHA2_256F_SIMPLE && + private->type != KEY_ML_DSA_44 && + private->type != KEY_ML_DSA_65 && + private->type != KEY_ML_DSA_87 && + private->type != KEY_MAYO_2 && + private->type != KEY_MAYO_3 && + private->type != KEY_MAYO_5 && #ifdef WITH_OPENSSL private->type != KEY_RSA3072_FALCON_512 && - private->type != KEY_RSA3072_DILITHIUM_2 && private->type != KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE && + private->type != KEY_RSA3072_ML_DSA_44 && + private->type != KEY_RSA3072_MAYO_2 && #ifdef OPENSSL_HAS_ECC private->type != KEY_ECDSA_NISTP256_FALCON_512 && private->type != KEY_ECDSA_NISTP521_FALCON_1024 && - private->type != KEY_ECDSA_NISTP256_DILITHIUM_2 && - private->type != KEY_ECDSA_NISTP384_DILITHIUM_3 && - private->type != KEY_ECDSA_NISTP521_DILITHIUM_5 && private->type != KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE && private->type != KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE && + private->type != KEY_ECDSA_NISTP256_ML_DSA_44 && + private->type != KEY_ECDSA_NISTP384_ML_DSA_65 && + private->type != KEY_ECDSA_NISTP521_ML_DSA_87 && + private->type != KEY_ECDSA_NISTP256_MAYO_2 && + private->type != KEY_ECDSA_NISTP384_MAYO_3 && + private->type != KEY_ECDSA_NISTP521_MAYO_5 && #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_CHECK_PRIVATE_KEY_TYPE_END @@ -3939,40 +3980,61 @@ main(int argc, char **argv) _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_DILITHIUM_2_KEY_FILE, rr_hostname, + _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, rr_hostname, + _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_DILITHIUM_3_KEY_FILE, rr_hostname, + _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_DILITHIUM_5_KEY_FILE, rr_hostname, + _PATH_HOST_ML_DSA_44_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, rr_hostname, + _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ML_DSA_65_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ML_DSA_87_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_MAYO_2_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_RSA3072_MAYO_2_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_MAYO_3_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_MAYO_5_KEY_FILE, rr_hostname, + print_generic, opts, nopts); + n += do_print_resource_record(pw, + _PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE, rr_hostname, print_generic, opts, nopts); ///// OQS_TEMPLATE_FRAGMENT_PRINT_RESOURCE_RECORDS_END if (n == 0) diff --git a/ssh-keyscan.c b/ssh-keyscan.c index b1d82f17e63b..ae796e1a52c3 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -76,19 +76,26 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_ECDSA_NISTP256_FALCON_512 ((uint64_t)1<<9) #define KT_FALCON_1024 ((uint64_t)1<<10) #define KT_ECDSA_NISTP521_FALCON_1024 ((uint64_t)1<<11) -#define KT_DILITHIUM_2 ((uint64_t)1<<12) -#define KT_RSA3072_DILITHIUM_2 ((uint64_t)1<<13) -#define KT_ECDSA_NISTP256_DILITHIUM_2 ((uint64_t)1<<14) -#define KT_DILITHIUM_3 ((uint64_t)1<<15) -#define KT_ECDSA_NISTP384_DILITHIUM_3 ((uint64_t)1<<16) -#define KT_DILITHIUM_5 ((uint64_t)1<<17) -#define KT_ECDSA_NISTP521_DILITHIUM_5 ((uint64_t)1<<18) -#define KT_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<19) -#define KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<20) -#define KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<21) -#define KT_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<22) -#define KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<23) -#define KT_MAX ((uint64_t)1<<23) +#define KT_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<12) +#define KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<13) +#define KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<14) +#define KT_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<15) +#define KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<16) +#define KT_ML_DSA_44 ((uint64_t)1<<17) +#define KT_RSA3072_ML_DSA_44 ((uint64_t)1<<18) +#define KT_ECDSA_NISTP256_ML_DSA_44 ((uint64_t)1<<19) +#define KT_ML_DSA_65 ((uint64_t)1<<20) +#define KT_ECDSA_NISTP384_ML_DSA_65 ((uint64_t)1<<21) +#define KT_ML_DSA_87 ((uint64_t)1<<22) +#define KT_ECDSA_NISTP521_ML_DSA_87 ((uint64_t)1<<23) +#define KT_MAYO_2 ((uint64_t)1<<24) +#define KT_RSA3072_MAYO_2 ((uint64_t)1<<25) +#define KT_ECDSA_NISTP256_MAYO_2 ((uint64_t)1<<26) +#define KT_MAYO_3 ((uint64_t)1<<27) +#define KT_ECDSA_NISTP384_MAYO_3 ((uint64_t)1<<28) +#define KT_MAYO_5 ((uint64_t)1<<29) +#define KT_ECDSA_NISTP521_MAYO_5 ((uint64_t)1<<30) +#define KT_MAX ((uint64_t)1<<30) ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_KT_MASKS_END #define KT_MIN KT_DSA @@ -100,18 +107,25 @@ uint64_t get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519|KT_ECDSA_SK|KT_ED25519_SK|\ KT_ECDSA_NISTP256_FALCON_512 | \ KT_FALCON_1024 | \ KT_ECDSA_NISTP521_FALCON_1024 | \ - KT_DILITHIUM_2 | \ - KT_RSA3072_DILITHIUM_2 | \ - KT_ECDSA_NISTP256_DILITHIUM_2 | \ - KT_DILITHIUM_3 | \ - KT_ECDSA_NISTP384_DILITHIUM_3 | \ - KT_DILITHIUM_5 | \ - KT_ECDSA_NISTP521_DILITHIUM_5 | \ KT_SPHINCS_SHA2_128F_SIMPLE | \ KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE | \ KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE | \ KT_SPHINCS_SHA2_256F_SIMPLE | \ - KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE; + KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE | \ + KT_ML_DSA_44 | \ + KT_RSA3072_ML_DSA_44 | \ + KT_ECDSA_NISTP256_ML_DSA_44 | \ + KT_ML_DSA_65 | \ + KT_ECDSA_NISTP384_ML_DSA_65 | \ + KT_ML_DSA_87 | \ + KT_ECDSA_NISTP521_ML_DSA_87 | \ + KT_MAYO_2 | \ + KT_RSA3072_MAYO_2 | \ + KT_ECDSA_NISTP256_MAYO_2 | \ + KT_MAYO_3 | \ + KT_ECDSA_NISTP384_MAYO_3 | \ + KT_MAYO_5 | \ + KT_ECDSA_NISTP521_MAYO_5; ///// OQS_TEMPLATE_FRAGMENT_ADD_KEYTYPES_END int hash_hosts = 0; /* Hash hostname on output */ @@ -329,31 +343,43 @@ keygrab_ssh2(con *c) case KT_FALCON_1024: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-falcon1024"; break; - case KT_DILITHIUM_2: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium2"; - break; - case KT_DILITHIUM_3: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium3"; - break; - case KT_DILITHIUM_5: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium5"; - break; case KT_SPHINCS_SHA2_128F_SIMPLE: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincssha2128fsimple"; break; case KT_SPHINCS_SHA2_256F_SIMPLE: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincssha2256fsimple"; break; + case KT_ML_DSA_44: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mldsa44"; + break; + case KT_ML_DSA_65: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mldsa65"; + break; + case KT_ML_DSA_87: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mldsa87"; + break; + case KT_MAYO_2: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mayo2"; + break; + case KT_MAYO_3: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mayo3"; + break; + case KT_MAYO_5: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mayo5"; + break; #ifdef WITH_OPENSSL case KT_RSA3072_FALCON_512: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-falcon512"; break; - case KT_RSA3072_DILITHIUM_2: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-dilithium2"; - break; case KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-sphincssha2128fsimple"; break; + case KT_RSA3072_ML_DSA_44: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-mldsa44"; + break; + case KT_RSA3072_MAYO_2: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-mayo2"; + break; #ifdef OPENSSL_HAS_ECC case KT_ECDSA_NISTP256_FALCON_512: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-falcon512"; @@ -361,21 +387,30 @@ keygrab_ssh2(con *c) case KT_ECDSA_NISTP521_FALCON_1024: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-falcon1024"; break; - case KT_ECDSA_NISTP256_DILITHIUM_2: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-dilithium2"; - break; - case KT_ECDSA_NISTP384_DILITHIUM_3: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-dilithium3"; - break; - case KT_ECDSA_NISTP521_DILITHIUM_5: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-dilithium5"; - break; case KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-sphincssha2128fsimple"; break; case KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-sphincssha2256fsimple"; break; + case KT_ECDSA_NISTP256_ML_DSA_44: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-mldsa44"; + break; + case KT_ECDSA_NISTP384_ML_DSA_65: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-mldsa65"; + break; + case KT_ECDSA_NISTP521_ML_DSA_87: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-mldsa87"; + break; + case KT_ECDSA_NISTP256_MAYO_2: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-mayo2"; + break; + case KT_ECDSA_NISTP384_MAYO_3: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-mayo3"; + break; + case KT_ECDSA_NISTP521_MAYO_5: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-mayo5"; + break; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ADD_PROPOSAL_SERVER_HOST_KEY_ALGS_END @@ -413,6 +448,7 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client; @@ -426,6 +462,9 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_client; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client; @@ -439,6 +478,7 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client; @@ -452,6 +492,9 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_client; + c->c_ssh->kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_client; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_KEX_GEN_CLIENT_END @@ -979,27 +1022,6 @@ main(int argc, char **argv) case KEY_ECDSA_NISTP521_FALCON_1024: get_keytypes |= KT_ECDSA_NISTP521_FALCON_1024; break; - case KEY_DILITHIUM_2: - get_keytypes |= KT_DILITHIUM_2; - break; - case KEY_RSA3072_DILITHIUM_2: - get_keytypes |= KT_RSA3072_DILITHIUM_2; - break; - case KEY_ECDSA_NISTP256_DILITHIUM_2: - get_keytypes |= KT_ECDSA_NISTP256_DILITHIUM_2; - break; - case KEY_DILITHIUM_3: - get_keytypes |= KT_DILITHIUM_3; - break; - case KEY_ECDSA_NISTP384_DILITHIUM_3: - get_keytypes |= KT_ECDSA_NISTP384_DILITHIUM_3; - break; - case KEY_DILITHIUM_5: - get_keytypes |= KT_DILITHIUM_5; - break; - case KEY_ECDSA_NISTP521_DILITHIUM_5: - get_keytypes |= KT_ECDSA_NISTP521_DILITHIUM_5; - break; case KEY_SPHINCS_SHA2_128F_SIMPLE: get_keytypes |= KT_SPHINCS_SHA2_128F_SIMPLE; break; @@ -1015,6 +1037,48 @@ main(int argc, char **argv) case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: get_keytypes |= KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE; break; + case KEY_ML_DSA_44: + get_keytypes |= KT_ML_DSA_44; + break; + case KEY_RSA3072_ML_DSA_44: + get_keytypes |= KT_RSA3072_ML_DSA_44; + break; + case KEY_ECDSA_NISTP256_ML_DSA_44: + get_keytypes |= KT_ECDSA_NISTP256_ML_DSA_44; + break; + case KEY_ML_DSA_65: + get_keytypes |= KT_ML_DSA_65; + break; + case KEY_ECDSA_NISTP384_ML_DSA_65: + get_keytypes |= KT_ECDSA_NISTP384_ML_DSA_65; + break; + case KEY_ML_DSA_87: + get_keytypes |= KT_ML_DSA_87; + break; + case KEY_ECDSA_NISTP521_ML_DSA_87: + get_keytypes |= KT_ECDSA_NISTP521_ML_DSA_87; + break; + case KEY_MAYO_2: + get_keytypes |= KT_MAYO_2; + break; + case KEY_RSA3072_MAYO_2: + get_keytypes |= KT_RSA3072_MAYO_2; + break; + case KEY_ECDSA_NISTP256_MAYO_2: + get_keytypes |= KT_ECDSA_NISTP256_MAYO_2; + break; + case KEY_MAYO_3: + get_keytypes |= KT_MAYO_3; + break; + case KEY_ECDSA_NISTP384_MAYO_3: + get_keytypes |= KT_ECDSA_NISTP384_MAYO_3; + break; + case KEY_MAYO_5: + get_keytypes |= KT_MAYO_5; + break; + case KEY_ECDSA_NISTP521_MAYO_5: + get_keytypes |= KT_ECDSA_NISTP521_MAYO_5; + break; ///// OQS_TEMPLATE_FRAGMENT_ADD_TO_GET_KEYTYPES_END case KEY_UNSPEC: default: diff --git a/ssh-keysign.c b/ssh-keysign.c index 070f1694e6c4..390619ea7557 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -178,7 +178,7 @@ main(int argc, char **argv) struct sshbuf *b; Options options; ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_START -#define NUM_KEYTYPES 5 + 17 +#define NUM_KEYTYPES 5 + 24 ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_END struct sshkey *keys[NUM_KEYTYPES], *key = NULL; struct passwd *pw; @@ -215,18 +215,25 @@ main(int argc, char **argv) key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_FALCON_1024_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_DILITHIUM_2_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_DILITHIUM_3_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_DILITHIUM_5_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ML_DSA_44_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ML_DSA_65_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ML_DSA_87_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_MAYO_2_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_RSA3072_MAYO_2_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_MAYO_3_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_MAYO_5_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE, O_RDONLY); ///// OQS_TEMPLATE_FRAGMENT_OPEN_KEY_FILES_END if ((pw = getpwuid(getuid())) == NULL) fatal("getpwuid failed"); diff --git a/ssh-oqs.c b/ssh-oqs.c index 210e12f507a0..d4aad022240f 100644 --- a/ssh-oqs.c +++ b/ssh-oqs.c @@ -54,18 +54,25 @@ static size_t oqs_sig_pk_len(int type) case KEY_ECDSA_NISTP256_FALCON_512:return OQS_SIG_falcon_512_length_public_key; case KEY_FALCON_1024: case KEY_ECDSA_NISTP521_FALCON_1024:return OQS_SIG_falcon_1024_length_public_key; - case KEY_DILITHIUM_2: - case KEY_RSA3072_DILITHIUM_2: - case KEY_ECDSA_NISTP256_DILITHIUM_2:return OQS_SIG_dilithium_2_length_public_key; - case KEY_DILITHIUM_3: - case KEY_ECDSA_NISTP384_DILITHIUM_3:return OQS_SIG_dilithium_3_length_public_key; - case KEY_DILITHIUM_5: - case KEY_ECDSA_NISTP521_DILITHIUM_5:return OQS_SIG_dilithium_5_length_public_key; case KEY_SPHINCS_SHA2_128F_SIMPLE: case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE:return OQS_SIG_sphincs_sha2_128f_simple_length_public_key; case KEY_SPHINCS_SHA2_256F_SIMPLE: case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE:return OQS_SIG_sphincs_sha2_256f_simple_length_public_key; + case KEY_ML_DSA_44: + case KEY_RSA3072_ML_DSA_44: + case KEY_ECDSA_NISTP256_ML_DSA_44:return OQS_SIG_ml_dsa_44_length_public_key; + case KEY_ML_DSA_65: + case KEY_ECDSA_NISTP384_ML_DSA_65:return OQS_SIG_ml_dsa_65_length_public_key; + case KEY_ML_DSA_87: + case KEY_ECDSA_NISTP521_ML_DSA_87:return OQS_SIG_ml_dsa_87_length_public_key; + case KEY_MAYO_2: + case KEY_RSA3072_MAYO_2: + case KEY_ECDSA_NISTP256_MAYO_2:return OQS_SIG_mayo_2_length_public_key; + case KEY_MAYO_3: + case KEY_ECDSA_NISTP384_MAYO_3:return OQS_SIG_mayo_3_length_public_key; + case KEY_MAYO_5: + case KEY_ECDSA_NISTP521_MAYO_5:return OQS_SIG_mayo_5_length_public_key; ///// OQS_TEMPLATE_FRAGMENT_RETURN_PK_LEN_END } return 0; @@ -83,16 +90,6 @@ static size_t oqs_sig_sk_len(int type) case KEY_FALCON_1024: case KEY_ECDSA_NISTP521_FALCON_1024: return OQS_SIG_falcon_1024_length_secret_key; - case KEY_DILITHIUM_2: - case KEY_RSA3072_DILITHIUM_2: - case KEY_ECDSA_NISTP256_DILITHIUM_2: - return OQS_SIG_dilithium_2_length_secret_key; - case KEY_DILITHIUM_3: - case KEY_ECDSA_NISTP384_DILITHIUM_3: - return OQS_SIG_dilithium_3_length_secret_key; - case KEY_DILITHIUM_5: - case KEY_ECDSA_NISTP521_DILITHIUM_5: - return OQS_SIG_dilithium_5_length_secret_key; case KEY_SPHINCS_SHA2_128F_SIMPLE: case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: @@ -100,6 +97,26 @@ static size_t oqs_sig_sk_len(int type) case KEY_SPHINCS_SHA2_256F_SIMPLE: case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: return OQS_SIG_sphincs_sha2_256f_simple_length_secret_key; + case KEY_ML_DSA_44: + case KEY_RSA3072_ML_DSA_44: + case KEY_ECDSA_NISTP256_ML_DSA_44: + return OQS_SIG_ml_dsa_44_length_secret_key; + case KEY_ML_DSA_65: + case KEY_ECDSA_NISTP384_ML_DSA_65: + return OQS_SIG_ml_dsa_65_length_secret_key; + case KEY_ML_DSA_87: + case KEY_ECDSA_NISTP521_ML_DSA_87: + return OQS_SIG_ml_dsa_87_length_secret_key; + case KEY_MAYO_2: + case KEY_RSA3072_MAYO_2: + case KEY_ECDSA_NISTP256_MAYO_2: + return OQS_SIG_mayo_2_length_secret_key; + case KEY_MAYO_3: + case KEY_ECDSA_NISTP384_MAYO_3: + return OQS_SIG_mayo_3_length_secret_key; + case KEY_MAYO_5: + case KEY_ECDSA_NISTP521_MAYO_5: + return OQS_SIG_mayo_5_length_secret_key; ///// OQS_TEMPLATE_FRAGMENT_RETURN_SK_LEN_END } return 0; @@ -703,10 +720,10 @@ const struct sshkey_impl sshkey_falcon1024_impl = { /* .funcs = */ &sshkey_falcon1024_funcs, }; /*--------------------------------------------------- - * DILITHIUM_2 METHODS + * SPHINCS_SHA2_128F_SIMPLE METHODS *--------------------------------------------------- */ -static int ssh_dilithium2_generate(struct sshkey *k, int bits) +static int ssh_sphincssha2128fsimple_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -714,10 +731,10 @@ static int ssh_dilithium2_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_dilithium_2_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_sphincs_sha2_128f_simple_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_dilithium2_sign(struct sshkey *key, +int ssh_sphincssha2128fsimple_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -727,16 +744,16 @@ int ssh_dilithium2_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "dilithium2", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "sphincssha2128fsimple", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_dilithium2_verify(const struct sshkey *key, +int ssh_sphincssha2128fsimple_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -745,16 +762,16 @@ int ssh_dilithium2_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "dilithium2", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "sphincssha2128fsimple", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_dilithium2_funcs = { +static const struct sshkey_impl_funcs sshkey_sphincssha2128fsimple_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -763,28 +780,28 @@ static const struct sshkey_impl_funcs sshkey_dilithium2_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_dilithium2_generate, + /* .generate = */ ssh_sphincssha2128fsimple_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_dilithium2_sign, - /* .verify = */ ssh_dilithium2_verify, + /* .sign = */ ssh_sphincssha2128fsimple_sign, + /* .verify = */ ssh_sphincssha2128fsimple_verify, }; -const struct sshkey_impl sshkey_dilithium2_impl = { - /* .name = */ "ssh-dilithium2", - /* .shortname = */ "DILITHIUM2", +const struct sshkey_impl sshkey_sphincssha2128fsimple_impl = { + /* .name = */ "ssh-sphincssha2128fsimple", + /* .shortname = */ "SPHINCSSHA2128FSIMPLE", /* .sigalg = */ NULL, - /* .type = */ KEY_DILITHIUM_2, + /* .type = */ KEY_SPHINCS_SHA2_128F_SIMPLE, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_dilithium2_funcs, + /* .funcs = */ &sshkey_sphincssha2128fsimple_funcs, }; /*--------------------------------------------------- - * DILITHIUM_3 METHODS + * SPHINCS_SHA2_256F_SIMPLE METHODS *--------------------------------------------------- */ -static int ssh_dilithium3_generate(struct sshkey *k, int bits) +static int ssh_sphincssha2256fsimple_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -792,10 +809,10 @@ static int ssh_dilithium3_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_dilithium_3_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_sphincs_sha2_256f_simple_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_dilithium3_sign(struct sshkey *key, +int ssh_sphincssha2256fsimple_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -805,16 +822,16 @@ int ssh_dilithium3_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_3); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "dilithium3", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "sphincssha2256fsimple", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_dilithium3_verify(const struct sshkey *key, +int ssh_sphincssha2256fsimple_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -823,16 +840,16 @@ int ssh_dilithium3_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_3); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "dilithium3", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "sphincssha2256fsimple", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_dilithium3_funcs = { +static const struct sshkey_impl_funcs sshkey_sphincssha2256fsimple_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -841,28 +858,28 @@ static const struct sshkey_impl_funcs sshkey_dilithium3_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_dilithium3_generate, + /* .generate = */ ssh_sphincssha2256fsimple_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_dilithium3_sign, - /* .verify = */ ssh_dilithium3_verify, + /* .sign = */ ssh_sphincssha2256fsimple_sign, + /* .verify = */ ssh_sphincssha2256fsimple_verify, }; -const struct sshkey_impl sshkey_dilithium3_impl = { - /* .name = */ "ssh-dilithium3", - /* .shortname = */ "DILITHIUM3", +const struct sshkey_impl sshkey_sphincssha2256fsimple_impl = { + /* .name = */ "ssh-sphincssha2256fsimple", + /* .shortname = */ "SPHINCSSHA2256FSIMPLE", /* .sigalg = */ NULL, - /* .type = */ KEY_DILITHIUM_3, + /* .type = */ KEY_SPHINCS_SHA2_256F_SIMPLE, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_dilithium3_funcs, + /* .funcs = */ &sshkey_sphincssha2256fsimple_funcs, }; /*--------------------------------------------------- - * DILITHIUM_5 METHODS + * ML_DSA_44 METHODS *--------------------------------------------------- */ -static int ssh_dilithium5_generate(struct sshkey *k, int bits) +static int ssh_mldsa44_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -870,10 +887,10 @@ static int ssh_dilithium5_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_dilithium_5_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_ml_dsa_44_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_dilithium5_sign(struct sshkey *key, +int ssh_mldsa44_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -883,16 +900,16 @@ int ssh_dilithium5_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_44); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "dilithium5", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "mldsa44", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_dilithium5_verify(const struct sshkey *key, +int ssh_mldsa44_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -901,16 +918,16 @@ int ssh_dilithium5_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_44); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "dilithium5", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "mldsa44", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_dilithium5_funcs = { +static const struct sshkey_impl_funcs sshkey_mldsa44_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -919,28 +936,28 @@ static const struct sshkey_impl_funcs sshkey_dilithium5_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_dilithium5_generate, + /* .generate = */ ssh_mldsa44_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_dilithium5_sign, - /* .verify = */ ssh_dilithium5_verify, + /* .sign = */ ssh_mldsa44_sign, + /* .verify = */ ssh_mldsa44_verify, }; -const struct sshkey_impl sshkey_dilithium5_impl = { - /* .name = */ "ssh-dilithium5", - /* .shortname = */ "DILITHIUM5", +const struct sshkey_impl sshkey_mldsa44_impl = { + /* .name = */ "ssh-mldsa44", + /* .shortname = */ "MLDSA44", /* .sigalg = */ NULL, - /* .type = */ KEY_DILITHIUM_5, + /* .type = */ KEY_ML_DSA_44, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_dilithium5_funcs, + /* .funcs = */ &sshkey_mldsa44_funcs, }; /*--------------------------------------------------- - * SPHINCS_SHA2_128F_SIMPLE METHODS + * ML_DSA_65 METHODS *--------------------------------------------------- */ -static int ssh_sphincssha2128fsimple_generate(struct sshkey *k, int bits) +static int ssh_mldsa65_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -948,10 +965,10 @@ static int ssh_sphincssha2128fsimple_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_sphincs_sha2_128f_simple_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_ml_dsa_65_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_sphincssha2128fsimple_sign(struct sshkey *key, +int ssh_mldsa65_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -961,16 +978,16 @@ int ssh_sphincssha2128fsimple_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_65); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "sphincssha2128fsimple", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "mldsa65", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_sphincssha2128fsimple_verify(const struct sshkey *key, +int ssh_mldsa65_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -979,16 +996,16 @@ int ssh_sphincssha2128fsimple_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_65); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "sphincssha2128fsimple", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "mldsa65", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_mldsa65_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -997,28 +1014,28 @@ static const struct sshkey_impl_funcs sshkey_sphincssha2128fsimple_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_sphincssha2128fsimple_generate, + /* .generate = */ ssh_mldsa65_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_sphincssha2128fsimple_sign, - /* .verify = */ ssh_sphincssha2128fsimple_verify, + /* .sign = */ ssh_mldsa65_sign, + /* .verify = */ ssh_mldsa65_verify, }; -const struct sshkey_impl sshkey_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-sphincssha2128fsimple", - /* .shortname = */ "SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_mldsa65_impl = { + /* .name = */ "ssh-mldsa65", + /* .shortname = */ "MLDSA65", /* .sigalg = */ NULL, - /* .type = */ KEY_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_ML_DSA_65, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_mldsa65_funcs, }; /*--------------------------------------------------- - * SPHINCS_SHA2_256F_SIMPLE METHODS + * ML_DSA_87 METHODS *--------------------------------------------------- */ -static int ssh_sphincssha2256fsimple_generate(struct sshkey *k, int bits) +static int ssh_mldsa87_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -1026,10 +1043,10 @@ static int ssh_sphincssha2256fsimple_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_sphincs_sha2_256f_simple_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_ml_dsa_87_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_sphincssha2256fsimple_sign(struct sshkey *key, +int ssh_mldsa87_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -1039,16 +1056,16 @@ int ssh_sphincssha2256fsimple_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_87); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "sphincssha2256fsimple", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "mldsa87", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_sphincssha2256fsimple_verify(const struct sshkey *key, +int ssh_mldsa87_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -1057,16 +1074,16 @@ int ssh_sphincssha2256fsimple_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_87); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "sphincssha2256fsimple", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "mldsa87", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_sphincssha2256fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_mldsa87_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1075,22 +1092,256 @@ static const struct sshkey_impl_funcs sshkey_sphincssha2256fsimple_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_sphincssha2256fsimple_generate, + /* .generate = */ ssh_mldsa87_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_sphincssha2256fsimple_sign, - /* .verify = */ ssh_sphincssha2256fsimple_verify, + /* .sign = */ ssh_mldsa87_sign, + /* .verify = */ ssh_mldsa87_verify, }; -const struct sshkey_impl sshkey_sphincssha2256fsimple_impl = { - /* .name = */ "ssh-sphincssha2256fsimple", - /* .shortname = */ "SPHINCSSHA2256FSIMPLE", +const struct sshkey_impl sshkey_mldsa87_impl = { + /* .name = */ "ssh-mldsa87", + /* .shortname = */ "MLDSA87", /* .sigalg = */ NULL, - /* .type = */ KEY_SPHINCS_SHA2_256F_SIMPLE, + /* .type = */ KEY_ML_DSA_87, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_sphincssha2256fsimple_funcs, + /* .funcs = */ &sshkey_mldsa87_funcs, +}; +/*--------------------------------------------------- + * MAYO_2 METHODS + *--------------------------------------------------- + */ +static int ssh_mayo2_generate(struct sshkey *k, int bits) +{ + k->oqs_pk_len = oqs_sig_pk_len(k->type); + k->oqs_sk_len = oqs_sig_sk_len(k->type); + if ((k->oqs_pk = malloc(k->oqs_pk_len)) == NULL || + (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + return OQS_SIG_mayo_2_keypair(k->oqs_pk, k->oqs_sk); +} + +int ssh_mayo2_sign(struct sshkey *key, + u_char **sigp, + size_t *lenp, + const u_char *data, + size_t datalen, + const char *alg, + const char *sk_provider, + const char *sk_pin, + u_int compat) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_2); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_sign(sig, "mayo2", key, sigp, lenp, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +int ssh_mayo2_verify(const struct sshkey *key, + const u_char *signature, + size_t signaturelen, + const u_char *data, + size_t datalen, + const char *alg, + u_int compat, + struct sshkey_sig_details **detailsp) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_2); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_verify(sig, "mayo2", key, signature, signaturelen, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +static const struct sshkey_impl_funcs sshkey_mayo2_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_mayo2_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_mayo2_sign, + /* .verify = */ ssh_mayo2_verify, +}; + +const struct sshkey_impl sshkey_mayo2_impl = { + /* .name = */ "ssh-mayo2", + /* .shortname = */ "MAYO2", + /* .sigalg = */ NULL, + /* .type = */ KEY_MAYO_2, + /* .nid = */ 0, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_mayo2_funcs, +}; +/*--------------------------------------------------- + * MAYO_3 METHODS + *--------------------------------------------------- + */ +static int ssh_mayo3_generate(struct sshkey *k, int bits) +{ + k->oqs_pk_len = oqs_sig_pk_len(k->type); + k->oqs_sk_len = oqs_sig_sk_len(k->type); + if ((k->oqs_pk = malloc(k->oqs_pk_len)) == NULL || + (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + return OQS_SIG_mayo_3_keypair(k->oqs_pk, k->oqs_sk); +} + +int ssh_mayo3_sign(struct sshkey *key, + u_char **sigp, + size_t *lenp, + const u_char *data, + size_t datalen, + const char *alg, + const char *sk_provider, + const char *sk_pin, + u_int compat) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_3); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_sign(sig, "mayo3", key, sigp, lenp, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +int ssh_mayo3_verify(const struct sshkey *key, + const u_char *signature, + size_t signaturelen, + const u_char *data, + size_t datalen, + const char *alg, + u_int compat, + struct sshkey_sig_details **detailsp) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_3); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_verify(sig, "mayo3", key, signature, signaturelen, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +static const struct sshkey_impl_funcs sshkey_mayo3_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_mayo3_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_mayo3_sign, + /* .verify = */ ssh_mayo3_verify, +}; + +const struct sshkey_impl sshkey_mayo3_impl = { + /* .name = */ "ssh-mayo3", + /* .shortname = */ "MAYO3", + /* .sigalg = */ NULL, + /* .type = */ KEY_MAYO_3, + /* .nid = */ 0, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_mayo3_funcs, +}; +/*--------------------------------------------------- + * MAYO_5 METHODS + *--------------------------------------------------- + */ +static int ssh_mayo5_generate(struct sshkey *k, int bits) +{ + k->oqs_pk_len = oqs_sig_pk_len(k->type); + k->oqs_sk_len = oqs_sig_sk_len(k->type); + if ((k->oqs_pk = malloc(k->oqs_pk_len)) == NULL || + (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + return OQS_SIG_mayo_5_keypair(k->oqs_pk, k->oqs_sk); +} + +int ssh_mayo5_sign(struct sshkey *key, + u_char **sigp, + size_t *lenp, + const u_char *data, + size_t datalen, + const char *alg, + const char *sk_provider, + const char *sk_pin, + u_int compat) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_5); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_sign(sig, "mayo5", key, sigp, lenp, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +int ssh_mayo5_verify(const struct sshkey *key, + const u_char *signature, + size_t signaturelen, + const u_char *data, + size_t datalen, + const char *alg, + u_int compat, + struct sshkey_sig_details **detailsp) +{ + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_mayo_5); + if (sig == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + int r = oqs_verify(sig, "mayo5", key, signature, signaturelen, data, datalen, compat); + OQS_SIG_free(sig); + return r; +} + +static const struct sshkey_impl_funcs sshkey_mayo5_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_mayo5_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_mayo5_sign, + /* .verify = */ ssh_mayo5_verify, +}; + +const struct sshkey_impl sshkey_mayo5_impl = { + /* .name = */ "ssh-mayo5", + /* .shortname = */ "MAYO5", + /* .sigalg = */ NULL, + /* .type = */ KEY_MAYO_5, + /* .nid = */ 0, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_mayo5_funcs, }; #ifdef WITH_OPENSSL @@ -1120,7 +1371,7 @@ const struct sshkey_impl sshkey_rsa3072_falcon512_impl = { /* .keybits = */ 0, /* .funcs = */ &sshkey_rsa3072_falcon512_funcs, }; -static const struct sshkey_impl_funcs sshkey_rsa3072_dilithium2_funcs = { +static const struct sshkey_impl_funcs sshkey_rsa3072_sphincssha2128fsimple_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1135,18 +1386,18 @@ static const struct sshkey_impl_funcs sshkey_rsa3072_dilithium2_funcs = { /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_rsa3072_dilithium2_impl = { - /* .name = */ "ssh-rsa3072-dilithium2", - /* .shortname = */ "RSA3072_DILITHIUM2", +const struct sshkey_impl sshkey_rsa3072_sphincssha2128fsimple_impl = { + /* .name = */ "ssh-rsa3072-sphincssha2128fsimple", + /* .shortname = */ "RSA3072_SPHINCSSHA2128FSIMPLE", /* .sigalg = */ NULL, - /* .type = */ KEY_RSA3072_DILITHIUM_2, + /* .type = */ KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_rsa3072_dilithium2_funcs, + /* .funcs = */ &sshkey_rsa3072_sphincssha2128fsimple_funcs, }; -static const struct sshkey_impl_funcs sshkey_rsa3072_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_rsa3072_mldsa44_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1161,16 +1412,42 @@ static const struct sshkey_impl_funcs sshkey_rsa3072_sphincssha2128fsimple_funcs /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_rsa3072_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-rsa3072-sphincssha2128fsimple", - /* .shortname = */ "RSA3072_SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_rsa3072_mldsa44_impl = { + /* .name = */ "ssh-rsa3072-mldsa44", + /* .shortname = */ "RSA3072_MLDSA44", /* .sigalg = */ NULL, - /* .type = */ KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_RSA3072_ML_DSA_44, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_rsa3072_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_rsa3072_mldsa44_funcs, +}; +static const struct sshkey_impl_funcs sshkey_rsa3072_mayo2_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_generic_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_generic_sign, + /* .verify = */ ssh_generic_verify, +}; + +const struct sshkey_impl sshkey_rsa3072_mayo2_impl = { + /* .name = */ "ssh-rsa3072-mayo2", + /* .shortname = */ "RSA3072_MAYO2", + /* .sigalg = */ NULL, + /* .type = */ KEY_RSA3072_MAYO_2, + /* .nid = */ 0, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_rsa3072_mayo2_funcs, }; #ifdef OPENSSL_HAS_ECC static const struct sshkey_impl_funcs sshkey_ecdsanistp256_falcon512_funcs = { @@ -1225,7 +1502,59 @@ const struct sshkey_impl sshkey_ecdsanistp521_falcon1024_impl = { /* .keybits = */ 0, /* .funcs = */ &sshkey_ecdsanistp521_falcon1024_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp256_dilithium2_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp256_sphincssha2128fsimple_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_generic_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_generic_sign, + /* .verify = */ ssh_generic_verify, +}; + +const struct sshkey_impl sshkey_ecdsanistp256_sphincssha2128fsimple_impl = { + /* .name = */ "ssh-ecdsa-nistp256-sphincssha2128fsimple", + /* .shortname = */ "ECDSA_NISTP256_SPHINCSSHA2128FSIMPLE", + /* .sigalg = */ NULL, + /* .type = */ KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, + /* .nid = */ NID_X9_62_prime256v1, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_ecdsanistp256_sphincssha2128fsimple_funcs, +}; +static const struct sshkey_impl_funcs sshkey_ecdsanistp521_sphincssha2256fsimple_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_generic_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_generic_sign, + /* .verify = */ ssh_generic_verify, +}; + +const struct sshkey_impl sshkey_ecdsanistp521_sphincssha2256fsimple_impl = { + /* .name = */ "ssh-ecdsa-nistp521-sphincssha2256fsimple", + /* .shortname = */ "ECDSA_NISTP521_SPHINCSSHA2256FSIMPLE", + /* .sigalg = */ NULL, + /* .type = */ KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + /* .nid = */ NID_secp521r1, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_ecdsanistp521_sphincssha2256fsimple_funcs, +}; +static const struct sshkey_impl_funcs sshkey_ecdsanistp256_mldsa44_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1240,18 +1569,18 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp256_dilithium2_funcs = { /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp256_dilithium2_impl = { - /* .name = */ "ssh-ecdsa-nistp256-dilithium2", - /* .shortname = */ "ECDSA_NISTP256_DILITHIUM2", +const struct sshkey_impl sshkey_ecdsanistp256_mldsa44_impl = { + /* .name = */ "ssh-ecdsa-nistp256-mldsa44", + /* .shortname = */ "ECDSA_NISTP256_MLDSA44", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP256_DILITHIUM_2, + /* .type = */ KEY_ECDSA_NISTP256_ML_DSA_44, /* .nid = */ NID_X9_62_prime256v1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp256_dilithium2_funcs, + /* .funcs = */ &sshkey_ecdsanistp256_mldsa44_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp384_dilithium3_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp384_mldsa65_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1266,18 +1595,18 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp384_dilithium3_funcs = { /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp384_dilithium3_impl = { - /* .name = */ "ssh-ecdsa-nistp384-dilithium3", - /* .shortname = */ "ECDSA_NISTP384_DILITHIUM3", +const struct sshkey_impl sshkey_ecdsanistp384_mldsa65_impl = { + /* .name = */ "ssh-ecdsa-nistp384-mldsa65", + /* .shortname = */ "ECDSA_NISTP384_MLDSA65", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP384_DILITHIUM_3, + /* .type = */ KEY_ECDSA_NISTP384_ML_DSA_65, /* .nid = */ NID_secp384r1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp384_dilithium3_funcs, + /* .funcs = */ &sshkey_ecdsanistp384_mldsa65_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp521_dilithium5_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp521_mldsa87_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1292,18 +1621,18 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp521_dilithium5_funcs = { /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp521_dilithium5_impl = { - /* .name = */ "ssh-ecdsa-nistp521-dilithium5", - /* .shortname = */ "ECDSA_NISTP521_DILITHIUM5", +const struct sshkey_impl sshkey_ecdsanistp521_mldsa87_impl = { + /* .name = */ "ssh-ecdsa-nistp521-mldsa87", + /* .shortname = */ "ECDSA_NISTP521_MLDSA87", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP521_DILITHIUM_5, + /* .type = */ KEY_ECDSA_NISTP521_ML_DSA_87, /* .nid = */ NID_secp521r1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp521_dilithium5_funcs, + /* .funcs = */ &sshkey_ecdsanistp521_mldsa87_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp256_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp256_mayo2_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1318,18 +1647,18 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp256_sphincssha2128fsimple /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp256_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-ecdsa-nistp256-sphincssha2128fsimple", - /* .shortname = */ "ECDSA_NISTP256_SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_ecdsanistp256_mayo2_impl = { + /* .name = */ "ssh-ecdsa-nistp256-mayo2", + /* .shortname = */ "ECDSA_NISTP256_MAYO2", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_ECDSA_NISTP256_MAYO_2, /* .nid = */ NID_X9_62_prime256v1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp256_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_ecdsanistp256_mayo2_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp521_sphincssha2256fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp384_mayo3_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1344,16 +1673,42 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp521_sphincssha2256fsimple /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp521_sphincssha2256fsimple_impl = { - /* .name = */ "ssh-ecdsa-nistp521-sphincssha2256fsimple", - /* .shortname = */ "ECDSA_NISTP521_SPHINCSSHA2256FSIMPLE", +const struct sshkey_impl sshkey_ecdsanistp384_mayo3_impl = { + /* .name = */ "ssh-ecdsa-nistp384-mayo3", + /* .shortname = */ "ECDSA_NISTP384_MAYO3", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + /* .type = */ KEY_ECDSA_NISTP384_MAYO_3, + /* .nid = */ NID_secp384r1, + /* .cert = */ 0, + /* .sigonly = */ 0, + /* .keybits = */ 0, + /* .funcs = */ &sshkey_ecdsanistp384_mayo3_funcs, +}; +static const struct sshkey_impl_funcs sshkey_ecdsanistp521_mayo5_funcs = { + /* .size = */ ssh_generic_size, + /* .alloc = */ ssh_generic_alloc, + /* .cleanup = */ ssh_generic_cleanup, + /* .equal = */ ssh_generic_equal, + /* .ssh_serialize_public = */ ssh_generic_serialize_public, + /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, + /* .ssh_serialize_private = */ ssh_generic_serialize_private, + /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, + /* .generate = */ ssh_generic_generate, + /* .copy_public = */ ssh_generic_copy_public, + /* .sign = */ ssh_generic_sign, + /* .verify = */ ssh_generic_verify, +}; + +const struct sshkey_impl sshkey_ecdsanistp521_mayo5_impl = { + /* .name = */ "ssh-ecdsa-nistp521-mayo5", + /* .shortname = */ "ECDSA_NISTP521_MAYO5", + /* .sigalg = */ NULL, + /* .type = */ KEY_ECDSA_NISTP521_MAYO_5, /* .nid = */ NID_secp521r1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp521_sphincssha2256fsimple_funcs, + /* .funcs = */ &sshkey_ecdsanistp521_mayo5_funcs, }; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -1394,19 +1749,6 @@ const struct sshkey_impl *oqs_pq_sshkey_impl(const struct sshkey *k) case KEY_ECDSA_NISTP521_FALCON_1024: impl = &sshkey_falcon1024_impl; break; - case KEY_DILITHIUM_2: - case KEY_RSA3072_DILITHIUM_2: - case KEY_ECDSA_NISTP256_DILITHIUM_2: - impl = &sshkey_dilithium2_impl; - break; - case KEY_DILITHIUM_3: - case KEY_ECDSA_NISTP384_DILITHIUM_3: - impl = &sshkey_dilithium3_impl; - break; - case KEY_DILITHIUM_5: - case KEY_ECDSA_NISTP521_DILITHIUM_5: - impl = &sshkey_dilithium5_impl; - break; case KEY_SPHINCS_SHA2_128F_SIMPLE: case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: @@ -1416,6 +1758,32 @@ const struct sshkey_impl *oqs_pq_sshkey_impl(const struct sshkey *k) case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: impl = &sshkey_sphincssha2256fsimple_impl; break; + case KEY_ML_DSA_44: + case KEY_RSA3072_ML_DSA_44: + case KEY_ECDSA_NISTP256_ML_DSA_44: + impl = &sshkey_mldsa44_impl; + break; + case KEY_ML_DSA_65: + case KEY_ECDSA_NISTP384_ML_DSA_65: + impl = &sshkey_mldsa65_impl; + break; + case KEY_ML_DSA_87: + case KEY_ECDSA_NISTP521_ML_DSA_87: + impl = &sshkey_mldsa87_impl; + break; + case KEY_MAYO_2: + case KEY_RSA3072_MAYO_2: + case KEY_ECDSA_NISTP256_MAYO_2: + impl = &sshkey_mayo2_impl; + break; + case KEY_MAYO_3: + case KEY_ECDSA_NISTP384_MAYO_3: + impl = &sshkey_mayo3_impl; + break; + case KEY_MAYO_5: + case KEY_ECDSA_NISTP521_MAYO_5: + impl = &sshkey_mayo5_impl; + break; ///// OQS_TEMPLATE_FRAGMENT_IMPL_LOOKUP_CASES_END default: break; diff --git a/ssh-rsa.c b/ssh-rsa.c index bf3c89d716db..11bad6b1dc99 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -294,8 +294,9 @@ rsa_hash_id_from_ident(const char *ident) /* OQS-note: Currently, only L1 algorithms support RSA hybrids */ ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_START strcmp(ident, "ssh-rsa3072-falcon512") == 0 || - strcmp(ident, "ssh-rsa3072-dilithium2") == 0 || - strcmp(ident, "ssh-rsa3072-sphincssha2128fsimple") == 0) + strcmp(ident, "ssh-rsa3072-sphincssha2128fsimple") == 0 || + strcmp(ident, "ssh-rsa3072-mldsa44") == 0 || + strcmp(ident, "ssh-rsa3072-mayo2") == 0) ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_END return SSH_DIGEST_SHA256; if (strcmp(ident, "rsa-sha2-512") == 0) diff --git a/ssh.c b/ssh.c index 6e19d5f71510..e2225c00884c 100644 --- a/ssh.c +++ b/ssh.c @@ -1655,7 +1655,7 @@ main(int ac, char **av) if (options.hostbased_authentication) { int loaded = 0; ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_START - sensitive_data.nkeys = 10 + 17; + sensitive_data.nkeys = 10 + 24; ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_END sensitive_data.keys = xcalloc(sensitive_data.nkeys, sizeof(*sensitive_data.keys)); @@ -1705,18 +1705,25 @@ main(int ac, char **av) L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, 12); L_PUBKEY(_PATH_HOST_FALCON_1024_KEY_FILE, 13); L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 14); - L_PUBKEY(_PATH_HOST_DILITHIUM_2_KEY_FILE, 15); - L_PUBKEY(_PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, 16); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, 17); - L_PUBKEY(_PATH_HOST_DILITHIUM_3_KEY_FILE, 18); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, 19); - L_PUBKEY(_PATH_HOST_DILITHIUM_5_KEY_FILE, 20); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, 21); - L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 22); - L_PUBKEY(_PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 23); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 24); - L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 25); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 26); + L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 15); + L_PUBKEY(_PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 16); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 17); + L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 18); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 19); + L_PUBKEY(_PATH_HOST_ML_DSA_44_KEY_FILE, 20); + L_PUBKEY(_PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, 21); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, 22); + L_PUBKEY(_PATH_HOST_ML_DSA_65_KEY_FILE, 23); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE, 24); + L_PUBKEY(_PATH_HOST_ML_DSA_87_KEY_FILE, 25); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE, 26); + L_PUBKEY(_PATH_HOST_MAYO_2_KEY_FILE, 27); + L_PUBKEY(_PATH_HOST_RSA3072_MAYO_2_KEY_FILE, 28); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_MAYO_2_KEY_FILE, 29); + L_PUBKEY(_PATH_HOST_MAYO_3_KEY_FILE, 30); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_MAYO_3_KEY_FILE, 31); + L_PUBKEY(_PATH_HOST_MAYO_5_KEY_FILE, 32); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_MAYO_5_KEY_FILE, 33); ///// OQS_TEMPLATE_FRAGMENT_LOAD_PUBKEYS_END if (loaded == 0) debug("HostbasedAuthentication enabled but no " diff --git a/ssh_api.c b/ssh_api.c index 763002ac47bf..a6df19118953 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -141,6 +141,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_server; + ssh->kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server; @@ -154,6 +155,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_server; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server; @@ -167,6 +171,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_server; + ssh->kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server; @@ -180,6 +185,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_server; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_server; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_SERVER_END @@ -213,6 +221,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client; @@ -226,6 +235,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_client; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client; @@ -239,6 +251,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client; @@ -252,6 +265,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_client; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_CLIENT_END diff --git a/sshconnect2.c b/sshconnect2.c index acadcce98779..17a922c5afde 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -289,6 +289,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client; @@ -302,6 +303,9 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_client; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client; @@ -315,6 +319,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client; @@ -328,6 +333,9 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_client; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_END diff --git a/sshd.c b/sshd.c index 0e28d35ad2c3..5b3274c185c4 100644 --- a/sshd.c +++ b/sshd.c @@ -2442,6 +2442,7 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L1_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L3_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_BIKE_L5_SHA512] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server; @@ -2455,6 +2456,9 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server; kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server; kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_512_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_768_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_1024_SHA384] = kex_gen_server; #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server; @@ -2468,6 +2472,7 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512] = kex_gen_server; kex->kex[KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server; @@ -2481,6 +2486,9 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384] = kex_gen_server; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_END diff --git a/sshkey.c b/sshkey.c index 14b3e9732654..4ea2e2ab4ff5 100644 --- a/sshkey.c +++ b/sshkey.c @@ -136,24 +136,31 @@ extern const struct sshkey_impl sshkey_xmss_cert_impl; ///// OQS_TEMPLATE_FRAGMENT_EXTERN_KEY_IMPLS_START extern const struct sshkey_impl sshkey_falcon512_impl; extern const struct sshkey_impl sshkey_falcon1024_impl; -extern const struct sshkey_impl sshkey_dilithium2_impl; -extern const struct sshkey_impl sshkey_dilithium3_impl; -extern const struct sshkey_impl sshkey_dilithium5_impl; extern const struct sshkey_impl sshkey_sphincssha2128fsimple_impl; extern const struct sshkey_impl sshkey_sphincssha2256fsimple_impl; +extern const struct sshkey_impl sshkey_mldsa44_impl; +extern const struct sshkey_impl sshkey_mldsa65_impl; +extern const struct sshkey_impl sshkey_mldsa87_impl; +extern const struct sshkey_impl sshkey_mayo2_impl; +extern const struct sshkey_impl sshkey_mayo3_impl; +extern const struct sshkey_impl sshkey_mayo5_impl; #ifdef WITH_OPENSSL extern const struct sshkey_impl sshkey_rsa3072_falcon512_impl; -extern const struct sshkey_impl sshkey_rsa3072_dilithium2_impl; extern const struct sshkey_impl sshkey_rsa3072_sphincssha2128fsimple_impl; +extern const struct sshkey_impl sshkey_rsa3072_mldsa44_impl; +extern const struct sshkey_impl sshkey_rsa3072_mayo2_impl; #ifdef OPENSSL_HAS_ECC extern const struct sshkey_impl sshkey_ecdsanistp256_falcon512_impl; extern const struct sshkey_impl sshkey_ecdsanistp521_falcon1024_impl; -extern const struct sshkey_impl sshkey_ecdsanistp256_dilithium2_impl; -extern const struct sshkey_impl sshkey_ecdsanistp384_dilithium3_impl; -extern const struct sshkey_impl sshkey_ecdsanistp521_dilithium5_impl; extern const struct sshkey_impl sshkey_ecdsanistp256_sphincssha2128fsimple_impl; extern const struct sshkey_impl sshkey_ecdsanistp521_sphincssha2256fsimple_impl; +extern const struct sshkey_impl sshkey_ecdsanistp256_mldsa44_impl; +extern const struct sshkey_impl sshkey_ecdsanistp384_mldsa65_impl; +extern const struct sshkey_impl sshkey_ecdsanistp521_mldsa87_impl; +extern const struct sshkey_impl sshkey_ecdsanistp256_mayo2_impl; +extern const struct sshkey_impl sshkey_ecdsanistp384_mayo3_impl; +extern const struct sshkey_impl sshkey_ecdsanistp521_mayo5_impl; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_EXTERN_KEY_IMPLS_END @@ -199,23 +206,30 @@ const struct sshkey_impl * const keyimpls[] = { ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEYTYPES_START &sshkey_falcon512_impl, &sshkey_falcon1024_impl, - &sshkey_dilithium2_impl, - &sshkey_dilithium3_impl, - &sshkey_dilithium5_impl, &sshkey_sphincssha2128fsimple_impl, &sshkey_sphincssha2256fsimple_impl, + &sshkey_mldsa44_impl, + &sshkey_mldsa65_impl, + &sshkey_mldsa87_impl, + &sshkey_mayo2_impl, + &sshkey_mayo3_impl, + &sshkey_mayo5_impl, #ifdef WITH_OPENSSL &sshkey_rsa3072_falcon512_impl, - &sshkey_rsa3072_dilithium2_impl, &sshkey_rsa3072_sphincssha2128fsimple_impl, + &sshkey_rsa3072_mldsa44_impl, + &sshkey_rsa3072_mayo2_impl, #ifdef OPENSSL_HAS_ECC &sshkey_ecdsanistp256_falcon512_impl, &sshkey_ecdsanistp521_falcon1024_impl, - &sshkey_ecdsanistp256_dilithium2_impl, - &sshkey_ecdsanistp384_dilithium3_impl, - &sshkey_ecdsanistp521_dilithium5_impl, &sshkey_ecdsanistp256_sphincssha2128fsimple_impl, &sshkey_ecdsanistp521_sphincssha2256fsimple_impl, + &sshkey_ecdsanistp256_mldsa44_impl, + &sshkey_ecdsanistp384_mldsa65_impl, + &sshkey_ecdsanistp521_mldsa87_impl, + &sshkey_ecdsanistp256_mayo2_impl, + &sshkey_ecdsanistp384_mayo3_impl, + &sshkey_ecdsanistp521_mayo5_impl, #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEYTYPES_END diff --git a/sshkey.h b/sshkey.h index b739079497f6..567651a88be3 100644 --- a/sshkey.h +++ b/sshkey.h @@ -81,18 +81,25 @@ enum sshkey_types { KEY_ECDSA_NISTP256_FALCON_512, KEY_FALCON_1024, KEY_ECDSA_NISTP521_FALCON_1024, - KEY_DILITHIUM_2, - KEY_RSA3072_DILITHIUM_2, - KEY_ECDSA_NISTP256_DILITHIUM_2, - KEY_DILITHIUM_3, - KEY_ECDSA_NISTP384_DILITHIUM_3, - KEY_DILITHIUM_5, - KEY_ECDSA_NISTP521_DILITHIUM_5, KEY_SPHINCS_SHA2_128F_SIMPLE, KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE, KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, KEY_SPHINCS_SHA2_256F_SIMPLE, KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + KEY_ML_DSA_44, + KEY_RSA3072_ML_DSA_44, + KEY_ECDSA_NISTP256_ML_DSA_44, + KEY_ML_DSA_65, + KEY_ECDSA_NISTP384_ML_DSA_65, + KEY_ML_DSA_87, + KEY_ECDSA_NISTP521_ML_DSA_87, + KEY_MAYO_2, + KEY_RSA3072_MAYO_2, + KEY_ECDSA_NISTP256_MAYO_2, + KEY_MAYO_3, + KEY_ECDSA_NISTP384_MAYO_3, + KEY_MAYO_5, + KEY_ECDSA_NISTP521_MAYO_5, ///// OQS_TEMPLATE_FRAGMENT_ENUMERATE_KEYTYPES_END KEY_UNSPEC };