diff --git a/ALGORITHMS.md b/ALGORITHMS.md index ea00ce41..8f52bc4e 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -44,8 +44,8 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | mlkem768 | 0x0768 | Yes | OQS_CODEPOINT_MLKEM768 | | p384_mlkem768 | 0x2F4C | Yes | OQS_CODEPOINT_P384_MLKEM768 | | x448_mlkem768 | 0x2FB7 | Yes | OQS_CODEPOINT_X448_MLKEM768 | -| x25519_mlkem768 | 0x2FB8 | Yes | OQS_CODEPOINT_X25519_MLKEM768 | -| p256_mlkem768 | 4587 | Yes | OQS_CODEPOINT_P256_MLKEM768 | +| X25519MLKEM768 | 0x11ec | Yes | OQS_CODEPOINT_X25519MLKEM768 | +| SecP256r1MLKEM768 | 0x11eb | Yes | OQS_CODEPOINT_SECP256R1MLKEM768 | | mlkem1024 | 0x1024 | Yes | OQS_CODEPOINT_MLKEM1024 | | p521_mlkem1024 | 0x2F4D | Yes | OQS_CODEPOINT_P521_MLKEM1024 | | p384_mlkem1024 | 0x2F4E | Yes | OQS_CODEPOINT_P384_MLKEM1024 | @@ -296,8 +296,8 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li | mlkem768 | 2.16.840.1.101.3.4.4.2 | OQS_OID_MLKEM768 | p384_mlkem768 | NULL | OQS_OID_P384_MLKEM768 | x448_mlkem768 | NULL | OQS_OID_X448_MLKEM768 -| x25519_mlkem768 | NULL | OQS_OID_X25519_MLKEM768 -| p256_mlkem768 | NULL | OQS_OID_P256_MLKEM768 +| X25519MLKEM768 | NULL | OQS_OID_X25519MLKEM768 +| SecP256r1MLKEM768 | NULL | OQS_OID_SECP256R1MLKEM768 | mlkem1024 | 2.16.840.1.101.3.4.4.3 | OQS_OID_MLKEM1024 | p521_mlkem1024 | NULL | OQS_OID_P521_MLKEM1024 | p384_mlkem1024 | 1.3.6.1.4.1.42235.6 | OQS_OID_P384_MLKEM1024 diff --git a/README.md b/README.md index 9589bbf7..ca5949f6 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `x448_kyber768`, `x25519_kyber768`, `p256_kyber768`, `kyber1024`, `p521_kyber1024` - **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `x448_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `x448_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` - **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `x448_hqc192`, `hqc256`, `p521_hqc256`† -- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `x25519_mlkem768`, `p256_mlkem768`, `mlkem1024`, `p521_mlkem1024`, `p384_mlkem1024` +- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `X25519MLKEM768`, `SecP256r1MLKEM768`, `mlkem1024`, `p521_mlkem1024`, `p384_mlkem1024` ### Signature algorithms diff --git a/oqs-template/ALGORITHMS.md/ids.fragment b/oqs-template/ALGORITHMS.md/ids.fragment index d48d78e8..788c8994 100644 --- a/oqs-template/ALGORITHMS.md/ids.fragment +++ b/oqs-template/ALGORITHMS.md/ids.fragment @@ -4,7 +4,7 @@ {%- for kem in config['kems'] %} | {{ kem['name_group'] }} | {{ kem['nid'] }} | Yes | OQS_CODEPOINT_{{ kem['name_group']|upper }} | {%- for hybrid in kem['hybrids'] %} -| {{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }} | {{ hybrid['nid'] }} | Yes | OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }} | +| {% if 'standard_name' in hybrid %}{{ hybrid['standard_name'] }}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %} | {{ hybrid['nid'] }} | Yes | OQS_CODEPOINT_{% if 'standard_name' in hybrid %}{{ hybrid['standard_name']|upper }}{% else %}{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}{% endif %} | {%- endfor %} {%- endfor %} {%- for sig in config['sigs'] %} diff --git a/oqs-template/ALGORITHMS.md/oids.fragment b/oqs-template/ALGORITHMS.md/oids.fragment index 0e04d830..790055f9 100644 --- a/oqs-template/ALGORITHMS.md/oids.fragment +++ b/oqs-template/ALGORITHMS.md/oids.fragment @@ -22,7 +22,7 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li {%- for kem in config['kems'] %} | {{kem['name_group']}} | {{ kem['oid'] }} | OQS_OID_{{ kem['name_group']|upper }} {%- for hybrid in kem['hybrids'] %} -| {{ hybrid['hybrid_group'] }}_{{kem['name_group']}} | {{hybrid['hybrid_oid']}} | OQS_OID_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }} +| {% if 'standard_name' in hybrid %}{{ hybrid['standard_name'] }}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %} | {{hybrid['hybrid_oid']}} | OQS_OID_{% if 'standard_name' in hybrid %}{{ hybrid['standard_name']|upper }}{% else %}{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}{% endif %} {%- endfor -%} {%- endfor %} diff --git a/oqs-template/README.md/algs.fragment b/oqs-template/README.md/algs.fragment index e13eb0b2..8c1e4341 100644 --- a/oqs-template/README.md/algs.fragment +++ b/oqs-template/README.md/algs.fragment @@ -1,7 +1,7 @@ ### KEM algorithms {% for family, kems in config['kems'] | groupby('family') %} -- **{{ family }}**: {% for kem in kems -%} `{{ kem['name_group'] }}` {%- for hybrid in kem['hybrids'] -%}, `{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}`{%- endfor -%}{%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} +- **{{ family }}**: {% for kem in kems -%} `{{ kem['name_group'] }}` {%- for hybrid in kem['hybrids'] -%}, `{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{hybrid['hybrid_group']}}_{{kem['name_group']}}{% endif %}`{%- endfor -%}{%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} {%- endfor %} ### Signature algorithms diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 09e2f684..33f827c3 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -148,6 +148,7 @@ kems: # KEM prefix 2.16.840.1.101.3.4.4. - family: 'ML-KEM' + fips_standard: 1 name_group: 'mlkem512' # code point not standardized: Why? XXX nid: '0x024A' @@ -167,6 +168,7 @@ kems: nid: '0x2FB6' - family: 'ML-KEM' + fips_standard: 1 name_group: 'mlkem768' # https://www.ietf.org/archive/id/draft-connolly-tls-mlkem-key-agreement-01.html nid: '0x0768' @@ -180,14 +182,17 @@ kems: - hybrid_group: "x448" # code point not standardized: Why? XXX nid: '0x2FB7' -# To change when hybrid order change implemented, see https://github.com/open-quantum-safe/oqs-provider/issues/503 - hybrid_group: "x25519" - nid: '0x2FB8' +# https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-02.html#name-x25519mlkem768 + nid: '0x11ec' + standard_name: "X25519MLKEM768" - hybrid_group: "p256" -# https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations - nid: '4587' +# https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-02.html#name-secp256r1mlkem768 + nid: '0x11eb' + standard_name: "SecP256r1MLKEM768" - family: 'ML-KEM' + fips_standard: 1 name_group: 'mlkem1024' # https://www.ietf.org/archive/id/draft-connolly-tls-mlkem-key-agreement-01.html nid: '0x1024' diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index db953c5b..49a4eb5f 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -92,7 +92,7 @@ | ML-KEM | ML-KEM | mlkem512 | FIPS203 | 1 | 0x2F4B | secp256_r1 | | ML-KEM | ML-KEM | mlkem512 | FIPS203 | 1 | 0x2FB6 | x25519 | | ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x0768 | | +| ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x11eb | p256 | +| ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x11ec | x25519 | | ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x2F4C | secp384_r1 | | ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x2FB7 | x448 | -| ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 0x2FB8 | x25519 | -| ML-KEM | ML-KEM | mlkem768 | FIPS203 | 3 | 4587 | p256 | diff --git a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment index e99a82b2..de9a8feb 100644 --- a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment +++ b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment @@ -5,8 +5,8 @@ MAKE_DECODER(, "{{ kem['name_group'] }}", {{ kem['name_group'] }}, oqsx, PrivateKeyInfo); MAKE_DECODER(, "{{ kem['name_group'] }}", {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo); {% for hybrid in kem['hybrids'] %} -MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo); -MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, PrivateKeyInfo); +MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, SubjectPublicKeyInfo); {%- endfor %} {%- endfor %} #endif /* OQS_KEM_ENCODERS */ diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment index 9eb193c0..bd12e8f1 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment @@ -3,9 +3,9 @@ # define {{ kem['name_group'] }}_input_type "{{ kem['name_group'] }}" # define {{ kem['name_group'] }}_pem_type "{{ kem['name_group'] }}" {% for hybrid in kem['hybrids'] %} -# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_evp_type 0 -# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_input_type "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}" -# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_pem_type "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}" +# define {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_evp_type 0 +# define {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_input_type {% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %} +# define {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_pem_type {% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment index f05a36b9..ac02bb91 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment @@ -10,13 +10,13 @@ MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, {{ kem['name_group'] }}); {% for hybrid in kem['hybrids'] %} -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}); {%- endfor %} {%- endfor %} #endif /* OQS_KEM_ENCODERS */ diff --git a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment index 847eff8d..8b88464c 100644 --- a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment +++ b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment @@ -4,24 +4,24 @@ {%- set count.val = count.val + 1 %} static void *{{variant['name']}}_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{variant['name']}}", KEY_TYPE_SIG, NULL, {{variant['security']}}, {{ count.val }}); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{variant['name']}}", KEY_TYPE_SIG, NULL, {{variant['security']}}, {{ count.val }}, 0); } static void *{{variant['name']}}_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{variant['name']}}", 0, {{variant['security']}}, {{ count.val }}); + return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{variant['name']}}", 0, {{variant['security']}}, {{ count.val }}, 0); } {%- for classical_alg in variant['mix_with'] %} {%- set count.val = count.val + 1 %} static void *{{ classical_alg['name'] }}_{{variant['name']}}_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{ classical_alg['name'] }}_{{variant['name']}}", KEY_TYPE_HYB_SIG, NULL, {{variant['security']}}, {{ count.val }}); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{ classical_alg['name'] }}_{{variant['name']}}", KEY_TYPE_HYB_SIG, NULL, {{variant['security']}}, {{ count.val }}, 0); } static void *{{ classical_alg['name'] }}_{{variant['name']}}_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ classical_alg['name'] }}_{{variant['name']}}", KEY_TYPE_HYB_SIG, {{variant['security']}}, {{ count.val }}); + return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ classical_alg['name'] }}_{{variant['name']}}", KEY_TYPE_HYB_SIG, {{variant['security']}}, {{ count.val }}, 0); } {%- endfor -%} @@ -29,12 +29,12 @@ static void *{{ classical_alg['name'] }}_{{variant['name']}}_gen_init(void *prov {%- set count.val = count.val + 1 %} static void *{{ variant['name'] }}_{{ composite_alg['name'] }}_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, NULL, {{composite_alg['security']}}, {{ count.val }}); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, NULL, {{composite_alg['security']}}, {{ count.val }}, 0); } static void *{{ variant['name'] }}_{{ composite_alg['name'] }}_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, {{composite_alg['security']}}, {{ count.val }}); + return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, {{composite_alg['security']}}, {{ count.val }}, 0); } {%- endfor -%} diff --git a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment index 8c0bc153..0c6c5541 100644 --- a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment @@ -13,9 +13,9 @@ MAKE_SIG_KEYMGMT_FUNCTIONS({{variant['name']}}_{{ composite_alg['name'] }}) MAKE_KEM_KEYMGMT_FUNCTIONS({{kem['name_group']}}, {{kem['oqs_alg']}}, {{kem['bit_security']}}) {% for hybrid in kem['hybrids'] %} {% if hybrid['hybrid_group'].startswith('p') -%} -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{hybrid['hybrid_group']}}_{{kem['name_group']}}{% endif %}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}) {%- else %} -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{hybrid['hybrid_group']}}_{{kem['name_group']}}{% endif %}, {{kem['oqs_alg']}}, {{hybrid['bit_security']}}, {% if 'fips_standard' in kem %}{{kem['fips_standard']}}{% else %}0{% endif %}) {%- endif %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment index acc8e86c..466af6f4 100644 --- a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment @@ -13,9 +13,9 @@ extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }} extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_keymgmt_functions[]; {% for hybrid in kem['hybrids'] %} {% if hybrid['hybrid_group'].startswith('p') -%} -extern const OSSL_DISPATCH oqs_ecp_{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_keymgmt_functions[]; {%- else -%} -extern const OSSL_DISPATCH oqs_ecx_{{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_keymgmt_functions[]; {%- endif %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment index 85a71b8a..6244ab99 100644 --- a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment @@ -12,15 +12,15 @@ extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_text_encoder_functions extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{ kem['name_group'] }}_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{ kem['name_group'] }}_decoder_functions[]; {%- for hybrid in kem['hybrids'] -%} -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_decoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}_decoder_functions[]; {%- endfor -%} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment index 8d1c26e7..eb97ea54 100644 --- a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment @@ -5,8 +5,8 @@ DECODER_w_structure("{{ kem['name_group'] }}", der, PrivateKeyInfo, {{ kem['name_group'] }}), DECODER_w_structure("{{ kem['name_group'] }}", der, SubjectPublicKeyInfo, {{ kem['name_group'] }}), {% for hybrid in kem['hybrids'] -%} -DECODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", der, PrivateKeyInfo, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), -DECODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", der, SubjectPublicKeyInfo, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), +DECODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, der, PrivateKeyInfo, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}), +DECODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, der, SubjectPublicKeyInfo, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}), {%- endfor %} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsencoders.inc/make.fragment b/oqs-template/oqsprov/oqsencoders.inc/make.fragment index 06509616..aa91da1b 100644 --- a/oqs-template/oqsprov/oqsencoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsencoders.inc/make.fragment @@ -11,13 +11,13 @@ ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, der, Sub ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, pem, SubjectPublicKeyInfo), ENCODER_TEXT("{{ kem['name_group'] }}", {{ kem['name_group'] }}), {% for hybrid in kem['hybrids'] -%} -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, PrivateKeyInfo), -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, PrivateKeyInfo), -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, SubjectPublicKeyInfo), -ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, der, PrivateKeyInfo), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, pem, PrivateKeyInfo), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, der, SubjectPublicKeyInfo), +ENCODER_w_structure({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, pem, SubjectPublicKeyInfo), +ENCODER_TEXT({% if 'standard_name' in hybrid %}"{{hybrid['standard_name']}}"{% else %}"{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}"{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}), {% endfor -%} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment index 2012d8b0..1fee4359 100644 --- a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment +++ b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment @@ -38,7 +38,7 @@ NULL, "{{ kem['name_group'] }}", {%- if hybrid['hybrid_oid'] == "NULL" -%} NULL, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {%- else -%} -"{{hybrid['hybrid_oid']}}", "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", +"{{hybrid['hybrid_oid']}}", "{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}", {%- endif -%} {%- endfor -%} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment b/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment index 5edd7cbe..2a27770c 100644 --- a/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/kem_functions.fragment @@ -4,7 +4,7 @@ #ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} KEMBASEALG({{kem['name_group']}}, {{kem['bit_security']}}) {%- for hybrid in kem['hybrids'] %} - KEMHYBALG({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['bit_security']}}) + KEMHYBALG({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {{hybrid['bit_security']}}) {%- endfor %} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment index f98a4341..531464c2 100644 --- a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment @@ -17,7 +17,7 @@ #ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} KEMKMALG({{ kem['name_group'] }}, {{ kem['bit_security'] }}) {% for hybrid in kem['hybrids'] %} -{% if hybrid['hybrid_group'].startswith('x') %} KEMKMHYBALG({{ hybrid['hybrid_group']}}_{{kem['name_group'] }}, {{ hybrid['bit_security'] }}, ecx){% else %} KEMKMHYBALG({{ hybrid['hybrid_group']}}_{{ kem['name_group'] }}, {{ hybrid['bit_security'] }}, ecp){% endif %} +{% if hybrid['hybrid_group'].startswith('x') %} KEMKMHYBALG({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {{ hybrid['bit_security'] }}, ecx){% else %} KEMKMHYBALG({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {{ hybrid['bit_security'] }}, ecp){% endif %} {%- endfor %} #endif {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment b/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment index f847021a..f40e0fd9 100644 --- a/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment +++ b/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment @@ -10,7 +10,7 @@ if ((envval = getenv("OQS_OID_{{kem['name_group']|upper}}"))) oqs_oid_alg_list[{{ kemcount.val }}] = envval; {% for hybrid in kem['hybrids'] %} {% set kemcount.val = kemcount.val + 2 -%} - if ((envval = getenv("OQS_OID_{{ hybrid['hybrid_group']|upper }}_{{kem['name_group']|upper}}"))) oqs_oid_alg_list[{{ kemcount.val }}] = envval; + if ((envval = getenv("OQS_OID_{% if 'standard_name' in hybrid %}{{ hybrid['standard_name']|upper }}{% else %}{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}{% endif %}"))) oqs_oid_alg_list[{{ kemcount.val }}] = envval; {%- endfor -%} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment b/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment index 5d64ba40..1bc294f2 100644 --- a/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment +++ b/oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment @@ -4,7 +4,7 @@ if (getenv("OQS_CODEPOINT_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id = atoi(getenv("OQS_CODEPOINT_{{ kem['name_group']|upper }}")); {%- for hybrid in kem['hybrids'] %} {%- set cnt.val = cnt.val + 1 %} - if (getenv("OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}")) oqs_group_list[{{ cnt.val }}].group_id = atoi(getenv("OQS_CODEPOINT_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}")); + if (getenv("OQS_CODEPOINT_{% if 'standard_name' in hybrid %}{{ hybrid['standard_name']|upper }}{% else %}{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}{% endif %}")) oqs_group_list[{{ cnt.val }}].group_id = atoi(getenv("OQS_CODEPOINT_{% if 'standard_name' in hybrid %}{{ hybrid['standard_name']|upper }}{% else %}{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }}{% endif %}")); {%- endfor %} {%- endfor %} {% set cnt = namespace(val=-1) %} diff --git a/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment b/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment index fce50615..8ae19904 100644 --- a/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment +++ b/oqs-template/oqsprov/oqsprov_capabilities.c/group_names.fragment @@ -5,7 +5,7 @@ OQS_GROUP_ENTRY({{kem['name_group']}}, {{kem['name_group']}}, {{kem['name_group']}}, {{ cnt.val }}), {% for hybrid in kem['hybrids'] %} {%- set cnt.val = cnt.val + 1 %} - OQS_GROUP_ENTRY({{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{hybrid['hybrid_group']}}_{{kem['name_group']}}, {{ cnt.val }}), + OQS_GROUP_ENTRY({% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}, {{ cnt.val }}), {%- endfor %} #endif diff --git a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment index 142cb2aa..611bdcaa 100644 --- a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment +++ b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment @@ -30,9 +30,9 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { #ifdef OQS_KEM_ENCODERS {% for kem in config['kems'] %} - { 0, "{{ kem['name_group'] }}", {{ kem['oqs_alg'] }}, KEY_TYPE_KEM, {{ kem['bit_security'] }} }, + { 0, "{{ kem['name_group'] }}", {{ kem['oqs_alg'] }}, KEY_TYPE_KEM, {{ kem['bit_security'] }}, 0 }, {%- for hybrid in kem['hybrids'] %} - { 0, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{ kem['oqs_alg'] }}, {% if hybrid['hybrid_group'].startswith('p') -%} KEY_TYPE_ECP_HYB_KEM {% else %} KEY_TYPE_ECX_HYB_KEM {% endif %}, {{ kem['bit_security'] }} }, + { 0, "{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}", {{ kem['oqs_alg'] }}, {% if hybrid['hybrid_group'].startswith('p') -%} KEY_TYPE_ECP_HYB_KEM {% else %} KEY_TYPE_ECX_HYB_KEM {% endif %}, {{ kem['bit_security'] }}, {% if 'fips_standard' in kem and hybrid['hybrid_group'] in ["x25519", "x448"] %}1{% else %}0{% endif %} }, {%- endfor -%} {%- endfor %} diff --git a/oqs-template/scripts/common.py/kex_algs.fragment b/oqs-template/scripts/common.py/kex_algs.fragment index c8805d32..5dcbb207 100644 --- a/oqs-template/scripts/common.py/kex_algs.fragment +++ b/oqs-template/scripts/common.py/kex_algs.fragment @@ -4,7 +4,7 @@ # post-quantum + classical key exchanges {% for kem in config['kems'] -%} {%- for hybrid in kem['hybrids'] -%} - '{{ hybrid['hybrid_group'] }}_{{kem['name_group']}}', + '{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}', {%- endfor -%} {% endfor %} diff --git a/oqs-template/test/oqs_test_evp_pkey_params.c/hybrid_kem_algs.fragment b/oqs-template/test/oqs_test_evp_pkey_params.c/hybrid_kem_algs.fragment index 31eccaa8..71f060b7 100644 --- a/oqs-template/test/oqs_test_evp_pkey_params.c/hybrid_kem_algs.fragment +++ b/oqs-template/test/oqs_test_evp_pkey_params.c/hybrid_kem_algs.fragment @@ -4,7 +4,7 @@ const char *kHybridKEMAlgorithms[] = { {%- for kem in config['kems'] %} {%- for hybrid in kem['hybrids'] %} - "{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}", + "{% if 'standard_name' in hybrid %}{{hybrid['standard_name']}}{% else %}{{ hybrid['hybrid_group'] }}_{{ kem['name_group'] }}{% endif %}", {%- endfor %} {%- endfor %} NULL, diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 6c9a8e0f..07308b25 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -622,11 +622,13 @@ MAKE_DECODER(_ecp, "p384_mlkem768", p384_mlkem768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p384_mlkem768", p384_mlkem768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x448_mlkem768", x448_mlkem768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecx, "x448_mlkem768", x448_mlkem768, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x25519_mlkem768", x25519_mlkem768, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_mlkem768", x25519_mlkem768, oqsx, +MAKE_DECODER(_ecx, "X25519MLKEM768", X25519MLKEM768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "X25519MLKEM768", X25519MLKEM768, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "SecP256r1MLKEM768", SecP256r1MLKEM768, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "SecP256r1MLKEM768", SecP256r1MLKEM768, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p256_mlkem768", p256_mlkem768, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p256_mlkem768", p256_mlkem768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "mlkem1024", mlkem1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "mlkem1024", mlkem1024, oqsx, SubjectPublicKeyInfo); diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index b27ee3d7..55ffbfc8 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -636,8 +636,13 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) { OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); - memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], - oqsx_key_get_oqs_public_key_len(oqsxkey)); + if (oqsxkey->reverse_share) { + memcpy(buf + privkeylen, oqsxkey->comp_pubkey[0], + oqsx_key_get_oqs_public_key_len(oqsxkey)); + } else { + memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], + oqsx_key_get_oqs_public_key_len(oqsxkey)); + } #endif oct.data = buf; @@ -995,12 +1000,12 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) { #define x448_mlkem768_evp_type 0 #define x448_mlkem768_input_type "x448_mlkem768" #define x448_mlkem768_pem_type "x448_mlkem768" -#define x25519_mlkem768_evp_type 0 -#define x25519_mlkem768_input_type "x25519_mlkem768" -#define x25519_mlkem768_pem_type "x25519_mlkem768" -#define p256_mlkem768_evp_type 0 -#define p256_mlkem768_input_type "p256_mlkem768" -#define p256_mlkem768_pem_type "p256_mlkem768" +#define X25519MLKEM768_evp_type 0 +#define X25519MLKEM768_input_type "X25519MLKEM768" +#define X25519MLKEM768_pem_type "X25519MLKEM768" +#define SecP256r1MLKEM768_evp_type 0 +#define SecP256r1MLKEM768_input_type "SecP256r1MLKEM768" +#define SecP256r1MLKEM768_pem_type "SecP256r1MLKEM768" #define mlkem1024_evp_type 0 #define mlkem1024_input_type "mlkem1024" #define mlkem1024_pem_type "mlkem1024" @@ -2119,20 +2124,20 @@ MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(_ecx, x448_mlkem768); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(_ecx, x25519_mlkem768); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(_ecp, p256_mlkem768); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, X25519MLKEM768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, X25519MLKEM768); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, SecP256r1MLKEM768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, SecP256r1MLKEM768); MAKE_ENCODER(, mlkem1024, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, mlkem1024, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, mlkem1024, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_hyb_kem.c b/oqsprov/oqs_hyb_kem.c index 16be6a6f..6f9c9d94 100644 --- a/oqsprov/oqs_hyb_kem.c +++ b/oqsprov/oqs_hyb_kem.c @@ -26,7 +26,7 @@ static int oqs_evp_kem_encaps_keyslot(void *vpkemctx, unsigned char *ct, // Free at err: EVP_PKEY_CTX *ctx = NULL, *kgctx = NULL; - ; + EVP_PKEY *pkey = NULL, *peerpk = NULL; unsigned char *ctkex_encoded = NULL; @@ -153,19 +153,22 @@ static int oqs_hyb_kem_encaps(void *vpkemctx, unsigned char *ct, size_t *ctlen, unsigned char *secret, size_t *secretlen) { int ret = OQS_SUCCESS; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - size_t secretLen0 = 0, secretLen1 = 0; - size_t ctLen0 = 0, ctLen1 = 0; - unsigned char *ct0, *ct1, *secret0, *secret1; - - ret = oqs_evp_kem_encaps_keyslot(vpkemctx, NULL, &ctLen0, NULL, &secretLen0, - 0); + const OQSX_KEY *oqsx_key = pkemctx->kem; + size_t secretLenClassical = 0, secretLenPQ = 0; + size_t ctLenClassical = 0, ctLenPQ = 0; + unsigned char *ctClassical, *ctPQ, *secretClassical, *secretPQ; + + ret = oqs_evp_kem_encaps_keyslot(vpkemctx, NULL, &ctLenClassical, NULL, + &secretLenClassical, + oqsx_key->reverse_share ? 1 : 0); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_encaps_keyslot(vpkemctx, NULL, &ctLen1, NULL, &secretLen1, - 1); + ret = + oqs_qs_kem_encaps_keyslot(vpkemctx, NULL, &ctLenPQ, NULL, &secretLenPQ, + oqsx_key->reverse_share ? 0 : 1); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - *ctlen = ctLen0 + ctLen1; - *secretlen = secretLen0 + secretLen1; + *ctlen = ctLenClassical + ctLenPQ; + *secretlen = secretLenClassical + secretLenPQ; if (ct == NULL || secret == NULL) { OQS_KEM_PRINTF3("HYB KEM returning lengths %ld and %ld\n", *ctlen, @@ -173,17 +176,30 @@ static int oqs_hyb_kem_encaps(void *vpkemctx, unsigned char *ct, size_t *ctlen, return 1; } - ct0 = ct; - ct1 = ct + ctLen0; - secret0 = secret; - secret1 = secret + secretLen0; + /* Rule: if the classical algorthm is not FIPS approved + but the PQ algorithm is: PQ share comes first + otherwise: classical share comes first + */ + if (oqsx_key->reverse_share) { + ctPQ = ct; + ctClassical = ct + ctLenPQ; + secretPQ = secret; + secretClassical = secret + secretLenPQ; + } else { + ctClassical = ct; + ctPQ = ct + ctLenClassical; + secretClassical = secret; + secretPQ = secret + secretLenClassical; + } - ret = oqs_evp_kem_encaps_keyslot(vpkemctx, ct0, &ctLen0, secret0, - &secretLen0, 0); + ret = oqs_evp_kem_encaps_keyslot(vpkemctx, ctClassical, &ctLenClassical, + secretClassical, &secretLenClassical, + oqsx_key->reverse_share ? 1 : 0); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_encaps_keyslot(vpkemctx, ct1, &ctLen1, secret1, - &secretLen1, 1); + ret = oqs_qs_kem_encaps_keyslot(vpkemctx, ctPQ, &ctLenPQ, secretPQ, + &secretLenPQ, + oqsx_key->reverse_share ? 0 : 1); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); err: @@ -195,39 +211,54 @@ static int oqs_hyb_kem_decaps(void *vpkemctx, unsigned char *secret, size_t ctlen) { int ret = OQS_SUCCESS; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; + const OQSX_KEY *oqsx_key = pkemctx->kem; const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; - size_t secretLen0 = 0, secretLen1 = 0; - size_t ctLen0 = 0, ctLen1 = 0; - const unsigned char *ct0, *ct1; - unsigned char *secret0, *secret1; + size_t secretLenClassical = 0, secretLenPQ = 0; + size_t ctLenClassical = 0, ctLenPQ = 0; + const unsigned char *ctClassical, *ctPQ; + unsigned char *secretClassical, *secretPQ; - ret = oqs_evp_kem_decaps_keyslot(vpkemctx, NULL, &secretLen0, NULL, 0, 0); + ret = oqs_evp_kem_decaps_keyslot(vpkemctx, NULL, &secretLenClassical, NULL, + 0, oqsx_key->reverse_share ? 1 : 0); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_decaps_keyslot(vpkemctx, NULL, &secretLen1, NULL, 0, 1); + ret = oqs_qs_kem_decaps_keyslot(vpkemctx, NULL, &secretLenPQ, NULL, 0, + oqsx_key->reverse_share ? 0 : 1); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - *secretlen = secretLen0 + secretLen1; + *secretlen = secretLenClassical + secretLenPQ; if (secret == NULL) return 1; - ctLen0 = evp_ctx->evp_info->length_public_key; - ctLen1 = qs_ctx->length_ciphertext; + ctLenClassical = evp_ctx->evp_info->length_public_key; + ctLenPQ = qs_ctx->length_ciphertext; - ON_ERR_SET_GOTO(ctLen0 + ctLen1 != ctlen, ret, OQS_ERROR, err); + ON_ERR_SET_GOTO(ctLenClassical + ctLenPQ != ctlen, ret, OQS_ERROR, err); - ct0 = ct; - ct1 = ct + ctLen0; - secret0 = secret; - secret1 = secret + secretLen0; + /* Rule: if the classical algorthm is not FIPS approved + but the PQ algorithm is: PQ share comes first + otherwise: classical share comes first + */ + if (oqsx_key->reverse_share) { + ctPQ = ct; + ctClassical = ct + ctLenPQ; + secretPQ = secret; + secretClassical = secret + secretLenPQ; + } else { + ctClassical = ct; + ctPQ = ct + ctLenClassical; + secretClassical = secret; + secretPQ = secret + secretLenClassical; + } - ret = oqs_evp_kem_decaps_keyslot(vpkemctx, secret0, &secretLen0, ct0, - ctLen0, 0); + ret = oqs_evp_kem_decaps_keyslot( + vpkemctx, secretClassical, &secretLenClassical, ctClassical, + ctLenClassical, oqsx_key->reverse_share ? 1 : 0); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_decaps_keyslot(vpkemctx, secret1, &secretLen1, ct1, ctLen1, - 1); + ret = oqs_qs_kem_decaps_keyslot(vpkemctx, secretPQ, &secretLenPQ, ctPQ, + ctLenPQ, oqsx_key->reverse_share ? 0 : 1); ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); err: diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 503ba740..1603dbc4 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -78,6 +78,7 @@ struct oqsx_gen_ctx { int selection; int bit_security; int alg_idx; + int reverse_share; }; static int oqsx_has(const void *keydata, int selection) { @@ -104,6 +105,27 @@ static int oqsx_has(const void *keydata, int selection) { return ok; } +/* Sets the index of the key components in a comp_privkey or comp_pubkey array + */ +static void oqsx_comp_set_idx(const OQSX_KEY *key, int *idx_classic, + int *idx_pq) { + int reverse_share = (key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM) && + key->reverse_share; + + if (reverse_share) { + if (idx_classic) + *idx_classic = key->numkeys - 1; + if (idx_pq) + *idx_pq = 0; + } else { + if (idx_classic) + *idx_classic = 0; + if (idx_pq) + *idx_pq = key->numkeys - 1; + } +} + /* * Key matching has a problem in OQS world: OpenSSL assumes all keys to (also) * contain public key material @@ -356,6 +378,7 @@ static int oqsx_get_hybrid_params(OQSX_KEY *key, OSSL_PARAM params[]) { uint32_t classical_privkey_len = 0; int pq_pubkey_len = 0; int pq_privkey_len = 0; + int idx_classic, idx_pq; if (oqsx_key_is_hybrid(key) != 1) return 0; @@ -367,21 +390,25 @@ static int oqsx_get_hybrid_params(OQSX_KEY *key, OSSL_PARAM params[]) { return -1; } - if (key->comp_pubkey != NULL && key->pubkey != NULL) { - classical_pubkey = key->comp_pubkey[0]; + oqsx_comp_set_idx(key, &idx_classic, &idx_pq); + + if (key->comp_pubkey != NULL && key->pubkey != NULL && + key->comp_pubkey[idx_classic] != NULL) { + classical_pubkey = key->comp_pubkey[idx_classic]; DECODE_UINT32(classical_pubkey_len, key->pubkey); } - if (key->comp_privkey != NULL && key->privkey != NULL) { - classical_privkey = key->comp_privkey[0]; + if (key->comp_privkey != NULL && key->privkey != NULL && + key->comp_privkey[idx_classic] != NULL) { + classical_privkey = key->comp_privkey[idx_classic]; DECODE_UINT32(classical_privkey_len, key->privkey); } - if (key->comp_pubkey && key->comp_pubkey[1] != NULL) { - pq_pubkey = key->comp_pubkey[1]; + if (key->comp_pubkey != NULL && key->comp_pubkey[idx_pq] != NULL) { + pq_pubkey = key->comp_pubkey[idx_pq]; pq_pubkey_len = key->pubkeylen - classical_pubkey_len - SIZE_OF_UINT32; } - if (key->comp_privkey != NULL) { - pq_privkey = key->comp_privkey[1]; + if (key->comp_privkey != NULL && key->comp_privkey != NULL) { + pq_privkey = key->comp_privkey[idx_pq]; pq_privkey_len = key->privkeylen - classical_privkey_len - SIZE_OF_UINT32; } @@ -556,7 +583,7 @@ static const OSSL_PARAM *oqsx_settable_params(void *provctx) { static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, char *tls_name, int primitive, int bit_security, - int alg_idx) { + int alg_idx, int reverse_share) { OSSL_LIB_CTX *libctx = PROV_OQS_LIBCTX_OF(provctx); struct oqsx_gen_ctx *gctx = NULL; @@ -571,6 +598,7 @@ static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, gctx->selection = selection; gctx->bit_security = bit_security; gctx->alg_idx = alg_idx; + gctx->reverse_share = reverse_share; } return gctx; } @@ -584,7 +612,7 @@ static void *oqsx_genkey(struct oqsx_gen_ctx *gctx) { gctx->tls_name); if ((key = oqsx_key_new(gctx->libctx, gctx->oqs_name, gctx->tls_name, gctx->primitive, gctx->propq, gctx->bit_security, - gctx->alg_idx)) == NULL) { + gctx->alg_idx, gctx->reverse_share)) == NULL) { OQS_KM_PRINTF2("OQSKM: Error generating key for %s\n", gctx->tls_name); ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return NULL; @@ -669,543 +697,546 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[]) { ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_START static void *dilithium2_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2", KEY_TYPE_SIG, NULL, 128, 0); + "dilithium2", KEY_TYPE_SIG, NULL, 128, 0, 0); } static void *dilithium2_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2", 0, 128, 0); + "dilithium2", 0, 128, 0, 0); } static void *p256_dilithium2_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1); + "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1, 0); } static void *p256_dilithium2_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1); + "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1, 0); } static void *rsa3072_dilithium2_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2); + "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2, + 0); } static void *rsa3072_dilithium2_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); + "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2, 0); } static void *dilithium3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3", KEY_TYPE_SIG, NULL, 192, 3); + "dilithium3", KEY_TYPE_SIG, NULL, 192, 3, 0); } static void *dilithium3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3", 0, 192, 3); + "dilithium3", 0, 192, 3, 0); } static void *p384_dilithium3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 4); + "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 4, 0); } static void *p384_dilithium3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 4); + "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 4, 0); } static void *dilithium5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5", KEY_TYPE_SIG, NULL, 256, 5); + "dilithium5", KEY_TYPE_SIG, NULL, 256, 5, 0); } static void *dilithium5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5", 0, 256, 5); + "dilithium5", 0, 256, 5, 0); } static void *p521_dilithium5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 6); + "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 6, 0); } static void *p521_dilithium5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 6); + "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 6, 0); } static void *mldsa44_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44", KEY_TYPE_SIG, NULL, 128, 7); + "mldsa44", KEY_TYPE_SIG, NULL, 128, 7, 0); } static void *mldsa44_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", - 0, 128, 7); + 0, 128, 7, 0); } static void *p256_mldsa44_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 8); + "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 8, 0); } static void *p256_mldsa44_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 8); + "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 8, 0); } static void *rsa3072_mldsa44_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 9); + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 9, 0); } static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 9); + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 9, 0); } static void *mldsa44_pss2048_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 10); + "mldsa44_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 10, 0); } static void *mldsa44_pss2048_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "mldsa44_pss2048", KEY_TYPE_CMP_SIG, 112, 10); + "mldsa44_pss2048", KEY_TYPE_CMP_SIG, 112, 10, 0); } static void *mldsa44_rsa2048_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 11); + "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 11, 0); } static void *mldsa44_rsa2048_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, 112, 11); + "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, 112, 11, 0); } static void *mldsa44_ed25519_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 12); + "mldsa44_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 12, 0); } static void *mldsa44_ed25519_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "mldsa44_ed25519", KEY_TYPE_CMP_SIG, 128, 12); + "mldsa44_ed25519", KEY_TYPE_CMP_SIG, 128, 12, 0); } static void *mldsa44_p256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44_p256", KEY_TYPE_CMP_SIG, NULL, 128, 13); + "mldsa44_p256", KEY_TYPE_CMP_SIG, NULL, 128, 13, 0); } static void *mldsa44_p256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "mldsa44_p256", KEY_TYPE_CMP_SIG, 128, 13); + "mldsa44_p256", KEY_TYPE_CMP_SIG, 128, 13, 0); } static void *mldsa44_bp256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 14); + "mldsa44_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 14, 0); } static void *mldsa44_bp256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "mldsa44_bp256", KEY_TYPE_CMP_SIG, 256, 14); + "mldsa44_bp256", KEY_TYPE_CMP_SIG, 256, 14, 0); } static void *mldsa65_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65", KEY_TYPE_SIG, NULL, 192, 15); + "mldsa65", KEY_TYPE_SIG, NULL, 192, 15, 0); } static void *mldsa65_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", - 0, 192, 15); + 0, 192, 15, 0); } static void *p384_mldsa65_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 16); + "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 16, 0); } static void *p384_mldsa65_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 16); + "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 16, 0); } static void *mldsa65_pss3072_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 17); + "mldsa65_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 17, 0); } static void *mldsa65_pss3072_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "mldsa65_pss3072", KEY_TYPE_CMP_SIG, 128, 17); + "mldsa65_pss3072", KEY_TYPE_CMP_SIG, 128, 17, 0); } static void *mldsa65_rsa3072_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 18); + "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 18, 0); } static void *mldsa65_rsa3072_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, 128, 18); + "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, 128, 18, 0); } static void *mldsa65_p256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65_p256", KEY_TYPE_CMP_SIG, NULL, 128, 19); + "mldsa65_p256", KEY_TYPE_CMP_SIG, NULL, 128, 19, 0); } static void *mldsa65_p256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "mldsa65_p256", KEY_TYPE_CMP_SIG, 128, 19); + "mldsa65_p256", KEY_TYPE_CMP_SIG, 128, 19, 0); } static void *mldsa65_bp256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 20); + "mldsa65_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 20, 0); } static void *mldsa65_bp256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "mldsa65_bp256", KEY_TYPE_CMP_SIG, 256, 20); + "mldsa65_bp256", KEY_TYPE_CMP_SIG, 256, 20, 0); } static void *mldsa65_ed25519_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 21); + "mldsa65_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 21, 0); } static void *mldsa65_ed25519_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "mldsa65_ed25519", KEY_TYPE_CMP_SIG, 128, 21); + "mldsa65_ed25519", KEY_TYPE_CMP_SIG, 128, 21, 0); } static void *mldsa87_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87", KEY_TYPE_SIG, NULL, 256, 22); + "mldsa87", KEY_TYPE_SIG, NULL, 256, 22, 0); } static void *mldsa87_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", - 0, 256, 22); + 0, 256, 22, 0); } static void *p521_mldsa87_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 23); + "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 23, 0); } static void *p521_mldsa87_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 23); + "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 23, 0); } static void *mldsa87_p384_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87_p384", KEY_TYPE_CMP_SIG, NULL, 192, 24); + "mldsa87_p384", KEY_TYPE_CMP_SIG, NULL, 192, 24, 0); } static void *mldsa87_p384_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "mldsa87_p384", KEY_TYPE_CMP_SIG, 192, 24); + "mldsa87_p384", KEY_TYPE_CMP_SIG, 192, 24, 0); } static void *mldsa87_bp384_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 25); + "mldsa87_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 25, 0); } static void *mldsa87_bp384_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "mldsa87_bp384", KEY_TYPE_CMP_SIG, 384, 25); + "mldsa87_bp384", KEY_TYPE_CMP_SIG, 384, 25, 0); } static void *mldsa87_ed448_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 26); + "mldsa87_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 26, 0); } static void *mldsa87_ed448_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "mldsa87_ed448", KEY_TYPE_CMP_SIG, 192, 26); + "mldsa87_ed448", KEY_TYPE_CMP_SIG, 192, 26, 0); } static void *falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 27); + "falcon512", KEY_TYPE_SIG, NULL, 128, 27, 0); } static void *falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 27); + "falcon512", 0, 128, 27, 0); } static void *p256_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 28); + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 28, 0); } static void *p256_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 28); + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 28, 0); } static void *rsa3072_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 29); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 29, + 0); } static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 29); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 29, 0); } static void *falconpadded512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, "falconpadded512", - KEY_TYPE_SIG, NULL, 128, 30); + KEY_TYPE_SIG, NULL, 128, 30, 0); } static void *falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "falconpadded512", 0, 128, 30); + "falconpadded512", 0, 128, 30, 0); } static void *p256_falconpadded512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, "p256_falconpadded512", - KEY_TYPE_HYB_SIG, NULL, 128, 31); + KEY_TYPE_HYB_SIG, NULL, 128, 31, 0); } static void *p256_falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 31); + "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 31, 0); } static void *rsa3072_falconpadded512_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 32); + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 32, 0); } static void *rsa3072_falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 32); + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 32, + 0); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 33); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 33, 0); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 33); + "falcon1024", 0, 256, 33, 0); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34, 0); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34, 0); } static void *falconpadded1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_1024, "falconpadded1024", - KEY_TYPE_SIG, NULL, 256, 35); + KEY_TYPE_SIG, NULL, 256, 35, 0); } static void *falconpadded1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, - "falconpadded1024", 0, 256, 35); + "falconpadded1024", 0, 256, 35, 0); } static void *p521_falconpadded1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_1024, "p521_falconpadded1024", - KEY_TYPE_HYB_SIG, NULL, 256, 36); + KEY_TYPE_HYB_SIG, NULL, 256, 36, 0); } static void *p521_falconpadded1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, - "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 36); + "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 36, 0); } static void *sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 37); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 37, 0); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 37); + "sphincssha2128fsimple", 0, 128, 37, 0); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38, 0); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 38); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 38, 0); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 39); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 39, 0); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 39); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 39, 0); } static void *sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 40); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 40, 0); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 40); + "sphincssha2128ssimple", 0, 128, 40, 0); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 41); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 41, 0); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 41); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 41, 0); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 42); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 42, 0); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 42); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 42, 0); } static void *sphincssha2192fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 43); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 43, 0); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 43); + "sphincssha2192fsimple", 0, 192, 43, 0); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 44); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 44, 0); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 44); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 44, 0); } static void *sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 45); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 45, 0); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 45); + "sphincsshake128fsimple", 0, 128, 45, 0); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 46); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 46, 0); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 46); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 46, 0); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 47); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 47, 0); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 47); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 47, 0); } static void *mayo1_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_1, - "mayo1", KEY_TYPE_SIG, NULL, 128, 48); + "mayo1", KEY_TYPE_SIG, NULL, 128, 48, 0); } static void *mayo1_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_1, "mayo1", 0, - 128, 48); + 128, 48, 0); } static void *p256_mayo1_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_1, - "p256_mayo1", KEY_TYPE_HYB_SIG, NULL, 128, 49); + "p256_mayo1", KEY_TYPE_HYB_SIG, NULL, 128, 49, 0); } static void *p256_mayo1_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_1, "p256_mayo1", - KEY_TYPE_HYB_SIG, 128, 49); + KEY_TYPE_HYB_SIG, 128, 49, 0); } static void *mayo2_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_2, - "mayo2", KEY_TYPE_SIG, NULL, 128, 50); + "mayo2", KEY_TYPE_SIG, NULL, 128, 50, 0); } static void *mayo2_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_2, "mayo2", 0, - 128, 50); + 128, 50, 0); } static void *p256_mayo2_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_2, - "p256_mayo2", KEY_TYPE_HYB_SIG, NULL, 128, 51); + "p256_mayo2", KEY_TYPE_HYB_SIG, NULL, 128, 51, 0); } static void *p256_mayo2_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_2, "p256_mayo2", - KEY_TYPE_HYB_SIG, 128, 51); + KEY_TYPE_HYB_SIG, 128, 51, 0); } static void *mayo3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_3, - "mayo3", KEY_TYPE_SIG, NULL, 192, 52); + "mayo3", KEY_TYPE_SIG, NULL, 192, 52, 0); } static void *mayo3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_3, "mayo3", 0, - 192, 52); + 192, 52, 0); } static void *p384_mayo3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_3, - "p384_mayo3", KEY_TYPE_HYB_SIG, NULL, 192, 53); + "p384_mayo3", KEY_TYPE_HYB_SIG, NULL, 192, 53, 0); } static void *p384_mayo3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_3, "p384_mayo3", - KEY_TYPE_HYB_SIG, 192, 53); + KEY_TYPE_HYB_SIG, 192, 53, 0); } static void *mayo5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_5, - "mayo5", KEY_TYPE_SIG, NULL, 256, 54); + "mayo5", KEY_TYPE_SIG, NULL, 256, 54, 0); } static void *mayo5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_5, "mayo5", 0, - 256, 54); + 256, 54, 0); } static void *p521_mayo5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_5, - "p521_mayo5", KEY_TYPE_HYB_SIG, NULL, 256, 55); + "p521_mayo5", KEY_TYPE_HYB_SIG, NULL, 256, 55, 0); } static void *p521_mayo5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_5, "p521_mayo5", - KEY_TYPE_HYB_SIG, 256, 55); + KEY_TYPE_HYB_SIG, 256, 55, 0); } static void *CROSSrsdp128balanced_new_key(void *provctx) { @@ -1254,12 +1285,12 @@ static void *CROSSrsdp128balanced_gen_init(void *provctx, int selection) { static void *tokalg##_new_key(void *provctx) { \ return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, \ "" #tokalg "", KEY_TYPE_KEM, NULL, bit_security, \ - -1); \ + -1, 0); \ } \ \ static void *tokalg##_gen_init(void *provctx, int selection) { \ return oqsx_gen_init(provctx, selection, tokoqsalg, "" #tokalg "", \ - KEY_TYPE_KEM, bit_security, -1); \ + KEY_TYPE_KEM, bit_security, -1, 0); \ } \ \ const OSSL_DISPATCH oqs_##tokalg##_keymgmt_functions[] = { \ @@ -1292,12 +1323,12 @@ static void *CROSSrsdp128balanced_gen_init(void *provctx, int selection) { static void *ecp_##tokalg##_new_key(void *provctx) { \ return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, \ "" #tokalg "", KEY_TYPE_ECP_HYB_KEM, NULL, \ - bit_security, -1); \ + bit_security, -1, 0); \ } \ \ static void *ecp_##tokalg##_gen_init(void *provctx, int selection) { \ return oqsx_gen_init(provctx, selection, tokoqsalg, "" #tokalg "", \ - KEY_TYPE_ECP_HYB_KEM, bit_security, -1); \ + KEY_TYPE_ECP_HYB_KEM, bit_security, -1, 0); \ } \ \ const OSSL_DISPATCH oqs_ecp_##tokalg##_keymgmt_functions[] = { \ @@ -1325,16 +1356,17 @@ static void *CROSSrsdp128balanced_gen_init(void *provctx, int selection) { {OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))oqsx_load}, \ {0, NULL}}; -#define MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(tokalg, tokoqsalg, bit_security) \ +#define MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(tokalg, tokoqsalg, bit_security, \ + pqfips) \ static void *ecx_##tokalg##_new_key(void *provctx) { \ return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), tokoqsalg, \ "" #tokalg "", KEY_TYPE_ECX_HYB_KEM, NULL, \ - bit_security, -1); \ + bit_security, -1, pqfips); \ } \ \ static void *ecx_##tokalg##_gen_init(void *provctx, int selection) { \ return oqsx_gen_init(provctx, selection, tokoqsalg, "" #tokalg "", \ - KEY_TYPE_ECX_HYB_KEM, bit_security, -1); \ + KEY_TYPE_ECX_HYB_KEM, bit_security, -1, pqfips); \ } \ \ const OSSL_DISPATCH oqs_ecx_##tokalg##_keymgmt_functions[] = { \ @@ -1427,28 +1459,28 @@ MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, - 128) + 128, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, - OQS_KEM_alg_frodokem_640_shake, 128) + OQS_KEM_alg_frodokem_640_shake, 128, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, - 192) + 192, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, - OQS_KEM_alg_frodokem_976_shake, 192) + OQS_KEM_alg_frodokem_976_shake, 192, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, @@ -1461,14 +1493,14 @@ MAKE_KEM_KEYMGMT_FUNCTIONS(kyber512, OQS_KEM_alg_kyber_512, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber512, OQS_KEM_alg_kyber_512, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber512, OQS_KEM_alg_kyber_512, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber512, OQS_KEM_alg_kyber_512, 128, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber768, OQS_KEM_alg_kyber_768, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_kyber768, OQS_KEM_alg_kyber_768, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_kyber768, OQS_KEM_alg_kyber_768, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_kyber768, OQS_KEM_alg_kyber_768, 192, 0) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber768, OQS_KEM_alg_kyber_768, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_kyber768, OQS_KEM_alg_kyber_768, 128, 0) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber768, OQS_KEM_alg_kyber_768, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber1024, OQS_KEM_alg_kyber_1024, 256) @@ -1477,15 +1509,15 @@ MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem512, OQS_KEM_alg_ml_kem_512, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_mlkem512, OQS_KEM_alg_ml_kem_512, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_mlkem512, OQS_KEM_alg_ml_kem_512, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_mlkem512, OQS_KEM_alg_ml_kem_512, 128, 1) MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem768, OQS_KEM_alg_ml_kem_768, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_mlkem768, OQS_KEM_alg_ml_kem_768, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_mlkem768, OQS_KEM_alg_ml_kem_768, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_mlkem768, OQS_KEM_alg_ml_kem_768, 192, 1) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_mlkem768, OQS_KEM_alg_ml_kem_768, 128) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_mlkem768, OQS_KEM_alg_ml_kem_768, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(X25519MLKEM768, OQS_KEM_alg_ml_kem_768, 128, 1) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(SecP256r1MLKEM768, OQS_KEM_alg_ml_kem_768, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) @@ -1494,12 +1526,12 @@ MAKE_KEM_KEYMGMT_FUNCTIONS(bikel1, OQS_KEM_alg_bike_l1, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_bikel1, OQS_KEM_alg_bike_l1, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_bikel1, OQS_KEM_alg_bike_l1, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_bikel1, OQS_KEM_alg_bike_l1, 128, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel3, OQS_KEM_alg_bike_l3, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_bikel3, OQS_KEM_alg_bike_l3, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_bikel3, OQS_KEM_alg_bike_l3, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_bikel3, OQS_KEM_alg_bike_l3, 192, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel5, OQS_KEM_alg_bike_l5, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_bikel5, OQS_KEM_alg_bike_l5, 256) @@ -1507,12 +1539,12 @@ MAKE_KEM_KEYMGMT_FUNCTIONS(hqc128, OQS_KEM_alg_hqc_128, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_hqc128, OQS_KEM_alg_hqc_128, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_hqc128, OQS_KEM_alg_hqc_128, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_hqc128, OQS_KEM_alg_hqc_128, 128, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(hqc192, OQS_KEM_alg_hqc_192, 192) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_hqc192, OQS_KEM_alg_hqc_192, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_hqc192, OQS_KEM_alg_hqc_192, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_hqc192, OQS_KEM_alg_hqc_192, 192, 0) MAKE_KEM_KEYMGMT_FUNCTIONS(hqc256, OQS_KEM_alg_hqc_256, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_hqc256, OQS_KEM_alg_hqc_256, 256) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index a156e5be..bb8ed1a9 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -157,6 +157,9 @@ struct oqsx_key_st { const OQSX_EVP_INFO *evp_info; size_t numkeys; + /* Indicates if the share of a hybrid scheme should be reversed */ + int reverse_share; + /* key lengths including size fields for classic key length information: * (numkeys-1)*SIZE_OF_UINT32 */ @@ -214,7 +217,7 @@ int oqs_set_nid(char *tlsname, int nid); * separately */ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int is_kem, const char *propq, int bit_security, - int alg_idx); + int alg_idx, int reverse_share); /* allocate key material; component pointers need to be set separately */ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private); @@ -804,39 +807,39 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_mlkem768_decoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_X25519MLKEM768_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_X25519MLKEM768_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_X25519MLKEM768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_X25519MLKEM768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_X25519MLKEM768_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_x25519_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_mlkem768_to_text_encoder_functions[]; + oqs_X25519MLKEM768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_X25519MLKEM768_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_mlkem768_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_X25519MLKEM768_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_mlkem768_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_X25519MLKEM768_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_mlkem768_to_text_encoder_functions[]; + oqs_SecP256r1MLKEM768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SecP256r1MLKEM768_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_mlkem768_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_SecP256r1MLKEM768_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_mlkem768_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_SecP256r1MLKEM768_decoder_functions[]; extern const OSSL_DISPATCH oqs_mlkem1024_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -2272,8 +2275,8 @@ extern const OSSL_DISPATCH oqs_mlkem768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p384_mlkem768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecx_x448_mlkem768_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecx_x25519_mlkem768_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_ecp_p256_mlkem768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_X25519MLKEM768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_SecP256r1MLKEM768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_mlkem1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p521_mlkem1024_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index afddf1fc..cd0403de 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -110,9 +110,9 @@ DECODER_w_structure("mlkem768", der, PrivateKeyInfo, mlkem768), DECODER_w_structure("mlkem768", der, SubjectPublicKeyInfo, mlkem768), DECODER_w_structure("p384_mlkem768", der, PrivateKeyInfo, p384_mlkem768), DECODER_w_structure("p384_mlkem768", der, SubjectPublicKeyInfo, p384_mlkem768),DECODER_w_structure("x448_mlkem768", der, PrivateKeyInfo, x448_mlkem768), -DECODER_w_structure("x448_mlkem768", der, SubjectPublicKeyInfo, x448_mlkem768),DECODER_w_structure("x25519_mlkem768", der, PrivateKeyInfo, x25519_mlkem768), -DECODER_w_structure("x25519_mlkem768", der, SubjectPublicKeyInfo, x25519_mlkem768),DECODER_w_structure("p256_mlkem768", der, PrivateKeyInfo, p256_mlkem768), -DECODER_w_structure("p256_mlkem768", der, SubjectPublicKeyInfo, p256_mlkem768), +DECODER_w_structure("x448_mlkem768", der, SubjectPublicKeyInfo, x448_mlkem768),DECODER_w_structure("X25519MLKEM768", der, PrivateKeyInfo, X25519MLKEM768), +DECODER_w_structure("X25519MLKEM768", der, SubjectPublicKeyInfo, X25519MLKEM768),DECODER_w_structure("SecP256r1MLKEM768", der, PrivateKeyInfo, SecP256r1MLKEM768), +DECODER_w_structure("SecP256r1MLKEM768", der, SubjectPublicKeyInfo, SecP256r1MLKEM768), #endif #ifdef OQS_ENABLE_KEM_ml_kem_1024 DECODER_w_structure("mlkem1024", der, PrivateKeyInfo, mlkem1024), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index e756572f..386ef8a0 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -327,20 +327,20 @@ ENCODER_w_structure("x448_mlkem768", x448_mlkem768, pem, EncryptedPrivateKeyInfo ENCODER_w_structure("x448_mlkem768", x448_mlkem768, der, SubjectPublicKeyInfo), ENCODER_w_structure("x448_mlkem768", x448_mlkem768, pem, SubjectPublicKeyInfo), ENCODER_TEXT("x448_mlkem768", x448_mlkem768), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_mlkem768", x25519_mlkem768), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, PrivateKeyInfo), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_mlkem768", p256_mlkem768), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, der, PrivateKeyInfo), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, pem, PrivateKeyInfo), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("X25519MLKEM768", X25519MLKEM768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("X25519MLKEM768", X25519MLKEM768), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, der, PrivateKeyInfo), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, pem, PrivateKeyInfo), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("SecP256r1MLKEM768", SecP256r1MLKEM768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("SecP256r1MLKEM768", SecP256r1MLKEM768), #endif #ifdef OQS_ENABLE_KEM_ml_kem_1024 ENCODER_w_structure("mlkem1024", mlkem1024, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 80436ccf..39890ba3 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -123,9 +123,9 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { NULL, "x448_mlkem768", NULL, - "x25519_mlkem768", + "X25519MLKEM768", NULL, - "p256_mlkem768", + "SecP256r1MLKEM768", "2.16.840.1.101.3.4.4.3", "mlkem1024", NULL, @@ -366,9 +366,9 @@ int oqs_patch_oids(void) { oqs_oid_alg_list[60] = envval; if ((envval = getenv("OQS_OID_X448_MLKEM768"))) oqs_oid_alg_list[62] = envval; - if ((envval = getenv("OQS_OID_X25519_MLKEM768"))) + if ((envval = getenv("OQS_OID_X25519MLKEM768"))) oqs_oid_alg_list[64] = envval; - if ((envval = getenv("OQS_OID_P256_MLKEM768"))) + if ((envval = getenv("OQS_OID_SECP256R1MLKEM768"))) oqs_oid_alg_list[66] = envval; if ((envval = getenv("OQS_OID_MLKEM1024"))) oqs_oid_alg_list[68] = envval; @@ -731,8 +731,8 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { KEMBASEALG(mlkem768, 192) KEMHYBALG(p384_mlkem768, 192) KEMHYBALG(x448_mlkem768, 192) - KEMHYBALG(x25519_mlkem768, 128) - KEMHYBALG(p256_mlkem768, 128) + KEMHYBALG(X25519MLKEM768, 128) + KEMHYBALG(SecP256r1MLKEM768, 128) #endif #ifdef OQS_ENABLE_KEM_ml_kem_1024 KEMBASEALG(mlkem1024, 256) @@ -935,8 +935,8 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { KEMKMHYBALG(p384_mlkem768, 192, ecp) KEMKMHYBALG(x448_mlkem768, 192, ecx) - KEMKMHYBALG(x25519_mlkem768, 128, ecx) - KEMKMHYBALG(p256_mlkem768, 128, ecp) + KEMKMHYBALG(X25519MLKEM768, 128, ecx) + KEMKMHYBALG(SecP256r1MLKEM768, 128, ecp) #endif #ifdef OQS_ENABLE_KEM_ml_kem_1024 KEMKMALG(mlkem1024, 256) @@ -1240,11 +1240,11 @@ int OQS_PROVIDER_ENTRYPOINT_NAME(const OSSL_CORE_HANDLE *handle, end_init: if (!rc) { - if (ossl_versionp) + if (ossl_versionp) { OQS_PROV_PRINTF2( "oqsprovider init failed for OpenSSL core version %s\n", ossl_versionp); - else + } else OQS_PROV_PRINTF("oqsprovider init failed for OpenSSL\n"); if (libctx) OSSL_LIB_CTX_free(libctx); diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index e66ef1af..bf8081e2 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -78,8 +78,8 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { {0x2F4C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2FB7, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FB8, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {4587, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x11ec, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x11eb, 192, TLS1_3_VERSION, 0, -1, -1, 1}, {0x1024, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F4D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, @@ -209,8 +209,9 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(p384_mlkem768, p384_mlkem768, p384_mlkem768, 30), OQS_GROUP_ENTRY(x448_mlkem768, x448_mlkem768, x448_mlkem768, 31), - OQS_GROUP_ENTRY(x25519_mlkem768, x25519_mlkem768, x25519_mlkem768, 32), - OQS_GROUP_ENTRY(p256_mlkem768, p256_mlkem768, p256_mlkem768, 33), + OQS_GROUP_ENTRY(X25519MLKEM768, X25519MLKEM768, X25519MLKEM768, 32), + OQS_GROUP_ENTRY(SecP256r1MLKEM768, SecP256r1MLKEM768, SecP256r1MLKEM768, + 33), #endif #ifdef OQS_ENABLE_KEM_ml_kem_1024 OQS_GROUP_ENTRY(mlkem1024, mlkem1024, mlkem1024, 34), @@ -388,12 +389,12 @@ int oqs_patch_codepoints() { if (getenv("OQS_CODEPOINT_X448_MLKEM768")) oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_MLKEM768")); - if (getenv("OQS_CODEPOINT_X25519_MLKEM768")) + if (getenv("OQS_CODEPOINT_X25519MLKEM768")) oqs_group_list[32].group_id = - atoi(getenv("OQS_CODEPOINT_X25519_MLKEM768")); - if (getenv("OQS_CODEPOINT_P256_MLKEM768")) + atoi(getenv("OQS_CODEPOINT_X25519MLKEM768")); + if (getenv("OQS_CODEPOINT_SECP256R1MLKEM768")) oqs_group_list[33].group_id = - atoi(getenv("OQS_CODEPOINT_P256_MLKEM768")); + atoi(getenv("OQS_CODEPOINT_SECP256R1MLKEM768")); if (getenv("OQS_CODEPOINT_MLKEM1024")) oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_MLKEM1024")); if (getenv("OQS_CODEPOINT_P521_MLKEM1024")) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 17d9b589..6153b1de 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -45,6 +45,7 @@ typedef struct { char *oqsname; int keytype; int secbits; + int reverseshare; } oqs_nid_name_t; static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); @@ -60,69 +61,74 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { #ifdef OQS_KEM_ENCODERS - {0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128}, + {0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128, 0}, {0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM, - 128}, + 128, 0}, {0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, - KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128}, + KEY_TYPE_ECX_HYB_KEM, 128, 0}, + {0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128, 0}, {0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, - KEY_TYPE_ECP_HYB_KEM, 128}, + KEY_TYPE_ECP_HYB_KEM, 128, 0}, {0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, - KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192}, + KEY_TYPE_ECX_HYB_KEM, 128, 0}, + {0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192, 0}, {0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM, - 192}, + 192, 0}, {0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM, - 192}, - {0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192}, + 192, 0}, + {0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192, 0}, {0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, - KEY_TYPE_ECP_HYB_KEM, 192}, + KEY_TYPE_ECP_HYB_KEM, 192, 0}, {0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, - KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256}, + KEY_TYPE_ECX_HYB_KEM, 192, 0}, + {0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256, 0}, {0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, - KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256}, + KEY_TYPE_ECP_HYB_KEM, 256, 0}, + {0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256, + 0}, {0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, - KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128}, - {0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192}, - {0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256}, - {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_KEM, 128}, - {0, "p256_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_KEM, 192}, - {0, "p384_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "x25519_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "p256_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_KEM, 256}, - {0, "p521_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "p384_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, - {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192}, - {0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256}, - {0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128}, - {0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192}, - {0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256}, - {0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM, 256}, + KEY_TYPE_ECP_HYB_KEM, 256, 0}, + {0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128, 0}, + {0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM, 128, 0}, + {0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM, 128, 0}, + {0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192, 0}, + {0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192, 0}, + {0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192, 0}, + {0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192, 0}, + {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192, 0}, + {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256, 0}, + {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256, 0}, + {0, "mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_KEM, 128, 0}, + {0, "p256_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECP_HYB_KEM, 128, 0}, + {0, "x25519_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECX_HYB_KEM, 128, + 1}, + {0, "mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_KEM, 192, 0}, + {0, "p384_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192, 0}, + {0, "x448_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192, 1}, + {0, "X25519MLKEM768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192, 1}, + {0, "SecP256r1MLKEM768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192, + 0}, + {0, "mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_KEM, 256, 0}, + {0, "p521_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256, + 0}, + {0, "p384_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256, + 0}, + {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128, 0}, + {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128, 0}, + {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128, 0}, + {0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192, 0}, + {0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM, 192, 0}, + {0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM, 192, 0}, + {0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256, 0}, + {0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM, 256, 0}, + {0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128, 0}, + {0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM, 128, 0}, + {0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM, 128, 0}, + {0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192, 0}, + {0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM, 192, 0}, + {0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM, 192, 0}, + {0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256, 0}, + {0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM, 256, 0}, #endif /* OQS_KEM_ENCODERS */ {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, @@ -220,6 +226,15 @@ static int get_secbits(int nid) { return 0; } +static int get_reverseshare(int nid) { + int i; + for (i = 0; i < NID_TABLE_LEN; i++) { + if (nid_names[i].nid == nid) + return nid_names[i].reverseshare; + } + return 0; +} + static int get_keytype(int nid) { int i; for (i = 0; i < NID_TABLE_LEN; i++) { @@ -286,8 +301,107 @@ int get_oqsalg_idx(int nid) { return -1; } +/* Sets the index of the key components in a comp_privkey or comp_pubkey array + */ +static void oqsx_comp_set_idx(const OQSX_KEY *key, int *idx_classic, + int *idx_pq) { + int reverse_share = (key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM) && + key->reverse_share; + + if (reverse_share) { + if (idx_classic) + *idx_classic = key->numkeys - 1; + if (idx_pq) + *idx_pq = 0; + } else { + if (idx_classic) + *idx_classic = 0; + if (idx_pq) + *idx_pq = key->numkeys - 1; + } +} + +/* Sets the index of the key components in a comp_privkey or comp_pubkey array + */ +static int oqsx_comp_set_offsets(const OQSX_KEY *key, int set_privkey_offsets, + int set_pubkey_offsets, + int classic_lengths_fixed) { + int ret = 1; + uint32_t classic_pubkey_len = 0; + uint32_t classic_privkey_len = 0; + char *privkey = (char *)key->privkey; + char *pubkey = (char *)key->pubkey; + + // The only special case with reversed keys (so far) + // is: x25519_mlkem* + int reverse_share = (key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM) && + key->reverse_share; + + if (set_privkey_offsets) { + key->comp_privkey[0] = privkey + SIZE_OF_UINT32; + + if (!classic_lengths_fixed) { + DECODE_UINT32(classic_privkey_len, privkey); + if (classic_privkey_len > key->evp_info->length_private_key) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + ret = 0; + goto err; + } + } else { + classic_privkey_len = key->evp_info->length_private_key; + } + + if (reverse_share) { + // structure is: + // UINT32 (encoding classic key size) | PQ_KEY | CLASSIC_KEY + key->comp_privkey[1] = + privkey + + key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key + + SIZE_OF_UINT32; + } else { + // structure is: + // UINT32 (encoding classic key size) | CLASSIC_KEY | PQ_KEY + key->comp_privkey[1] = + privkey + classic_privkey_len + SIZE_OF_UINT32; + } + } + + if (set_pubkey_offsets) { + key->comp_pubkey[0] = pubkey + SIZE_OF_UINT32; + + if (!classic_lengths_fixed) { + DECODE_UINT32(classic_pubkey_len, pubkey); + if (classic_pubkey_len > key->evp_info->length_public_key) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + ret = 0; + goto err; + } + } else { + classic_pubkey_len = key->evp_info->length_public_key; + } + + if (reverse_share) { + // structure is: + // UINT32 (encoding classic key size) | PQ_KEY | CLASSIC_KEY + key->comp_pubkey[1] = + pubkey + + key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key + + SIZE_OF_UINT32; + } else { + // structure is: + // UINT32 (encoding classic key size) | CLASSIC_KEY | PQ_KEY + key->comp_pubkey[1] = pubkey + classic_pubkey_len + SIZE_OF_UINT32; + } + } + +err: + return ret; +} + /* Prepare composite data structures. RetVal 0 is error. */ -static int oqsx_key_set_composites(OQSX_KEY *key) { +static int oqsx_key_set_composites(OQSX_KEY *key, int classic_lengths_fixed) { int ret = 1; OQS_KEY_PRINTF2("Setting composites with evp_info %p\n", key->evp_info); @@ -316,32 +430,19 @@ static int oqsx_key_set_composites(OQSX_KEY *key) { } } } else { - uint32_t classic_pubkey_len = 0; - uint32_t classic_privkey_len = 0; - if (key->privkey) { - key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_privkey_len, key->privkey); - if (classic_privkey_len > key->evp_info->length_private_key) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - key->comp_privkey[1] = - (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; - } else { + /* Sets composites for comp_privkey and comp_pubkey structures, if + * applicable */ + ret = oqsx_comp_set_offsets(key, key->privkey != NULL, + key->pubkey != NULL, + classic_lengths_fixed); + ON_ERR_GOTO(ret == 0, err); + + if (!key->privkey) { key->comp_privkey[0] = NULL; key->comp_privkey[1] = NULL; } - if (key->pubkey) { - key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_pubkey_len, key->pubkey); - if (classic_pubkey_len > key->evp_info->length_public_key) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - key->comp_pubkey[1] = - (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; - } else { + if (!key->pubkey) { key->comp_pubkey[0] = NULL; key->comp_pubkey[1] = NULL; } @@ -386,7 +487,8 @@ static OQSX_KEY *oqsx_key_new_from_nid(OSSL_LIB_CTX *libctx, const char *propq, } return oqsx_key_new(libctx, get_oqsname(nid), tls_algname, get_keytype(nid), - propq, get_secbits(nid), get_oqsalg_idx(nid)); + propq, get_secbits(nid), get_oqsalg_idx(nid), + get_reverseshare(nid)); } /* Workaround for not functioning EC PARAM initialization @@ -442,17 +544,24 @@ static const OQSX_EVP_INFO nids_sig[] = { }; // These two array need to stay synced: // note only leading 4 chars of alg name are checked -static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; +static const char *OQSX_ECP_NAMES[] = { + "p256", "p384", "p521", "SecP256r1", "SecP384r1", "SecP521r1", 0}; static const OQSX_EVP_INFO nids_ecp[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit - {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0} // 256 bit + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0}, // 256 bit + {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0}, // 256 bit + {0, 0, 0, 0, 0, 0, 0} // 256 bit }; // These two array need to stay synced: // note only leading 4 chars of alg name are checked -static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", 0}; +static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", "X25519", "X448", 0}; static const OQSX_EVP_INFO nids_ecx[] = { + {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit + {EVP_PKEY_X448, 0, 1, 56, 56, 56, 0}, // 192 bit {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit {EVP_PKEY_X448, 0, 1, 56, 56, 56, 0}, // 192 bit {0, 0, 0, 0, 0, 0, 0} // 256 bit @@ -525,12 +634,13 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; int idx = 0; + while (idx < OSSL_NELEM(OQSX_ECP_NAMES)) { - if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) + if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], (idx < 3) ? 4 : 7)) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecp); + ON_ERR_GOTO(idx < 0 || idx > 6, err_init_ecp); evp_ctx->evp_info = &nids_ecp[idx]; @@ -560,7 +670,7 @@ static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecx); + ON_ERR_GOTO(idx < 0 || idx > 4, err_init_ecx); evp_ctx->evp_info = &nids_ecx[idx]; @@ -820,16 +930,24 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, if (key->numkeys == 2) { unsigned char *pubkey = (unsigned char *)key->pubkey; ENCODE_UINT32(pubkey, key->evp_info->length_public_key); - memcpy(pubkey + SIZE_OF_UINT32 + - key->evp_info->length_public_key, - p + actualprivkeylen, plen - actualprivkeylen); + if (key->reverse_share) { + memcpy(pubkey + SIZE_OF_UINT32, p + actualprivkeylen, + plen - actualprivkeylen); + } else { + memcpy(pubkey + SIZE_OF_UINT32 + + key->evp_info->length_public_key, + p + actualprivkeylen, plen - actualprivkeylen); + } } else memcpy(key->pubkey, p + key->privkeylen, plen - key->privkeylen); #endif } } - if (!oqsx_key_set_composites(key) || !oqsx_key_recreate_classickey(key, op)) + if (!oqsx_key_set_composites(key, + key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM) || + !oqsx_key_recreate_classickey(key, op)) goto err_key_op; return key; @@ -938,6 +1056,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { } } else { if (key->numkeys == 2) { // hybrid key + int idx_classic; + oqsx_comp_set_idx(key, &idx_classic, NULL); + uint32_t classical_pubkey_len = 0; uint32_t classical_privkey_len = 0; if (!key->evp_info) { @@ -945,7 +1066,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { goto rec_err; } if (op == KEY_OP_PUBLIC) { - const unsigned char *enc_pubkey = key->comp_pubkey[0]; + const unsigned char *enc_pubkey = key->comp_pubkey[idx_classic]; DECODE_UINT32(classical_pubkey_len, key->pubkey); if (classical_pubkey_len > key->evp_info->length_public_key) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -980,8 +1101,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } - const unsigned char *enc_privkey = key->comp_privkey[0]; - unsigned char *enc_pubkey = key->comp_pubkey[0]; + const unsigned char *enc_privkey = + key->comp_privkey[idx_classic]; + unsigned char *enc_pubkey = key->comp_pubkey[idx_classic]; if (key->evp_info->raw_key_support) { key->classical_pkey = EVP_PKEY_new_raw_private_key( key->evp_info->keytype, NULL, enc_privkey, @@ -1290,7 +1412,7 @@ extern const char *oqs_oid_alg_list[]; OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, - int alg_idx) { + int alg_idx, int reverse_share) { OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); // ensure all component pointers are NULL OQSX_EVP_CTX *evp_ctx = NULL; @@ -1359,6 +1481,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, break; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: + ret->reverse_share = reverse_share; ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { fprintf(stderr, @@ -1601,6 +1724,9 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { const OSSL_PARAM *pp1, *pp2; + int classic_lengths_fixed = key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM; + OQS_KEY_PRINTF("OQSX Key from data called\n"); pp1 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); pp2 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); @@ -1643,7 +1769,7 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], } memcpy(key->pubkey, pp2->data, pp2->data_size); } - if (!oqsx_key_set_composites(key) || + if (!oqsx_key_set_composites(key, classic_lengths_fixed) || !oqsx_key_recreate_classickey( key, key->privkey != NULL ? KEY_OP_PRIVATE : KEY_OP_PUBLIC)) return 0; @@ -1652,22 +1778,26 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], // OQS key always the last of the numkeys comp keys static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { + int idx_pq; + oqsx_comp_set_idx(key, NULL, &idx_pq); + if (gen_kem) return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); + key->comp_pubkey[idx_pq], + key->comp_privkey[idx_pq]); else { return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); + key->comp_pubkey[idx_pq], + key->comp_privkey[idx_pq]); } } /* Generate classic keys, store length in leading SIZE_OF_UINT32 bytes of * pubkey/privkey buffers; returned EVP_PKEY must be freed if not used */ -static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, - unsigned char *privkey, int encode) { +static EVP_PKEY *oqsx_key_gen_evp_key_sig(OQSX_EVP_CTX *ctx, + unsigned char *pubkey, + unsigned char *privkey, int encode) { int ret = 0, ret2 = 0, aux = 0; // Free at errhyb: @@ -1760,6 +1890,96 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, return NULL; } +/* Generate classic keys, store length in leading SIZE_OF_UINT32 bytes of + * pubkey/privkey buffers; returned EVP_PKEY must be freed if not used + */ +static EVP_PKEY *oqsx_key_gen_evp_key_kem(OQSX_KEY *key, unsigned char *pubkey, + unsigned char *privkey, int encode) { + int ret = 0, ret2 = 0, aux = 0; + + // Free at errhyb: + EVP_PKEY_CTX *kgctx = NULL; + EVP_PKEY *pkey = NULL; + unsigned char *pubkey_encoded = NULL; + int idx_classic; + OQSX_EVP_CTX *ctx = key->oqsx_provider_ctx.oqsx_evp_ctx; + + size_t pubkeylen = 0, privkeylen = 0; + + unsigned char *pubkey_sizeenc = key->pubkey; + unsigned char *privkey_sizeenc = key->privkey; + + if (ctx->keyParam) + kgctx = EVP_PKEY_CTX_new(ctx->keyParam, NULL); + else + kgctx = EVP_PKEY_CTX_new_id(ctx->evp_info->nid, NULL); + ON_ERR_SET_GOTO(!kgctx, ret, -1, errhyb); + + ret2 = EVP_PKEY_keygen_init(kgctx); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); + + ret2 = EVP_PKEY_keygen(kgctx, &pkey); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); + + if (ctx->evp_info->raw_key_support) { + // TODO: If available, use preallocated memory + if (ctx->evp_info->nid != NID_ED25519 && + ctx->evp_info->nid != NID_ED448) { + pubkeylen = EVP_PKEY_get1_encoded_public_key(pkey, &pubkey_encoded); + ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key || + !pubkey_encoded, + ret, -3, errhyb); + memcpy(pubkey + aux, pubkey_encoded, pubkeylen); + } else { + pubkeylen = ctx->evp_info->length_public_key; + ret2 = EVP_PKEY_get_raw_public_key(pkey, pubkey + aux, &pubkeylen); + ON_ERR_SET_GOTO(ret2 <= 0 || + pubkeylen != ctx->evp_info->length_public_key, + ret, -3, errhyb); + } + privkeylen = ctx->evp_info->length_private_key; + ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + aux, &privkeylen); + ON_ERR_SET_GOTO(ret2 <= 0 || + privkeylen != ctx->evp_info->length_private_key, + ret, -4, errhyb); + } else { + unsigned char *pubkey_enc = pubkey + aux; + const unsigned char *pubkey_enc2 = pubkey + aux; + pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); + ON_ERR_SET_GOTO(!pubkey_enc || + pubkeylen > (int)ctx->evp_info->length_public_key, + ret, -11, errhyb); + unsigned char *privkey_enc = privkey + aux; + const unsigned char *privkey_enc2 = privkey + aux; + privkeylen = i2d_PrivateKey(pkey, &privkey_enc); + ON_ERR_SET_GOTO(!privkey_enc || + privkeylen > (int)ctx->evp_info->length_private_key, + ret, -12, errhyb); + // selftest: + EVP_PKEY *ck2 = d2i_PrivateKey(ctx->evp_info->keytype, NULL, + &privkey_enc2, privkeylen); + ON_ERR_SET_GOTO(!ck2, ret, -14, errhyb); + EVP_PKEY_free(ck2); + } + if (encode) { + ENCODE_UINT32(pubkey_sizeenc, pubkeylen); + ENCODE_UINT32(privkey_sizeenc, privkeylen); + } + OQS_KEY_PRINTF3( + "OQSKM: Storing classical privkeylen: %ld & pubkeylen: %ld\n", + privkeylen, pubkeylen); + + EVP_PKEY_CTX_free(kgctx); + OPENSSL_free(pubkey_encoded); + return pkey; + +errhyb: + EVP_PKEY_CTX_free(kgctx); + EVP_PKEY_free(pkey); + OPENSSL_free(pubkey_encoded); + return NULL; +} + /* allocates OQS and classical keys */ int oqsx_key_gen(OQSX_KEY *key) { int ret = 0; @@ -1772,17 +1992,32 @@ int oqsx_key_gen(OQSX_KEY *key) { } if (key->keytype == KEY_TYPE_KEM) { - ret = !oqsx_key_set_composites(key); + ret = !oqsx_key_set_composites(key, 0); ON_ERR_GOTO(ret, err_gen); ret = oqsx_key_gen_oqs(key, 1); - } else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || - key->keytype == KEY_TYPE_ECX_HYB_KEM || - key->keytype == KEY_TYPE_HYB_SIG) { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, - key->pubkey, key->privkey, 1); + } else if (key->keytype == KEY_TYPE_HYB_SIG) { + pkey = oqsx_key_gen_evp_key_sig(key->oqsx_provider_ctx.oqsx_evp_ctx, + key->pubkey, key->privkey, 1); ON_ERR_GOTO(pkey == NULL, err_gen); - ret = !oqsx_key_set_composites(key); + ret = !oqsx_key_set_composites(key, 0); ON_ERR_GOTO(ret, err_gen); + OQS_KEY_PRINTF3("OQSKM: OQSX_KEY privkeylen %ld & pubkeylen: %ld\n", + key->privkeylen, key->pubkeylen); + + key->classical_pkey = pkey; + ret = oqsx_key_gen_oqs(key, key->keytype != KEY_TYPE_HYB_SIG); + } else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || + key->keytype == KEY_TYPE_ECX_HYB_KEM) { + int idx_classic; + oqsx_comp_set_idx(key, &idx_classic, NULL); + + ret = !oqsx_key_set_composites(key, 1); + ON_ERR_GOTO(ret != 0, err_gen); + + pkey = oqsx_key_gen_evp_key_kem(key, key->comp_pubkey[idx_classic], + key->comp_privkey[idx_classic], 1); + ON_ERR_GOTO(pkey == NULL, err_gen); + OQS_KEY_PRINTF3("OQSKM: OQSX_KEY privkeylen %ld & pubkeylen: %ld\n", key->privkeylen, key->pubkeylen); @@ -1790,16 +2025,16 @@ int oqsx_key_gen(OQSX_KEY *key) { ret = oqsx_key_gen_oqs(key, key->keytype != KEY_TYPE_HYB_SIG); } else if (key->keytype == KEY_TYPE_CMP_SIG) { int i; - ret = oqsx_key_set_composites(key); + ret = oqsx_key_set_composites(key, 0); for (i = 0; i < key->numkeys; i++) { char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { ON_ERR_GOTO(ret, err_gen); } if (get_oqsname_fromtls(name) == 0) { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, - key->comp_pubkey[i], - key->comp_privkey[i], 0); + pkey = oqsx_key_gen_evp_key_sig( + key->oqsx_provider_ctx.oqsx_evp_ctx, key->comp_pubkey[i], + key->comp_privkey[i], 0); OPENSSL_free(name); ON_ERR_GOTO(pkey == NULL, err_gen); key->classical_pkey = pkey; @@ -1812,7 +2047,7 @@ int oqsx_key_gen(OQSX_KEY *key) { } } } else if (key->keytype == KEY_TYPE_SIG) { - ret = !oqsx_key_set_composites(key); + ret = !oqsx_key_set_composites(key, 0); ON_ERR_GOTO(ret, err_gen); ret = oqsx_key_gen_oqs(key, 0); } else { diff --git a/scripts/common.py b/scripts/common.py index b67610f4..b9cd6a8f 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -9,7 +9,7 @@ # post-quantum key exchanges 'frodo640aes','frodo640shake','frodo976aes','frodo976shake','frodo1344aes','frodo1344shake','kyber512','kyber768','kyber1024','mlkem512','mlkem768','mlkem1024','bikel1','bikel3','bikel5','hqc128','hqc192','hqc256', # post-quantum + classical key exchanges - 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_mlkem512','x25519_mlkem512','p384_mlkem768','x448_mlkem768','x25519_mlkem768','p256_mlkem768','p521_mlkem1024','p384_mlkem1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', + 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_mlkem512','x25519_mlkem512','p384_mlkem768','x448_mlkem768','X25519MLKEM768','SecP256r1MLKEM768','p521_mlkem1024','p384_mlkem1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', ##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_END ] signatures = [ diff --git a/scripts/oqsprovider-externalinterop.sh b/scripts/oqsprovider-externalinterop.sh index 5a6e3129..67999fda 100755 --- a/scripts/oqsprovider-externalinterop.sh +++ b/scripts/oqsprovider-externalinterop.sh @@ -29,21 +29,18 @@ fi # Ascertain algorithms are available: # skipping these tests for now as per https://mailarchive.ietf.org/arch/msg/tls/hli5ogDbUudAA4tZXskVbOqeor4 -# TBD replace with suitable ML-KEM hybrid tests as and when available XXX - -exit 0 +# TBD replace with suitable ML-KEM hybrid tests as and when available XXX echo " Cloudflare:" if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber768); then echo "Skipping unconfigured x25519_kyber768 interop test" else - export OQS_CODEPOINT_X25519_KYBER512=65072 (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 fi -if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber512); then - echo "Skipping unconfigured x25519_kyber512 interop test" -else - (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 -fi +#if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber512); then +# echo "Skipping unconfigured x25519_kyber512 interop test" +#else +# (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 +#fi diff --git a/test/oqs_test_evp_pkey_params.c b/test/oqs_test_evp_pkey_params.c index b85f9cd1..b00c05c2 100644 --- a/test/oqs_test_evp_pkey_params.c +++ b/test/oqs_test_evp_pkey_params.c @@ -57,7 +57,7 @@ const char *kHybridKEMAlgorithms[] = { "p384_kyber768", "x448_kyber768", "x25519_kyber768", "p256_kyber768", "p521_kyber1024", "p256_mlkem512", "x25519_mlkem512", "p384_mlkem768", "x448_mlkem768", - "x25519_mlkem768", "p256_mlkem768", "p521_mlkem1024", + "X25519MLKEM768", "SecP256r1MLKEM768", "p521_mlkem1024", "p384_mlkem1024", "p256_bikel1", "x25519_bikel1", "p384_bikel3", "x448_bikel3", "p521_bikel5", "p256_hqc128", "x25519_hqc128", "p384_hqc192", @@ -342,12 +342,13 @@ static int private_key_params_get_full_keys(const EVP_PKEY *private_key, * \param classical_n Length in bytes of `classical`. * \param pq Quantum-resistant key. * \param pq_n Length in bytes of `pq`. + * \param reverse Reverses the order of shares * \param[out] buf Out buffer. * \param[out] buf_n Length in bytes of `buf`. * * \returns 0 on success. */ static int reconstitute_keys(const uint8_t *classical, const size_t classical_n, - const uint8_t *pq, const size_t pq_n, + const uint8_t *pq, const size_t pq_n, int reverse, uint8_t **buf, size_t *buf_len) { uint32_t header; int ret = -1; @@ -363,8 +364,14 @@ static int reconstitute_keys(const uint8_t *classical, const size_t classical_n, (*buf)[1] = header >> 0x10; (*buf)[2] = header >> 0x8; (*buf)[3] = header; - memcpy(*buf + sizeof(header), classical, classical_n); - memcpy(*buf + sizeof(header) + classical_n, pq, pq_n); + + if (!reverse) { + memcpy(*buf + sizeof(header), classical, classical_n); + memcpy(*buf + sizeof(header) + classical_n, pq, pq_n); + } else { + memcpy(*buf + sizeof(header), pq, pq_n); + memcpy(*buf + sizeof(header) + pq_n, classical, classical_n); + } ret = 0; out: @@ -381,12 +388,16 @@ static int reconstitute_keys(const uint8_t *classical, const size_t classical_n, static int keypairs_verify_consistency(const struct KeyPair *classical, const struct KeyPair *pq, const struct KeyPair *comb) { - uint8_t *reconstitution; + uint8_t *reconstitution, *reconstitution_rev; size_t n; int ret = -1; if (reconstitute_keys(classical->pubkey, classical->pubkey_len, pq->pubkey, - pq->pubkey_len, &reconstitution, &n)) { + pq->pubkey_len, 1, &reconstitution, &n)) { + goto out; + } + if (reconstitute_keys(classical->pubkey, classical->pubkey_len, pq->pubkey, + pq->pubkey_len, 0, &reconstitution_rev, &n)) { goto out; } if (n != comb->pubkey_len) { @@ -396,7 +407,8 @@ static int keypairs_verify_consistency(const struct KeyPair *classical, comb->pubkey_len, n); goto free_reconstitute; } - if (memcmp(reconstitution, comb->pubkey, n)) { + if (memcmp(reconstitution, comb->pubkey, n) && + memcmp(reconstitution_rev, comb->pubkey, n)) { fputs(cRED "pubkey and comb->pubkey differ " cNORM "\n", stderr); fputs(cRED "pubkey: ", stderr); hexdump(reconstitution, n); @@ -406,9 +418,16 @@ static int keypairs_verify_consistency(const struct KeyPair *classical, goto free_reconstitute; } free(reconstitution); + free(reconstitution_rev); if (reconstitute_keys(classical->privkey, classical->privkey_len, - pq->privkey, pq->privkey_len, &reconstitution, &n)) { + pq->privkey, pq->privkey_len, 0, &reconstitution, + &n)) { + goto out; + } + if (reconstitute_keys(classical->privkey, classical->privkey_len, + pq->privkey, pq->privkey_len, 1, &reconstitution_rev, + &n)) { goto out; } if (n != comb->privkey_len) { @@ -418,7 +437,8 @@ static int keypairs_verify_consistency(const struct KeyPair *classical, comb->privkey_len, n); goto free_reconstitute; } - if (memcmp(reconstitution, comb->privkey, n)) { + if (memcmp(reconstitution, comb->privkey, n) && + memcmp(reconstitution_rev, comb->privkey, n)) { fputs(cRED "privkey and comb->privkey differ" cNORM "\n", stderr); fputs(cRED "privkey: ", stderr); hexdump(reconstitution, n); @@ -431,6 +451,7 @@ static int keypairs_verify_consistency(const struct KeyPair *classical, free_reconstitute: free(reconstitution); + free(reconstitution_rev); out: return ret; @@ -589,4 +610,4 @@ int main(int argc, char **argv) { end: return ret; -} +} \ No newline at end of file