From 36815e061aae75f6490154581023d38d2ad2e41b Mon Sep 17 00:00:00 2001 From: JT <74706004+pi-314159@users.noreply.github.com> Date: Sat, 14 Oct 2023 03:13:58 -0500 Subject: [PATCH] Chromium update (#234) * document limited Chromium support level * Update Chromium Patch and Linux Instructions * Add Chromium and liboqs version in README Co-authored-by: pi-314159 <74706004+pi-314159@users.noreply.github.com> Co-authored-by: Jijun <1638810+Jijun@users.noreply.github.com> Co-authored-by: Raytonne <86047362+Raytonne@users.noreply.github.com> --------- Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Co-authored-by: Jijun <1638810+Jijun@users.noreply.github.com> Co-authored-by: Raytonne <86047362+Raytonne@users.noreply.github.com> --- README.md | 5 +- chromium/README-Linux.md | 89 ++--- chromium/README-Windows.md | 486 +-------------------------- chromium/README.md | 8 +- chromium/oqs-changes.patch | 476 +++++++++++++++++++++++++- chromium/scripts/README | 28 -- chromium/scripts/apply_patch.sh | 5 - chromium/scripts/build_chromium.sh | 3 - chromium/scripts/build_liboqs.sh | 7 - chromium/scripts/build_options.sh | 10 - chromium/scripts/gen_build_files.sh | 3 - chromium/scripts/getpqc.sh | 8 - chromium/scripts/install_deps.sh | 3 - chromium/scripts/install_tools.sh | 9 - chromium/scripts/master.sh | 22 -- chromium/scripts/run_hooks.sh | 4 - chromium/scripts/set_env.sh | 11 - chromium/scripts/switch_boringssl.sh | 5 - nginx/fulltest-provider/genconfig.py | 22 +- 19 files changed, 539 insertions(+), 665 deletions(-) delete mode 100644 chromium/scripts/README delete mode 100755 chromium/scripts/apply_patch.sh delete mode 100755 chromium/scripts/build_chromium.sh delete mode 100755 chromium/scripts/build_liboqs.sh delete mode 100755 chromium/scripts/build_options.sh delete mode 100755 chromium/scripts/gen_build_files.sh delete mode 100755 chromium/scripts/getpqc.sh delete mode 100755 chromium/scripts/install_deps.sh delete mode 100755 chromium/scripts/install_tools.sh delete mode 100755 chromium/scripts/master.sh delete mode 100755 chromium/scripts/run_hooks.sh delete mode 100755 chromium/scripts/set_env.sh delete mode 100755 chromium/scripts/switch_boringssl.sh diff --git a/README.md b/README.md index 974c6ab2..d5ab8ce2 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Currently supported packages: | **curl** | [Github: oqs-demos/curl](curl) | [Dockerhub: openquantumsafe/curl](https://hub.docker.com/repository/docker/openquantumsafe/curl) | | **Apache httpd** | [Github: oqs-demos/httpd](httpd) | [Dockerhub: openquantumsafe/httpd](https://hub.docker.com/repository/docker/openquantumsafe/httpd) | | **nginx** | [Github: oqs-demos/nginx](nginx) | [Dockerhub: openquantumsafe/nginx](https://hub.docker.com/repository/docker/openquantumsafe/nginx) | -| **Chromium** | [Github: oqs-demos/chromium](chromium) | [Binary for Ubuntu 20](https://github.com/open-quantum-safe/oqs-demos/releases/download/0.7.2/chromium-ubuntu-0.7.2.tgz) | +| **Chromium** | [Github: oqs-demos/chromium](chromium) (limited support) | - | | **OpenSSH** | [Github: oqs-demos/openssh](openssh) | [Dockerhub: openquantumsafe/openssh](https://hub.docker.com/repository/docker/openquantumsafe/openssh) | | **Wireshark** | [Github: oqs-demos/wireshark](wireshark) | [Dockerhub: openquantumsafe/wireshark](https://hub.docker.com/repository/docker/openquantumsafe/wireshark) | | **Epiphany** | [Github: oqs-demos/epiphany](epiphany) | [Dockerhub: openquantumsafe/epiphany](https://hub.docker.com/repository/docker/openquantumsafe/epiphany) | @@ -32,7 +32,7 @@ Currently supported packages: -You can use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using `oqs-provider v0.5.0` and `liboqs v0.8.0`). Chromium and `oqs-boringssl` are no longer maintained to the same set of algorithms, so are not to be expected to (inter)operate fully with the test server. +You can use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using `oqs-provider v0.5.0` and `liboqs v0.8.0`). Chromium and [oqs-boringssl](https://github.com/open-quantum-safe/boringssl) are no longer maintained to the same set of algorithms, so are not to be expected to (inter)operate fully with the test server. ## Contributing @@ -69,4 +69,3 @@ Financial support for the development of Open Quantum Safe has been provided by We'd like to make a special acknowledgement to the companies who have dedicated programmer time to contribute source code to OQS, including Amazon Web Services, evolutionQ, Microsoft Research, Cisco Systems, IBM Research and Fachhochschule Nordwestschweiz. Research projects which developed specific components of OQS have been supported by various research grants, including funding from the Natural Sciences and Engineering Research Council of Canada (NSERC); see here and here for funding acknowledgments. - diff --git a/chromium/README-Linux.md b/chromium/README-Linux.md index f4782757..b48393c1 100644 --- a/chromium/README-Linux.md +++ b/chromium/README-Linux.md @@ -1,67 +1,68 @@ -Note that both cloning the source code as well as building Chromium can take several hours if you do not have excellent network connectivity and serious multicore CPUs at your disposal: The download has a size of over 40GB and even a size-and-performance optimized build (see note below) takes 1143 CPU user minutes on a 2.6GHz i7 CPU, i.e. something like 300 minutes or 5 hours on a quad-core system. +# Instructions for Building Chromium on Linux -0. Ensure the system requirements listed [here](https://chromium.googlesource.com/chromium/src/+/master/docs/linux/build_instructions.md#System-requirements) are met. +### 1. Obtain the Chromium Source Code -1. To obtain the source code, follow the instructions given [here](https://chromium.googlesource.com/chromium/src/+/master/docs/linux/build_instructions.md#Install) in the "Install depot_tools" section and in the "Get the code" section up to (and not including) the "Install additional build dependencies" sub-section. Note: Do *not* set `--no-history` to save time as you need git history in the next step. +Please read [Google's instructions](https://chromium.googlesource.com/chromium/src/+/main/docs/linux/build_instructions.md) carefully, then complete every step before **Setting up the build**. -2. Navigate to the root directory of the source code, which we will refer to hereafter as ``, and run `git checkout 100.0.4856.2`, which is the latest tag for which we have verified the build instructions. Then, to ensure that all of chromium's third party dependencies are compatible with this tag, run `gclient sync`. +The rest of the instructions will use **$CHROMIUM_ROOT** to refer to the root directory of the Chromium source code. -*Note*: Depending on the OS version installed, you may have to install python2, e.g., using `sudo apt install -y python2`, and ensure it's set as the system default, e.g., via `sudo ln -s /usr/bin/python2 /usr/bin/python`. +### 2. Install Go and Perl -3. Navigate to `/third_party/boringssl/src`, and switch the BoringSSL source code to the OQS-BoringSSL fork by running the following commands: +### 3. Switch to the OQS-BoringSSL -- `git remote add oqs-bssl https://github.com/open-quantum-safe/boringssl` -- `git fetch oqs-bssl` -- `git checkout -b oqs-bssl-master e2d2587065eacfe97aaae940dd43cd964b71f5b4` +```shellscript +cd $CHROMIUM_ROOT/third_party/boringssl/src +git remote add oqs-bssl https://github.com/open-quantum-safe/boringssl +git fetch oqs-bssl +git checkout -b oqs-bssl-master 1ca41b49e9198f510991fb4f350b4a5fd4c1d5ff +``` -4. In a directory of your choosing, clone and build liboqs as follows: +### 4. Clone and Build liboqs -- `git clone --branch main https://github.com/open-quantum-safe/liboqs.git` -- `cd liboqs && mkdir build && cd build` -- `cmake .. -G"Ninja" -DCMAKE_INSTALL_PREFIX=/third_party/boringssl/src/oqs -DOQS_USE_OPENSSL=OFF` -- `ninja && ninja install` +Choose a directory to store the liboqs source code and use the `cd` command to move to that directory. We will use ninja to build liboqs. -Note: You might have to install `ninja` if not already done, e.g., by running `sudo apt-get install ninja`. You also might want to run `SKIP_TESTS=doxygen,style ninja run_tests` to validate liboqs operating OK on your machine. For this you need to install `pytest` if not already present on your machine, e.g., by running `sudo apt-get install python3-pytest python3-pytest-xdist` first. +```shellscript +git clone --branch main https://github.com/open-quantum-safe/liboqs.git +cd liboqs && mkdir build && cd build +cmake .. -G"Ninja" -DCMAKE_INSTALL_PREFIX=$CHROMIUM_ROOT/third_party/boringssl/src/oqs -DOQS_USE_OPENSSL=OFF +ninja && ninja install +``` -Note: If you want to execute the resulting binaries on another machine, be sure to also pass [-DOQS_DIST_BUILD=ON](https://github.com/open-quantum-safe/liboqs/wiki/Customizing-liboqs#oqs_dist_build) to the `cmake` command above to obtain code running on all machines of the same architecture type. +### 5. Enable Quantum-Safe Crypto -5. After successfully installing liboqs as per the above, navigate to `` and apply the `oqs-changes.patch` file provided here by running `git apply `. Then, navigate to `third_party/boringssl`, and run `python src/util/generate_build_files.py gn`. +```shellscript +cd $CHROMIUM_ROOT +wget https://raw.githubusercontent.com/open-quantum-safe/oqs-demos/main/chromium/oqs-changes.patch +git apply oqs-changes.patch +``` -Note: For this to succeed, you might have to install go if not already present on your machine, e.g., by running `sudo apt install golang-go`. If _any_ error occurs in this step, Chromium will build fine, just without support for quantum-safe crypto, i.e., only the final testing steps below will fail. +### 6. Generate BoringSSL Build Files for Chromium -6. Finally, navigate back to and follow the instructions [here](https://chromium.googlesource.com/chromium/src/+/master/docs/linux/build_instructions.md#Install-additional-build-dependencies) from the "Install additional build dependencies" section onwards to build Chromium. +```shellscript +cd $CHROMIUM_ROOT/third_party/boringssl +python src/util/generate_build_files.py gn +``` + +### 7. Build + +```shellscript +cd $CHROMIUM_ROOT +gn args out/Default +``` -Note: If you have already built another chromium source tree (version), you may have to execute `gclient sync --force` to ensure all dependencies are properly updated. +Then append following lines to the configuration file opened in editor: -Note: It is *strongly* advisable to set certain build options to obtain a size-and-performance optimized chromium variant, also saving on build time. Do this by executing `gn args out/Default` and adding the following variables to the configuration file opened in your editor: ``` -# Set build arguments here. See `gn help buildargs`. is_debug = false symbol_level = 0 enable_nacl = false -blink_symbol_level=0 +blink_symbol_level = 0 ``` +Save and close the configuration file. Last, run `autoninja -C out/Default chrome`.\ +If the build completes successfully, it will create _chrome_ in _$CHROMIUM_ROOT/out/Default_. -If the build completes successfully, i.e., the executable `chrome` has been created, one can verify that Chromium can perform a TLS 1.3 handshake using a post-quantum key exchange by executing these steps: - -0. Navigate to ``, and start Chromium by executing `./out/Default/chrome` -1. Navigate again to the `/third_party/boringssl/src` folder, and build OQS-BoringSSL as a standalone project by running `mkdir build && cd build && cmake -GNinja ..`. -2. Then, in the `build` directory, run `./tool/bssl server -accept 4433 -www -loop -curves `, where `` can be any key-exchange algorithm named [here](https://github.com/open-quantum-safe/boringssl/blob/e2d2587065eacfe97aaae940dd43cd964b71f5b4#supported-algorithms) that is supported by default by Chromium. The [kDefaultGroups array](https://github.com/open-quantum-safe/boringssl/wiki/Implementation-Notes) lists all such algorithms\*. -3. Load `https://localhost:4433` in Chromium. - -An alternative test consists of using the newly built Chromium to access the OQS test server at [https://test.openquantumsafe.org](https://test.openquantumsafe.org) and clicking on any of the algorithm combinations [supported by Chromium](https://github.com/open-quantum-safe/boringssl/blob/e2d2587065eacfe97aaae940dd43cd964b71f5b4/ssl/extensions.cc#L353), e.g., `p256_kyber512`). - -Note: In order to avoid certificate warnings, you need to [download the test site certificate](https://test.openquantumsafe.org/CA.crt) using the newly-built chromium. Then click the "..." Control extensions button in the top-right window corner of your newly built Chromium browser, select "Settings", click on "Privacy and Security" in the newly opened window on the left, click on "Security" in the window pane on the right, scroll down and click on "Manage certificates", click on the "Certificates" tab in the newly opened screen, click on "Import" near the top of the newly opened pane and click on the "Downloads" folder on the file selector window that opens. Then double-click on "CA.crt" and check the box next to "Trust this certificate for identifying websites" and finally click "OK". - -*Note: If you already had been running an OQS-enabled chromium and upgraded to a more current version, clearing the cache is strongly advised to avoid "inexplicable" errors.* - -\* For an explanation of why Chromium supports only a subset of key-exchange algorithms by default, consult [OQS-BoringSSL's Implementation Notes wiki page](https://github.com/open-quantum-safe/boringssl/wiki/Implementation-Notes). - -### Shipping binary - -If all steps outlined above have been successfully executed, one can extract a standalone binary distribution by running `tar czvf chromium-binary.tgz *` within the directory `/out/Default` and moving the resulting `tgz` archive to a suitable machine with all UI components for execution. In order to not transfer too many unnecessary files, passing the options `--exclude='obj/*' --exclude='gen/*' --exclude=v8_context_snapshot_generator --exclude=mksnapshot --exclude=make_top_domain_list_variables --exclude=toolchain.ninja --exclude='*__pycache__*' ` to the `tar` command eliminates many files that are not essential for correct operation of a binary Chromium (v94) release. +### 8. Miscellaneous -### Automated build scripts -As the instructions above are complex and hard to get right the first time, a set of build scripts is included in the -scripts subdirectory. Please read scripts/README for more information on how to use them. \ No newline at end of file +- This guide is published on July 1, 2023, and may be outdated. +- A certificate chain that includes quantum-safe signatures can only be validated if it terminates with a root certificate that is in the [Chrome Root Store](https://chromium.googlesource.com/chromium/src/+/main/net/data/ssl/chrome_root_store/faq.md). diff --git a/chromium/README-Windows.md b/chromium/README-Windows.md index f44f6e41..18ba0922 100644 --- a/chromium/README-Windows.md +++ b/chromium/README-Windows.md @@ -17,7 +17,7 @@ In Command Prompt, run following commands: cd %CHROMIUM_ROOT%/third_party/boringssl/src git remote add oqs-bssl https://github.com/open-quantum-safe/boringssl git fetch oqs-bssl -git checkout -b oqs-bssl-master oqs-bssl/master +git checkout -b oqs-bssl-master 1ca41b49e9198f510991fb4f350b4a5fd4c1d5ff ``` ### 4. Clone and Build liboqs @@ -35,479 +35,21 @@ msbuild INSTALL.vcxproj ### 5. Enable Quantum-Safe Crypto -* Open _%CHROMIUM_ROOT%/third_party/boringssl/BUILD.gn_. - * Find `config("external_config")`, then modify `include_dirs` - ```diff - config("external_config") { - -include_dirs = [ "src/include" ] - +include_dirs = [ "src/include", "src/oqs/include" ] - if (is_component_build) { - ``` - * Find `all_headers = crypto_headers + ssl_headers` and replace it with the following line - ```diff - all_sources = crypto_sources + ssl_sources - -all_headers = crypto_headers + ssl_headers - +all_headers = crypto_headers + ssl_headers + oqs_headers - - if (enable_rust_boringssl) { - ``` - * Find `component("boringssl")`, then add the following line after `friend = [ ":*" ]` - ```diff - public = all_headers - friend = [ ":*" ] - +libs = [ "//third_party/boringssl/src/oqs/lib/oqs.lib" ] - deps = [ "//third_party/boringssl/src/third_party/fiat:fiat_license" ] - ``` -* Open _%CHROMIUM_ROOT%/net/quic/quic_stream_factory.cc_. - * Find `if (quic_stream_factory_->ssl_config_service_->GetSSLContextConfig()`, then modify `config_.set_preferred_groups` - ```diff - if (quic_stream_factory_->ssl_config_service_->GetSSLContextConfig() - .PostQuantumKeyAgreementEnabled()) { - - config_.set_preferred_groups({SSL_GROUP_X25519_KYBER768_DRAFT00, - + config_.set_preferred_groups({SSL_GROUP_KYBER512, SSL_GROUP_KYBER768, SSL_GROUP_KYBER1024, - + SSL_GROUP_HQC128, SSL_GROUP_HQC192, SSL_GROUP_HQC256, - + SSL_GROUP_BIKEL1, SSL_GROUP_BIKEL3, - + SSL_GROUP_FRODO640AES, SSL_GROUP_FRODO640SHAKE, SSL_GROUP_FRODO976AES, SSL_GROUP_FRODO976SHAKE, SSL_GROUP_FRODO1344AES, SSL_GROUP_FRODO1344SHAKE, - + SSL_GROUP_X25519_KYBER768_DRAFT00, - + SSL_GROUP_P256_KYBER512, SSL_GROUP_P384_KYBER768, SSL_GROUP_P521_KYBER1024, - + SSL_GROUP_P256_HQC128, SSL_GROUP_P384_HQC192, SSL_GROUP_P521_HQC256, - + SSL_GROUP_P256_BIKEL1, SSL_GROUP_P384_BIKEL3, - + SSL_GROUP_P256_FRODO640AES, SSL_GROUP_P256_FRODO640SHAKE, SSL_GROUP_P384_FRODO976AES, SSL_GROUP_P384_FRODO976SHAKE, SSL_GROUP_P521_FRODO1344AES, SSL_GROUP_P521_FRODO1344SHAKE, - SSL_GROUP_X25519, SSL_GROUP_SECP256R1, - SSL_GROUP_SECP384R1}); - } - ``` -* Open _%CHROMIUM_ROOT%/net/socket/ssl_client_socket_impl.cc_. - * Find `if (context_->config().PostQuantumKeyAgreementEnabled()) {`, then modify `kCurves` - ```diff - if (context_->config().PostQuantumKeyAgreementEnabled()) { - - static const int kCurves[] = {NID_X25519Kyber768Draft00, NID_X25519, - - NID_X9_62_prime256v1, NID_secp384r1}; - + static const int kCurves[] = {NID_kyber512, NID_kyber768, NID_kyber1024, - + NID_hqc128, NID_hqc192, NID_hqc256, - + NID_bikel1, NID_bikel3, - + NID_p256_kyber512, NID_p384_kyber768, NID_p521_kyber1024, - + NID_p256_hqc128, NID_p384_hqc192, NID_p521_hqc256, - + NID_p256_bikel1, NID_p384_bikel3, - + NID_X25519Kyber768Draft00, NID_frodo640aes, NID_frodo640shake, NID_frodo976aes, NID_frodo976shake, NID_frodo1344aes, NID_frodo1344shake, - + NID_p256_frodo640aes, NID_p256_frodo640shake, NID_p384_frodo976aes, NID_p384_frodo976shake, NID_p521_frodo1344aes, NID_p521_frodo1344shake, - + NID_X25519, NID_X9_62_prime256v1, NID_secp384r1}; - if (!SSL_set1_curves(ssl_.get(), kCurves, std::size(kCurves))) { - return ERR_UNEXPECTED; - ``` - * Find `if (ssl_config_.disable_sha1_server_signatures) {`, then insert following lines after `SSL_SIGN_RSA_PSS_RSAE_SHA512, SSL_SIGN_RSA_PKCS1_SHA512,` - ```diff - SSL_SIGN_RSA_PSS_RSAE_SHA384, SSL_SIGN_RSA_PKCS1_SHA384, - SSL_SIGN_RSA_PSS_RSAE_SHA512, SSL_SIGN_RSA_PKCS1_SHA512, - + SSL_SIGN_DILITHIUM2, SSL_SIGN_DILITHIUM3, SSL_SIGN_DILITHIUM5, - + SSL_SIGN_FALCON512, SSL_SIGN_FALCON1024, - + SSL_SIGN_SPHINCSSHA2128FSIMPLE, SSL_SIGN_SPHINCSSHA2128SSIMPLE, SSL_SIGN_SPHINCSSHA2192FSIMPLE, SSL_SIGN_SPHINCSSHA2192SSIMPLE, SSL_SIGN_SPHINCSSHA2256FSIMPLE, SSL_SIGN_SPHINCSSHA2256SSIMPLE, - + SSL_SIGN_SPHINCSSHAKE128FSIMPLE, SSL_SIGN_SPHINCSSHAKE128SSIMPLE, SSL_SIGN_SPHINCSSHAKE192FSIMPLE, SSL_SIGN_SPHINCSSHAKE192SSIMPLE, SSL_SIGN_SPHINCSSHAKE256FSIMPLE, SSL_SIGN_SPHINCSSHAKE256SSIMPLE, - }; - if (!SSL_set_verify_algorithm_prefs(ssl_.get(), kVerifyPrefs, - ``` -* Open _%CHROMIUM_ROOT%/net/cert/cert_verify_proc.cc_. - * Find `const char* CertTypeToString(X509Certificate::PublicKeyType cert_type) {`, then insert following lines after `return "ECDH";` - ```diff - case X509Certificate::kPublicKeyTypeECDH: - return "ECDH"; - + case X509Certificate::kPublicKeyTypeDilithium: - + return "Dilithium"; - + case X509Certificate::kPublicKeyTypeFalcon: - + return "Falcon"; - + case X509Certificate::kPublicKeyTypeSPHINCSSHA2: - + return "SPHINCSSHA2"; - + case X509Certificate::kPublicKeyTypeSPHINCSSHAKE: - + return "SPHINCSSHAKE"; - } - NOTREACHED(); - ``` - * Find `switch (*cert_algorithm) {`, then insert following lines after `case SignatureAlgorithm::kRsaPssSha512:` - ```diff - case SignatureAlgorithm::kRsaPssSha384: - case SignatureAlgorithm::kRsaPssSha512: - + case SignatureAlgorithm::kDilithium2: - + case SignatureAlgorithm::kDilithium3: - + case SignatureAlgorithm::kDilithium5: - + case SignatureAlgorithm::kFalcon512: - + case SignatureAlgorithm::kFalcon1024: - + case SignatureAlgorithm::kSPHINCSSHA2128fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2128ssimple: - + case SignatureAlgorithm::kSPHINCSSHA2192fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2192ssimple: - + case SignatureAlgorithm::kSPHINCSSHA2256fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2256ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: - return true; - } - ``` -* Open _%CHROMIUM_ROOT%/net/cert/x509_certificate.cc_. - * Find `switch (EVP_PKEY_id(pkey.get())) {`, then insert following case statements - ```diff - case EVP_PKEY_DH: - *type = kPublicKeyTypeDH; - break; - + case EVP_PKEY_DILITHIUM2: - + case EVP_PKEY_DILITHIUM3: - + case EVP_PKEY_DILITHIUM5: - + *type = kPublicKeyTypeDilithium; - + break; - + case EVP_PKEY_FALCON512: - + case EVP_PKEY_FALCON1024: - + *type = kPublicKeyTypeFalcon; - + break; - + case EVP_PKEY_SPHINCSSHA2128FSIMPLE: - + case EVP_PKEY_SPHINCSSHA2128SSIMPLE: - + case EVP_PKEY_SPHINCSSHA2192FSIMPLE: - + case EVP_PKEY_SPHINCSSHA2192SSIMPLE: - + case EVP_PKEY_SPHINCSSHA2256FSIMPLE: - + case EVP_PKEY_SPHINCSSHA2256SSIMPLE: - + *type = kPublicKeyTypeSPHINCSSHA2; - + break; - + case EVP_PKEY_SPHINCSSHAKE128FSIMPLE: - + case EVP_PKEY_SPHINCSSHAKE128SSIMPLE: - + case EVP_PKEY_SPHINCSSHAKE192FSIMPLE: - + case EVP_PKEY_SPHINCSSHAKE192SSIMPLE: - + case EVP_PKEY_SPHINCSSHAKE256FSIMPLE: - + case EVP_PKEY_SPHINCSSHAKE256SSIMPLE: - + *type = kPublicKeyTypeSPHINCSSHAKE; - + break; - } - *size_bits = base::saturated_cast(EVP_PKEY_bits(pkey.get())); - ``` -* Open _%CHROMIUM_ROOT%/net/cert/x509_certificate.h_. - * Find `enum PublicKeyType {`, then insert following lines before `kPublicKeyTypeECDH` - ```diff - kPublicKeyTypeECDSA, - kPublicKeyTypeDH, - + kPublicKeyTypeDilithium, - + kPublicKeyTypeFalcon, - + kPublicKeyTypeSPHINCSSHA2, - + kPublicKeyTypeSPHINCSSHAKE, - kPublicKeyTypeECDH - }; - ``` -* Open _%CHROMIUM_ROOT%/net/cert/pki/signature_algorithm.cc_. - * Find `[[nodiscard]] bool IsEmpty(const der::Input& input) {`, then insert following lines before it - ```diff - const uint8_t kOidMgf1[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x08}; +Download the [oqs-changes.patch](https://raw.githubusercontent.com/open-quantum-safe/oqs-demos/main/chromium/oqs-changes.patch) and save it at _%CHROMIUM_ROOT%_, then apply the patch by running - +const uint8_t kOidDilithium2[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x04, 0x04}; - +const uint8_t kOidDilithium3[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x06, 0x05}; - +const uint8_t kOidDilithium5[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x08, 0x07}; - +const uint8_t kOidFalcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x06}; - +const uint8_t kOidFalcon1024[] = {0x2b, 0xce, 0x0f, 0x03, 0x09}; - +const uint8_t kOidSPHINCSSHA2128fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x0d}; - +const uint8_t kOidSPHINCSSHA2128ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x10}; - +const uint8_t kOidSPHINCSSHA2192fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x05, 0x0a}; - +const uint8_t kOidSPHINCSSHA2192ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x05, 0x0c}; - +const uint8_t kOidSPHINCSSHA2256fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x06, 0x0a}; - +const uint8_t kOidSPHINCSSHA2256ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x06, 0x0c}; - +const uint8_t kOidSPHINCSSHAKE128fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x07, 0x0d}; - +const uint8_t kOidSPHINCSSHAKE128ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x07, 0x10}; - +const uint8_t kOidSPHINCSSHAKE192fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x08, 0x0a}; - +const uint8_t kOidSPHINCSSHAKE192ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x08, 0x0c}; - +const uint8_t kOidSPHINCSSHAKE256fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x09, 0x0a}; - +const uint8_t kOidSPHINCSSHAKE256ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x09, 0x0c}; - + - // Returns true if |input| is empty. - [[nodiscard]] bool IsEmpty(const der::Input& input) { - ``` - * Find `if (oid == der::Input(kOidRsaSsaPss)) {`, then insert following lines before it - ```diff - return SignatureAlgorithm::kEcdsaSha512; - } - - +if (oid == der::Input(kOidDilithium2)) { - + return SignatureAlgorithm::kDilithium2; - +} - +if (oid == der::Input(kOidDilithium3)) { - + return SignatureAlgorithm::kDilithium3; - +} - +if (oid == der::Input(kOidDilithium5)) { - + return SignatureAlgorithm::kDilithium5; - +} - +if (oid == der::Input(kOidFalcon512)) { - + return SignatureAlgorithm::kFalcon512; - +} - +if (oid == der::Input(kOidFalcon1024)) { - + return SignatureAlgorithm::kFalcon1024; - +} - +if (oid == der::Input(kOidSPHINCSSHA2128fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2128fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHA2128ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2128ssimple; - +} - +if (oid == der::Input(kOidSPHINCSSHA2192fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2192fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHA2192ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2192ssimple; - +} - +if (oid == der::Input(kOidSPHINCSSHA2256fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2256fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHA2256ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHA2256ssimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE128fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE128fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE128ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE128ssimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE192fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE192fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE192ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE192ssimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE256fsimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE256fsimple; - +} - +if (oid == der::Input(kOidSPHINCSSHAKE256ssimple)) { - + return SignatureAlgorithm::kSPHINCSSHAKE256ssimple; - +} - + - if (oid == der::Input(kOidRsaSsaPss)) { - return ParseRsaPss(params); - ``` - * Find `switch (alg) {`, then add following case statements - ```diff - case SignatureAlgorithm::kRsaPkcs1Sha256: - case SignatureAlgorithm::kEcdsaSha256: - +case SignatureAlgorithm::kDilithium2: - +case SignatureAlgorithm::kFalcon512: - +case SignatureAlgorithm::kSPHINCSSHA2128fsimple: - +case SignatureAlgorithm::kSPHINCSSHA2128ssimple: - +case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: - +case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: - return DigestAlgorithm::Sha256; - - case SignatureAlgorithm::kRsaPkcs1Sha384: - case SignatureAlgorithm::kEcdsaSha384: - +case SignatureAlgorithm::kDilithium3: - +case SignatureAlgorithm::kSPHINCSSHA2192fsimple: - +case SignatureAlgorithm::kSPHINCSSHA2192ssimple: - +case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: - +case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: - return DigestAlgorithm::Sha384; - - case SignatureAlgorithm::kRsaPkcs1Sha512: - case SignatureAlgorithm::kEcdsaSha512: - +case SignatureAlgorithm::kDilithium5: - +case SignatureAlgorithm::kFalcon1024: - +case SignatureAlgorithm::kSPHINCSSHA2256fsimple: - +case SignatureAlgorithm::kSPHINCSSHA2256ssimple: - +case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: - +case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: - return DigestAlgorithm::Sha512; - - // It is ambiguous whether hash-matching RSASSA-PSS instantiations count as - // using one or multiple digests, but the corresponding digest is the only - ``` -* Open _%CHROMIUM_ROOT%/net/cert/pki/signature_algorithm.h_. - * Find `enum class SignatureAlgorithm {`, then insert following lines after `kRsaPssSha512,` - ```diff - kRsaPssSha384, - kRsaPssSha512, - + kDilithium2, - + kDilithium3, - + kDilithium5, - + kFalcon512, - + kFalcon1024, - + kSPHINCSSHA2128fsimple, - + kSPHINCSSHA2128ssimple, - + kSPHINCSSHA2192fsimple, - + kSPHINCSSHA2192ssimple, - + kSPHINCSSHA2256fsimple, - + kSPHINCSSHA2256ssimple, - + kSPHINCSSHAKE128fsimple, - + kSPHINCSSHAKE128ssimple, - + kSPHINCSSHAKE192fsimple, - + kSPHINCSSHAKE192ssimple, - + kSPHINCSSHAKE256fsimple, - + kSPHINCSSHAKE256ssimple, - }; - ``` -* Open _%CHROMIUM_ROOT%/net/cert/pki/simple_path_builder_delegate.cc_. - * Find `bool IsAcceptableCurveForEcdsa` function, then insert following lines before `switch (curve_nid) {` - ```diff - bool IsAcceptableCurveForEcdsa(int curve_nid) { - +if (IS_OQS_PKEY(curve_nid)) { - + return true; - +} - + - switch (curve_nid) { - ``` - * Find `bool SimplePathBuilderDelegate::IsSignatureAlgorithmAcceptable` function, then insert following lines after `case SignatureAlgorithm::kRsaPssSha512:` - ```diff - case SignatureAlgorithm::kRsaPssSha384: - case SignatureAlgorithm::kRsaPssSha512: - + case SignatureAlgorithm::kDilithium2: - + case SignatureAlgorithm::kDilithium3: - + case SignatureAlgorithm::kDilithium5: - + case SignatureAlgorithm::kFalcon512: - + case SignatureAlgorithm::kFalcon1024: - + case SignatureAlgorithm::kSPHINCSSHA2128fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2128ssimple: - + case SignatureAlgorithm::kSPHINCSSHA2192fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2192ssimple: - + case SignatureAlgorithm::kSPHINCSSHA2256fsimple: - + case SignatureAlgorithm::kSPHINCSSHA2256ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: - + case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: - + case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: - return true; - } - ``` - * Find `bool SimplePathBuilderDelegate::IsPublicKeyAcceptable` function, then insert following lines before `// Unexpected key type.` - ```diff - return true; - } - - +if (IS_OQS_PKEY(pkey_id)) { - + return true; - +} - + - // Unexpected key type. - return false; - ``` -* Open _%CHROMIUM_ROOT%/net/cert/pki/verify_signed_data.cc_. - * Find `bool VerifySignedData` function, then insert following case statements to `switch (algorithm) {` - ```diff - std::string_view cache_algorithm_name; - switch (algorithm) { - + case SignatureAlgorithm::kDilithium2: - + expected_pkey_id = EVP_PKEY_DILITHIUM2; - + cache_algorithm_name = "Dilithium2"; - + break; - + case SignatureAlgorithm::kDilithium3: - + expected_pkey_id = EVP_PKEY_DILITHIUM3; - + cache_algorithm_name = "Dilithium3"; - + break; - + case SignatureAlgorithm::kDilithium5: - + expected_pkey_id = EVP_PKEY_DILITHIUM5; - + cache_algorithm_name = "Dilithium5"; - + break; - + case SignatureAlgorithm::kFalcon512: - + expected_pkey_id = EVP_PKEY_FALCON512; - + cache_algorithm_name = "Falcon512"; - + break; - + case SignatureAlgorithm::kFalcon1024: - + expected_pkey_id = EVP_PKEY_FALCON1024; - + cache_algorithm_name = "Falcon1024"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2128fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2128FSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2128fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2128ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2128SSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2128ssimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2192fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2192FSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2192fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2192ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2192SSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2192ssimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2256fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2256FSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2256fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHA2256ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHA2256SSIMPLE; - + cache_algorithm_name = "SPHINCSSHA2256ssimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE128FSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE128fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE128SSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE128ssimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE192FSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE192fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE192SSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE192ssimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE256FSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE256fsimple"; - + break; - + case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: - + expected_pkey_id = EVP_PKEY_SPHINCSSHAKE256SSIMPLE; - + cache_algorithm_name = "SPHINCSSHAKE256ssimple"; - + break; - case SignatureAlgorithm::kRsaPkcs1Sha1: - expected_pkey_id = EVP_PKEY_RSA; - ``` - * Find `crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);`, then make following changes - ```diff - } - } - - +bool ret; - +if (IS_OQS_PKEY(expected_pkey_id)) { - + ret = oqs_verify_sig(public_key, signature_value_bytes.UnsafeData(), signature_value_bytes.Length(), signed_data.UnsafeData(), signed_data.Length()) ? true : false; - +} else { - crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); - - bssl::ScopedEVP_MD_CTX ctx; - EVP_PKEY_CTX* pctx = nullptr; // Owned by |ctx|. - - if (!EVP_DigestVerifyInit(ctx.get(), &pctx, digest, nullptr, public_key)) - return false; - - if (is_rsa_pss) { - // All supported RSASSA-PSS algorithms match signing and MGF-1 digest. They - // also use the digest length as the salt length, which is specified with -1 - // in OpenSSL's API. - if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || - !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1)) { - return false; - } - } - - if (!EVP_DigestVerifyUpdate(ctx.get(), signed_data.UnsafeData(), - signed_data.Length())) { - return false; - } +```bat +git apply oqs-changes.patch +``` - -bool ret = - +ret = - 1 == EVP_DigestVerifyFinal(ctx.get(), signature_value_bytes.UnsafeData(), - signature_value_bytes.Length()); - +} +Open _%CHROMIUM_ROOT%/third_party/boringssl/BUILD.gn_ and find `libs = [ "//third_party/boringssl/src/oqs/lib/liboqs.a" ]`, then replace it with - if (!cache_key.empty()) { - cache->Store(cache_key, ret ? SignatureVerifyCache::Value::kValid - ``` -* Open _%CHROMIUM_ROOT%/net/base/features.cc_. - * Find feature `PostQuantumKyber`, then enable it - ```diff - BASE_FEATURE(kPostQuantumKyber, - "PostQuantumKyber", - - base::FEATURE_DISABLED_BY_DEFAULT); - + base::FEATURE_ENABLED_BY_DEFAULT); - ``` +```diff +public = all_headers +friend = [ ":*" ] +-libs = [ "//third_party/boringssl/src/oqs/lib/liboqs.a" ] ++libs = [ "//third_party/boringssl/src/oqs/lib/oqs.lib" ] +deps = [ "//third_party/boringssl/src/third_party/fiat:fiat_license" ] +``` ### 6. Generate BoringSSL Build Files for Chromium @@ -546,4 +88,4 @@ If the build completes successfully, it will create _chrome.exe_ in _%CHROMIUM_R - BIKE key exchange will crash Chromium. - This guide was initially published on July 1, 2023, and may be outdated. - A certificate chain that includes quantum-safe signatures can only be validated if it terminates with a root certificate that is in the [Chrome Root Store](https://chromium.googlesource.com/chromium/src/+/main/net/data/ssl/chrome_root_store/faq.md). -- These instructions have been tested on 64-bit Windows 10 Enterprise with Visual Studio 2022 Community, [Go 1.20.5](https://go.dev/dl/), and [ActiveState Perl 5.36](https://www.activestate.com/products/perl/); the Chromium version is 117.0.5863.0. +- These instructions have been tested on 64-bit Windows 10 Enterprise with Visual Studio 2022 Community, [Go 1.20.5](https://go.dev/dl/), and [ActiveState Perl 5.36](https://www.activestate.com/products/perl/). diff --git a/chromium/README.md b/chromium/README.md index 89767667..97cfd399 100644 --- a/chromium/README.md +++ b/chromium/README.md @@ -1,7 +1,11 @@ -This directory contains instructions and corresponding patches to build the Chromium web browser using the [OQS-BoringSSL fork](https://github.com/open-quantum-safe/boringssl), thereby enabling Chromium to use quantum-safe key exchange algorithms. Note that these instructions have been tested only on Windows 10, Ubuntu 18, 19, and 20 (x86_64) installations and apply at present only to a subset of quantum-safe key-exchanges as [documented here](https://github.com/open-quantum-safe/boringssl#key-exchange). +This directory contains no longer fully maintained instructions and corresponding patches to build the Chromium web browser using the [OQS-BoringSSL fork](https://github.com/open-quantum-safe/boringssl), thereby enabling Chromium to use quantum-safe key exchange algorithms. + +These instructions are specifically tailored for liboqs version `0.8.0` and Chromium version `117.0.5863.0`. It is important to note that using any other versions of liboqs or Chromium may result in failure. The instructions have been tested on Windows 10 and Ubuntu 22 LTS(x64) installations only. Additionally, they currently apply to a limited subset of quantum-safe key-exchanges, as detailed in the documentation [provided here](https://github.com/open-quantum-safe/boringssl#key-exchange). + +Please be aware that this information is intended for individuals who acknowledge and accept these limitations. While we prioritize support for open source software, we are unable to dedicate the same level of support to the Chromium and BoringSSL PQ software stack as we have in the past. We encourage contributors to update the instructions and patch files for more recent versions of liboqs and Chromium. --- [Build Instructions for Linux](README-Linux.md) -[Build Instructions for Windows](README-Windows.md) +[Build Instructions for Windows](README-Windows.md) \ No newline at end of file diff --git a/chromium/oqs-changes.patch b/chromium/oqs-changes.patch index 4ce25bee..13348afc 100644 --- a/chromium/oqs-changes.patch +++ b/chromium/oqs-changes.patch @@ -1,19 +1,246 @@ -diff --git a/net/cert/internal/simple_path_builder_delegate.cc b/net/cert/internal/simple_path_builder_delegate.cc -index e4259ee6eb39..511b5fb48cd2 100644 ---- a/net/cert/internal/simple_path_builder_delegate.cc -+++ b/net/cert/internal/simple_path_builder_delegate.cc -@@ -35,6 +35,10 @@ bool IsAcceptableCurveForEcdsa(int curve_nid) { +diff --git a/net/base/features.cc b/net/base/features.cc +index d9fe52b201b33..008b2f7c34bc3 100644 +--- a/net/base/features.cc ++++ b/net/base/features.cc +@@ -137,7 +137,7 @@ BASE_FEATURE(kPermuteTLSExtensions, + + BASE_FEATURE(kPostQuantumKyber, + "PostQuantumKyber", +- base::FEATURE_DISABLED_BY_DEFAULT); ++ base::FEATURE_ENABLED_BY_DEFAULT); + + BASE_FEATURE(kNetUnusedIdleSocketTimeout, + "NetUnusedIdleSocketTimeout", +diff --git a/net/cert/cert_verify_proc.cc b/net/cert/cert_verify_proc.cc +index b1dab376aa8e6..71e2eaf75c29c 100644 +--- a/net/cert/cert_verify_proc.cc ++++ b/net/cert/cert_verify_proc.cc +@@ -96,6 +96,14 @@ const char* CertTypeToString(X509Certificate::PublicKeyType cert_type) { + return "DH"; + case X509Certificate::kPublicKeyTypeECDH: + return "ECDH"; ++ case X509Certificate::kPublicKeyTypeDilithium: ++ return "Dilithium"; ++ case X509Certificate::kPublicKeyTypeFalcon: ++ return "Falcon"; ++ case X509Certificate::kPublicKeyTypeSPHINCSSHA2: ++ return "SPHINCSSHA2"; ++ case X509Certificate::kPublicKeyTypeSPHINCSSHAKE: ++ return "SPHINCSSHAKE"; + } + NOTREACHED(); + return "Unsupported"; +@@ -308,6 +316,23 @@ void RecordTrustAnchorHistogram(const HashValueVector& spki_hashes, + case SignatureAlgorithm::kRsaPssSha256: + case SignatureAlgorithm::kRsaPssSha384: + case SignatureAlgorithm::kRsaPssSha512: ++ case SignatureAlgorithm::kDilithium2: ++ case SignatureAlgorithm::kDilithium3: ++ case SignatureAlgorithm::kDilithium5: ++ case SignatureAlgorithm::kFalcon512: ++ case SignatureAlgorithm::kFalcon1024: ++ case SignatureAlgorithm::kSPHINCSSHA2128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2128ssimple: ++ case SignatureAlgorithm::kSPHINCSSHA2192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2192ssimple: ++ case SignatureAlgorithm::kSPHINCSSHA2256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2256ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: return true; } +diff --git a/net/cert/pki/signature_algorithm.cc b/net/cert/pki/signature_algorithm.cc +index 90932f02f8bfe..99c3dac856ee9 100644 +--- a/net/cert/pki/signature_algorithm.cc ++++ b/net/cert/pki/signature_algorithm.cc +@@ -122,6 +122,24 @@ const uint8_t kOidRsaSsaPss[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, + const uint8_t kOidMgf1[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, + 0x0d, 0x01, 0x01, 0x08}; + ++const uint8_t kOidDilithium2[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x04, 0x04}; ++const uint8_t kOidDilithium3[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x06, 0x05}; ++const uint8_t kOidDilithium5[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x08, 0x07}; ++const uint8_t kOidFalcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x06}; ++const uint8_t kOidFalcon1024[] = {0x2b, 0xce, 0x0f, 0x03, 0x09}; ++const uint8_t kOidSPHINCSSHA2128fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x0d}; ++const uint8_t kOidSPHINCSSHA2128ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x10}; ++const uint8_t kOidSPHINCSSHA2192fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x05, 0x0a}; ++const uint8_t kOidSPHINCSSHA2192ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x05, 0x0c}; ++const uint8_t kOidSPHINCSSHA2256fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x06, 0x0a}; ++const uint8_t kOidSPHINCSSHA2256ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x06, 0x0c}; ++const uint8_t kOidSPHINCSSHAKE128fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x07, 0x0d}; ++const uint8_t kOidSPHINCSSHAKE128ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x07, 0x10}; ++const uint8_t kOidSPHINCSSHAKE192fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x08, 0x0a}; ++const uint8_t kOidSPHINCSSHAKE192ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x08, 0x0c}; ++const uint8_t kOidSPHINCSSHAKE256fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x09, 0x0a}; ++const uint8_t kOidSPHINCSSHAKE256ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x09, 0x0c}; ++ + // Returns true if |input| is empty. + [[nodiscard]] bool IsEmpty(const der::Input& input) { + return input.Length() == 0; +@@ -370,6 +388,57 @@ absl::optional ParseSignatureAlgorithm( + if (oid == der::Input(kOidEcdsaWithSha512) && IsEmpty(params)) { + return SignatureAlgorithm::kEcdsaSha512; + } ++ if (oid == der::Input(kOidDilithium2)) { ++ return SignatureAlgorithm::kDilithium2; ++ } ++ if (oid == der::Input(kOidDilithium3)) { ++ return SignatureAlgorithm::kDilithium3; ++ } ++ if (oid == der::Input(kOidDilithium5)) { ++ return SignatureAlgorithm::kDilithium5; ++ } ++ if (oid == der::Input(kOidFalcon512)) { ++ return SignatureAlgorithm::kFalcon512; ++ } ++ if (oid == der::Input(kOidFalcon1024)) { ++ return SignatureAlgorithm::kFalcon1024; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2128fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2128fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2128ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2128ssimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2192fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2192fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2192ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2192ssimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2256fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2256fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHA2256ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHA2256ssimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE128fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE128fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE128ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE128ssimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE192fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE192fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE192ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE192ssimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE256fsimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE256fsimple; ++ } ++ if (oid == der::Input(kOidSPHINCSSHAKE256ssimple)) { ++ return SignatureAlgorithm::kSPHINCSSHAKE256ssimple; ++ } + + if (oid == der::Input(kOidRsaSsaPss)) { + return ParseRsaPss(params); +@@ -394,14 +463,31 @@ absl::optional GetTlsServerEndpointDigestAlgorithm( + + case SignatureAlgorithm::kRsaPkcs1Sha256: + case SignatureAlgorithm::kEcdsaSha256: ++ case SignatureAlgorithm::kDilithium2: ++ case SignatureAlgorithm::kFalcon512: ++ case SignatureAlgorithm::kSPHINCSSHA2128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2128ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: + return DigestAlgorithm::Sha256; + + case SignatureAlgorithm::kRsaPkcs1Sha384: + case SignatureAlgorithm::kEcdsaSha384: ++ case SignatureAlgorithm::kDilithium3: ++ case SignatureAlgorithm::kSPHINCSSHA2192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2192ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: + return DigestAlgorithm::Sha384; + + case SignatureAlgorithm::kRsaPkcs1Sha512: + case SignatureAlgorithm::kEcdsaSha512: ++ case SignatureAlgorithm::kDilithium5: ++ case SignatureAlgorithm::kFalcon1024: ++ case SignatureAlgorithm::kSPHINCSSHA2256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2256ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: + return DigestAlgorithm::Sha512; + + // It is ambiguous whether hash-matching RSASSA-PSS instantiations count as +diff --git a/net/cert/pki/signature_algorithm.h b/net/cert/pki/signature_algorithm.h +index 875d7a83c3cbd..0694878f8f596 100644 +--- a/net/cert/pki/signature_algorithm.h ++++ b/net/cert/pki/signature_algorithm.h +@@ -44,6 +44,23 @@ enum class SignatureAlgorithm { + kRsaPssSha256, + kRsaPssSha384, + kRsaPssSha512, ++ kDilithium2, ++ kDilithium3, ++ kDilithium5, ++ kFalcon512, ++ kFalcon1024, ++ kSPHINCSSHA2128fsimple, ++ kSPHINCSSHA2128ssimple, ++ kSPHINCSSHA2192fsimple, ++ kSPHINCSSHA2192ssimple, ++ kSPHINCSSHA2256fsimple, ++ kSPHINCSSHA2256ssimple, ++ kSPHINCSSHAKE128fsimple, ++ kSPHINCSSHAKE128ssimple, ++ kSPHINCSSHAKE192fsimple, ++ kSPHINCSSHAKE192ssimple, ++ kSPHINCSSHAKE256fsimple, ++ kSPHINCSSHAKE256ssimple, + }; + + // Parses AlgorithmIdentifier as defined by RFC 5280 section 4.1.1.2: +diff --git a/net/cert/pki/simple_path_builder_delegate.cc b/net/cert/pki/simple_path_builder_delegate.cc +index 83cd265ce78d6..97c2726b84edd 100644 +--- a/net/cert/pki/simple_path_builder_delegate.cc ++++ b/net/cert/pki/simple_path_builder_delegate.cc +@@ -29,6 +29,10 @@ DEFINE_CERT_ERROR_ID(kUnacceptableCurveForEcdsa, + "Only P-256, P-384, P-521 are supported for ECDSA"); + + bool IsAcceptableCurveForEcdsa(int curve_nid) { + if (IS_OQS_PKEY(curve_nid)) { -+ return true; ++ return true; + } + + switch (curve_nid) { + case NID_X9_62_prime256v1: + case NID_secp384r1: +@@ -78,6 +82,23 @@ bool SimplePathBuilderDelegate::IsSignatureAlgorithmAcceptable( + case SignatureAlgorithm::kRsaPssSha256: + case SignatureAlgorithm::kRsaPssSha384: + case SignatureAlgorithm::kRsaPssSha512: ++ case SignatureAlgorithm::kDilithium2: ++ case SignatureAlgorithm::kDilithium3: ++ case SignatureAlgorithm::kDilithium5: ++ case SignatureAlgorithm::kFalcon512: ++ case SignatureAlgorithm::kFalcon1024: ++ case SignatureAlgorithm::kSPHINCSSHA2128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2128ssimple: ++ case SignatureAlgorithm::kSPHINCSSHA2192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2192ssimple: ++ case SignatureAlgorithm::kSPHINCSSHA2256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHA2256ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: ++ case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: + return true; + } return false; - } - -@@ -110,6 +114,10 @@ bool SimplePathBuilderDelegate::IsPublicKeyAcceptable(EVP_PKEY* public_key, +@@ -119,6 +140,10 @@ bool SimplePathBuilderDelegate::IsPublicKeyAcceptable(EVP_PKEY* public_key, return true; } @@ -24,33 +251,248 @@ index e4259ee6eb39..511b5fb48cd2 100644 // Unexpected key type. return false; } +diff --git a/net/cert/pki/verify_signed_data.cc b/net/cert/pki/verify_signed_data.cc +index 82acf9003525f..14e692e3726dd 100644 +--- a/net/cert/pki/verify_signed_data.cc ++++ b/net/cert/pki/verify_signed_data.cc +@@ -154,6 +154,74 @@ bool VerifySignedData(SignatureAlgorithm algorithm, + bool is_rsa_pss = false; + std::string_view cache_algorithm_name; + switch (algorithm) { ++ case SignatureAlgorithm::kDilithium2: ++ expected_pkey_id = EVP_PKEY_DILITHIUM2; ++ cache_algorithm_name = "Dilithium2"; ++ break; ++ case SignatureAlgorithm::kDilithium3: ++ expected_pkey_id = EVP_PKEY_DILITHIUM3; ++ cache_algorithm_name = "Dilithium3"; ++ break; ++ case SignatureAlgorithm::kDilithium5: ++ expected_pkey_id = EVP_PKEY_DILITHIUM5; ++ cache_algorithm_name = "Dilithium5"; ++ break; ++ case SignatureAlgorithm::kFalcon512: ++ expected_pkey_id = EVP_PKEY_FALCON512; ++ cache_algorithm_name = "Falcon512"; ++ break; ++ case SignatureAlgorithm::kFalcon1024: ++ expected_pkey_id = EVP_PKEY_FALCON1024; ++ cache_algorithm_name = "Falcon1024"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2128fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2128FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2128fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2128ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2128SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2128ssimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2192fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2192FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2192fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2192ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2192SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2192ssimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2256fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2256FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2256fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHA2256ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHA2256SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHA2256ssimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE128fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE128FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE128fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE128ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE128SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE128ssimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE192fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE192FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE192fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE192ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE192SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE192ssimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE256fsimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE256FSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE256fsimple"; ++ break; ++ case SignatureAlgorithm::kSPHINCSSHAKE256ssimple: ++ expected_pkey_id = EVP_PKEY_SPHINCSSHAKE256SSIMPLE; ++ cache_algorithm_name = "SPHINCSSHAKE256ssimple"; ++ break; + case SignatureAlgorithm::kRsaPkcs1Sha1: + expected_pkey_id = EVP_PKEY_RSA; + digest = EVP_sha1(); +@@ -241,6 +309,11 @@ bool VerifySignedData(SignatureAlgorithm algorithm, + } + } + ++ bool ret; ++ if (IS_OQS_PKEY(expected_pkey_id)) { ++ ret = oqs_verify_sig(public_key, signature_value_bytes.UnsafeData(), signature_value_bytes.Length(), signed_data.UnsafeData(), signed_data.Length()) ? true : false; ++ } else { ++ + crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); + + bssl::ScopedEVP_MD_CTX ctx; +@@ -264,9 +337,10 @@ bool VerifySignedData(SignatureAlgorithm algorithm, + return false; + } + +- bool ret = ++ ret = + 1 == EVP_DigestVerifyFinal(ctx.get(), signature_value_bytes.UnsafeData(), + signature_value_bytes.Length()); ++ } + if (!cache_key.empty()) { + cache->Store(cache_key, ret ? SignatureVerifyCache::Value::kValid + : SignatureVerifyCache::Value::kInvalid); +diff --git a/net/cert/x509_certificate.cc b/net/cert/x509_certificate.cc +index 05fb039c0dd09..eaeff8c5f4ed1 100644 +--- a/net/cert/x509_certificate.cc ++++ b/net/cert/x509_certificate.cc +@@ -647,6 +647,31 @@ void X509Certificate::GetPublicKeyInfo(const CRYPTO_BUFFER* cert_buffer, + case EVP_PKEY_DH: + *type = kPublicKeyTypeDH; + break; ++ case EVP_PKEY_DILITHIUM2: ++ case EVP_PKEY_DILITHIUM3: ++ case EVP_PKEY_DILITHIUM5: ++ *type = kPublicKeyTypeDilithium; ++ break; ++ case EVP_PKEY_FALCON512: ++ case EVP_PKEY_FALCON1024: ++ *type = kPublicKeyTypeFalcon; ++ break; ++ case EVP_PKEY_SPHINCSSHA2128FSIMPLE: ++ case EVP_PKEY_SPHINCSSHA2128SSIMPLE: ++ case EVP_PKEY_SPHINCSSHA2192FSIMPLE: ++ case EVP_PKEY_SPHINCSSHA2192SSIMPLE: ++ case EVP_PKEY_SPHINCSSHA2256FSIMPLE: ++ case EVP_PKEY_SPHINCSSHA2256SSIMPLE: ++ *type = kPublicKeyTypeSPHINCSSHA2; ++ break; ++ case EVP_PKEY_SPHINCSSHAKE128FSIMPLE: ++ case EVP_PKEY_SPHINCSSHAKE128SSIMPLE: ++ case EVP_PKEY_SPHINCSSHAKE192FSIMPLE: ++ case EVP_PKEY_SPHINCSSHAKE192SSIMPLE: ++ case EVP_PKEY_SPHINCSSHAKE256FSIMPLE: ++ case EVP_PKEY_SPHINCSSHAKE256SSIMPLE: ++ *type = kPublicKeyTypeSPHINCSSHAKE; ++ break; + } + *size_bits = base::saturated_cast(EVP_PKEY_bits(pkey.get())); + } +diff --git a/net/cert/x509_certificate.h b/net/cert/x509_certificate.h +index 5ef19cf89d691..7e6710c539961 100644 +--- a/net/cert/x509_certificate.h ++++ b/net/cert/x509_certificate.h +@@ -47,6 +47,10 @@ class NET_EXPORT X509Certificate + kPublicKeyTypeDSA, + kPublicKeyTypeECDSA, + kPublicKeyTypeDH, ++ kPublicKeyTypeDilithium, ++ kPublicKeyTypeFalcon, ++ kPublicKeyTypeSPHINCSSHA2, ++ kPublicKeyTypeSPHINCSSHAKE, + kPublicKeyTypeECDH + }; + +diff --git a/net/quic/quic_stream_factory.cc b/net/quic/quic_stream_factory.cc +index d7a1d98b8a3a0..7c72ae0d38d3a 100644 +--- a/net/quic/quic_stream_factory.cc ++++ b/net/quic/quic_stream_factory.cc +@@ -217,9 +217,19 @@ class QuicStreamFactory::QuicCryptoClientConfigOwner { + base::Unretained(this))); + if (quic_stream_factory_->ssl_config_service_->GetSSLContextConfig() + .PostQuantumKeyAgreementEnabled()) { +- config_.set_preferred_groups({SSL_GROUP_X25519_KYBER768_DRAFT00, +- SSL_GROUP_X25519, SSL_GROUP_SECP256R1, ++ config_.set_preferred_groups({SSL_GROUP_KYBER512, SSL_GROUP_KYBER768, SSL_GROUP_KYBER1024, ++ SSL_GROUP_HQC128, SSL_GROUP_HQC192, SSL_GROUP_HQC256, ++ SSL_GROUP_BIKEL1, SSL_GROUP_BIKEL3, ++ SSL_GROUP_FRODO640AES, SSL_GROUP_FRODO640SHAKE, SSL_GROUP_FRODO976AES, SSL_GROUP_FRODO976SHAKE, SSL_GROUP_FRODO1344AES, SSL_GROUP_FRODO1344SHAKE, ++ SSL_GROUP_X25519_KYBER768_DRAFT00, ++ SSL_GROUP_P256_KYBER512, SSL_GROUP_P384_KYBER768, SSL_GROUP_P521_KYBER1024, ++ SSL_GROUP_P256_HQC128, SSL_GROUP_P384_HQC192, SSL_GROUP_P521_HQC256, ++ SSL_GROUP_P256_BIKEL1, SSL_GROUP_P384_BIKEL3, ++ SSL_GROUP_P256_FRODO640AES, SSL_GROUP_P256_FRODO640SHAKE, SSL_GROUP_P384_FRODO976AES, SSL_GROUP_P384_FRODO976SHAKE, SSL_GROUP_P521_FRODO1344AES, SSL_GROUP_P521_FRODO1344SHAKE, ++ SSL_GROUP_X25519, SSL_GROUP_SECP256R1, + SSL_GROUP_SECP384R1}); ++ ++ + } + } + +diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc +index 9aa3f2607292a..d065066b4fbb5 100644 +--- a/net/socket/ssl_client_socket_impl.cc ++++ b/net/socket/ssl_client_socket_impl.cc +@@ -746,8 +746,16 @@ int SSLClientSocketImpl::Init() { + } + + if (context_->config().PostQuantumKeyAgreementEnabled()) { +- static const int kCurves[] = {NID_X25519Kyber768Draft00, NID_X25519, +- NID_X9_62_prime256v1, NID_secp384r1}; ++ static const int kCurves[] = {NID_kyber512, NID_kyber768, NID_kyber1024, ++ NID_hqc128, NID_hqc192, NID_hqc256, ++ NID_bikel1, NID_bikel3, ++ NID_p256_kyber512, NID_p384_kyber768, NID_p521_kyber1024, ++ NID_p256_hqc128, NID_p384_hqc192, NID_p521_hqc256, ++ NID_p256_bikel1, NID_p384_bikel3, ++ NID_X25519Kyber768Draft00, NID_frodo640aes, NID_frodo640shake, NID_frodo976aes, NID_frodo976shake, NID_frodo1344aes, NID_frodo1344shake, ++ NID_p256_frodo640aes, NID_p256_frodo640shake, NID_p384_frodo976aes, NID_p384_frodo976shake, NID_p521_frodo1344aes, NID_p521_frodo1344shake, ++ NID_X25519, NID_X9_62_prime256v1, NID_secp384r1}; ++ + if (!SSL_set1_curves(ssl_.get(), kCurves, std::size(kCurves))) { + return ERR_UNEXPECTED; + } +@@ -847,6 +855,10 @@ int SSLClientSocketImpl::Init() { + SSL_SIGN_RSA_PKCS1_SHA256, SSL_SIGN_ECDSA_SECP384R1_SHA384, + SSL_SIGN_RSA_PSS_RSAE_SHA384, SSL_SIGN_RSA_PKCS1_SHA384, + SSL_SIGN_RSA_PSS_RSAE_SHA512, SSL_SIGN_RSA_PKCS1_SHA512, ++ SSL_SIGN_DILITHIUM2, SSL_SIGN_DILITHIUM3, SSL_SIGN_DILITHIUM5, ++ SSL_SIGN_FALCON512, SSL_SIGN_FALCON1024, ++ SSL_SIGN_SPHINCSSHA2128FSIMPLE, SSL_SIGN_SPHINCSSHA2128SSIMPLE, SSL_SIGN_SPHINCSSHA2192FSIMPLE, SSL_SIGN_SPHINCSSHA2192SSIMPLE, SSL_SIGN_SPHINCSSHA2256FSIMPLE, SSL_SIGN_SPHINCSSHA2256SSIMPLE, ++ SSL_SIGN_SPHINCSSHAKE128FSIMPLE, SSL_SIGN_SPHINCSSHAKE128SSIMPLE, SSL_SIGN_SPHINCSSHAKE192FSIMPLE, SSL_SIGN_SPHINCSSHAKE192SSIMPLE, SSL_SIGN_SPHINCSSHAKE256FSIMPLE, SSL_SIGN_SPHINCSSHAKE256SSIMPLE, + }; + if (!SSL_set_verify_algorithm_prefs(ssl_.get(), kVerifyPrefs, + std::size(kVerifyPrefs))) { diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn -index 23c167f11787..a38adb880261 100644 +index 6fb13437c6bcc..3f52ce76da21e 100644 --- a/third_party/boringssl/BUILD.gn +++ b/third_party/boringssl/BUILD.gn -@@ -13,7 +13,7 @@ import("BUILD.generated_tests.gni") +@@ -18,7 +18,7 @@ if (enable_rust) { # Config for us and everybody else depending on BoringSSL. config("external_config") { - include_dirs = [ "src/include" ] -+ include_dirs = [ "src/include", "src/oqs/include" ] ++ include_dirs = [ "src/include", "src/oqs/include" ] if (is_component_build) { defines = [ "BORINGSSL_SHARED_LIBRARY" ] } -@@ -39,7 +39,7 @@ config("no_asm_config") { +@@ -48,7 +48,8 @@ config("no_asm_config") { } all_sources = crypto_sources + ssl_sources -all_headers = crypto_headers + ssl_headers +all_headers = crypto_headers + ssl_headers + oqs_headers ++ - # Windows' assembly is built with NASM. The other platforms use the platform - # assembler. Exclude Windows ARM64 because NASM targets x86 and x64 only. -@@ -109,6 +109,7 @@ component("boringssl") { + if (enable_rust_boringssl) { + rust_bindgen("raw_bssl_sys_bindings") { +@@ -158,6 +159,7 @@ component("boringssl") { sources = all_sources public = all_headers friend = [ ":*" ] -+ libs = ["//third_party/boringssl/src/oqs/lib/liboqs.a"] ++ libs = [ "//third_party/boringssl/src/oqs/lib/liboqs.a" ] deps = [ "//third_party/boringssl/src/third_party/fiat:fiat_license" ] # Mark boringssl_asm as a public dependency so the OPENSSL_NO_ASM diff --git a/chromium/scripts/README b/chromium/scripts/README deleted file mode 100644 index 156fd72f..00000000 --- a/chromium/scripts/README +++ /dev/null @@ -1,28 +0,0 @@ -These scripts help facilitate a build of PQC-enabled Chromium. -They have been tested on Ubuntu 20.04 . - -How to use : - -1. Please set the PROJECT environment variable. This is the location where you -would like your Chromium build to be stored. It must be an absolute path. -For example, using bash : -export PROJECT=/home/madbrain/pqc_chromium - -2. Make sure your user has sudo permissions, as this will be needed to install -optional packages. - -3. If you want the script to run unattended, you may need to increase the -default sudo timeout. Use -sudo visudo -Then change the timeout value. For example : -Defaults timestamp_timeout=360 - -4. Review set_env.sh to make sure the CHROMIUM_TAG and CHROMIUM_PATCH -variables are set correctly. If you may either edit the values in the script, -or set the values in your shell. The current are in README.md -in the oqs-demos/chromium directory, ie. at -https://github.com/open-quantum-safe/oqs-demos/tree/main/chromium#readme, in -steps 2 and 5 respectively. - -5. Run master.sh to start the build. You will immediately be asked for sudo -authentication. Be prepared to wait several hours for the build to complete. diff --git a/chromium/scripts/apply_patch.sh b/chromium/scripts/apply_patch.sh deleted file mode 100755 index b5301a94..00000000 --- a/chromium/scripts/apply_patch.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT -LOCAL_CHROMIUM_PATCH=./chromium.patch -wget $CHROMIUM_PATCH -O $LOCAL_CHROMIUM_PATCH -git apply $LOCAL_CHROMIUM_PATCH diff --git a/chromium/scripts/build_chromium.sh b/chromium/scripts/build_chromium.sh deleted file mode 100755 index 584d767f..00000000 --- a/chromium/scripts/build_chromium.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT -autoninja -C out/Default chrome diff --git a/chromium/scripts/build_liboqs.sh b/chromium/scripts/build_liboqs.sh deleted file mode 100755 index 5d96fceb..00000000 --- a/chromium/scripts/build_liboqs.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -cd $PROJECT -git clone --branch main https://github.com/open-quantum-safe/liboqs.git -cd liboqs && mkdir build && cd build -cmake .. -G"Ninja" -DCMAKE_INSTALL_PREFIX=$CHROMIUM_ROOT/third_party/boringssl/src/oqs -DOQS_USE_OPENSSL=OFF -ninja && ninja install - diff --git a/chromium/scripts/build_options.sh b/chromium/scripts/build_options.sh deleted file mode 100755 index 6d908f10..00000000 --- a/chromium/scripts/build_options.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT -rm -f out/Default/args.gn -mkdir -p out/Default -echo "enable_nacl=false" >> out/Default/args.gn -#echo "use_debug_fission=false" >> out/Default/args.gn -#echo "is_clang=false" >> out/Default/args.gn -echo "blink_symbol_level=0" >> out/Default/args.gn -#echo "CCACHE_BASEDIR=/home/ubuntu" >> out/Default/args.gn -gn gen out/Default diff --git a/chromium/scripts/gen_build_files.sh b/chromium/scripts/gen_build_files.sh deleted file mode 100755 index 5f6c7768..00000000 --- a/chromium/scripts/gen_build_files.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT/third_party/boringssl -python src/util/generate_build_files.py gn diff --git a/chromium/scripts/getpqc.sh b/chromium/scripts/getpqc.sh deleted file mode 100755 index 24427435..00000000 --- a/chromium/scripts/getpqc.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -mkdir -p $PROJECT -cd $PROJECT -git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git -fetch --nohooks chromium -cd src -git checkout $CHROMIUM_TAG -gclient sync -D diff --git a/chromium/scripts/install_deps.sh b/chromium/scripts/install_deps.sh deleted file mode 100755 index ee4ffbb9..00000000 --- a/chromium/scripts/install_deps.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT -./build/install-build-deps.sh diff --git a/chromium/scripts/install_tools.sh b/chromium/scripts/install_tools.sh deleted file mode 100755 index 40e34ea6..00000000 --- a/chromium/scripts/install_tools.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -apt-get install -y cmake -apt-get install -y gcc -apt-get install -y g++ -apt-get install -y ninja-build -apt-get install -y git -apt-get install -y wget -apt-get install -y python -apt-get install -y golang-go diff --git a/chromium/scripts/master.sh b/chromium/scripts/master.sh deleted file mode 100755 index be038002..00000000 --- a/chromium/scripts/master.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -if [ -z "$PROJECT" ] -then - echo "PROJECT environment variable has not been set." - exit -fi -if [[ -d $PROJECT ]] -then - echo "$PROJECT already exists on your filesystem." - exit -fi -sudo ./install_tools.sh -source ./set_env.sh -./getpqc.sh -./switch_boringssl.sh -./build_liboqs.sh -./apply_patch.sh -./gen_build_files.sh -./install_deps.sh -./run_hooks.sh -./build_options.sh -./build_chromium.sh diff --git a/chromium/scripts/run_hooks.sh b/chromium/scripts/run_hooks.sh deleted file mode 100755 index c61db80e..00000000 --- a/chromium/scripts/run_hooks.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT -gclient runhooks - diff --git a/chromium/scripts/set_env.sh b/chromium/scripts/set_env.sh deleted file mode 100755 index cc828d5b..00000000 --- a/chromium/scripts/set_env.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -export CHROMIUM_ROOT=$PROJECT/src -export PATH=$PATH:$PROJECT/depot_tools -if [ -z "$CHROMIUM_TAG" ] -then -export CHROMIUM_TAG=100.0.4856.2 -fi -if [ -z "$CHROMIUM_PATCH" ] -then -export CHROMIUM_PATCH=https://raw.githubusercontent.com/open-quantum-safe/oqs-demos/main/chromium/oqs-changes.patch -fi diff --git a/chromium/scripts/switch_boringssl.sh b/chromium/scripts/switch_boringssl.sh deleted file mode 100755 index c4343697..00000000 --- a/chromium/scripts/switch_boringssl.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -cd $CHROMIUM_ROOT/third_party/boringssl/src -git remote add oqs-bssl https://github.com/open-quantum-safe/boringssl -git fetch oqs-bssl -git checkout -b oqs-bssl-master e2d2587065eacfe97aaae940dd43cd964b71f5b4 diff --git a/nginx/fulltest-provider/genconfig.py b/nginx/fulltest-provider/genconfig.py index c03b5e4c..d8d327eb 100644 --- a/nginx/fulltest-provider/genconfig.py +++ b/nginx/fulltest-provider/genconfig.py @@ -117,8 +117,9 @@ def write_nginx_config(f, i, cf, port, _sig, k): # deactivate if you don't like tables: i.write(""+sig+""+k+""+str(port)+""+sig+"/"+k+"\n") - if k in chromium_algs and not ("_" in sig and (sig.startswith("p") or (sig.startswith("rsa")))): - cf.write(""+sig+""+k+""+str(port)+""+sig+"/"+k+"\n") + # chromium support discontinued + #if k in chromium_algs and not ("_" in sig and (sig.startswith("p") or (sig.startswith("rsa")))): + # cf.write(""+sig+""+k+""+str(port)+""+sig+"/"+k+"\n") # generates nginx config @@ -126,14 +127,17 @@ def gen_conf(filename, indexbasefilename, chromiumfilename): port = STARTPORT assignments={} i = open(indexbasefilename, "w") - cf = open(chromiumfilename, "w") + # chromium support discontinued + cf = None + #cf = open(chromiumfilename, "w") # copy baseline templates with open(TEMPLATE_FILE, "r") as tf: for line in tf: i.write(line) - with open(CHROMIUM_TEMPLATE_FILE, "r") as ctf: - for line in ctf: - cf.write(line) + #chromium support discontinued + #with open(CHROMIUM_TEMPLATE_FILE, "r") as ctf: + # for line in ctf: + # cf.write(line) with open(filename, "w") as f: # baseline config @@ -193,9 +197,9 @@ def gen_conf(filename, indexbasefilename, chromiumfilename): i.write("\n") i.write("\n") i.close() - cf.write("\n") - cf.write("\n") - cf.close() + #cf.write("\n") + #cf.write("\n") + #cf.close() with open(ASSIGNMENT_FILE, 'w') as outfile: json.dump(assignments, outfile)