-
Notifications
You must be signed in to change notification settings - Fork 100
Interoperability
oqsprovider by default follows the implementation of oqs-openssl111 which in turn follows the above RFC draft.
This more recent RFC draft calls for Dilithium private keys to only optionally contain public key components. Enabling conceptual interoperability with this proposal, a cmake
build define is available in oqsprovider
for all QSC algorithms supported:
Setting this cmake
build variable to "ON" eliminates public key components from PKCS#8 files. A provider binary built with this capability is denoted by the added "-nopub" designation in its version information. This can be displayed for example by running openssl list -providers -provider oqsprovider
.
When setting this environment variable public keys are additionally (beyond the standardized BIT STRING encoding as per RFC5280) wrapped in an OCTET STRING also as per the draft RFC.
Setting any of these variables breaks interoperability with oqs-openssl111.
In order to simplify interop testing, a ready-to-use installation of all required components is available at docker hub:
To run it, execute docker run -it openquantumsafe/oqs-ossl3:ietf115
.
Algorithms supported can be checked via, e.g., openssl list -signature-algorithms
.
Certificates and private key files can be generated, e.g., via openssl req -x509 -new -newkey dilithium2 -keyout CA.key -out CA.crt -nodes -subj "/CN=test CN"
.
Certificates can be displayed e.g. via openssl x509 -in CA.crt -text -noout
.
Other OIDs can be set via environment variables, e.g. OQS_OID_DILITHIUM2=2.16.840.1.114027.80.3.2.1 openssl req -x509 -new -newkey dilithium2 -keyout CA.key -out CA.crt -subj "/CN=oqstest CA"
should generate cert/key interoperable with the Entrust implementation.
All supported plain and hybrid/composite algorithms and default (O)IDs are listed at https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
A complete end-to-end interop test doing (PQ-)server auth can be done using https://test.openquantumsafe.org, e.g. running
wget https://test.openquantumsafe.org/CA.crt && echo "GET /" | openssl s_client -connect test.openquantumsafe.org:6145 -groups kyber512 -CAfile CA.crt
This command verifies a dilithium2 server cert signed by a classic RSA cert (retrieved via the wget command) (by way of a PQ KEM handshake using kyber512). Changing OIDs will cause errors as this server only provides PQ&hybrid certificates(' OIDs) as listed as default on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md#oids and assigned to ports as per https://test.openquantumsafe.org/assignments.json. Also, the environment variable "DRAFT_MASSIMO_LAMPS_PQ_SIG_CERTIFICATES_00" must NOT be set as the server operates with "unwrapped" public keys in its certificates.