From 5d8952b6e1a847371de5d1c21af9bc69810e4a0e Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 21 Sep 2023 15:48:42 +0200 Subject: [PATCH 001/160] Create CODE_OF_CONDUCT.md (#258) Further improvement of Community standards --- CODE_OF_CONDUCT.md | 128 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 CODE_OF_CONDUCT.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..dd0ce2b5 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,128 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the + overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or + advances of any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email + address, without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +conduct@openquantumsafe.org. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at +https://www.contributor-covenant.org/faq. Translations are available at +https://www.contributor-covenant.org/translations. From f3325842e62f1c9fe1c1fb0a0beee0593e4d1efb Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Fri, 22 Sep 2023 07:51:25 +0200 Subject: [PATCH 002/160] adding contributing guideline (#259) * adding contributing guideline * adding further dev support information --- CONTRIBUTING.md | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ DEVELOPMENT.md | 58 ++++++++++++++++++++++++++++++++++++ 2 files changed, 136 insertions(+) create mode 100644 CONTRIBUTING.md create mode 100644 DEVELOPMENT.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..bcd1793f --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,78 @@ +# Contributing + +The OQS core team welcomes all proposals to improve this project. This may take +the form of [a discussion](https://github.com/open-quantum-safe/oqs-provider/discussions) +for input or feedback, possible bug reports or feature requests via [issues](https://github.com/open-quantum-safe/oqs-provider/issues) +as well as new code and documentation via a [pull request (PR)](https://github.com/open-quantum-safe/oqs-provider/pulls). + +## Review and Feedback + +We aim to provide timely feedback to any input. If you are uncertain as to whether +a particular contribution is welcome, needed or timely, please first open an [issue](https://github.com/open-quantum-safe/oqs-provider/issues) +particularly in case of possible bugs or new feature requests or create a +[discussion](https://github.com/open-quantum-safe/oqs-provider/discussions). + +## Pull requests + +Pull requests should clearly state their purpose, possibly referencing an existing +[issue](https://github.com/open-quantum-safe/oqs-provider/issues) when resolving it. + +All PRs should move to "Ready for Review" stage only if all CI tests pass (are green). + +The OQS core team is happy to provide feedback also to Draft PRs in order to improve +them before the final "Review" stage. + +### Coding style + +This project has adopted the [OpenSSL coding style](https://www.openssl.org/policies/technical/coding-style.html). +To check adherence of any new code to this, it therefore is highly recommended to +run the following command in the project main directory prior to finishing a PR: + + find oqsprov -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format --dry-run --Werror + +### Running CI locally + +#### CircleCI + +If encountering CI errors in CircleCI, it may be helpful to execute the test jobs +locally to debug. This can be facilitated by executing the command + + circleci local execute --job some-test-job + +assuming "some-test-job" is the name of the test to be executed and the CircleCI +[command line tools have been installed](https://circleci.com/docs/local-cli). + +#### Github CI + +[Act](https://github.com/nektos/act) is a tool facilitating local execution of +github CI jobs. When executed in the main `oqsprovider` directory, + + act -l Displays all github CI jobs + act -j some-job Executes "some-job" + +When installing `act` as a github extension, prefix the commands with `gh `. + +### New features + +Any PR introducing a new feature is expected to contain a test of this feature +and this test should be part of the CI pipeline, preferably using Github CI. + +## Background knowledge + +New contributors are recommended to first check out documentation of the +[OpenSSL provider concept](https://www.openssl.org/docs/man3.0/man7/provider.html) +as well as the baseline API of [liboqs](https://github.com/open-quantum-safe/liboqs) +which are the two core foundations for this project. + +## Failsafe + +If you feel your contribution is not getting proper attention, please be sure to +add a tag to one or more of our [most active contributors](https://github.com/open-quantum-safe/oqs-provider/graphs/contributors). + +## Issues to start working on + +If you feel like contributing but don't know what specific topic to work on, +please check the [open issues tagged "good first issue" or "help wanted"](https://github.com/open-quantum-safe/oqs-provider/issues). + + + diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md new file mode 100644 index 00000000..8be3fb56 --- /dev/null +++ b/DEVELOPMENT.md @@ -0,0 +1,58 @@ +# Development guidelines + +## Basics + +Every developer has their own coding style and diversity in general is good and welcome. + +We nevertheless do try to follow some basic goals in this project: + +- All pieces should be readable / understandable without having to comprehend all parts first. +- Therefore, comments (incl. cross references where sensible) are encouraged. +- For syntactical legibility the project adopted the [OpenSSL coding convention](https://www.openssl.org/policies/technical/coding-style.html) +- Tooling exists to validate the coding convention: Simply execute `clang-format --dry-run --Werror file-to-test` +- Platform-specific code should be avoided to the greatest extent possible as the project aims to run correctly at least on Linux, MacOS and Windows (x64 and aarch64 architectures). + +## Generated code + +Significant parts of the code are generated via the script `oqs-template/generate.py`. +This script serves to import a specific version of [liboqs](https://github.com/open-quantum-safe/liboqs) +into `oqsprovider`. Most notably the control file `oqs-template/generate.yml` has to be +in sync with the specific `liboqs` version: algorithm IDs, e.g., signature algorithm +OIDs need to be aligned with the specific algorithm code version. +Therefore, no code within the generator brackets must be changed: + +``` +///// OQS_TEMPLATE_FRAGMENT_..._START +... +///// OQS_TEMPLATE_FRAGMENT_..._END +``` + +If such code changes are required they have to be implemented in the generator code +fragments located in the `oqs-template` directory. + +During normal code development it is very unlikely any of these files need to be touched. + +## Plain build + +If the prerequisites for `oqsprovider` are met on a development machine, i.e. +presence of `liboqs` and `openssl` (v.3) the build can simply be executed by +running `scripts/fullbuild.sh`. Various parameters exist and are documented +in the script to adapt to a specific build environment and in [the documentation](CONFIGURE.md#convenience-build-script-options). +The script can also be used to build a specific `openssl` and a specific `liboqs` +version as well as debug versions of all components. + +## Plain test + +All tests meant for local feature testing are integrated/made available for +execution in the script `scripts/runtest.sh`. PRs should only be considered +if all tests pass locally as the CI system uses them too. + +## Debugging + +Project-specific debugging facilities are documented in [the wiki](https://github.com/open-quantum-safe/oqs-provider/wiki/Debugging). + +For "classic" `gdb` style debugging, be certain to set "-DCMAKE_BUILD_TYPE=Debug" +when building `oqsprovider` and `-d` when configuring `openssl` (see +"scripts/fullbuild.sh" for further information where best to do this). + + From 9d4faab2d330df8b032995ed58f757c25b1c68c7 Mon Sep 17 00:00:00 2001 From: qnfm <104289862+qnfm@users.noreply.github.com> Date: Sun, 24 Sep 2023 13:29:16 +0100 Subject: [PATCH 003/160] CI & cmake changes for Windows (#263) * Fix OQS_ADDL_SOCKET_LIBS setting for cmake * Test Windows 2019 with VS 16 2019 * Add path for VS * Avoid openssl cache conflict * Add build type into matrix --------- Co-authored-by: a --- .github/workflows/windows.yml | 104 ++++++++++++++++++++++++++++++++++ CMakeLists.txt | 2 +- test/CMakeLists.txt | 4 ++ 3 files changed, 109 insertions(+), 1 deletion(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index e18da010..a5b187a6 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -199,3 +199,107 @@ jobs: name: oqs-provider-msvc path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll + msvc_native: +# Run a job for each of the specified target architectures: + strategy: + matrix: + os: + - windows-2019 + - windows-2022 + platform: + - arch: win64 + oqsconfig: -DOQS_ALGS_ENABLED=STD + osslconfig: no-shared no-fips VC-WIN64A + toolchain: + - .CMake/toolchain_windows_amd64.cmake + msarch: + - x64 + type: + - Debug + - Release + runs-on: ${{matrix.os}} + steps: + - name: Restore native OpenSSL32 cache + id: cache-openssl32n + uses: actions/cache@v3 + with: + path: c:\openssl32n + key: ${{ runner.os }}-msvcopenssl32n + - uses: actions/checkout@v3 + - name: Checkout OpenSSL master + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + uses: actions/checkout@v3 + with: + set-safe-directory: true + repository: openssl/openssl + path: openssl + - uses: actions/checkout@v3 + with: + set-safe-directory: true + repository: open-quantum-safe/liboqs + path: liboqs + - uses: ilammy/msvc-dev-cmd@v1 + with: + arch: ${{ matrix.platform.arch }} + - name: Add msbuild to PATH + uses: microsoft/setup-msbuild@v1 + with: + msbuild-architecture: ${{matrix.msarch}} + vs-version: '[16.10,]' + - name: Setup nasm for OpenSSL build + uses: ilammy/setup-nasm@v1 + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + with: + platform: ${{ matrix.platform.arch }} + - name: Setup perl for OpenSSL build + uses: shogo82148/actions-setup-perl@v1 + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + - name: build liboqs + run: | + cmake --version + cmake -B build --toolchain ${{ matrix.toolchain }} . + cmake --build build + cmake --build build --target INSTALL + working-directory: liboqs + - name: prepare the OpenSSL build directory + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + run: mkdir _build + working-directory: openssl + - name: OpenSSL config + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + working-directory: openssl\_build + run: | + perl ..\Configure --banner=Configured --prefix=c:\openssl32n no-makedepend ${{ matrix.platform.osslconfig }} + perl configdata.pm --dump + - name: OpenSSL build + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + working-directory: openssl\_build + run: nmake /S + - name: OpenSSL install +# Run on 64 bit only as 32 bit is slow enough already + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + run: | + mkdir c:\openssl32n + nmake install_sw + working-directory: openssl\_build + - name: Save OpenSSL + id: cache-openssl-save + if: steps.cache-openssl32n.outputs.cache-hit != 'true' + uses: actions/cache/save@v3 + with: + path: | + c:\openssl32n + key: ${{ runner.os }}-msvcopenssl32n + - name: build oqs-provider + run: | + cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build + cmake --build _build --config=${{ matrix.type }} + - name: Run tests + run: | + ctest --test-dir _build -C ${{ matrix.type }} + - name: Retain oqsprovider.dll + uses: actions/upload-artifact@v3 + with: + name: oqs-provider-msvc + path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll + diff --git a/CMakeLists.txt b/CMakeLists.txt index cbabf462..002a4e9c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,7 +19,7 @@ if(MSVC) "${CMAKE_EXE_LINKER_FLAGS} /NODEFAULTLIB:LIBCMT") add_definitions(-DOQS_PROVIDER_NOATOMIC) add_definitions(-D_CRT_SECURE_NO_WARNINGS) - set(OQS_ADDL_SOCKET_LIBS "ws2_32.lib gdi32.lib crypt32.lib") + set(OQS_ADDL_SOCKET_LIBS ws2_32.lib gdi32.lib crypt32.lib) else() add_compile_options(-Wunused-function) set(OQS_ADDL_SOCKET_LIBS "") diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index b39796ec..1c5fd96a 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -1,5 +1,9 @@ include(GNUInstallDirs) +if (CMAKE_GENERATOR MATCHES "Visual Studio") +set(OQS_PROV_BINARY_DIR ${CMAKE_BINARY_DIR}/lib/${CMAKE_BUILD_TYPE}) +else() set(OQS_PROV_BINARY_DIR ${CMAKE_BINARY_DIR}/lib) +endif() add_test( NAME oqs_signatures From b7fe232e24d4f956b198b8b921644aeb340335f5 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 22 Jul 2022 13:05:14 -0400 Subject: [PATCH 004/160] Attempt to add Dilithium5+Falcon1024 as Composite Method --- oqsprov/oqs_kmgmt.c | 1 + oqsprov/oqs_prov.h | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 39c2b673..b94dbfbe 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -855,6 +855,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 22); } + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1a8a74f4..e1ddc14d 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -142,7 +142,8 @@ enum oqsx_key_type_en { KEY_TYPE_KEM, KEY_TYPE_ECP_HYB_KEM, KEY_TYPE_ECX_HYB_KEM, - KEY_TYPE_HYB_SIG + KEY_TYPE_HYB_SIG, + KEY_TYPE_CMP_SIG }; typedef enum oqsx_key_type_en OQSX_KEY_TYPE; From 3a7478cfeb7df856dce099d03e3416fae3d0f686 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 22 Jul 2022 13:11:13 -0400 Subject: [PATCH 005/160] Added notes with usefull commands --- notes.txt | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 notes.txt diff --git a/notes.txt b/notes.txt new file mode 100644 index 00000000..f38caa07 --- /dev/null +++ b/notes.txt @@ -0,0 +1,33 @@ +###CREATE QUANTUM SAFE KEY PAIR + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl req -x509 -new -newkey p521_dilithium5 -keyout qsc.key -out qsc.crt -nodes -subj "/CN=oqstest" -days 365 -config /home/feventura/Documents/openssl/apps/openssl.cnf -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default + +###SIGN DATA + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -in test.txt -sign -signer qsc.crt -inkey qsc.key -nodetach -outform pem -binary -out signedfile -md sha512 -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider default -provider oqsprovider + +##VERIFY DATA + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -verify -CAfile qsc.crt -inform pem -in signedfile -crlfeol -out outputfile -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default + +##CREATE TEST SIGNATURE (from oqsprov/test) + +gcc oqs_test_signatures.c test_common.o -L ../openssl -lcrypto -o output_signatures + +##RUN TEST SIGNARURE (from oqsprov/test) + +./output_signatures oqsprovider /home/feventura/Documents/oqs-provider/test/oqs.cnf + +##IMPLEMENT CHANGES TO oqs_sig.c TO PROVIDER (from oqsprov/test) + +cd .. && cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && cd test/ + +##IMPLEMENT CHANGES THEN COMPILE AND RUN TEST (generic version, from oqsprov) + +cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf + +##IMPLEMENT CHANGES THEN BUILD DEPENDENCY LIBRARY THEN COMPILE AND RUN TEST (generic version, from oqsprov) + +cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc -Wall -c ./test/test_common.c && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf + + From 86257b0e9ec967609b5cb83e552347126f926d0a Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 1 Aug 2022 19:36:33 -0400 Subject: [PATCH 006/160] Composite mechanisms added --- oqsprov/oqs_kmgmt.c | 15 +++++++++++- oqsprov/oqs_prov.h | 1 + oqsprov/oqsprov_keys.c | 53 ++++++++++++++++++++++++++++++++++++++---- 3 files changed, 64 insertions(+), 5 deletions(-) diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index b94dbfbe..5c02760f 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -73,6 +73,7 @@ struct oqsx_gen_ctx { OSSL_LIB_CTX *libctx; char *propq; char *oqs_name; + char *cmp_name; char *tls_name; int primitive; int selection; @@ -462,11 +463,23 @@ static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, OSSL_LIB_CTX *libctx = PROV_OQS_LIBCTX_OF(provctx); struct oqsx_gen_ctx *gctx = NULL; + OQS_KM_PRINTF2("OQSKEYMGMT: gen_init called for key %s \n", oqs_name); + if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) { gctx->libctx = libctx; - gctx->oqs_name = OPENSSL_strdup(oqs_name); + gctx->cmp_name = NULL; + if (primitive != KEY_TYPE_CMP_SIG) + gctx->oqs_name = OPENSSL_strdup(oqs_name); + else { + char* cmp_name = malloc(sizeof(oqs_name) + 1); + strcpy(cmp_name,oqs_name); + cmp_name = strtok(cmp_name, "_"); + gctx->oqs_name = OPENSSL_strdup(cmp_name); + cmp_name = strtok (NULL, "_"); + gctx->cmp_name = OPENSSL_strdup(cmp_name); + } gctx->tls_name = OPENSSL_strdup(tls_name); gctx->primitive = primitive; gctx->selection = selection; diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index e1ddc14d..1db46c00 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -159,6 +159,7 @@ struct oqsx_key_st { #ifdef USE_ENCODING_LIB OQSX_ENCODING_CTX oqsx_encoding_ctx; #endif + OQSX_PROVIDER_CTX oqsx_provider_ctx_cmp; EVP_PKEY *classical_pkey; // for hybrid sigs const OQSX_EVP_INFO *evp_info; size_t numkeys; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index d240c300..1069d355 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -43,8 +43,9 @@ typedef enum { typedef struct { int nid; - char *tlsname; - char *oqsname; + char* tlsname; + char* oqsname; + char* cmpname; int keytype; int secbits; } oqs_nid_name_t; @@ -134,6 +135,15 @@ static char *get_oqsname(int nid) return 0; } +static char* get_cmpname(int nid) { + int i; + for(i=0;ilibctx = libctx; } @@ -255,6 +266,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int plen, oqsx_key_op_t op, OSSL_LIB_CTX *libctx, const char *propq) { + printf("7"); OQSX_KEY *key = NULL; void **privkey, **pubkey; int nid = NID_undef; @@ -493,6 +505,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, const char *propq) { + printf("8"); const unsigned char *p; int plen; X509_ALGOR *palg; @@ -508,6 +521,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { + printf("9"); OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; @@ -559,6 +573,7 @@ static const OQSX_EVP_INFO nids_ecx[] = { static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, char *algname) { + printf("-10-"); int ret = 1; int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 2, err); @@ -602,6 +617,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { + printf("-11-"); int ret = 1; int idx = 0; while (idx < sizeof(OQSX_ECP_NAMES)) { @@ -632,6 +648,7 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { + printf("-12-"); int ret = 1; int idx = 0; @@ -668,6 +685,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, int alg_idx) { + printf("-13-"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; int ret2 = 0; @@ -809,8 +827,29 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, + evp_ctx->evp_info->length_public_key; ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; - ret->evp_info = evp_ctx->evp_info; - break; + ret->evp_info = evp_ctx->evp_info; + break; + case KEY_TYPE_CMP_SIG: + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { + fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", oqs_name); + goto err; + } + + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); + if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) { + fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?B\n", cmp_name); + goto err; + } + + ret->numkeys = 2; + ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + ret->keytype = primitive; + + break; default: OQS_KEY_PRINTF2("OQSX_KEY: Unknown key type encountered: %d\n", primitive); @@ -839,6 +878,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, void oqsx_key_free(OQSX_KEY *key) { + printf("-14-"); int refcnt; if (key == NULL) @@ -888,6 +928,7 @@ void oqsx_key_free(OQSX_KEY *key) int oqsx_key_up_ref(OQSX_KEY *key) { + printf("-15-"); int refcnt; #ifndef OQS_PROVIDER_NOATOMIC @@ -907,6 +948,7 @@ int oqsx_key_up_ref(OQSX_KEY *key) int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) { + printf("-16-"); int ret = 0; if (!key->privkey && include_private) { @@ -924,6 +966,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { + printf("-17-"); const OSSL_PARAM *p; OQS_KEY_PRINTF("OQSX Key from data called\n"); @@ -989,6 +1032,7 @@ static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *privkey) { + printf("-19-"); int ret = 0, ret2 = 0; // Free at errhyb: @@ -1066,6 +1110,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, * OQSX_KEY */ int oqsx_key_gen(OQSX_KEY *key) { + printf("-20-"); int ret = 0; EVP_PKEY *pkey = NULL; From c9f28b1e7137cbe2320f2406f5ecf51d2583d508 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Wed, 3 Aug 2022 17:25:22 -0400 Subject: [PATCH 007/160] Composite Dilithium5+Falcon1024 working in test case --- oqsprov/oqs_prov.h | 2 +- oqsprov/oqs_sig.c | 84 ++++++++++++++++++++++++++++++++++-------- oqsprov/oqsprov_keys.c | 74 +++++++++++++++++++++++-------------- 3 files changed, 115 insertions(+), 45 deletions(-) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1db46c00..f47b761b 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -176,7 +176,7 @@ struct oqsx_key_st { #endif int references; - /* point to actual priv key material -- classic key, if present, first + /* point to actual priv key material -- classic key, if present, first, unless is composite * i.e., OQS key always at comp_*key[numkeys-1] */ void **comp_privkey; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 69e4ff04..efb569dc 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -210,16 +210,19 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; + printf("OQS SIG provider: sign called for %ld bytes\n", tbslen); OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); int is_hybrid = evpkey != NULL; + int is_composite = cmp_key != NULL; size_t max_sig_len = oqs_key->length_signature; - size_t classical_sig_len = 0, oqs_sig_len = 0; - size_t actual_classical_sig_len = 0; + size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; + size_t actual_classical_sig_len = 0, actual_oqs_sig_len = 0; size_t index = 0; int rv = 0; @@ -231,6 +234,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, actual_classical_sig_len = oqsxkey->evp_info->length_signature; max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); } + if (is_composite) + max_sig_len += (SIZE_OF_UINT32 + cmp_key->length_signature); + if (sig == NULL) { *siglen = max_sig_len; @@ -316,21 +322,44 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, index += classical_sig_len; } - if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, - oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) - != OQS_SUCCESS) { + if (is_composite){ + printf("A\n"); + if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; - } - *siglen = classical_sig_len + oqs_sig_len; - OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", - *siglen); + } + + printf("B\n" ); + + ENCODE_UINT32(sig, actual_oqs_sig_len); + oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; + index += oqs_sig_len; + + printf("C\n" ); + + if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } + printf("D\n" ); + } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, + oqsxkey->comp_privkey[oqsxkey->numkeys-1]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } + + + *siglen = classical_sig_len + oqs_sig_len + cmp_sig_len; + printf("OQS SIG provider: signing completes with size %ld\n", *siglen); + OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", *siglen); rv = 1; /* success */ endsign: if (classical_ctx_sign) { EVP_PKEY_CTX_free(classical_ctx_sign); } + printf("rv %i\n", rv); return rv; } @@ -341,12 +370,14 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; EVP_PKEY_CTX *ctx_verify = NULL; int is_hybrid = evpkey != NULL; - size_t classical_sig_len = 0; + int is_composite = cmp_key != NULL; + size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; int rv = 0; @@ -426,18 +457,39 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, classical_sig_len = SIZE_OF_UINT32 + actual_classical_sig_len; index += classical_sig_len; } + if(is_composite){ + size_t actual_oqs_sig_len = 0; + DECODE_UINT32(actual_oqs_sig_len, sig); + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + SIZE_OF_UINT32, actual_oqs_sig_len, oqsxkey->comp_pubkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + + oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; + index += oqs_sig_len; + + if (OQS_SIG_verify(cmp_key, tbs, tbslen, sig + index, + siglen - oqs_sig_len, + oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } - if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) { + + } else { + if (!oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); goto endverify; - } - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, - siglen - classical_sig_len, - oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) + } + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, + siglen - classical_sig_len, + oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; - } + } + } rv = 1; endverify: diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 1069d355..919e54f7 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -211,7 +211,7 @@ void oqsx_freeprovctx(PROV_OQS_CTX *ctx) void oqsx_key_set0_libctx(OQSX_KEY *key, OSSL_LIB_CTX *libctx) { - printf("4"); + printf("4\n"); key->libctx = libctx; } @@ -266,7 +266,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int plen, oqsx_key_op_t op, OSSL_LIB_CTX *libctx, const char *propq) { - printf("7"); + printf("7\n"); OQSX_KEY *key = NULL; void **privkey, **pubkey; int nid = NID_undef; @@ -505,7 +505,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, const char *propq) { - printf("8"); + printf("8\n"); const unsigned char *p; int plen; X509_ALGOR *palg; @@ -521,7 +521,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { - printf("9"); + printf("9\n"); OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; @@ -573,7 +573,7 @@ static const OQSX_EVP_INFO nids_ecx[] = { static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, char *algname) { - printf("-10-"); + printf("10\n"); int ret = 1; int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 2, err); @@ -617,7 +617,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("-11-"); + printf("11\n"); int ret = 1; int idx = 0; while (idx < sizeof(OQSX_ECP_NAMES)) { @@ -648,7 +648,7 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("-12-"); + printf("12\n"); int ret = 1; int idx = 0; @@ -685,7 +685,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, int alg_idx) { - printf("-13-"); + printf("13\n"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; int ret2 = 0; @@ -845,8 +845,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + ret->privkeylen = (ret->numkeys-1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen = (ret->numkeys-1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; ret->keytype = primitive; break; @@ -861,6 +861,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->tls_name = OPENSSL_strdup(tls_name); ret->bit_security = bit_security; + if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); @@ -878,9 +879,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, void oqsx_key_free(OQSX_KEY *key) { - printf("-14-"); + printf("14\n"); int refcnt; - if (key == NULL) return; @@ -919,6 +919,10 @@ void oqsx_key_free(OQSX_KEY *key) EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx); EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam); OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); + } + if(key->keytype == KEY_TYPE_CMP_SIG){ + OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); } #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); @@ -928,7 +932,7 @@ void oqsx_key_free(OQSX_KEY *key) int oqsx_key_up_ref(OQSX_KEY *key) { - printf("-15-"); + printf("15\n"); int refcnt; #ifndef OQS_PROVIDER_NOATOMIC @@ -948,7 +952,7 @@ int oqsx_key_up_ref(OQSX_KEY *key) int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) { - printf("-16-"); + printf("16\n"); int ret = 0; if (!key->privkey && include_private) { @@ -966,7 +970,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { - printf("-17-"); + printf("17\n"); const OSSL_PARAM *p; OQS_KEY_PRINTF("OQSX Key from data called\n"); @@ -1014,16 +1018,25 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], } // OQS key always the last of the numkeys comp keys -static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) -{ - if (gen_kem) - return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); - else - return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); +static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { +printf("18\n"); + if (gen_kem) + return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, + key->comp_pubkey[key->numkeys-1], + key->comp_privkey[key->numkeys-1]); + else { + if (key->keytype == KEY_TYPE_CMP_SIG) + return -(OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, + key->comp_pubkey[key->numkeys-2], + key->comp_privkey[key->numkeys-2]) + || OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, + key->comp_pubkey[key->numkeys-1], + key->comp_privkey[key->numkeys-1])); + + return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, + key->comp_pubkey[key->numkeys-1], + key->comp_privkey[key->numkeys-1]); + } } /* Generate classic keys, store length in leading SIZE_OF_UINT32 bytes of @@ -1032,7 +1045,7 @@ static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *privkey) { - printf("-19-"); + printf("19\n"); int ret = 0, ret2 = 0; // Free at errhyb: @@ -1110,7 +1123,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, * OQSX_KEY */ int oqsx_key_gen(OQSX_KEY *key) { - printf("-20-"); + printf("20\n"); int ret = 0; EVP_PKEY *pkey = NULL; @@ -1143,7 +1156,8 @@ int oqsx_key_gen(OQSX_KEY *key) pkey = NULL; ret = oqsx_key_gen_oqs(key, 1); } - } else if (key->keytype == KEY_TYPE_SIG) { + } else if (key->keytype == KEY_TYPE_SIG + || key->keytype == KEY_TYPE_CMP_SIG) { ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); ret = oqsx_key_gen_oqs(key, 0); @@ -1178,6 +1192,10 @@ int oqsx_key_maxsize(OQSX_KEY *key) return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; + case KEY_TYPE_CMP_SIG: + return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + + key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature + + SIZE_OF_UINT32; default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; From 2a082b0880b0ae474b27640b220ad9c60c3d4e69 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 20 Sep 2022 18:20:56 -0400 Subject: [PATCH 008/160] working falcon+dilithium --- oqsprov/oqs_encode_key2any.c | 22 ++++++++++++++++++++-- oqsprov/oqs_kmgmt.c | 11 ++--------- oqsprov/oqs_sig.c | 8 -------- oqsprov/oqsprov_keys.c | 5 +++-- 4 files changed, 25 insertions(+), 21 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index ca545dd8..ed95d5aa 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -78,6 +78,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, void *params, int params_type, i2d_of_void *k2d) { + printf("e2\n" ); /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; int derlen; @@ -105,6 +106,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, struct key2any_ctx_st *ctx) { + printf("e3\n" ); X509_SIG *p8 = NULL; char kstr[PEM_BUFSIZE]; size_t klen = 0; @@ -149,6 +151,7 @@ static X509_PUBKEY *oqsx_key_to_pubkey(const void *key, int key_nid, void *params, int params_type, i2d_of_void k2d) { + printf("e5\n" ); /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; int derlen; @@ -197,6 +200,7 @@ static int key_to_epki_der_priv_bio(BIO *out, const void *key, int key_nid, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e6\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -225,6 +229,7 @@ static int key_to_epki_pem_priv_bio(BIO *out, const void *key, int key_nid, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e7\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -252,6 +257,7 @@ static int key_to_pki_der_priv_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e8\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -283,6 +289,7 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e9\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -314,6 +321,7 @@ static int key_to_spki_der_pub_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e10\n" ); int ret = 0; OQSX_KEY *okey = (OQSX_KEY *)key; X509_PUBKEY *xpk = NULL; @@ -339,6 +347,7 @@ static int key_to_spki_pem_pub_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { + printf("e11\n" ); int ret = 0; X509_PUBKEY *xpk = NULL; void *str = NULL; @@ -461,6 +470,7 @@ called\n"); static int prepare_oqsx_params(const void *oqsxkey, int nid, int save, void **pstr, int *pstrtype) { + printf("e12\n" ); ASN1_OBJECT *params = NULL; OQSX_KEY *k = (OQSX_KEY *)oqsxkey; @@ -728,6 +738,7 @@ static OSSL_FUNC_decoder_freectx_fn key2any_freectx; static void *key2any_newctx(void *provctx) { + printf("e15\n" ); struct key2any_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); OQS_ENC_PRINTF("OQS ENC provider: key2any_newctx called\n"); @@ -742,6 +753,7 @@ static void *key2any_newctx(void *provctx) static void key2any_freectx(void *vctx) { + printf("e16\n" ); struct key2any_ctx_st *ctx = vctx; OQS_ENC_PRINTF("OQS ENC provider: key2any_freectx called\n"); @@ -752,6 +764,7 @@ static void key2any_freectx(void *vctx) static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) { + printf("e17\n" ); static const OSSL_PARAM settables[] = { OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0), OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES, NULL, 0), @@ -765,6 +778,7 @@ static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { + printf("e18\n" ); struct key2any_ctx_st *ctx = vctx; OSSL_LIB_CTX *libctx = ctx->provctx->libctx; const OSSL_PARAM *cipherp @@ -801,12 +815,13 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } } - OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher); + printf(" cipher set to %p: \n", ctx->cipher); return 1; } static int key2any_check_selection(int selection, int selection_mask) { + printf("e19\n" ); /* * The selections are kinda sorta "levels", i.e. each selection given * here is assumed to include those following. @@ -851,6 +866,7 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, key_to_paramstring_fn *key2paramstring, i2d_of_void *key2der) { + printf("e20\n" ); int ret = 0; int type = OBJ_sn2nid(typestr); OQSX_KEY *oqsk = (OQSX_KEY *)key; @@ -863,6 +879,7 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, if (key == NULL || type <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_PASSED_NULL_PARAMETER); + printf("HERE\n" ); } else if (writer != NULL) { // Is ref counting really needed? For now, do it as per // https://beta.openssl.org/docs/manmaster/man3/BIO_new_from_core_bio.html: @@ -880,7 +897,8 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, } else { ERR_raise(ERR_LIB_USER, ERR_R_PASSED_INVALID_ARGUMENT); } - OQS_ENC_PRINTF2(" encode result: %d\n", ret); + printf(" encode result: %d\n", ret); +// OQS_ENC_PRINTF2(" encode result: %d\n", ret); return ret; } diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 5c02760f..7dbb842c 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -470,16 +470,9 @@ static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) { gctx->libctx = libctx; gctx->cmp_name = NULL; - if (primitive != KEY_TYPE_CMP_SIG) - gctx->oqs_name = OPENSSL_strdup(oqs_name); - else { - char* cmp_name = malloc(sizeof(oqs_name) + 1); - strcpy(cmp_name,oqs_name); - cmp_name = strtok(cmp_name, "_"); - gctx->oqs_name = OPENSSL_strdup(cmp_name); - cmp_name = strtok (NULL, "_"); + gctx->oqs_name = OPENSSL_strdup(oqs_name); + if (primitive == KEY_TYPE_CMP_SIG) gctx->cmp_name = OPENSSL_strdup(cmp_name); - } gctx->tls_name = OPENSSL_strdup(tls_name); gctx->primitive = primitive; gctx->selection = selection; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index efb569dc..25af0a15 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -215,7 +215,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; - printf("OQS SIG provider: sign called for %ld bytes\n", tbslen); OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); int is_hybrid = evpkey != NULL; @@ -323,25 +322,19 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (is_composite){ - printf("A\n"); if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } - printf("B\n" ); - ENCODE_UINT32(sig, actual_oqs_sig_len); oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; index += oqs_sig_len; - printf("C\n" ); - if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } - printf("D\n" ); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { @@ -351,7 +344,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, *siglen = classical_sig_len + oqs_sig_len + cmp_sig_len; - printf("OQS SIG provider: signing completes with size %ld\n", *siglen); OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", *siglen); rv = 1; /* success */ diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 919e54f7..649a7dfe 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -869,7 +869,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } - OQS_KEY_PRINTF2("OQSX_KEY: new key created: %p\n", ret); + printf("OQSX_KEY: new key created: %p\n", ret); return ret; err: ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); @@ -1160,7 +1160,8 @@ int oqsx_key_gen(OQSX_KEY *key) || key->keytype == KEY_TYPE_CMP_SIG) { ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); - ret = oqsx_key_gen_oqs(key, 0); + ret = oqsx_key_gen_oqs(key, 0); // 18 + printf("ret = %i\n", ret); } else { ret = 1; } From a5e431bd892c2e8c066e1700448b5ffbd5447b7a Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 30 Sep 2022 11:02:46 -0400 Subject: [PATCH 009/160] Composite ASN1 structure --- oqsprov/oqs_encode_key2any.c | 199 ++++++++++++++++++++++------------- oqsprov/oqs_prov.h | 7 +- oqsprov/oqsprov_keys.c | 13 ++- 3 files changed, 144 insertions(+), 75 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index ed95d5aa..38c57315 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -21,6 +21,7 @@ #include #include #include +#include "oqs_prov.h" #ifdef NDEBUG # define OQS_ENC_PRINTF(a) @@ -290,10 +291,11 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, struct key2any_ctx_st *ctx) { printf("e9\n" ); - int ret = 0; - void *str = NULL; + int ret = 0, cmp_len = 0; + void *str = NULL, *strc = NULL; int strtype = V_ASN1_UNDEF; - PKCS8_PRIV_KEY_INFO *p8info; + int strtypec = V_ASN1_UNDEF; + PKCS8_PRIV_KEY_INFO *p8info, *p8infoc; OQS_ENC_PRINTF("OQS ENC provider: key_to_pki_pem_priv_bio called\n"); @@ -304,12 +306,11 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; - p8info = key_to_p8info(key, key_nid, str, strtype, k2d); - - if (p8info != NULL) - ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); - else - free_asn1_data(strtype, str); + p8info = key_to_p8info(key, key_nid, str, strtype, k2d); + if (p8info != NULL) + ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); + else + free_asn1_data(strtype, str); PKCS8_PRIV_KEY_INFO_free(p8info); @@ -483,6 +484,9 @@ static int prepare_oqsx_params(const void *oqsxkey, int nid, int save, return 0; } + if (k->keytype == KEY_TYPE_CMP_SIG) + printf("AAAAAAAAAAAA\n" ); //oqsx_provider_ctx_cmp + if (nid != NID_undef) { params = OBJ_nid2obj(nid); if (params == NULL) @@ -553,7 +557,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) unsigned char *buf = NULL; int buflen = 0, privkeylen; ASN1_OCTET_STRING oct; - int keybloblen; + int keybloblen, keybloblenc; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -572,76 +576,125 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) // only concatenate private classic key (if any) and OQS private and public // key NOT saving public classic key component (if any) - privkeylen = oqsxkey->privkeylen; - if (oqsxkey->numkeys > 1) { // hybrid - int actualprivkeylen; - DECODE_UINT32(actualprivkeylen, oqsxkey->privkey); - if (actualprivkeylen > oqsxkey->evp_info->length_private_key) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - return 0; + if (oqsxkey->keytype != KEY_TYPE_CMP_SIG){ + privkeylen = oqsxkey->privkeylen; + if (oqsxkey->numkeys > 1) { // hybrid + int actualprivkeylen; + DECODE_UINT32(actualprivkeylen, oqsxkey->privkey); + if (actualprivkeylen > oqsxkey->evp_info->length_private_key) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return 0; + } + privkeylen + -= (oqsxkey->evp_info->length_private_key - actualprivkeylen); } - privkeylen - -= (oqsxkey->evp_info->length_private_key - actualprivkeylen); - } -#ifdef USE_ENCODING_LIB - if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL - && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { - const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; - int ret = 0; -# ifdef NOPUBKEY_IN_PRIVKEY - int withoptional - = (encoding_ctx->encoding_ctx->raw_private_key_encodes_public_key - ? 1 - : 0); -# else - int withoptional = 1; -# endif - buflen - = (withoptional ? encoding_ctx->encoding_impl->crypto_secretkeybytes - : encoding_ctx->encoding_impl - ->crypto_secretkeybytes_nooptional); - buf = OPENSSL_secure_zalloc(buflen); - - ret = qsc_encode(encoding_ctx->encoding_ctx, - encoding_ctx->encoding_impl, - oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], 0, - oqsxkey->privkey, &buf, withoptional); - if (ret != QSC_ENC_OK) - return -1; - } else { -#endif -#ifdef NOPUBKEY_IN_PRIVKEY - buflen = privkeylen; + #ifdef USE_ENCODING_LIB + if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL + && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { + const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; + int ret = 0; + # ifdef NOPUBKEY_IN_PRIVKEY + int withoptional + = (encoding_ctx->encoding_ctx->raw_private_key_encodes_public_key + ? 1 + : 0); + # else + int withoptional = 1; + # endif + buflen + = (withoptional ? encoding_ctx->encoding_impl->crypto_secretkeybytes + : encoding_ctx->encoding_impl + ->crypto_secretkeybytes_nooptional); + buf = OPENSSL_secure_zalloc(buflen); + + ret = qsc_encode(encoding_ctx->encoding_ctx, + encoding_ctx->encoding_impl, + oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], 0, + oqsxkey->privkey, &buf, withoptional); + if (ret != QSC_ENC_OK) + return -1; + } else { + #endif + #ifdef NOPUBKEY_IN_PRIVKEY + buflen = privkeylen; + buf = OPENSSL_secure_malloc(buflen); + OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", + buflen); + memcpy(buf, oqsxkey->privkey, privkeylen); + #else + buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); buf = OPENSSL_secure_malloc(buflen); - OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", + OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); -#else - buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); - buf = OPENSSL_secure_malloc(buflen); - OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", - buflen); - memcpy(buf, oqsxkey->privkey, privkeylen); - memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], - oqsx_key_get_oqs_public_key_len(oqsxkey)); -#endif -#ifdef USE_ENCODING_LIB - } -#endif + memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], + oqsx_key_get_oqs_public_key_len(oqsxkey)); + #endif + #ifdef USE_ENCODING_LIB + } + #endif - oct.data = buf; - oct.length = buflen; - // more logical: - // oct.data = oqsxkey->privkey; - // oct.length = oqsxkey->privkeylen; - oct.flags = 0; + oct.data = buf; + oct.length = buflen; + // more logical: + // oct.data = oqsxkey->privkey; + // oct.length = oqsxkey->privkeylen; + oct.flags = 0; - keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } + keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } + }else{ + STACK_OF(ASN1_TYPE) *sk = sk_ASN1_TYPE_new_null(); + ASN1_TYPE *aType = ASN1_TYPE_new(); + unsigned char *temp = NULL; + + + buflen = oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key+oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + buf = OPENSSL_secure_malloc(buflen); + memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key); + memcpy(buf+oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key, oqsxkey->comp_pubkey[0], oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key); + + oct.data = buf; + oct.length = buflen; + oct.flags = 0; + + keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, pder); + + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; + + temp = NULL; + aType = ASN1_TYPE_new(); + + buflen = oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key+oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + buf = OPENSSL_secure_malloc(buflen); + memcpy(buf, oqsxkey->comp_privkey[1], oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key); + memcpy(buf+oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key, oqsxkey->comp_pubkey[1], oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key); + + oct.data = buf; + oct.length = buflen; + oct.flags = 0; + + keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, pder); + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; + + keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); + } OPENSSL_secure_clear_free(buf, buflen); return keybloblen; } diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index f47b761b..6f5af4aa 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -94,7 +94,7 @@ void oqsx_freeprovctx(PROV_OQS_CTX *ctx); #endif /* helper structure for classic key components in hybrid keys. - * Actual tables in oqsprov_keys.c + * Actual tables in oqsprov_keys.ce */ struct oqsx_evp_info_st { int keytype; @@ -191,6 +191,11 @@ struct oqsx_key_st { typedef struct oqsx_key_st OQSX_KEY; +char* get_oqsname(int nid); +char* get_cmpname(int nid); +int get_keytype(int nid); +char* get_tlsname_fromoqs(char* oqsname); + /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 649a7dfe..7b8c63a8 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -125,6 +125,17 @@ static int get_keytype(int nid) return 0; } +char* get_tlsname_fromoqs(char* oqsname) { + int i; + for(i=0;i Date: Thu, 6 Oct 2022 15:24:07 -0400 Subject: [PATCH 010/160] Composite ASN1 structure --- oqsprov/oqs_encode_key2any.c | 39 ++++++++++++++++++------------------ oqsprov/oqsprov_keys.c | 6 ++++-- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 38c57315..a11036dc 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -558,6 +558,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) int buflen = 0, privkeylen; ASN1_OCTET_STRING oct; int keybloblen, keybloblenc; + STACK_OF(ASN1_TYPE) *sk = NULL; + ASN1_TYPE *aType = NULL; + unsigned char *temp = NULL; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -647,48 +650,46 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } }else{ - STACK_OF(ASN1_TYPE) *sk = sk_ASN1_TYPE_new_null(); - ASN1_TYPE *aType = ASN1_TYPE_new(); - unsigned char *temp = NULL; - + if((sk = sk_ASN1_TYPE_new_null()) == NULL) + return -1; + + aType = ASN1_TYPE_new(); - buflen = oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key+oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + buflen = oqsxkey->pubkeylen; buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key); - memcpy(buf+oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key, oqsxkey->comp_pubkey[0], oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key); - + memcpy(buf, oqsxkey->pubkey, buflen); + oct.data = buf; oct.length = buflen; - oct.flags = 0; - keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); + keybloblen = i2d_ASN1_OCTET_STRING(&oct, &temp); if (keybloblen < 0) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, pder); + + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, &temp); if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - temp = NULL; aType = ASN1_TYPE_new(); + temp = NULL; - buflen = oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key+oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + buflen = oqsxkey->pubkeylen; buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[1], oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key); - memcpy(buf+oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key, oqsxkey->comp_pubkey[1], oqsxkey->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key); - + memcpy(buf, oqsxkey->pubkey, buflen); + oct.data = buf; oct.length = buflen; - oct.flags = 0; - keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); + keybloblen = i2d_ASN1_OCTET_STRING(&oct, &temp); if (keybloblen < 0) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, pder); + + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, &temp); if (!sk_ASN1_TYPE_push(sk, aType)) return -1; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 7b8c63a8..69c8492c 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -856,8 +856,10 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->privkeylen = (ret->numkeys-1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen = (ret->numkeys-1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; ret->keytype = primitive; break; From 983005130bdae389a4fcde709d8281da9c8b7a31 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 6 Oct 2022 15:24:56 -0400 Subject: [PATCH 011/160] ec_rsa --- oqsprov/oqs_prov.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 6f5af4aa..2b18fb55 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -169,6 +169,8 @@ struct oqsx_key_st { */ size_t privkeylen; size_t pubkeylen; + size_t privkeylen_cmp; + size_t pubkeylen_cmp; size_t bit_security; char *tls_name; #ifndef OQS_PROVIDER_NOATOMIC From fea5e9390c81ad5ab89747f34f437c518ba250e3 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 11 Oct 2022 21:08:25 -0400 Subject: [PATCH 012/160] composite key generation with the right format --- oqsprov/oqs_encode_key2any.c | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index a11036dc..474e2ff7 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -557,10 +557,12 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) unsigned char *buf = NULL; int buflen = 0, privkeylen; ASN1_OCTET_STRING oct; - int keybloblen, keybloblenc; + int keybloblen; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; + ASN1_STRING *aString = NULL; unsigned char *temp = NULL; + PKCS8_PRIV_KEY_INFO *p8info_internal = NULL; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -653,43 +655,59 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; + p8info_internal = PKCS8_PRIV_KEY_INFO_new(); aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); - buflen = oqsxkey->pubkeylen; + buflen = oqsxkey->privkeylen + oqsxkey->pubkeylen; buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->pubkey, buflen); + memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->privkeylen); + memcpy(buf + oqsxkey->privkeylen, oqsxkey->comp_pubkey[0], oqsxkey->pubkeylen); oct.data = buf; oct.length = buflen; + oct.flags = 0; - keybloblen = i2d_ASN1_OCTET_STRING(&oct, &temp); + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); if (keybloblen < 0) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, &temp); + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); + + if (!sk_ASN1_TYPE_push(sk, aType)) return -1; aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); + p8info_internal = PKCS8_PRIV_KEY_INFO_new(); temp = NULL; - buflen = oqsxkey->pubkeylen; + buflen = oqsxkey->privkeylen_cmp + oqsxkey->pubkeylen_cmp; buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->pubkey, buflen); + memcpy(buf, oqsxkey->comp_privkey[1], oqsxkey->privkeylen_cmp); + memcpy(buf + oqsxkey->privkeylen_cmp, oqsxkey->comp_pubkey[1], oqsxkey->pubkeylen_cmp); oct.data = buf; oct.length = buflen; + oct.flags = 0; - keybloblen = i2d_ASN1_OCTET_STRING(&oct, &temp); + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); if (keybloblen < 0) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, &temp); + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); if (!sk_ASN1_TYPE_push(sk, aType)) return -1; From 6c9b9df0048ad60381ccdfa335e5ea820a3baca7 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 21 Oct 2022 11:09:59 -0400 Subject: [PATCH 013/160] add non PQC keys to Composite --- oqsprov/oqs_encode_key2any.c | 1 - oqsprov/oqsprov_keys.c | 102 ++++++++++++++++++++++++++--------- 2 files changed, 76 insertions(+), 27 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 474e2ff7..14064030 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -667,7 +667,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oct.data = buf; oct.length = buflen; oct.flags = 0; - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) keybloblen = 0; // signal error keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 69c8492c..fe0b1be4 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -589,7 +589,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 2, err); - if (!strncmp(algname, "rsa3072_", 8)) + if (!strncmp(algname, "rsa3072", 7)) idx += 3; else if (algname[0] != 'p') { OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); @@ -699,7 +699,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, printf("13\n"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; - int ret2 = 0; + int ret2 = 0, ret3 = 0; if (ret == NULL) goto err; @@ -838,28 +838,57 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, + evp_ctx->evp_info->length_public_key; ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; - ret->evp_info = evp_ctx->evp_info; + ret->evp_info = evp_ctx->evp_info; break; case KEY_TYPE_CMP_SIG: - ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { - fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", oqs_name); - goto err; + if (get_tlsname_fromoqs(oqs_name) != 0){ + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { + fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", oqs_name); + goto err; + } + }else{ + evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); + ON_ERR_GOTO(!evp_ctx, err); + + ret2 = oqsx_hybsig_init(bit_security, evp_ctx, oqs_name); + ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); + ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; } - ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); - if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) { - fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?B\n", cmp_name); - goto err; + if (get_tlsname_fromoqs(cmp_name) != 0){ + ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); + if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) { + fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?B\n", cmp_name); + goto err; + } + }else{ + evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); + ON_ERR_GOTO(!evp_ctx, err); + + ret3 = oqsx_hybsig_init(bit_security, evp_ctx, cmp_name); + ON_ERR_GOTO(ret3 <= 0 || !evp_ctx->ctx, err); + ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx = evp_ctx; } ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; - ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + if (ret2) { + ret->privkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_private_key; + ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_public_key; + + }else{ + ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + } + if (ret3){ + ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key; + ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key; + }else{ + ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; + } ret->keytype = primitive; break; @@ -969,7 +998,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int ret = 0; if (!key->privkey && include_private) { - key->privkey = OPENSSL_secure_zalloc(key->privkeylen); + key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp); ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); } if (!key->pubkey && !include_private) { @@ -1056,7 +1085,7 @@ printf("18\n"); * pubkey/privkey buffers; returned EVP_PKEY must be freed if not used */ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, - unsigned char *privkey) + unsigned char *privkey, int encode) { printf("19\n"); int ret = 0, ret2 = 0; @@ -1115,11 +1144,11 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(!ck2, ret, -14, errhyb); EVP_PKEY_free(ck2); } - ENCODE_UINT32(pubkey, pubkeylen); - ENCODE_UINT32(privkey, privkeylen); - OQS_KEY_PRINTF3( - "OQSKM: Storing classical privkeylen: %ld & pubkeylen: %ld\n", - privkeylen, pubkeylen); + if (encode){ + ENCODE_UINT32(pubkey, pubkeylen); + ENCODE_UINT32(privkey, privkeylen); + } + OQS_KEY_PRINTF3("OQSKM: Storing classical privkeylen: %ld & pubkeylen: %ld\n", privkeylen, pubkeylen); EVP_PKEY_CTX_free(kgctx); OPENSSL_free(pubkey_encoded); @@ -1154,7 +1183,7 @@ int oqsx_key_gen(OQSX_KEY *key) || key->keytype == KEY_TYPE_ECX_HYB_KEM || key->keytype == KEY_TYPE_HYB_SIG) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, - key->pubkey, key->privkey); + key->pubkey, key->privkey, 1); ON_ERR_GOTO(pkey == NULL, err); ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); @@ -1169,12 +1198,33 @@ int oqsx_key_gen(OQSX_KEY *key) pkey = NULL; ret = oqsx_key_gen_oqs(key, 1); } - } else if (key->keytype == KEY_TYPE_SIG - || key->keytype == KEY_TYPE_CMP_SIG) { + } else if(key->keytype == KEY_TYPE_CMP_SIG){ + if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 1); + ON_ERR_GOTO(pkey==NULL, err); + pkey = NULL; + ret = oqsx_key_set_composites(key); + ON_ERR_GOTO(ret, err); + }else{ + ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->pubkey, key->privkey); + ON_ERR_GOTO(ret, err); + key->comp_privkey[0] = key->privkey; + key->comp_pubkey[0] = key->pubkey; + } + + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1], 0); + ON_ERR_GOTO(pkey==NULL, err); + }else{ + ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen, key->pubkey + key->pubkeylen); + key->comp_pubkey[1] = key->pubkey + key->pubkeylen; + key->comp_privkey[1] = key->privkey + key->privkeylen; + } + +}else if (key->keytype == KEY_TYPE_SIG) { ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); ret = oqsx_key_gen_oqs(key, 0); // 18 - printf("ret = %i\n", ret); } else { ret = 1; } From b53e643164213071bc2a4d9d28d4d795f1eb62de Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 28 Oct 2022 10:46:41 -0400 Subject: [PATCH 014/160] p521_rsa3072 --- oqsprov/oqsprov_keys.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index fe0b1be4..d339f878 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -998,7 +998,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int ret = 0; if (!key->privkey && include_private) { - key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp); + key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp + SIZE_OF_UINT32); ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); } if (!key->pubkey && !include_private) { @@ -1257,9 +1257,16 @@ int oqsx_key_maxsize(OQSX_KEY *key) + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; case KEY_TYPE_CMP_SIG: - return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature - + key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature - + SIZE_OF_UINT32; + int aux = 0; + if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0) + aux += key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; + else + aux += key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) + aux += key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + else + aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; + return aux; default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; From 79470db133188d7c7d2501fbab8ad5aa159ef92f Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 3 Nov 2022 16:05:51 -0400 Subject: [PATCH 015/160] Fixed execution error for the non-PQC key --- oqsprov/oqs_encode_key2any.c | 40 ++++++++++++--------- oqsprov/oqs_sig.c | 67 +++++++++++++++++++++++++----------- oqsprov/oqsprov_keys.c | 1 + 3 files changed, 71 insertions(+), 37 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 14064030..7b6072eb 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -667,19 +667,22 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oct.data = buf; oct.length = buflen; oct.flags = 0; - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } + if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0){ + temp = buf; + keybloblen = buflen; + }else{ + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } + } ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) return -1; @@ -697,14 +700,19 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oct.length = buflen; oct.flags = 0; - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error + if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0){ + temp = buf; + keybloblen = buflen; + }else{ + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } } - + ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 25af0a15..c0d29321 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -209,33 +209,52 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite + OQS_SIG *oqs_key = NULL; + OQS_SIG *cmp_key = NULL; EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - int is_hybrid = evpkey != NULL; - int is_composite = cmp_key != NULL; - size_t max_sig_len = oqs_key->length_signature; + int is_hybrid = evpkey!=NULL; + int is_composite = (poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig != NULL || poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_evp_ctx->keyParam != NULL); + size_t max_sig_len = 0; size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; size_t actual_classical_sig_len = 0, actual_oqs_sig_len = 0; - size_t index = 0; + size_t index = 0, oqs = 0, cmp = 0; int rv = 0; + if(!is_composite){ + max_sig_len = oqs_key->length_signature; + oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + }else{ + if (poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig != NULL) + cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; + else{ + cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_evp_ctx->keyParam; + cmp = 1; + } + + if (poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig != NULL) + oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + else{ + oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_evp_ctx->keyParam; + oqs = 1; + } + } + if (!oqsxkey || !oqs_key || !oqsxkey->privkey) { ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); return rv; } + if (is_hybrid) { actual_classical_sig_len = oqsxkey->evp_info->length_signature; max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); } - if (is_composite) - max_sig_len += (SIZE_OF_UINT32 + cmp_key->length_signature); + if (sig == NULL) { *siglen = max_sig_len; @@ -322,25 +341,31 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (is_composite){ - if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } + if (!oqs){ + if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } - ENCODE_UINT32(sig, actual_oqs_sig_len); - oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; - index += oqs_sig_len; + ENCODE_UINT32(sig, actual_oqs_sig_len); + oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; + index += oqs_sig_len; + }else{ //sign non PQC key on oqs_key - if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; } - } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, - oqsxkey->comp_privkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) { + + if(!cmp) + if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } + else{ //sign non PQC key on cmp_key + + } + } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } *siglen = classical_sig_len + oqs_sig_len + cmp_sig_len; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index d339f878..a48ee284 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1267,6 +1267,7 @@ int oqsx_key_maxsize(OQSX_KEY *key) else aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; return aux; + } default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; From f01162fb5235011ff9d03929cf531fa872329632 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 8 Nov 2022 15:15:25 -0500 Subject: [PATCH 016/160] Setup for the classical encoding on composite keys --- oqsprov/oqs_encode_key2any.c | 2 +- oqsprov/oqs_prov.h | 1 + oqsprov/oqs_sig.c | 65 ++++++++++++++++++++---------------- oqsprov/oqsprov_keys.c | 7 +++- 4 files changed, 44 insertions(+), 31 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 7b6072eb..e4715dea 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -712,7 +712,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } } - + ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 2b18fb55..37d3f7a3 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -160,6 +160,7 @@ struct oqsx_key_st { OQSX_ENCODING_CTX oqsx_encoding_ctx; #endif OQSX_PROVIDER_CTX oqsx_provider_ctx_cmp; + EVP_PKEY** cmp_classical_pkey; EVP_PKEY *classical_pkey; // for hybrid sigs const OQSX_EVP_INFO *evp_info; size_t numkeys; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index c0d29321..02276599 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -208,45 +208,39 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = NULL; - OQS_SIG *cmp_key = NULL; - EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, - // we're running hybrid + OQSX_KEY* oqsxkey = poqs_sigctx->sig; + OQS_SIG* oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + EVP_PKEY* oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; // if this value is not NULL, the first key is Classic + OQS_SIG* cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite with PQC as second key + EVP_PKEY* cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; // if this value is not NULL, we're running composite with Classic as second key + EVP_PKEY* evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); int is_hybrid = evpkey!=NULL; - int is_composite = (poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig != NULL || poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_evp_ctx->keyParam != NULL); + int is_composite = (cmp_key != NULL || cmp_key_classic != NULL); size_t max_sig_len = 0; size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; size_t actual_classical_sig_len = 0, actual_oqs_sig_len = 0; - size_t index = 0, oqs = 0, cmp = 0; + size_t index = 0; int rv = 0; - if(!is_composite){ - max_sig_len = oqs_key->length_signature; - oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - }else{ - if (poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig != NULL) - cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; - else{ - cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_evp_ctx->keyParam; - cmp = 1; - } - - if (poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig != NULL) - oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - else{ - oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_evp_ctx->keyParam; - oqs = 1; - } + if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); + return rv; } - if (!oqsxkey || !oqs_key || !oqsxkey->privkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); - return rv; + if(oqs_key_classic != NULL) + max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; + else + max_sig_len += oqs_key->length_signature; + + if (is_composite){ + if(cmp_key_classic != NULL) + max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + else + max_sig_len += cmp_key->length_signature; } if (is_hybrid) { @@ -341,7 +335,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (is_composite){ - if (!oqs){ + if (oqs_key_classic == NULL){ if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; @@ -351,10 +345,23 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; index += oqs_sig_len; }else{ //sign non PQC key on oqs_key + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + + if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + } + } - if(!cmp) + if(cmp_key_classic == NULL) if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index a48ee284..580592c7 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -839,6 +839,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; ret->evp_info = evp_ctx->evp_info; + + ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); break; case KEY_TYPE_CMP_SIG: if (get_tlsname_fromoqs(oqs_name) != 0){ @@ -874,6 +876,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); if (ret2) { ret->privkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_private_key; ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_public_key; @@ -1202,7 +1205,7 @@ int oqsx_key_gen(OQSX_KEY *key) if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 1); ON_ERR_GOTO(pkey==NULL, err); - pkey = NULL; + key->cmp_classical_pkey[0] = pkey; ret = oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); }else{ @@ -1214,9 +1217,11 @@ int oqsx_key_gen(OQSX_KEY *key) if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1], 0); + key->cmp_classical_pkey[key->numkeys-1] = pkey; ON_ERR_GOTO(pkey==NULL, err); }else{ ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen, key->pubkey + key->pubkeylen); + ON_ERR_GOTO(ret, err); key->comp_pubkey[1] = key->pubkey + key->pubkeylen; key->comp_privkey[1] = key->privkey + key->privkeylen; } From 213d7f95c1d65f1177241fd30cf86c78906e87ec Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Wed, 9 Nov 2022 19:08:00 -0500 Subject: [PATCH 017/160] Working classical (ec, rsa) in composite structure --- oqsprov/oqs_encode_key2any.c | 47 +++++++------- oqsprov/oqs_sig.c | 118 +++++++++++++++++++++++++++++++---- 2 files changed, 130 insertions(+), 35 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index e4715dea..3ce99d1a 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -557,7 +557,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) unsigned char *buf = NULL; int buflen = 0, privkeylen; ASN1_OCTET_STRING oct; - int keybloblen; + int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; ASN1_STRING *aString = NULL; @@ -667,18 +667,17 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oct.data = buf; oct.length = buflen; oct.flags = 0; - if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0){ - temp = buf; - keybloblen = buflen; - }else{ - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } - } + if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) + nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)))); + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); @@ -700,18 +699,18 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oct.length = buflen; oct.flags = 0; - if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0){ - temp = buf; - keybloblen = buflen; - }else{ - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))))), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } + if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) + nid = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)))); + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error } + ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 02276599..cec370ed 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -222,7 +222,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, int is_composite = (cmp_key != NULL || cmp_key_classic != NULL); size_t max_sig_len = 0; size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; - size_t actual_classical_sig_len = 0, actual_oqs_sig_len = 0; + size_t actual_classical_sig_len = 0; size_t index = 0; int rv = 0; @@ -231,16 +231,24 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, return rv; } - if(oqs_key_classic != NULL) + if(oqs_key_classic != NULL){ max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - else + oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; + } + else{ max_sig_len += oqs_key->length_signature; + oqs_sig_len = oqs_key->length_signature; + } if (is_composite){ - if(cmp_key_classic != NULL) - max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - else + if(cmp_key_classic != NULL){ + max_sig_len += SIZE_OF_UINT32 + oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + cmp_sig_len = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + } + else{ max_sig_len += cmp_key->length_signature; + cmp_sig_len = cmp_key->length_signature; + } } if (is_hybrid) { @@ -336,15 +344,19 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite){ if (oqs_key_classic == NULL){ - if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &actual_oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } - ENCODE_UINT32(sig, actual_oqs_sig_len); - oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; + ENCODE_UINT32(sig, oqs_sig_len); + oqs_sig_len = SIZE_OF_UINT32 + oqs_sig_len; index += oqs_sig_len; }else{ //sign non PQC key on oqs_key + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); @@ -357,17 +369,101 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } + unsigned char* name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p'){ + if(name[1] == '2'){//p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char*) &digest); + } + if(name[1] == '3'){//p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char*) &digest); + } + if(name[1] == '5'){//p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char*) &digest); + } + }else{//rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char*) &digest); + } + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, sig + SIZE_OF_UINT32, &oqs_sig_len, digest, digest_len) <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + if (oqs_sig_len > oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature) { + /* sig is bigger than expected */ + ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + goto endsign; + } + ENCODE_UINT32(sig, oqs_sig_len); + oqs_sig_len = SIZE_OF_UINT32 + oqs_sig_len; + index += oqs_sig_len; } - if(cmp_key_classic == NULL) + if(cmp_key_classic == NULL){ if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } - else{ //sign non PQC key on cmp_key + }else{ //sign non PQC key on cmp_key + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + if ((classical_ctx_sign = EVP_PKEY_CTX_new(cmp_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + + if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + } + unsigned char* name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p'){ + if(name[1] == '2'){//p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char*) &digest); + } + if(name[1] == '3'){//p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char*) &digest); + } + if(name[1] == '5'){//p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char*) &digest); + } + }else{//rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char*) &digest); + } + + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, sig + index, &cmp_sig_len, digest, digest_len) <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + + if (cmp_sig_len > oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature) { + /* sig is bigger than expected */ + ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + goto endsign; + } } } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); From 85875479d0a8a5245e831f3b509275286341d680 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 17 Nov 2022 17:03:35 -0500 Subject: [PATCH 018/160] Illegal instruction error --- oqsprov/oqsprov_keys.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 580592c7..464de915 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -966,8 +966,14 @@ void oqsx_key_free(OQSX_KEY *key) OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); } if(key->keytype == KEY_TYPE_CMP_SIG){ - OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); - OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); + if (key->oqsx_provider_ctx.oqsx_qs_ctx.sig == NULL) + OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); + else + OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + if (key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig == NULL) + OPENSSL_free(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx); + else + OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); } #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); @@ -1272,7 +1278,7 @@ int oqsx_key_maxsize(OQSX_KEY *key) else aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; return aux; - } + default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; From fab30c7f4bb40898aab2a967cdd6b0f990091778 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Tue, 3 Oct 2023 06:36:47 +0200 Subject: [PATCH 019/160] fix for txt output length of plain PQ key material (#268) * fix for txt output length of plain PQ key material * clarify use of hybrids in txt encoder * add txt/DER/PEM test and make key output dependent on tool availability --- oqsprov/oqs_encode_key2any.c | 77 +++++++++++++++++++--------------- scripts/oqsprovider-certgen.sh | 10 +++++ 2 files changed, 54 insertions(+), 33 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index ca545dd8..7704da89 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -1103,7 +1103,6 @@ static int print_labeled_buf(BIO *out, const char *label, static int oqsx_to_text(BIO *out, const void *key, int selection) { OQSX_KEY *okey = (OQSX_KEY *)key; - int is_hybrid = 0; if (out == NULL || okey == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_PASSED_NULL_PARAMETER); @@ -1125,7 +1124,6 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_HYB_SIG: - is_hybrid = 1; if (BIO_printf(out, "%s hybrid private key:\n", okey->tls_name) <= 0) return 0; @@ -1149,7 +1147,6 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_HYB_SIG: - is_hybrid = 1; if (BIO_printf(out, "%s hybrid public key:\n", okey->tls_name) <= 0) return 0; break; @@ -1160,40 +1157,54 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) } if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { - int classic_key_len = 0; - - if (okey->numkeys > 1) { - char classic_label[200]; - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); - DECODE_UINT32(classic_key_len, okey->privkey); - if (!print_labeled_buf(out, classic_label, okey->comp_privkey[0], - classic_key_len)) - return 0; + if (okey->privkey) { + if (okey->numkeys > 1) { // hybrid key + char classic_label[200]; + int classic_key_len = 0; + sprintf(classic_label, + "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); + DECODE_UINT32(classic_key_len, okey->privkey); + if (!print_labeled_buf(out, classic_label, + okey->comp_privkey[0], classic_key_len)) + return 0; + /* finally print pure PQ key */ + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen - classic_key_len + - SIZE_OF_UINT32)) + return 0; + } else { // plain PQ key + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen)) + return 0; + } } - /* finally print pure PQ key */ - if (!print_labeled_buf( - out, "PQ key material:", okey->comp_privkey[okey->numkeys - 1], - okey->privkeylen - classic_key_len - SIZE_OF_UINT32)) - return 0; } if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { - int classic_key_len = 0; - - if (okey->numkeys > 1) { - char classic_label[200]; - DECODE_UINT32(classic_key_len, okey->pubkey); - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); - if (!print_labeled_buf(out, classic_label, okey->comp_pubkey[0], - classic_key_len)) - return 0; + if (okey->pubkey) { + if (okey->numkeys > 1) { // hybrid key + char classic_label[200]; + int classic_key_len = 0; + DECODE_UINT32(classic_key_len, okey->pubkey); + sprintf(classic_label, + "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); + if (!print_labeled_buf(out, classic_label, okey->comp_pubkey[0], + classic_key_len)) + return 0; + /* finally print pure PQ key */ + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen - classic_key_len + - SIZE_OF_UINT32)) + return 0; + } else { // PQ key only + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen)) + return 0; + } } - /* finally print pure PQ key */ - if (!print_labeled_buf( - out, "PQ key material:", okey->comp_pubkey[okey->numkeys - 1], - okey->pubkeylen - classic_key_len - SIZE_OF_UINT32)) - return 0; } return 1; diff --git a/scripts/oqsprovider-certgen.sh b/scripts/oqsprovider-certgen.sh index e642bedd..6f607bd1 100755 --- a/scripts/oqsprovider-certgen.sh +++ b/scripts/oqsprovider-certgen.sh @@ -1,6 +1,10 @@ #!/bin/bash +set -e +set -x + # Use newly built oqsprovider to generate certs for alg $1 +# Tests use of openssl req genpkey x509 verify pkey commands if [ $# -ne 1 ]; then echo "Usage: $0 . Exiting." @@ -31,6 +35,12 @@ $OPENSSL_APP genpkey -algorithm $1 -out tmp/$1_srv.key && \ $OPENSSL_APP req -new -newkey $1 -keyout tmp/$1_srv.key -out tmp/$1_srv.csr -nodes -subj "/CN=oqstest server" && \ $OPENSSL_APP x509 -req -in tmp/$1_srv.csr -out tmp/$1_srv.crt -CA tmp/$1_CA.crt -CAkey tmp/$1_CA.key -CAcreateserial -days 365 && \ $OPENSSL_APP verify -CAfile tmp/$1_CA.crt tmp/$1_srv.crt +# test PEM/DER/TEXT encoder/decoder logic: +$OPENSSL_APP pkey -text -in tmp/$1_CA.key +$OPENSSL_APP pkey -in tmp/$1_CA.key -outform DER -out tmp/$1_CA.der +if command -v xxd &> /dev/null; then +xxd -i tmp/$1_CA.der +fi #fails: #$OPENSSL_APP verify -CAfile tmp/$1_CA.crt tmp/$1_srv.crt -provider oqsprovider -provider default From cc170796f0f2b122da3e71e8750d1a6e63ccf4f4 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 22 Nov 2022 17:10:47 -0500 Subject: [PATCH 020/160] starting the certificate structures --- oqsprov/oqs_encode_key2any.c | 7 - oqsprov/oqs_sig.c | 12 +- oqsprov/oqsprov_keys.c | 329 +++++++++++++++++++++++------------ 3 files changed, 225 insertions(+), 123 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 3ce99d1a..2a652142 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -664,9 +664,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->privkeylen); memcpy(buf + oqsxkey->privkeylen, oqsxkey->comp_pubkey[0], oqsxkey->pubkeylen); - oct.data = buf; - oct.length = buflen; - oct.flags = 0; if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; else @@ -695,10 +692,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf, oqsxkey->comp_privkey[1], oqsxkey->privkeylen_cmp); memcpy(buf + oqsxkey->privkeylen_cmp, oqsxkey->comp_pubkey[1], oqsxkey->pubkeylen_cmp); - oct.data = buf; - oct.length = buflen; - oct.flags = 0; - if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) nid = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid; else diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index cec370ed..4b891fb9 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -344,14 +344,10 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite){ if (oqs_key_classic == NULL){ - if (OQS_SIG_sign(oqs_key, sig + SIZE_OF_UINT32, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + if (OQS_SIG_sign(oqs_key, sig, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } - - ENCODE_UINT32(sig, oqs_sig_len); - oqs_sig_len = SIZE_OF_UINT32 + oqs_sig_len; - index += oqs_sig_len; }else{ //sign non PQC key on oqs_key const EVP_MD *classical_md; int digest_len; @@ -393,7 +389,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, sig + SIZE_OF_UINT32, &oqs_sig_len, digest, digest_len) <= 0)) { + (EVP_PKEY_sign(classical_ctx_sign, sig, &oqs_sig_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } @@ -402,11 +398,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); goto endsign; + } } - ENCODE_UINT32(sig, oqs_sig_len); - oqs_sig_len = SIZE_OF_UINT32 + oqs_sig_len; index += oqs_sig_len; - } if(cmp_key_classic == NULL){ if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 464de915..99165052 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -33,7 +33,8 @@ printf(a, b, c) #endif // NDEBUG -typedef enum { +typedef enum +{ KEY_OP_PUBLIC, KEY_OP_PRIVATE, KEY_OP_KEYGEN @@ -41,11 +42,12 @@ typedef enum { /// NID/name table -typedef struct { +typedef struct +{ int nid; - char* tlsname; - char* oqsname; - char* cmpname; + char *tlsname; + char *oqsname; + char *cmpname; int keytype; int secbits; } oqs_nid_name_t; @@ -125,15 +127,18 @@ static int get_keytype(int nid) return 0; } -char* get_tlsname_fromoqs(char* oqsname) { - int i; - for(i=0;icomp_privkey[0] = key->privkey; key->comp_pubkey[0] = key->pubkey; } else { // TBD: extend for more than 1 classic key: - int classic_pubkey_len, classic_privkey_len; - - if (key->privkey) { - key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_privkey_len, key->privkey); - key->comp_privkey[1] - = (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; - } else { - key->comp_privkey[0] = NULL; - key->comp_privkey[1] = NULL; - } - if (key->pubkey) { - key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_pubkey_len, key->pubkey); - key->comp_pubkey[1] - = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; - } else { + if (key->keytype != KEY_TYPE_CMP_SIG){ + int classic_pubkey_len, classic_privkey_len; + + if (key->privkey) + { + key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_privkey_len, key->privkey); + key->comp_privkey[1] + = (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; + } + else + { + key->comp_privkey[0] = NULL; + key->comp_privkey[1] = NULL; + } + if (key->pubkey) + { + key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_pubkey_len, key->pubkey); + key->comp_pubkey[1] + = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; + } + else + { + key->comp_pubkey[0] = NULL; + key->comp_pubkey[1] = NULL; + } + }else{ + int classic_pubkey_len, classic_privkey_len; - key->comp_pubkey[0] = NULL; - key->comp_pubkey[1] = NULL; + if (key->privkey) + { + key->comp_privkey[0] = (char *)key->privkey; + key->comp_privkey[1] = (char *)key->privkey + key->privkeylen; + } + else + { + key->comp_privkey[0] = NULL; + key->comp_privkey[1] = NULL; + } + if (key->pubkey) + { + key->comp_pubkey[0] = (char *)key->pubkey; + key->comp_pubkey[1] = (char *)key->pubkey + key->pubkeylen; + } + else + { + key->comp_pubkey[0] = NULL; + key->comp_pubkey[1] = NULL; + } } } +err: return ret; } @@ -222,7 +260,7 @@ void oqsx_freeprovctx(PROV_OQS_CTX *ctx) void oqsx_key_set0_libctx(OQSX_KEY *key, OSSL_LIB_CTX *libctx) { - printf("4\n"); + printf("4\n"); key->libctx = libctx; } @@ -277,32 +315,36 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int plen, oqsx_key_op_t op, OSSL_LIB_CTX *libctx, const char *propq) { - printf("7\n"); + printf("7\n"); OQSX_KEY *key = NULL; void **privkey, **pubkey; int nid = NID_undef; int ret = 0; OQS_KEY_PRINTF2("OQSX KEY: key_op called with data of len %d\n", plen); - if (palg != NULL) { + if (palg != NULL) + { int ptype; /* Algorithm parameters must be absent */ X509_ALGOR_get0(NULL, &ptype, NULL, palg); - if (ptype != V_ASN1_UNDEF || !palg || !palg->algorithm) { + if (ptype != V_ASN1_UNDEF || !palg || !palg->algorithm) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } nid = OBJ_obj2nid(palg->algorithm); } - if (p == NULL || nid == EVP_PKEY_NONE || nid == NID_undef) { + if (p == NULL || nid == EVP_PKEY_NONE || nid == NID_undef) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } key = oqsx_key_new_from_nid(libctx, propq, nid); - if (key == NULL) { + if (key == NULL) + { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } @@ -455,15 +497,17 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, /* Recreate EVP data structure after import. RetVal 0 is error. */ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { - if (key->numkeys == 2) { // hybrid key + if (key->keytype == KEY_TYPE_HYB_SIG) { // hybrid key int classical_pubkey_len, classical_privkey_len; - if (!key->evp_info) { + if (!key->evp_info) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_EVPINFO_MISSING); goto rec_err; } if (op == KEY_OP_PUBLIC) { DECODE_UINT32(classical_pubkey_len, key->pubkey); - if (key->evp_info->raw_key_support) { + if (key->evp_info->raw_key_support) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } else { @@ -484,7 +528,8 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (op == KEY_OP_PRIVATE) { DECODE_UINT32(classical_privkey_len, key->privkey); - if (key->evp_info->raw_key_support) { + if (key->evp_info->raw_key_support) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } else { @@ -508,21 +553,49 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } } } - return 1; -rec_err: - return 0; + if (key->keytype == KEY_TYPE_CMP_SIG){ + if (op == KEY_OP_PUBLIC){ + memcpy(key->pubkey, p + plen, key->pubkeylen_cmp); + if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ + const unsigned char *enc_pubkey = key->comp_pubkey[0]; + key->classical_pkey = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey, plen); + } + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ + const unsigned char *enc_pubkey_comp = key->comp_pubkey[1]; + key->cmp_classical_pkey = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); + } + } + if (op == KEY_OP_PRIVATE){ + memcpy(key->pubkey, p + plen, key->privkeylen_cmp); + if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ + const unsigned char *enc_privkey = key->comp_pubkey[0]; + key->classical_pkey = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); + } + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ + const unsigned char *enc_privkey_comp = key->comp_pubkey[1]; + key->cmp_classical_pkey = d2i_PrivateKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key); + } + } + } + + return key; + +err: + oqsx_key_free(key); + return NULL; } OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, const char *propq) { - printf("8\n"); + printf("8\n"); const unsigned char *p; int plen; X509_ALGOR *palg; OQSX_KEY *oqsx = NULL; - if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) { + if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) + { return NULL; } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); @@ -532,7 +605,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { - printf("9\n"); + printf("9\n"); OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; @@ -543,10 +616,13 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, return 0; oct = d2i_ASN1_OCTET_STRING(NULL, &p, plen); - if (oct == NULL) { + if (oct == NULL) + { p = NULL; plen = 0; - } else { + } + else + { p = ASN1_STRING_get0_data(oct); plen = ASN1_STRING_length(oct); } @@ -584,7 +660,7 @@ static const OQSX_EVP_INFO nids_ecx[] = { static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, char *algname) { - printf("10\n"); + printf("10\n"); int ret = 1; int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 2, err); @@ -628,7 +704,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("11\n"); + printf("11\n"); int ret = 1; int idx = 0; while (idx < sizeof(OQSX_ECP_NAMES)) { @@ -659,7 +735,7 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("12\n"); + printf("12\n"); int ret = 1; int idx = 0; @@ -696,7 +772,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, int alg_idx) { - printf("13\n"); + printf("13\n"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; int ret2 = 0, ret3 = 0; @@ -712,12 +788,14 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } #endif - if (oqs_name == NULL) { + if (oqs_name == NULL) + { OQS_KEY_PRINTF("OQSX_KEY: Fatal error: No OQS key name provided:\n"); goto err; } - if (tls_name == NULL) { + if (tls_name == NULL) + { OQS_KEY_PRINTF("OQSX_KEY: Fatal error: No TLS key name provided:\n"); goto err; } @@ -838,37 +916,45 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, + evp_ctx->evp_info->length_public_key; ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; - ret->evp_info = evp_ctx->evp_info; + ret->evp_info = evp_ctx->evp_info; ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - break; + break; case KEY_TYPE_CMP_SIG: - if (get_tlsname_fromoqs(oqs_name) != 0){ + if (get_tlsname_fromoqs(oqs_name) != 0) + { ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) + { fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", oqs_name); goto err; } - }else{ + } + else + { evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); ON_ERR_GOTO(!evp_ctx, err); - ret2 = oqsx_hybsig_init(bit_security, evp_ctx, oqs_name); + ret2 = oqsx_hybsig_init(bit_security, evp_ctx, oqs_name); ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; } - if (get_tlsname_fromoqs(cmp_name) != 0){ + if (get_tlsname_fromoqs(cmp_name) != 0) + { ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); - if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) { + if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) + { fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?B\n", cmp_name); goto err; } - }else{ + } + else + { evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); ON_ERR_GOTO(!evp_ctx, err); - ret3 = oqsx_hybsig_init(bit_security, evp_ctx, cmp_name); + ret3 = oqsx_hybsig_init(bit_security, evp_ctx, cmp_name); ON_ERR_GOTO(ret3 <= 0 || !evp_ctx->ctx, err); ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx = evp_ctx; } @@ -877,24 +963,29 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - if (ret2) { + if (ret2) + { ret->privkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_private_key; ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_public_key; - - }else{ + } + else + { ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; } - if (ret3){ + if (ret3) + { ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key; ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key; - }else{ + } + else + { ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; } ret->keytype = primitive; - break; + break; default: OQS_KEY_PRINTF2("OQSX_KEY: Unknown key type encountered: %d\n", primitive); @@ -906,8 +997,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->tls_name = OPENSSL_strdup(tls_name); ret->bit_security = bit_security; - - if (propq != NULL) { + if (propq != NULL) + { ret->propq = OPENSSL_strdup(propq); ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); if (ret->propq == NULL) @@ -924,7 +1015,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, void oqsx_key_free(OQSX_KEY *key) { - printf("14\n"); + printf("14\n"); int refcnt; if (key == NULL) return; @@ -974,16 +1065,20 @@ void oqsx_key_free(OQSX_KEY *key) OPENSSL_free(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx); else OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); - } + }else + OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); #endif + OPENSSL_free(key->classical_pkey); + OPENSSL_free(key->cmp_classical_pkey); OPENSSL_free(key); } int oqsx_key_up_ref(OQSX_KEY *key) { - printf("15\n"); + printf("15\n"); int refcnt; #ifndef OQS_PROVIDER_NOATOMIC @@ -1003,11 +1098,15 @@ int oqsx_key_up_ref(OQSX_KEY *key) int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) { - printf("16\n"); - int ret = 0; + printf("16\n"); + int ret = 0, aux = 0; + + if (key->keytype != KEY_TYPE_CMP_SIG) + aux = SIZE_OF_UINT32; - if (!key->privkey && include_private) { - key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp + SIZE_OF_UINT32); + if (!key->privkey && include_private) + { + key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp + aux); ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); } if (!key->pubkey && !include_private) { @@ -1021,41 +1120,49 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { - printf("17\n"); + printf("17\n"); const OSSL_PARAM *p; OQS_KEY_PRINTF("OQSX Key from data called\n"); p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + if (p != NULL) + { + if (p->data_type != OSSL_PARAM_OCTET_STRING) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } - if (key->privkeylen != p->data_size) { + if (key->privkeylen != p->data_size) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE); return 0; } OPENSSL_secure_clear_free(key->privkey, p->data_size); key->privkey = OPENSSL_secure_malloc(p->data_size); - if (key->privkey == NULL) { + if (key->privkey == NULL) + { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } memcpy(key->privkey, p->data, p->data_size); } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + if (p != NULL) + { + if (p->data_type != OSSL_PARAM_OCTET_STRING) + { OQS_KEY_PRINTF("invalid data type\n"); return 0; } - if (key->pubkeylen != p->data_size) { + if (key->pubkeylen != p->data_size) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE); return 0; } OPENSSL_secure_clear_free(key->pubkey, p->data_size); key->pubkey = OPENSSL_secure_malloc(p->data_size); - if (key->pubkey == NULL) { + if (key->pubkey == NULL) + { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } @@ -1096,7 +1203,7 @@ printf("18\n"); static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *privkey, int encode) { - printf("19\n"); + printf("19\n"); int ret = 0, ret2 = 0; // Free at errhyb: @@ -1121,7 +1228,8 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); - if (ctx->evp_info->raw_key_support) { + if (ctx->evp_info->raw_key_support) + { // TODO: If available, use preallocated memory pubkeylen = EVP_PKEY_get1_encoded_public_key(pkey, &pubkey_encoded); ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key @@ -1174,7 +1282,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, * OQSX_KEY */ int oqsx_key_gen(OQSX_KEY *key) { - printf("20\n"); + printf("20\n"); int ret = 0; EVP_PKEY *pkey = NULL; @@ -1210,22 +1318,27 @@ int oqsx_key_gen(OQSX_KEY *key) } else if(key->keytype == KEY_TYPE_CMP_SIG){ if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 1); - ON_ERR_GOTO(pkey==NULL, err); + ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[0] = pkey; ret = oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); - }else{ + } + else + { ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->pubkey, key->privkey); ON_ERR_GOTO(ret, err); key->comp_privkey[0] = key->privkey; key->comp_pubkey[0] = key->pubkey; } - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1], 0); - key->cmp_classical_pkey[key->numkeys-1] = pkey; - ON_ERR_GOTO(pkey==NULL, err); - }else{ + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) + { + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1], 0); + key->cmp_classical_pkey[key->numkeys - 1] = pkey; + ON_ERR_GOTO(pkey == NULL, err); + } + else + { ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen, key->pubkey + key->pubkeylen); ON_ERR_GOTO(ret, err); key->comp_pubkey[1] = key->pubkey + key->pubkeylen; @@ -1236,7 +1349,9 @@ int oqsx_key_gen(OQSX_KEY *key) ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); ret = oqsx_key_gen_oqs(key, 0); // 18 - } else { + } + else + { ret = 1; } err: From b387d19c0b5ec14e5a65036e52cbb34f2f5a5a84 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 1 Dec 2022 17:54:52 -0500 Subject: [PATCH 021/160] added: dilithium3_rsa3072, dilithium3_p256 and falcon512_p256 --- oqsprov/oqs_decode_der2key.c | 9 +++++++ oqsprov/oqs_encode_key2any.c | 30 ++++++++++++++++++++++ oqsprov/oqs_kmgmt.c | 33 ++++++++++++++++++++++++ oqsprov/oqs_prov.h | 30 ++++++++++++++++++++++ oqsprov/oqsdecoders.inc | 7 +++++ oqsprov/oqsencoders.inc | 39 ++++++++++++++++++++++++++++ oqsprov/oqsprov.c | 14 +++++++++- oqsprov/oqsprov_keys.c | 50 ++++++++++++++++++++---------------- 8 files changed, 189 insertions(+), 23 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index da4d666b..48800944 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -605,4 +605,13 @@ MAKE_DECODER("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo); MAKE_DECODER("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 2a652142..8908c3ca 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -800,6 +800,18 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_sphincsshake128fsimple_input_type \ "rsa3072_sphincsshake128fsimple" #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" + +# define dilithium3_rsa3072_evp_type 0 +# define dilithium3_rsa3072_input_type "dilithium3_rsa3072" +# define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" + +# define dilithium3_p256_evp_type 0 +# define dilithium3_p256_input_type "dilithium3_p256" +# define dilithium3_p256_pem_type "dilithium3_p256" + +# define falcon512_p256_evp_type 0 +# define falcon512_p256_input_type "falcon512_p256" +# define falcon512_p256_pem_type "falcon512_p256" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -1529,4 +1541,22 @@ MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(rsa3072_sphincsshake128fsimple); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 7dbb842c..cbcc7a31 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -862,6 +862,36 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, } +static void *dilithium3_rsa3072_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3,"rsa3072", "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3,"rsa3072", "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128); +} + +static void *dilithium3_p256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3,"p256", "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *dilithium3_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3,"p256", "dilithium3_p256", KEY_TYPE_CMP_SIG, 128); +} + +static void *falcon512_p256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "p256", "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *falcon512_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512,"p256", "falcon512_p256", KEY_TYPE_CMP_SIG, 128); +} + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ @@ -1034,6 +1064,9 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p384_sphincssha2192fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_rsa3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_p256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 37d3f7a3..268dbbf2 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -697,6 +697,33 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions []; + +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; + +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; + +extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START @@ -726,6 +753,9 @@ extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 73c04631..581823b0 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -53,6 +53,11 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), p384_dilithium3), DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, p384_dilithium3), + DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, + dilithium3_rsa3072), + DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, + dilithium3_p256), + #endif #ifdef OQS_ENABLE_SIG_dilithium_5 DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), @@ -72,6 +77,8 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), rsa3072_falcon512), DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512), + DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, + falcon512_p256), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 7e61e711..7a4b1fce 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -135,6 +135,32 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p384_dilithium3", p384_dilithium3), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_p256", dilithium3_p256), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), @@ -190,6 +216,19 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_p256", falcon512_p256), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index cd32a5a3..b681c1eb 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -47,7 +47,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; * List of all algorithms with given OIDs */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START -#define OQS_OID_CNT 46 +#define OQS_OID_CNT 52 const char *oqs_oid_alg_list[OQS_OID_CNT] = { "1.3.6.1.4.1.2.267.7.4.4", "dilithium2", @@ -95,6 +95,12 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_sphincsshake128fsimple", "1.3.9999.6.7.15", "rsa3072_sphincsshake128fsimple", + "2.16.840.1.114027.80.5.2", + "dilithium3_rsa3072", + "2.16.840.1.114027.80.5.1", + "dilithium3_p256", + "2.16.840.1.114027.80.5.3", + "falcon512_p256", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; @@ -330,6 +336,8 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_signature_functions), SIGALG("p384_dilithium3", 192, oqs_signature_functions), + SIGALG("dilithium3_rsa3072", 192, oqs_signature_functions), + SIGALG("dilithium3_p256", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_signature_functions), @@ -339,6 +347,7 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("falcon512", 128, oqs_signature_functions), SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), + SIGALG("falcon512_p256", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_signature_functions), @@ -457,6 +466,8 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_dilithium3_keymgmt_functions), SIGALG("p384_dilithium3", 192, oqs_p384_dilithium3_keymgmt_functions), + SIGALG("dilithium3_rsa3072", 192, oqs_dilithium3_rsa3072_keymgmt_functions), + SIGALG("dilithium3_p256", 192, oqs_dilithium3_p256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), @@ -466,6 +477,7 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), + SIGALG("falcon512_p256", 128, oqs_falcon512_p256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_falcon1024_keymgmt_functions), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 99165052..34127529 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -55,7 +55,7 @@ typedef struct static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START -#define NID_TABLE_LEN 23 +#define NID_TABLE_LEN 26 static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, @@ -92,6 +92,12 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128}, + {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, "rsa3072", + KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, "p256", + KEY_TYPE_CMP_SIG, 128}, + {0, "falcon512_p256", OQS_SIG_alg_falcon_512, "p256", + KEY_TYPE_CMP_SIG, 128}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; @@ -188,10 +194,9 @@ static int oqsx_key_set_composites(OQSX_KEY *key) if (key->privkey) { - key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_privkey_len, key->privkey); + key->comp_privkey[0] = (char *)key->privkey; key->comp_privkey[1] - = (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; + = (char *)key->privkey + key->privkeylen; } else { @@ -200,10 +205,9 @@ static int oqsx_key_set_composites(OQSX_KEY *key) } if (key->pubkey) { - key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_pubkey_len, key->pubkey); + key->comp_pubkey[0] = (char *)key->pubkey; key->comp_pubkey[1] - = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; + = (char *)key->pubkey + key->privkeylen; } else { @@ -558,22 +562,22 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) memcpy(key->pubkey, p + plen, key->pubkeylen_cmp); if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_pubkey = key->comp_pubkey[0]; - key->classical_pkey = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey, plen); + key->cmp_classical_pkey[key->numkeys - 2] = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey, plen); } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_pubkey_comp = key->comp_pubkey[1]; - key->cmp_classical_pkey = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); + key->cmp_classical_pkey[key->numkeys - 1] = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); } } if (op == KEY_OP_PRIVATE){ memcpy(key->pubkey, p + plen, key->privkeylen_cmp); if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_privkey = key->comp_pubkey[0]; - key->classical_pkey = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); + key->cmp_classical_pkey[key->numkeys - 2] = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_privkey_comp = key->comp_pubkey[1]; - key->cmp_classical_pkey = d2i_PrivateKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key); + key->cmp_classical_pkey[key->numkeys - 1] = d2i_PrivateKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key); } } } @@ -1204,7 +1208,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *privkey, int encode) { printf("19\n"); - int ret = 0, ret2 = 0; + int ret = 0, ret2 = 0, aux = 0; // Free at errhyb: EVP_PKEY_CTX *kgctx = NULL; @@ -1213,6 +1217,9 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, size_t pubkeylen = 0, privkeylen = 0; + if (encode) + aux = SIZE_OF_UINT32; + if (ctx->keyParam) kgctx = EVP_PKEY_CTX_new(ctx->keyParam, NULL); else @@ -1235,22 +1242,22 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key || !pubkey_encoded, ret, -3, errhyb); - memcpy(pubkey + SIZE_OF_UINT32, pubkey_encoded, pubkeylen); + memcpy(pubkey + aux, pubkey_encoded, pubkeylen); privkeylen = ctx->evp_info->length_private_key; - ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + SIZE_OF_UINT32, + ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + aux, &privkeylen); ON_ERR_SET_GOTO(ret2 <= 0 || privkeylen != ctx->evp_info->length_private_key, ret, -4, errhyb); } else { - unsigned char *pubkey_enc = pubkey + SIZE_OF_UINT32; - const unsigned char *pubkey_enc2 = pubkey + SIZE_OF_UINT32; + unsigned char *pubkey_enc = pubkey + aux; + const unsigned char *pubkey_enc2 = pubkey + aux; pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); ON_ERR_SET_GOTO( !pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, ret, -11, errhyb); - unsigned char *privkey_enc = privkey + SIZE_OF_UINT32; - const unsigned char *privkey_enc2 = privkey + SIZE_OF_UINT32; + unsigned char *privkey_enc = privkey + aux; + const unsigned char *privkey_enc2 = privkey + aux; privkeylen = i2d_PrivateKey(pkey, &privkey_enc); ON_ERR_SET_GOTO( !privkey_enc || privkeylen > (int)ctx->evp_info->length_private_key, @@ -1317,20 +1324,19 @@ int oqsx_key_gen(OQSX_KEY *key) } } else if(key->keytype == KEY_TYPE_CMP_SIG){ if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 1); + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 0); ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[0] = pkey; - ret = oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); } else { ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->pubkey, key->privkey); ON_ERR_GOTO(ret, err); - key->comp_privkey[0] = key->privkey; - key->comp_pubkey[0] = key->pubkey; } + ret = oqsx_key_set_composites(key); + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1], 0); From 1f95746e57065f03d82b6b93f60bb93f2b363871 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Wed, 4 Jan 2023 17:41:14 -0500 Subject: [PATCH 022/160] Decode singarures --- oqsprov/oqs_encode_key2any.c | 6 +- oqsprov/oqs_sig.c | 26 ++--- oqsprov/oqsdecoders.inc | 12 +++ oqsprov/oqsprov_keys.c | 180 ++++++++++++++++++++++++----------- 4 files changed, 152 insertions(+), 72 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 8908c3ca..32cbcfb1 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -659,10 +659,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) aType = ASN1_TYPE_new(); aString = ASN1_OCTET_STRING_new(); - buflen = oqsxkey->privkeylen + oqsxkey->pubkeylen; + buflen = oqsxkey->privkeylen + oqsxkey->pubkeylen - oqsxkey->privkeylen_cmp - oqsxkey->pubkeylen_cmp; buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->privkeylen); - memcpy(buf + oqsxkey->privkeylen, oqsxkey->comp_pubkey[0], oqsxkey->pubkeylen); + memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->privkeylen - oqsxkey->privkeylen_cmp); + memcpy(buf + oqsxkey->privkeylen - oqsxkey->privkeylen_cmp, oqsxkey->comp_pubkey[0], oqsxkey->pubkeylen - oqsxkey->pubkeylen_cmp); if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 4b891fb9..366f3ba5 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -210,16 +210,18 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY* oqsxkey = poqs_sigctx->sig; OQS_SIG* oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - EVP_PKEY* oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; // if this value is not NULL, the first key is Classic + EVP_PKEY* oqs_key_classic = NULL; OQS_SIG* cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite with PQC as second key - EVP_PKEY* cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; // if this value is not NULL, we're running composite with Classic as second key + EVP_PKEY* cmp_key_classic = NULL; EVP_PKEY* evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; - + OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); + int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); + int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); int is_hybrid = evpkey!=NULL; - int is_composite = (cmp_key != NULL || cmp_key_classic != NULL); + int is_composite = (cmp_key != NULL || is_composite_second_classic); size_t max_sig_len = 0; size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; size_t actual_classical_sig_len = 0; @@ -231,7 +233,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, return rv; } - if(oqs_key_classic != NULL){ + if(is_composite_first_classic){ max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; } @@ -241,8 +243,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (is_composite){ - if(cmp_key_classic != NULL){ - max_sig_len += SIZE_OF_UINT32 + oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + if(is_composite_second_classic){ + max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; cmp_sig_len = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; } else{ @@ -343,12 +345,13 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (is_composite){ - if (oqs_key_classic == NULL){ + if (!is_composite_first_classic){ if (OQS_SIG_sign(oqs_key, sig, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } }else{ //sign non PQC key on oqs_key + oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; const EVP_MD *classical_md; int digest_len; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ @@ -402,12 +405,13 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } index += oqs_sig_len; - if(cmp_key_classic == NULL){ + if(!is_composite_second_classic){ if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; } }else{ //sign non PQC key on cmp_key + cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; const EVP_MD *classical_md; int digest_len; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ @@ -574,12 +578,12 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if(is_composite){ size_t actual_oqs_sig_len = 0; DECODE_UINT32(actual_oqs_sig_len, sig); - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + SIZE_OF_UINT32, actual_oqs_sig_len, oqsxkey->comp_pubkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig , actual_oqs_sig_len, oqsxkey->comp_pubkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - oqs_sig_len = SIZE_OF_UINT32 + actual_oqs_sig_len; + oqs_sig_len = actual_oqs_sig_len; index += oqs_sig_len; if (OQS_SIG_verify(cmp_key, tbs, tbslen, sig + index, diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 581823b0..f3bfcc28 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -57,6 +57,14 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), dilithium3_rsa3072), DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, dilithium3_p256), + DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, + dilithium3_rsa3072), + DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, + dilithium3_rsa3072), + DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, + dilithium3_p256), + DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, + dilithium3_p256), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 @@ -79,6 +87,10 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), rsa3072_falcon512), DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256), + DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, + falcon512_p256), + DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, + falcon512_p256), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 34127529..010b6d3d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -188,15 +188,16 @@ static int oqsx_key_set_composites(OQSX_KEY *key) if (key->numkeys == 1) { key->comp_privkey[0] = key->privkey; key->comp_pubkey[0] = key->pubkey; - } else { // TBD: extend for more than 1 classic key: - if (key->keytype != KEY_TYPE_CMP_SIG){ - int classic_pubkey_len, classic_privkey_len; + } + else + { // TBD: extend for more than 1 classic key or first OQS for composite: + if (key->keytype == KEY_TYPE_CMP_SIG){ if (key->privkey) { key->comp_privkey[0] = (char *)key->privkey; key->comp_privkey[1] - = (char *)key->privkey + key->privkeylen; + = (char *)key->privkey + key->privkeylen - key->privkeylen_cmp; } else { @@ -207,7 +208,7 @@ static int oqsx_key_set_composites(OQSX_KEY *key) { key->comp_pubkey[0] = (char *)key->pubkey; key->comp_pubkey[1] - = (char *)key->pubkey + key->privkeylen; + = (char *)key->pubkey + key->pubkeylen - key->pubkeylen_cmp; } else { @@ -215,28 +216,28 @@ static int oqsx_key_set_composites(OQSX_KEY *key) key->comp_pubkey[1] = NULL; } }else{ - int classic_pubkey_len, classic_privkey_len; - - if (key->privkey) - { - key->comp_privkey[0] = (char *)key->privkey; - key->comp_privkey[1] = (char *)key->privkey + key->privkeylen; - } - else - { - key->comp_privkey[0] = NULL; - key->comp_privkey[1] = NULL; - } - if (key->pubkey) - { - key->comp_pubkey[0] = (char *)key->pubkey; - key->comp_pubkey[1] = (char *)key->pubkey + key->pubkeylen; - } - else - { - key->comp_pubkey[0] = NULL; - key->comp_pubkey[1] = NULL; - } + int classic_pubkey_len, classic_privkey_len; + + if (key->privkey) { + key->comp_privkey[0] = key->privkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_privkey_len, key->privkey); + key->comp_privkey[1] + = key->privkey + classic_privkey_len + SIZE_OF_UINT32; + } + else { + key->comp_privkey[0] = NULL; + key->comp_privkey[1] = NULL; + } + if (key->pubkey) { + key->comp_pubkey[0] = key->pubkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_pubkey_len, key->pubkey); + key->comp_pubkey[1] + = key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; + } + else { + key->comp_pubkey[0] = NULL; + key->comp_pubkey[1] = NULL; + } } } err: @@ -559,25 +560,53 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (key->keytype == KEY_TYPE_CMP_SIG){ if (op == KEY_OP_PUBLIC){ - memcpy(key->pubkey, p + plen, key->pubkeylen_cmp); if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_pubkey = key->comp_pubkey[0]; - key->cmp_classical_pkey[key->numkeys - 2] = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey, plen); + EVP_PKEY *npk = EVP_PKEY_new(); + if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) + { + npk = setECParams(npk, key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); + } + const unsigned char *enc_pubkey = key->comp_pubkey[key->numkeys - 2]; + key->cmp_classical_pkey[key->numkeys - 2] = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, plen); + if (!key->cmp_classical_pkey[key->numkeys - 2]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_pubkey_comp = key->comp_pubkey[1]; - key->cmp_classical_pkey[key->numkeys - 1] = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); + EVP_PKEY *npk = EVP_PKEY_new(); + if (key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) + { + npk = setECParams(npk, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid); + } + const unsigned char *enc_pubkey_comp = key->comp_pubkey[key->numkeys - 1]; + key->cmp_classical_pkey[key->numkeys - 1] = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); + if (!key->cmp_classical_pkey[key->numkeys - 1]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } } if (op == KEY_OP_PRIVATE){ - memcpy(key->pubkey, p + plen, key->privkeylen_cmp); if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_privkey = key->comp_pubkey[0]; + const unsigned char *enc_privkey = key->comp_privkey[key->numkeys - 2]; key->cmp_classical_pkey[key->numkeys - 2] = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); + if (!key->cmp_classical_pkey[key->numkeys - 2]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_privkey_comp = key->comp_pubkey[1]; + const unsigned char *enc_privkey_comp = key->comp_privkey[key->numkeys - 1]; key->cmp_classical_pkey[key->numkeys - 1] = d2i_PrivateKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key); + if (!key->cmp_classical_pkey[key->numkeys - 1]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } } } @@ -609,26 +638,58 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { - printf("9\n"); + printf("9\n"); //IMPLEMENT DECODE STACK OF HERE OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; ASN1_OCTET_STRING *oct = NULL; const X509_ALGOR *palg; + STACK_OF(ASN1_TYPE) *sk = NULL; + ASN1_TYPE *aType = NULL; if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return 0; - oct = d2i_ASN1_OCTET_STRING(NULL, &p, plen); - if (oct == NULL) - { - p = NULL; - plen = 0; - } - else - { - p = ASN1_STRING_get0_data(oct); - plen = ASN1_STRING_length(oct); + if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG){ + oct = d2i_ASN1_OCTET_STRING(NULL, &p, plen); + if (oct == NULL) + { + p = NULL; + plen = 0; + } + else + { + p = ASN1_STRING_get0_data(oct); + plen = ASN1_STRING_length(oct); + } + }else{ + sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); + if (sk == NULL){ + p = NULL; + plen = 0; + }else{ + unsigned char *buf, *temp; + int buflen, templen; + PKCS8_PRIV_KEY_INFO *p8info = PKCS8_PRIV_KEY_INFO_new(); + + aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm + temp = aType->value.sequence->data; + templen = aType->value.sequence->length; + + p8info = d2i_PKCS8_PRIV_KEY_INFO(&p8info, &temp, templen); + PKCS8_pkey_get0(NULL, &temp, &templen, NULL, p8info); + + aType = sk_ASN1_TYPE_pop(sk); //pop the first crypt algorithm + buf = aType->value.sequence->data; + buflen = aType->value.sequence->length; + + p8info = d2i_PKCS8_PRIV_KEY_INFO(&p8info, &buf, buflen); + PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info); + + memcpy(buf + buflen, temp, templen); + p = buf; + plen = templen + buflen; + } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PRIVATE, libctx, propq); @@ -987,6 +1048,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; } + ret->privkeylen += ret->privkeylen_cmp; + ret->pubkeylen += ret->pubkeylen_cmp; ret->keytype = primitive; break; @@ -1110,7 +1173,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) if (!key->privkey && include_private) { - key->privkey = OPENSSL_secure_zalloc(key->privkeylen + key->privkeylen_cmp + aux); + key->privkey = OPENSSL_secure_zalloc(key->privkeylen + aux); ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); } if (!key->pubkey && !include_private) { @@ -1389,17 +1452,18 @@ int oqsx_key_maxsize(OQSX_KEY *key) + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; case KEY_TYPE_CMP_SIG: - int aux = 0; - if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0) - aux += key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; - else - aux += key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) - aux += key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - else - aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; - return aux; - + { + int aux = 0; + if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0) + aux += key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; + else + aux += key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) + aux += key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + else + aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; + return aux; + } default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; From a4dcb629dc975f783bf5a5d9768f811f745d1033 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 6 Jan 2023 11:00:55 -0500 Subject: [PATCH 023/160] allocate memory --- oqsprov/oqsprov_keys.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 010b6d3d..1a20ab73 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -668,7 +668,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p = NULL; plen = 0; }else{ - unsigned char *buf, *temp; + unsigned char *buf, *temp, *concat_key; int buflen, templen; PKCS8_PRIV_KEY_INFO *p8info = PKCS8_PRIV_KEY_INFO_new(); @@ -686,8 +686,11 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p8info = d2i_PKCS8_PRIV_KEY_INFO(&p8info, &buf, buflen); PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info); - memcpy(buf + buflen, temp, templen); - p = buf; + concat_key = OPENSSL_secure_malloc(buflen + templen); + + memcpy(concat_key, buf, buflen); + memcpy(concat_key + buflen, temp, templen); + p = concat_key; plen = templen + buflen; } } From 473d14f25815a07e20fa76ed2e092f5aa7fdaa38 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 12 Jan 2023 16:41:32 -0500 Subject: [PATCH 024/160] working raw signatures --- oqsprov/oqsprov_keys.c | 37 +++++++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 8 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 1a20ab73..ea3fcc7e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -485,6 +485,20 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, memcpy(key->pubkey, p + key->privkeylen, plen - key->privkeylen); #endif + if (key->keytype == KEY_TYPE_CMP_SIG){ + size_t first_privkeylen = key->privkeylen - key->privkeylen_cmp; + size_t first_pubkeylen = key->pubkeylen - key->pubkeylen_cmp; + + memcpy(key->privkey, p, first_privkeylen); + memcpy(key->privkey + first_privkeylen, p + first_privkeylen + first_pubkeylen, key->privkeylen_cmp); + + memcpy(key->pubkey, p + first_privkeylen, first_pubkeylen); + memcpy(key->pubkey + first_pubkeylen, p + key->privkeylen + first_pubkeylen, key->pubkeylen_cmp); + + }else{ + memcpy(key->privkey, p, key->privkeylen); + memcpy(key->pubkey, p + key->privkeylen, key->pubkeylen); + } } #ifdef USE_ENCODING_LIB } @@ -573,6 +587,8 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + }else{ + key->cmp_classical_pkey[key->numkeys - 2] = NULL; } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); @@ -587,6 +603,8 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + }else{ + key->cmp_classical_pkey[key->numkeys - 1] = NULL; } } if (op == KEY_OP_PRIVATE){ @@ -598,6 +616,8 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + }else{ + key->cmp_classical_pkey[key->numkeys - 2] = NULL; } if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_privkey_comp = key->comp_privkey[key->numkeys - 1]; @@ -607,6 +627,8 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + }else{ + key->cmp_classical_pkey[key->numkeys - 1] = NULL; } } } @@ -638,7 +660,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { - printf("9\n"); //IMPLEMENT DECODE STACK OF HERE + printf("9\n"); OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; @@ -670,21 +692,22 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, }else{ unsigned char *buf, *temp, *concat_key; int buflen, templen; - PKCS8_PRIV_KEY_INFO *p8info = PKCS8_PRIV_KEY_INFO_new(); + PKCS8_PRIV_KEY_INFO *p8info_temp = PKCS8_PRIV_KEY_INFO_new(); + PKCS8_PRIV_KEY_INFO *p8info_buf = PKCS8_PRIV_KEY_INFO_new(); aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm temp = aType->value.sequence->data; templen = aType->value.sequence->length; - p8info = d2i_PKCS8_PRIV_KEY_INFO(&p8info, &temp, templen); - PKCS8_pkey_get0(NULL, &temp, &templen, NULL, p8info); + p8info_temp = d2i_PKCS8_PRIV_KEY_INFO(&p8info_temp, &temp, templen); + PKCS8_pkey_get0(NULL, &temp, &templen, NULL, p8info_temp); aType = sk_ASN1_TYPE_pop(sk); //pop the first crypt algorithm buf = aType->value.sequence->data; buflen = aType->value.sequence->length; - p8info = d2i_PKCS8_PRIV_KEY_INFO(&p8info, &buf, buflen); - PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info); + p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); + PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info_buf); concat_key = OPENSSL_secure_malloc(buflen + templen); @@ -1413,8 +1436,6 @@ int oqsx_key_gen(OQSX_KEY *key) { ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen, key->pubkey + key->pubkeylen); ON_ERR_GOTO(ret, err); - key->comp_pubkey[1] = key->pubkey + key->pubkeylen; - key->comp_privkey[1] = key->privkey + key->privkeylen; } }else if (key->keytype == KEY_TYPE_SIG) { From 9571843f0ac7b30a54d97631e38abcc8b3077378 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 24 Jan 2023 16:17:42 -0500 Subject: [PATCH 025/160] ASN1 format for raw signatures --- oqsprov/oqs_sig.c | 616 ++++++++++++++++++++++++++-------------------- oqsprov/oqsprov.c | 6 +- 2 files changed, 349 insertions(+), 273 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 366f3ba5..5e67d946 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -20,6 +20,10 @@ #include #include #include +#include "oqs_prov.h" + +#include +#include // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 @@ -80,24 +84,42 @@ static int get_aid(unsigned char **oidbuf, const char *tls_name) return (aidlen); } +//composite signature +struct SignatureModel{ + ASN1_BIT_STRING *sig1; + ASN1_BIT_STRING *sig2; +}; + +typedef struct SignatureModel CompositeSignature; + +DECLARE_ASN1_FUNCTIONS(CompositeSignature) + +ASN1_NDEF_SEQUENCE(CompositeSignature) = { + ASN1_SIMPLE(CompositeSignature, sig1, ASN1_BIT_STRING), + ASN1_SIMPLE(CompositeSignature, sig2, ASN1_BIT_STRING) +} ASN1_NDEF_SEQUENCE_END(CompositeSignature) + +IMPLEMENT_ASN1_FUNCTIONS(CompositeSignature) + /* * What's passed as an actual key is defined by the KEYMGMT interface. */ -typedef struct { - OSSL_LIB_CTX *libctx; - char *propq; - OQSX_KEY *sig; +typedef struct +{ + OSSL_LIB_CTX *libctx; + char *propq; + OQSX_KEY *sig; - /* - * Flag to determine if the hash function can be changed (1) or not (0) - * Because it's dangerous to change during a DigestSign or DigestVerify - * operation, this flag is cleared by their Init function, and set again - * by their Final function. - */ - unsigned int flag_allow_md : 1; + /* + * Flag to determine if the hash function can be changed (1) or not (0) + * Because it's dangerous to change during a DigestSign or DigestVerify + * operation, this flag is cleared by their Init function, and set again + * by their Final function. + */ + unsigned int flag_allow_md : 1; - char mdname[OSSL_MAX_NAME_SIZE]; + char mdname[OSSL_MAX_NAME_SIZE]; /* The Algorithm Identifier of the combined signature algorithm */ unsigned char *aid; @@ -112,15 +134,17 @@ typedef struct { int operation; } PROV_OQSSIG_CTX; + + static void *oqs_sig_newctx(void *provctx, const char *propq) { - PROV_OQSSIG_CTX *poqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx; OQS_SIG_PRINTF2("OQS SIG provider: newctx called with propq %s\n", propq); - poqs_sigctx = OPENSSL_zalloc(sizeof(PROV_OQSSIG_CTX)); - if (poqs_sigctx == NULL) - return NULL; + poqs_sigctx = OPENSSL_zalloc(sizeof(PROV_OQSSIG_CTX)); + if (poqs_sigctx == NULL) + return NULL; poqs_sigctx->libctx = ((PROV_OQS_CTX *)provctx)->libctx; if (propq != NULL && (poqs_sigctx->propq = OPENSSL_strdup(propq)) == NULL) { @@ -139,8 +163,9 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, if (mdprops == NULL) mdprops = ctx->propq; - if (mdname != NULL) { - EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); + if (mdname != NULL) + { + EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); if ((md == NULL) || (EVP_MD_nid(md) == NID_undef)) { if (md == NULL) @@ -155,10 +180,10 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, EVP_MD_free(ctx->md); ctx->md = NULL; - if (ctx->aid) - OPENSSL_free(ctx->aid); - ctx->aid = NULL; // ensure next function allocates memory - ctx->aid_len = get_aid(&(ctx->aid), ctx->sig->tls_name); + if (ctx->aid) + OPENSSL_free(ctx->aid); + ctx->aid = NULL; // ensure next function allocates memory + ctx->aid_len = get_aid(&(ctx->aid), ctx->sig->tls_name); ctx->md = md; OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname)); @@ -169,7 +194,7 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, static int oqs_sig_signverify_init(void *vpoqs_sigctx, void *voqssig, int operation) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF("OQS SIG provider: signverify_init called\n"); if (poqs_sigctx == NULL || voqssig == NULL || !oqsx_key_up_ref(voqssig)) @@ -189,15 +214,15 @@ static int oqs_sig_signverify_init(void *vpoqs_sigctx, void *voqssig, static int oqs_sig_sign_init(void *vpoqs_sigctx, void *voqssig, const OSSL_PARAM params[]) { - OQS_SIG_PRINTF("OQS SIG provider: sign_init called\n"); - return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_SIGN); + OQS_SIG_PRINTF("OQS SIG provider: sign_init called\n"); + return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_SIGN); } static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, const OSSL_PARAM params[]) { - OQS_SIG_PRINTF("OQS SIG provider: verify_init called\n"); - return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); + OQS_SIG_PRINTF("OQS SIG provider: verify_init called\n"); + return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } /* On entry to this function, data to be signed (tbs) might have been hashed @@ -207,51 +232,59 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQSX_KEY* oqsxkey = poqs_sigctx->sig; - OQS_SIG* oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - EVP_PKEY* oqs_key_classic = NULL; - OQS_SIG* cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite with PQC as second key - EVP_PKEY* cmp_key_classic = NULL; - EVP_PKEY* evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid - EVP_PKEY_CTX *classical_ctx_sign = NULL; - - OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - - int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); - int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); - int is_hybrid = evpkey!=NULL; - int is_composite = (cmp_key != NULL || is_composite_second_classic); - size_t max_sig_len = 0; - size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; - size_t actual_classical_sig_len = 0; - size_t index = 0; - int rv = 0; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + OQSX_KEY *oqsxkey = poqs_sigctx->sig; + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + EVP_PKEY *oqs_key_classic = NULL; + OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite with PQC as second key + EVP_PKEY *cmp_key_classic = NULL; + EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid + EVP_PKEY_CTX *classical_ctx_sign = NULL; + + OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); + + int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); + int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); + int is_hybrid = evpkey != NULL; + int is_composite = (cmp_key != NULL || is_composite_second_classic); + size_t max_sig_len = 0; + size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; + size_t actual_classical_sig_len = 0; + size_t index = 0; + int rv = 0; + + if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); + return rv; + } - if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); - return rv; - } + if (is_composite_first_classic) + { + max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; + oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; + } + else + { + max_sig_len += oqs_key->length_signature; + oqs_sig_len = oqs_key->length_signature; + } - if(is_composite_first_classic){ - max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - } - else{ - max_sig_len += oqs_key->length_signature; - oqs_sig_len = oqs_key->length_signature; + if (is_composite) + { + max_sig_len += sizeof(ASN1_TYPE); // ASN1 enclosing for composite + max_sig_len += 2 * sizeof(ASN1_OCTET_STRING); // octet for each signature + if (is_composite_second_classic) + { + max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; + cmp_sig_len = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; } - - if (is_composite){ - if(is_composite_second_classic){ - max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - cmp_sig_len = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - } - else{ - max_sig_len += cmp_key->length_signature; - cmp_sig_len = cmp_key->length_signature; - } + else + { + max_sig_len += cmp_key->length_signature; + cmp_sig_len = cmp_key->length_signature; } + } if (is_hybrid) { actual_classical_sig_len = oqsxkey->evp_info->length_signature; @@ -344,134 +377,178 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, index += classical_sig_len; } - if (is_composite){ - if (!is_composite_first_classic){ - if (OQS_SIG_sign(oqs_key, sig, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } - }else{ //sign non PQC key on oqs_key - oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; - const EVP_MD *classical_md; - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { + if (is_composite) + { + unsigned char *buf = OPENSSL_malloc(oqs_sig_len); + unsigned char *temp = OPENSSL_malloc(cmp_sig_len); + CompositeSignature *compsig = CompositeSignature_new(); + + if (!is_composite_first_classic) + { + if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 2]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } + } + else + { // sign non PQC key on oqs_key + oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + + if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; - } - - if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - } - unsigned char* name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p'){ - if(name[1] == '2'){//p256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char*) &digest); - } - if(name[1] == '3'){//p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char*) &digest); - } - if(name[1] == '5'){//p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char*) &digest); - } - }else{//rsa3072 + } + } + unsigned char *name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p') + { + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 classical_md = EVP_sha512(); digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char*) &digest); + SHA512(tbs, tbslen, (unsigned char *)&digest); } + } + else + { // rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, sig, &oqs_sig_len, digest, digest_len) <= 0)) { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } - if (oqs_sig_len > oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature) { + if (oqs_sig_len > oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature) + { /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); goto endsign; - } + } + } + + compsig->sig1->data = buf; + compsig->sig1->length = oqs_sig_len; + + + if (!is_composite_second_classic) + { + if (OQS_SIG_sign(cmp_key, buf, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } + } + else + { // sign non PQC key on cmp_key + cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if ((classical_ctx_sign = EVP_PKEY_CTX_new(cmp_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; } - index += oqs_sig_len; - if(!is_composite_second_classic){ - if (OQS_SIG_sign(cmp_key, sig + index, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } - }else{ //sign non PQC key on cmp_key - cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; - const EVP_MD *classical_md; - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if ((classical_ctx_sign = EVP_PKEY_CTX_new(cmp_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { + if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; - } - - if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - } - unsigned char* name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p'){ - if(name[1] == '2'){//p256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char*) &digest); - } - if(name[1] == '3'){//p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char*) &digest); - } - if(name[1] == '5'){//p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char*) &digest); - } - }else{//rsa3072 + } + } + unsigned char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p') + { + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 classical_md = EVP_sha512(); digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char*) &digest); + SHA512(tbs, tbslen, (unsigned char *)&digest); } + } + else + { // rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, sig + index, &cmp_sig_len, digest, digest_len) <= 0)) { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, buf, &cmp_sig_len, digest, digest_len) <= 0)) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } - if (cmp_sig_len > oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature) { + if (cmp_sig_len > oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature) + { /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); goto endsign; } - } - } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys-1]) != OQS_SUCCESS) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } + } + + compsig->sig2->data = buf; + compsig->sig2->length = cmp_sig_len; + oqs_sig_len = i2d_CompositeSignature(compsig, &sig); + } + else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } - *siglen = classical_sig_len + oqs_sig_len + cmp_sig_len; - OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", *siglen); - rv = 1; /* success */ + *siglen = classical_sig_len + oqs_sig_len; + OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", *siglen); + rv = 1; /* success */ endsign: if (classical_ctx_sign) { @@ -583,8 +660,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } - oqs_sig_len = actual_oqs_sig_len; - index += oqs_sig_len; + oqs_sig_len = actual_oqs_sig_len; + index += oqs_sig_len; if (OQS_SIG_verify(cmp_key, tbs, tbslen, sig + index, siglen - oqs_sig_len, @@ -608,7 +685,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } } - rv = 1; + rv = 1; endverify: if (ctx_verify) { @@ -622,7 +699,7 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, const char *mdname, void *voqssig, int operation) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF2( "OQS SIG provider: digest_signverify_init called for mdname %s\n", @@ -632,8 +709,8 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, if (!oqs_sig_signverify_init(vpoqs_sigctx, voqssig, operation)) return 0; - if (!oqs_sig_setup_md(poqs_sigctx, mdname, NULL)) - return 0; + if (!oqs_sig_setup_md(poqs_sigctx, mdname, NULL)) + return 0; if (mdname != NULL) { poqs_sigctx->mdctx = EVP_MD_CTX_new(); @@ -644,7 +721,7 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, goto error; } - return 1; + return 1; error: EVP_MD_CTX_free(poqs_sigctx->mdctx); @@ -674,9 +751,9 @@ static int oqs_sig_digest_verify_init(void *vpoqs_sigctx, const char *mdname, int oqs_sig_digest_signverify_update(void *vpoqs_sigctx, const unsigned char *data, size_t datalen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: digest_signverify_update called\n"); + OQS_SIG_PRINTF("OQS SIG provider: digest_signverify_update called\n"); if (poqs_sigctx == NULL) return 0; @@ -712,13 +789,13 @@ int oqs_sig_digest_signverify_update(void *vpoqs_sigctx, int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t sigsize) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - unsigned char digest[EVP_MAX_MD_SIZE]; - unsigned int dlen = 0; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + unsigned char digest[EVP_MAX_MD_SIZE]; + unsigned int dlen = 0; - OQS_SIG_PRINTF("OQS SIG provider: digest_sign_final called\n"); - if (poqs_sigctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: digest_sign_final called\n"); + if (poqs_sigctx == NULL) + return 0; /* * If sig is NULL then we're just finding out the sig size. Other fields @@ -735,7 +812,7 @@ int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, return 0; } - poqs_sigctx->flag_allow_md = 1; + poqs_sigctx->flag_allow_md = 1; if (poqs_sigctx->mdctx != NULL) return oqs_sig_sign(vpoqs_sigctx, sig, siglen, sigsize, digest, @@ -748,13 +825,13 @@ int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, int oqs_sig_digest_verify_final(void *vpoqs_sigctx, const unsigned char *sig, size_t siglen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - unsigned char digest[EVP_MAX_MD_SIZE]; - unsigned int dlen = 0; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + unsigned char digest[EVP_MAX_MD_SIZE]; + unsigned int dlen = 0; - OQS_SIG_PRINTF("OQS SIG provider: digest_verify_final called\n"); - if (poqs_sigctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: digest_verify_final called\n"); + if (poqs_sigctx == NULL) + return 0; // TBC for hybrids: if (poqs_sigctx->mdctx) { @@ -771,7 +848,7 @@ int oqs_sig_digest_verify_final(void *vpoqs_sigctx, const unsigned char *sig, static void oqs_sig_freectx(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *ctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *ctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF("OQS SIG provider: freectx called\n"); OPENSSL_free(ctx->propq); @@ -792,27 +869,27 @@ static void oqs_sig_freectx(void *vpoqs_sigctx) static void *oqs_sig_dupctx(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *srcctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - PROV_OQSSIG_CTX *dstctx; + PROV_OQSSIG_CTX *srcctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *dstctx; - OQS_SIG_PRINTF("OQS SIG provider: dupctx called\n"); + OQS_SIG_PRINTF("OQS SIG provider: dupctx called\n"); - dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) - return NULL; + dstctx = OPENSSL_zalloc(sizeof(*srcctx)); + if (dstctx == NULL) + return NULL; - *dstctx = *srcctx; - dstctx->sig = NULL; - dstctx->md = NULL; - dstctx->mdctx = NULL; + *dstctx = *srcctx; + dstctx->sig = NULL; + dstctx->md = NULL; + dstctx->mdctx = NULL; - if (srcctx->sig != NULL && !oqsx_key_up_ref(srcctx->sig)) - goto err; - dstctx->sig = srcctx->sig; + if (srcctx->sig != NULL && !oqsx_key_up_ref(srcctx->sig)) + goto err; + dstctx->sig = srcctx->sig; - if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) - goto err; - dstctx->md = srcctx->md; + if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) + goto err; + dstctx->md = srcctx->md; if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); @@ -849,14 +926,14 @@ static void *oqs_sig_dupctx(void *vpoqs_sigctx) static int oqs_sig_get_ctx_params(void *vpoqs_sigctx, OSSL_PARAM *params) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OSSL_PARAM *p; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + OSSL_PARAM *p; - OQS_SIG_PRINTF("OQS SIG provider: get_ctx_params called\n"); - if (poqs_sigctx == NULL || params == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: get_ctx_params called\n"); + if (poqs_sigctx == NULL || params == NULL) + return 0; - p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); + p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); if (poqs_sigctx->aid == NULL) { poqs_sigctx->aid_len @@ -868,11 +945,11 @@ static int oqs_sig_get_ctx_params(void *vpoqs_sigctx, OSSL_PARAM *params) poqs_sigctx->aid_len)) return 0; - p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); - if (p != NULL && !OSSL_PARAM_set_utf8_string(p, poqs_sigctx->mdname)) - return 0; + p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); + if (p != NULL && !OSSL_PARAM_set_utf8_string(p, poqs_sigctx->mdname)) + return 0; - return 1; + return 1; } static const OSSL_PARAM known_gettable_ctx_params[] @@ -884,17 +961,17 @@ static const OSSL_PARAM * oqs_sig_gettable_ctx_params(ossl_unused void *vpoqs_sigctx, ossl_unused void *vctx) { - OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_params called\n"); - return known_gettable_ctx_params; + OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_params called\n"); + return known_gettable_ctx_params; } static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - const OSSL_PARAM *p; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + const OSSL_PARAM *p; - OQS_SIG_PRINTF("OQS SIG provider: set_ctx_params called\n"); - if (poqs_sigctx == NULL || params == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: set_ctx_params called\n"); + if (poqs_sigctx == NULL || params == NULL) + return 0; p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); /* Not allowed during certain operations */ @@ -906,16 +983,15 @@ static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_PROPERTIES); - if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) - return 0; - if (propsp != NULL - && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) - return 0; - if (!oqs_sig_setup_md(poqs_sigctx, mdname, mdprops)) - return 0; - } + if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) + return 0; + if (propsp != NULL && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) + return 0; + if (!oqs_sig_setup_md(poqs_sigctx, mdname, mdprops)) + return 0; + } - return 1; + return 1; } static const OSSL_PARAM known_settable_ctx_params[] @@ -926,65 +1002,65 @@ static const OSSL_PARAM known_settable_ctx_params[] static const OSSL_PARAM *oqs_sig_settable_ctx_params(ossl_unused void *vpsm2ctx, ossl_unused void *provctx) { - /* - * TODO(3.0): Should this function return a different set of settable ctx - * params if the ctx is being used for a DigestSign/DigestVerify? In that - * case it is not allowed to set the digest size/digest name because the - * digest is explicitly set as part of the init. - * NOTE: Ideally we would check poqs_sigctx->flag_allow_md, but this is - * problematic because there is no nice way of passing the - * PROV_OQSSIG_CTX down to this function... - * Because we have API's that dont know about their parent.. - * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig). - * We could pass NULL for that case (but then how useful is the check?). - */ - OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_params called\n"); - return known_settable_ctx_params; + /* + * TODO(3.0): Should this function return a different set of settable ctx + * params if the ctx is being used for a DigestSign/DigestVerify? In that + * case it is not allowed to set the digest size/digest name because the + * digest is explicitly set as part of the init. + * NOTE: Ideally we would check poqs_sigctx->flag_allow_md, but this is + * problematic because there is no nice way of passing the + * PROV_OQSSIG_CTX down to this function... + * Because we have API's that dont know about their parent.. + * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig). + * We could pass NULL for that case (but then how useful is the check?). + */ + OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_params called\n"); + return known_settable_ctx_params; } static int oqs_sig_get_ctx_md_params(void *vpoqs_sigctx, OSSL_PARAM *params) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: get_ctx_md_params called\n"); - if (poqs_sigctx->mdctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: get_ctx_md_params called\n"); + if (poqs_sigctx->mdctx == NULL) + return 0; - return EVP_MD_CTX_get_params(poqs_sigctx->mdctx, params); + return EVP_MD_CTX_get_params(poqs_sigctx->mdctx, params); } static const OSSL_PARAM *oqs_sig_gettable_ctx_md_params(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_md_params called\n"); - if (poqs_sigctx->md == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_md_params called\n"); + if (poqs_sigctx->md == NULL) + return 0; - return EVP_MD_gettable_ctx_params(poqs_sigctx->md); + return EVP_MD_gettable_ctx_params(poqs_sigctx->md); } static int oqs_sig_set_ctx_md_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: set_ctx_md_params called\n"); - if (poqs_sigctx->mdctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: set_ctx_md_params called\n"); + if (poqs_sigctx->mdctx == NULL) + return 0; - return EVP_MD_CTX_set_params(poqs_sigctx->mdctx, params); + return EVP_MD_CTX_set_params(poqs_sigctx->mdctx, params); } static const OSSL_PARAM *oqs_sig_settable_ctx_md_params(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - if (poqs_sigctx->md == NULL) - return 0; + if (poqs_sigctx->md == NULL) + return 0; - OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_md_params called\n"); - return EVP_MD_settable_ctx_params(poqs_sigctx->md); + OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_md_params called\n"); + return EVP_MD_settable_ctx_params(poqs_sigctx->md); } const OSSL_DISPATCH oqs_signature_functions[] diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index b681c1eb..763d409b 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -95,11 +95,11 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_sphincsshake128fsimple", "1.3.9999.6.7.15", "rsa3072_sphincsshake128fsimple", - "2.16.840.1.114027.80.5.2", + "2.16.840.1.114027.80.5.1.1", "dilithium3_rsa3072", - "2.16.840.1.114027.80.5.1", + "2.16.840.1.114027.80.5.1.2", "dilithium3_p256", - "2.16.840.1.114027.80.5.3", + "2.16.840.1.114027.80.5.1.8", "falcon512_p256", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; From 75ae913f586d9cea5446d77c08ee9934f4da3e63 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 31 Jan 2023 15:54:15 -0500 Subject: [PATCH 026/160] public key extraction working --- oqsprov/oqs_encode_key2any.c | 120 +++++++++++++++++++++++++++-------- oqsprov/oqsprov_keys.c | 40 +++++++++++- 2 files changed, 134 insertions(+), 26 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 32cbcfb1..5d81b9bb 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -510,7 +510,13 @@ static int prepare_oqsx_params(const void *oqsxkey, int nid, int save, static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) { const OQSX_KEY *oqsxkey = vxkey; - unsigned char *keyblob; + unsigned char *keyblob, *buf; + int keybloblen, nid; + STACK_OF(ASN1_TYPE) *sk = NULL; + ASN1_TYPE *aType = NULL; + ASN1_STRING *aString = NULL; + unsigned char *temp = NULL; + X509_PUBKEY *p8info_internal = NULL; int ret = 0; OQS_ENC_PRINTF("OQS ENC provider: oqsx_spki_pub_to_der called\n"); @@ -519,36 +525,100 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (oqsxkey->keytype != KEY_TYPE_CMP_SIG){ #ifdef USE_ENCODING_LIB - if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL - && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { - unsigned char *buf; - int buflen; - int ret = 0; - const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; - buflen = encoding_ctx->encoding_impl->crypto_publickeybytes; - - buf = OPENSSL_secure_zalloc(buflen); - ret = qsc_encode(encoding_ctx->encoding_ctx, - encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, 0, - 0, 1); - if (ret != QSC_ENC_OK) - return -1; + if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL + && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { + unsigned char *buf; + int buflen; + int ret = 0; + const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; + buflen = encoding_ctx->encoding_impl->crypto_publickeybytes; - *pder = buf; - return buflen; - } else { + buf = OPENSSL_secure_zalloc(buflen); + ret = qsc_encode(encoding_ctx->encoding_ctx, + encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, 0, + 0, 1); + if (ret != QSC_ENC_OK) + return -1; + + *pder = buf; + return buflen; + } else { #endif - keyblob = OPENSSL_memdup(oqsxkey->pubkey, oqsxkey->pubkeylen); - if (keyblob == NULL) { + keyblob = OPENSSL_memdup(oqsxkey->pubkey, oqsxkey->pubkeylen); + if (keyblob == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return 0; + } + *pder = keyblob; + return oqsxkey->pubkeylen; + #ifdef USE_ENCODING_LIB + } + #endif + }else{ + int len, len2; + if((sk = sk_ASN1_TYPE_new_null()) == NULL) + return -1; + + p8info_internal = X509_PUBKEY_new(); + aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); + + len = oqsxkey->pubkeylen - oqsxkey->pubkeylen_cmp;; + buf = OPENSSL_memdup(oqsxkey->pubkey, len); + + if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) + nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)))); + if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len)) + keybloblen = 0; // signal error + keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); + if (keybloblen < 0) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - return 0; + keybloblen = 0; // signal error + } + + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); + + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; + + aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); + p8info_internal = X509_PUBKEY_new(); + temp = NULL; + + len2 = oqsxkey->pubkeylen_cmp; + buf = OPENSSL_memdup(oqsxkey->pubkey + len, len2); + + if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) + nid = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)))); + if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len2)) + keybloblen = 0; // signal error + keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error } - *pder = keyblob; - return oqsxkey->pubkeylen; -#ifdef USE_ENCODING_LIB + + + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); + + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; + + keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); + + return keybloblen; } -#endif + + } static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index ea3fcc7e..fc6e893d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -648,11 +648,47 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, int plen; X509_ALGOR *palg; OQSX_KEY *oqsx = NULL; + STACK_OF(ASN1_TYPE) *sk = NULL; + ASN1_TYPE *aType = NULL; + ASN1_OCTET_STRING *oct = NULL; if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) { return NULL; } + if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG){ + sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); + if (sk == NULL){ + p = NULL; + plen = 0; + }else{ + unsigned char *buf, *temp, *concat_key; + int buflen, templen; + X509_PUBKEY *p8info_temp = X509_PUBKEY_new(); + X509_PUBKEY *p8info_buf = X509_PUBKEY_new(); + + aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm + temp = aType->value.sequence->data; + templen = aType->value.sequence->length; + + p8info_temp = d2i_X509_PUBKEY(&p8info_temp, &temp, templen); + X509_PUBKEY_get0_param(NULL, &temp, &templen, NULL, p8info_temp); + + aType = sk_ASN1_TYPE_pop(sk); //pop the first crypt algorithm + buf = aType->value.sequence->data; + buflen = aType->value.sequence->length; + + p8info_buf = d2i_X509_PUBKEY(&p8info_buf, &buf, buflen); + X509_PUBKEY_get0_param(NULL, &buf, &buflen, NULL, p8info_buf); + + concat_key = OPENSSL_secure_malloc(buflen + templen); + + memcpy(concat_key, buf, buflen); + memcpy(concat_key + buflen, temp, templen); + p = concat_key; + plen = templen + buflen; + } + } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); return oqsx; } @@ -1430,11 +1466,13 @@ int oqsx_key_gen(OQSX_KEY *key) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1], 0); key->cmp_classical_pkey[key->numkeys - 1] = pkey; + const unsigned char *pubkey = key->comp_pubkey[key->numkeys - 1]; ON_ERR_GOTO(pkey == NULL, err); + } else { - ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen, key->pubkey + key->pubkeylen); + ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen - key->privkeylen_cmp, key->pubkey + key->pubkeylen - key->pubkeylen_cmp); ON_ERR_GOTO(ret, err); } From 005c56a3cedecf41a81ef7ecfbaff2f72077b379 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 7 Feb 2023 16:40:03 -0500 Subject: [PATCH 027/160] raw signature verification --- oqsprov/oqs_prov.h | 8 ++ oqsprov/oqs_sig.c | 170 +++++++++++++++++++++++++++++++++-------- oqsprov/oqsprov_keys.c | 3 +- 3 files changed, 147 insertions(+), 34 deletions(-) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 268dbbf2..2490513b 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -194,6 +194,14 @@ struct oqsx_key_st { typedef struct oqsx_key_st OQSX_KEY; +//composite signature +struct SignatureModel{ + ASN1_BIT_STRING *sig1; + ASN1_BIT_STRING *sig2; +}; + +typedef struct SignatureModel CompositeSignature; + char* get_oqsname(int nid); char* get_cmpname(int nid); int get_keytype(int nid); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 5e67d946..cb29e8dd 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -84,14 +84,6 @@ static int get_aid(unsigned char **oidbuf, const char *tls_name) return (aidlen); } -//composite signature -struct SignatureModel{ - ASN1_BIT_STRING *sig1; - ASN1_BIT_STRING *sig2; -}; - -typedef struct SignatureModel CompositeSignature; - DECLARE_ASN1_FUNCTIONS(CompositeSignature) ASN1_NDEF_SEQUENCE(CompositeSignature) = { @@ -272,8 +264,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite) { - max_sig_len += sizeof(ASN1_TYPE); // ASN1 enclosing for composite - max_sig_len += 2 * sizeof(ASN1_OCTET_STRING); // octet for each signature + max_sig_len += sizeof(CompositeSignature); if (is_composite_second_classic) { max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; @@ -393,7 +384,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } else { // sign non PQC key on oqs_key - oqs_key_classic = oqsxkey->cmp_classical_pkey[0]; + oqs_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 2]; const EVP_MD *classical_md; int digest_len; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ @@ -463,7 +454,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (!is_composite_second_classic) { - if (OQS_SIG_sign(cmp_key, buf, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) + if (OQS_SIG_sign(cmp_key, temp, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; @@ -521,7 +512,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, buf, &cmp_sig_len, digest, digest_len) <= 0)) + (EVP_PKEY_sign(classical_ctx_sign, temp, &cmp_sig_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; @@ -535,7 +526,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } } - compsig->sig2->data = buf; + compsig->sig2->data = temp; compsig->sig2->length = cmp_sig_len; oqs_sig_len = i2d_CompositeSignature(compsig, &sig); @@ -570,8 +561,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; EVP_PKEY_CTX *ctx_verify = NULL; + int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); + int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); int is_hybrid = evpkey != NULL; - int is_composite = cmp_key != NULL; + int is_composite = (cmp_key != NULL || is_composite_second_classic); size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; int rv = 0; @@ -653,37 +646,148 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, index += classical_sig_len; } if(is_composite){ - size_t actual_oqs_sig_len = 0; - DECODE_UINT32(actual_oqs_sig_len, sig); - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig , actual_oqs_sig_len, oqsxkey->comp_pubkey[oqsxkey->numkeys-2]) != OQS_SUCCESS) { + CompositeSignature* compsig = CompositeSignature_new(); + if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) + goto endverify; + if (!is_composite_first_classic) + { + if (OQS_SIG_verify(oqs_key, tbs, tbslen, compsig->sig1->data, compsig->sig1->length, oqsxkey->comp_pubkey[oqsxkey->numkeys - 2]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + }else{//first key is classic + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 2], NULL)) == NULL + || EVP_PKEY_verify_init(ctx_verify) <= 0) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - - oqs_sig_len = actual_oqs_sig_len; - index += oqs_sig_len; - - if (OQS_SIG_verify(cmp_key, tbs, tbslen, sig + index, - siglen - oqs_sig_len, - oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) { + if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + } + unsigned char *name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p') + { + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + } + else + { // rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || + (EVP_PKEY_verify(ctx_verify, compsig->sig1->data, compsig->sig1->length, digest, digest_len) <= 0)) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } + } + if (!is_composite_second_classic) + { + if (OQS_SIG_verify(cmp_key, tbs, tbslen, compsig->sig2->data, compsig->sig2->length, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + }else{//second key is classic + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - } else { - if (!oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1], NULL)) == NULL || + EVP_PKEY_verify_init(ctx_verify) <= 0) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, - siglen - classical_sig_len, - oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) { + if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + } + unsigned char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); + if (name[0] == 'p') + { + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + } + else + { // rsa3072 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || + (EVP_PKEY_verify(ctx_verify, compsig->sig2->data, compsig->sig2->length, digest, digest_len) <= 0)) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } + } + } + else + { + if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, + siglen - classical_sig_len, + oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) + != OQS_SUCCESS) { + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } } rv = 1; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index fc6e893d..8a81922f 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -17,6 +17,7 @@ #include #include + #ifdef NDEBUG # define OQS_KEY_PRINTF(a) # define OQS_KEY_PRINTF2(a, b) @@ -1515,7 +1516,7 @@ int oqsx_key_maxsize(OQSX_KEY *key) + SIZE_OF_UINT32; case KEY_TYPE_CMP_SIG: { - int aux = 0; + int aux = sizeof(CompositeSignature); if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0) aux += key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; else From a8663cd12eb440d135424cce3c85a8e49a80ca37 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 10 Feb 2023 10:43:53 -0500 Subject: [PATCH 028/160] change sha512 to sha256 for dgst RSA --- oqsprov/oqs_sig.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index cb29e8dd..a3918dd7 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -428,9 +428,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } else { // rsa3072 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || @@ -506,9 +506,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } else { // rsa3072 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || @@ -699,9 +699,9 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, } else { // rsa3072 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); } if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || (EVP_PKEY_verify(ctx_verify, compsig->sig1->data, compsig->sig1->length, digest, digest_len) <= 0)) @@ -761,9 +761,9 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, } else { // rsa3072 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); } if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || (EVP_PKEY_verify(ctx_verify, compsig->sig2->data, compsig->sig2->length, digest, digest_len) <= 0)) From 584c777ec187123eb7ff24020c45792ff68524ea Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 23 Feb 2023 09:32:29 -0500 Subject: [PATCH 029/160] Certificate working --- oqsprov/oqs_encode_key2any.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 5d81b9bb..d0f30760 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -23,6 +23,9 @@ #include #include "oqs_prov.h" +#include +#include + #ifdef NDEBUG # define OQS_ENC_PRINTF(a) # define OQS_ENC_PRINTF2(a, b) @@ -54,6 +57,7 @@ struct key2any_ctx_st { void *pwcbarg; }; + typedef int check_key_type_fn(const void *key, int nid); typedef int key_to_paramstring_fn(const void *key, int nid, int save, void **str, int *strtype); @@ -295,7 +299,7 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, void *str = NULL, *strc = NULL; int strtype = V_ASN1_UNDEF; int strtypec = V_ASN1_UNDEF; - PKCS8_PRIV_KEY_INFO *p8info, *p8infoc; + PKCS8_PRIV_KEY_INFO *p8info; OQS_ENC_PRINTF("OQS ENC provider: key_to_pki_pem_priv_bio called\n"); @@ -334,8 +338,10 @@ static int key_to_spki_der_pub_bio(BIO *out, const void *key, int key_nid, if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; + xpk = oqsx_key_to_pubkey(key, key_nid, str, strtype, k2d); + if (xpk != NULL) ret = i2d_X509_PUBKEY_bio(out, xpk); @@ -484,9 +490,6 @@ static int prepare_oqsx_params(const void *oqsxkey, int nid, int save, return 0; } - if (k->keytype == KEY_TYPE_CMP_SIG) - printf("AAAAAAAAAAAA\n" ); //oqsx_provider_ctx_cmp - if (nid != NID_undef) { params = OBJ_nid2obj(nid); if (params == NULL) From 6e81ec39ccc9a1bd97034aa8a141c8ed4ed3fd9b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 21 Mar 2023 11:25:32 -0400 Subject: [PATCH 030/160] 2+ composite keys --- oqsprov/oqs_encode_key2any.c | 132 +++++----- oqsprov/oqs_kem.c | 12 +- oqsprov/oqs_kmgmt.c | 14 +- oqsprov/oqs_prov.h | 7 +- oqsprov/oqs_sig.c | 426 +++++++++++-------------------- oqsprov/oqsprov_keys.c | 482 +++++++++++++++++++++++------------ 6 files changed, 560 insertions(+), 513 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index d0f30760..0033f00a 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -560,14 +560,44 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } #endif }else{ - int len, len2; + int len, i; + size_t previouslen = 0; + char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; - p8info_internal = X509_PUBKEY_new(); - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); + for (i = 0; i < oqsxkey->numkeys; i++){ + p8info_internal = X509_PUBKEY_new(); + aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); + temp = NULL; + get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + + len = oqsxkey->pubkeylen_cmp[i]; + buf = OPENSSL_memdup(oqsxkey->pubkey + previouslen, len); + + if(get_tlsname_fromoqs(name) == 0) + nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(name)); + if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len)) + keybloblen = 0; // signal error + keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); + + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; + + previouslen += len; + } + +/* len = oqsxkey->pubkeylen - oqsxkey->pubkeylen_cmp;; buf = OPENSSL_memdup(oqsxkey->pubkey, len); @@ -615,9 +645,9 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - + */ keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - + OPENSSL_free(name); return keybloblen; } @@ -635,6 +665,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_TYPE *aType = NULL; ASN1_STRING *aString = NULL; unsigned char *temp = NULL; + char* name; PKCS8_PRIV_KEY_INFO *p8info_internal = NULL; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -725,68 +756,53 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } }else{ + int i; + size_t previouslen = 0; + name = OPENSSL_malloc(strlen(oqsxkey->tls_name));; if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; - p8info_internal = PKCS8_PRIV_KEY_INFO_new(); - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); - - buflen = oqsxkey->privkeylen + oqsxkey->pubkeylen - oqsxkey->privkeylen_cmp - oqsxkey->pubkeylen_cmp; - buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[0], oqsxkey->privkeylen - oqsxkey->privkeylen_cmp); - memcpy(buf + oqsxkey->privkeylen - oqsxkey->privkeylen_cmp, oqsxkey->comp_pubkey[0], oqsxkey->pubkeylen - oqsxkey->pubkeylen_cmp); - - if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) - nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; - else - nid = OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)))); - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } - - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) - return -1; + for (i = 0; i < oqsxkey->numkeys; i++){ + p8info_internal = PKCS8_PRIV_KEY_INFO_new(); + aType = ASN1_TYPE_new(); + aString = ASN1_OCTET_STRING_new(); + temp = NULL; + get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + + buflen = oqsxkey->privkeylen_cmp[i]; + buf = OPENSSL_memdup(oqsxkey->privkey + previouslen, buflen); + + if(get_tlsname_fromoqs(name) == 0) + nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; + else + nid = OBJ_sn2nid(get_tlsname_fromoqs(name)); + if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) + keybloblen = 0; // signal error + keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); + if (keybloblen < 0) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + keybloblen = 0; // signal error + } - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); - p8info_internal = PKCS8_PRIV_KEY_INFO_new(); - temp = NULL; + ASN1_STRING_set0(aString, temp, keybloblen); + ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - buflen = oqsxkey->privkeylen_cmp + oqsxkey->pubkeylen_cmp; - buf = OPENSSL_secure_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[1], oqsxkey->privkeylen_cmp); - memcpy(buf + oqsxkey->privkeylen_cmp, oqsxkey->comp_pubkey[1], oqsxkey->pubkeylen_cmp); + if (!sk_ASN1_TYPE_push(sk, aType)) + return -1; - if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) - nid = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid; - else - nid = OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)))); - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error + previouslen += buflen; } - - - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) - return -1; - keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); + OPENSSL_free(name); + OPENSSL_free(temp); + OPENSSL_free(p8info_internal); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(sk); } OPENSSL_secure_clear_free(buf, buflen); + + return keybloblen; } diff --git a/oqsprov/oqs_kem.c b/oqsprov/oqs_kem.c index 76780a16..fee636bb 100644 --- a/oqsprov/oqs_kem.c +++ b/oqsprov/oqs_kem.c @@ -109,7 +109,7 @@ static int oqs_qs_kem_encaps_keyslot(void *vpkemctx, unsigned char *out, size_t *secretlen, int keyslot) { const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; + const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; OQS_KEM_PRINTF("OQS KEM provider called: encaps\n"); if (pkemctx->kem == NULL) { @@ -133,7 +133,7 @@ static int oqs_qs_kem_decaps_keyslot(void *vpkemctx, unsigned char *out, size_t inlen, int keyslot) { const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; + const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; OQS_KEM_PRINTF("OQS KEM provider called: decaps\n"); if (pkemctx->kem == NULL) { @@ -171,7 +171,7 @@ static int oqs_evp_kem_encaps_keyslot(void *vpkemctx, unsigned char *ct, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; size_t pubkey_kexlen = 0; size_t kexDeriveLen = 0, pkeylen = 0; @@ -249,7 +249,7 @@ static int oqs_evp_kem_decaps_keyslot(void *vpkemctx, unsigned char *secret, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; size_t pubkey_kexlen = evp_ctx->evp_info->length_public_key; size_t kexDeriveLen = evp_ctx->evp_info->kex_length_secret; @@ -351,8 +351,8 @@ static int oqs_hyb_kem_decaps(void *vpkemctx, unsigned char *secret, { int ret = OQS_SUCCESS; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; - const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; size_t secretLen0 = 0, secretLen1 = 0; size_t ctLen0 = 0, ctLen1 = 0; diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index cbcc7a31..6d57c4aa 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -471,8 +471,6 @@ static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, gctx->libctx = libctx; gctx->cmp_name = NULL; gctx->oqs_name = OPENSSL_strdup(oqs_name); - if (primitive == KEY_TYPE_CMP_SIG) - gctx->cmp_name = OPENSSL_strdup(cmp_name); gctx->tls_name = OPENSSL_strdup(tls_name); gctx->primitive = primitive; gctx->selection = selection; @@ -864,32 +862,32 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, static void *dilithium3_rsa3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3,"rsa3072", "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128); } static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3,"rsa3072", "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128); } static void *dilithium3_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3,"p256", "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128); } static void *dilithium3_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3,"p256", "dilithium3_p256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, 128); } static void *falcon512_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "p256", "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128); } static void *falcon512_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512,"p256", "falcon512_p256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, 128); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 2490513b..00eaadf5 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -170,8 +170,8 @@ struct oqsx_key_st { */ size_t privkeylen; size_t pubkeylen; - size_t privkeylen_cmp; - size_t pubkeylen_cmp; + size_t *privkeylen_cmp; + size_t *pubkeylen_cmp; size_t bit_security; char *tls_name; #ifndef OQS_PROVIDER_NOATOMIC @@ -203,7 +203,8 @@ struct SignatureModel{ typedef struct SignatureModel CompositeSignature; char* get_oqsname(int nid); -char* get_cmpname(int nid); +int get_cmpname(int nid, int index, char *out); +int get_qntcmp(int nid); int get_keytype(int nid); char* get_tlsname_fromoqs(char* oqsname); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index a3918dd7..d77cc06c 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -226,21 +226,18 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; EVP_PKEY *oqs_key_classic = NULL; - OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite with PQC as second key EVP_PKEY *cmp_key_classic = NULL; EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); - int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); int is_hybrid = evpkey != NULL; - int is_composite = (cmp_key != NULL || is_composite_second_classic); + int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); size_t max_sig_len = 0; - size_t classical_sig_len = 0, oqs_sig_len = 0, cmp_sig_len = 0; + size_t classical_sig_len = 0, oqs_sig_len = 0; size_t actual_classical_sig_len = 0; size_t index = 0; int rv = 0; @@ -251,20 +248,15 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, return rv; } - if (is_composite_first_classic) - { - max_sig_len += oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - } - else - { - max_sig_len += oqs_key->length_signature; - oqs_sig_len = oqs_key->length_signature; - } + + if (is_composite) { - max_sig_len += sizeof(CompositeSignature); + max_sig_len = oqsx_key_maxsize(oqsxkey); +/* +max_sig_len += sizeof(CompositeSignature); + if (is_composite_second_classic) { max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; @@ -275,12 +267,18 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, max_sig_len += cmp_key->length_signature; cmp_sig_len = cmp_key->length_signature; } +*/ + }else + { + max_sig_len += oqs_key->length_signature; + oqs_sig_len = oqs_key->length_signature; } - if (is_hybrid) { - actual_classical_sig_len = oqsxkey->evp_info->length_signature; - max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); - } + if (is_hybrid) + { + actual_classical_sig_len = oqsxkey->evp_info->length_signature; + max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); + } @@ -370,166 +368,98 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite) { - unsigned char *buf = OPENSSL_malloc(oqs_sig_len); - unsigned char *temp = OPENSSL_malloc(cmp_sig_len); + unsigned char *buf; CompositeSignature *compsig = CompositeSignature_new(); + int i; + char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); + for (i = 0; i < oqsxkey->numkeys; i++){ + get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + + if (get_tlsname_fromoqs(name)){ + oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; + buf = OPENSSL_malloc(oqs_sig_len); + if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; + } + }else + { // sign non PQC key on oqs_key + oqs_key_classic = oqsxkey->cmp_classical_pkey[i]; + oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; + buf = OPENSSL_malloc(oqs_sig_len); + const EVP_MD *classical_md; + int digest_len; + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if (!is_composite_first_classic) - { - if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 2]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } - } - else - { // sign non PQC key on oqs_key - oqs_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 2]; - const EVP_MD *classical_md; - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - - if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } - } - unsigned char *name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p') - { - if (name[1] == '2') - { // p256 + + if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + } + if (name[0] == 'p') + { + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + } + else + { // rsa3072 classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if (name[1] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); - } - } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - - if (oqs_sig_len > oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature) - { - /* sig is bigger than expected */ - ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); - goto endsign; - } - } - - compsig->sig1->data = buf; - compsig->sig1->length = oqs_sig_len; - - - if (!is_composite_second_classic) - { - if (OQS_SIG_sign(cmp_key, temp, &cmp_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } - } - else - { // sign non PQC key on cmp_key - cmp_key_classic = oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1]; - const EVP_MD *classical_md; - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if ((classical_ctx_sign = EVP_PKEY_CTX_new(cmp_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } - } - unsigned char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p') - { - if (name[1] == '2') - { // p256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); - } - } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, temp, &cmp_sig_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; + if (oqs_sig_len > oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature) + { + /* sig is bigger than expected */ + ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + goto endsign; + } } - - if (cmp_sig_len > oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature) - { - /* sig is bigger than expected */ - ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); - goto endsign; + if (i == 0){ //temporary condition + compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig1->length = oqs_sig_len; + }else{ + compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig2->length = oqs_sig_len; } + } - - compsig->sig2->data = temp; - compsig->sig2->length = cmp_sig_len; - oqs_sig_len = i2d_CompositeSignature(compsig, &sig); + OPENSSL_free(name); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) { @@ -555,16 +485,13 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; - OQS_SIG *cmp_key = poqs_sigctx->sig->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig; // if this value is not NULL, we're running composite + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, // we're running hybrid EVP_PKEY_CTX *classical_ctx_sign = NULL; EVP_PKEY_CTX *ctx_verify = NULL; - int is_composite_first_classic = (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); - int is_composite_second_classic = (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0); int is_hybrid = evpkey != NULL; - int is_composite = (cmp_key != NULL || is_composite_second_classic); + int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; int rv = 0; @@ -647,133 +574,88 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, } if(is_composite){ CompositeSignature* compsig = CompositeSignature_new(); - if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) - goto endverify; - if (!is_composite_first_classic) - { - if (OQS_SIG_verify(oqs_key, tbs, tbslen, compsig->sig1->data, compsig->sig1->length, oqsxkey->comp_pubkey[oqsxkey->numkeys - 2]) != OQS_SUCCESS) + int i; + char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); + ASN1_STRING *buf; + size_t buf_len; + if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) + goto endverify; + + for(i = 0; i < oqsxkey->numkeys; i++){ + get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + + if (i == 0){ //temporary condition + buf = compsig->sig1->data; + buf_len = compsig->sig1->length; + }else{ + buf = compsig->sig2->data; + buf_len = compsig->sig2->length; + } + + if (get_tlsname_fromoqs(name)){ + if (OQS_SIG_verify(oqs_key, tbs, tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - }else{//first key is classic + }else{ const EVP_MD *classical_md; int digest_len; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 2], NULL)) == NULL - || EVP_PKEY_verify_init(ctx_verify) <= 0) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL || + EVP_PKEY_verify_init(ctx_verify) <= 0) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - } - unsigned char *name = get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p') - { - if (name[1] == '2') - { // p256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } } - } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || - (EVP_PKEY_verify(ctx_verify, compsig->sig1->data, compsig->sig1->length, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - } - - if (!is_composite_second_classic) - { - if (OQS_SIG_verify(cmp_key, tbs, tbslen, compsig->sig2->data, compsig->sig2->length, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - }else{//second key is classic - const EVP_MD *classical_md; - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[oqsxkey->numkeys - 1], NULL)) == NULL || - EVP_PKEY_verify_init(ctx_verify) <= 0) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - if (oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + if (name[0] == 'p') { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - goto endverify; + if (name[1] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[1] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } } - } - unsigned char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)); - if (name[0] == 'p') - { - if (name[1] == '2') - { // p256 + else + { // rsa3072 classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if (name[1] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || + (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; } + } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || - (EVP_PKEY_verify(ctx_verify, compsig->sig2->data, compsig->sig2->length, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } + } - } - else + OPENSSL_free(name); + }else { if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 8a81922f..25fbadd5 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -48,7 +48,6 @@ typedef struct int nid; char *tlsname; char *oqsname; - char *cmpname; int keytype; int secbits; } oqs_nid_name_t; @@ -134,14 +133,16 @@ static int get_keytype(int nid) return 0; } -char *get_tlsname_fromoqs(char *oqsname) +//get the OQS name without captalization +//return 0 if is classical +char *get_tlsname_fromoqs(char *oqsname) { int i; for (i = 0; i < NID_TABLE_LEN; i++) { if (nid_names[i].keytype == KEY_TYPE_SIG) { - if (!strcmp(nid_names[i].oqsname, oqsname)) + if (!strcmp(nid_names[i].oqsname, oqsname) || !strcmp(nid_names[i].tlsname, oqsname)) return nid_names[i].tlsname; } } @@ -158,17 +159,62 @@ static char *get_oqsname(int nid) return 0; } -char *get_cmpname(int nid) +int get_cmpname(int nid, int index, char* name) { - int i; + int i, j; for (i = 0; i < NID_TABLE_LEN; i++) { - if (nid_names[i].nid == nid) - return nid_names[i].cmpname; + if (nid_names[i].nid == nid){ + char* s = OPENSSL_strdup(nid_names[i].tlsname); + char* token = strtok(s, "_"); + for (j = 0; j < index; j ++) + token = strtok(NULL, "_"); + OPENSSL_strlcpy(name, token, strlen(token) + 1); + OPENSSL_free(s); + return 1; + } } return 0; } +//count the amount of keys in composite structure +int get_qntcmp(int nid) +{ + int i, index = 0; + for (i = 0; i < NID_TABLE_LEN; i++) + { + if (nid_names[i].nid == nid && nid_names[i].keytype == KEY_TYPE_CMP_SIG){ + char* s = OPENSSL_strdup(nid_names[i].tlsname); + s = strtok(s, "_"); + while (s != NULL){ + s = strtok(NULL, "_"); + index++; + } + OPENSSL_free(s); + } + } + return index; +} + +//count the amount of keys in composite structure +int get_qntcmp(int nid) +{ + int i, index = 0; + for (i = 0; i < NID_TABLE_LEN; i++) + { + if (nid_names[i].nid == nid && nid_names[i].keytype == KEY_TYPE_CMP_SIG){ + char* s = OPENSSL_strdup(nid_names[i].tlsname); + s = strtok(s, "_"); + while (s != NULL){ + s = strtok(NULL, "_"); + index++; + } + OPENSSL_free(s); + } + } + return index; +} + static int get_oqsalg_idx(int nid) { int i; @@ -193,28 +239,28 @@ static int oqsx_key_set_composites(OQSX_KEY *key) else { // TBD: extend for more than 1 classic key or first OQS for composite: if (key->keytype == KEY_TYPE_CMP_SIG){ - - if (key->privkey) - { - key->comp_privkey[0] = (char *)key->privkey; - key->comp_privkey[1] - = (char *)key->privkey + key->privkeylen - key->privkeylen_cmp; - } - else - { - key->comp_privkey[0] = NULL; - key->comp_privkey[1] = NULL; - } - if (key->pubkey) - { - key->comp_pubkey[0] = (char *)key->pubkey; - key->comp_pubkey[1] - = (char *)key->pubkey + key->pubkeylen - key->pubkeylen_cmp; - } - else - { - key->comp_pubkey[0] = NULL; - key->comp_pubkey[1] = NULL; + int i; + int privlen = 0; + int publen = 0; + for (i = 0; i < key->numkeys; i++){ + if (key->privkey) + { + key->comp_privkey[i] = key->privkey + privlen; + privlen += key->privkeylen_cmp[i]; + } + else + { + key->comp_privkey[i] = NULL; + } + if (key->pubkey) + { + key->comp_pubkey[i] = key->pubkey + publen; + publen += key->pubkeylen_cmp[i]; + } + else + { + key->comp_pubkey[i] = NULL; + } } }else{ int classic_pubkey_len, classic_privkey_len; @@ -487,15 +533,29 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, plen - key->privkeylen); #endif if (key->keytype == KEY_TYPE_CMP_SIG){ - size_t first_privkeylen = key->privkeylen - key->privkeylen_cmp; + size_t privlen, publen; + size_t previous_privlen = 0; + size_t previous_publen = 0; + int i; + for (i =0; i < key->numkeys; i++){ + privlen = key->privkeylen_cmp[i]; + publen = key->pubkeylen_cmp[i]; + memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); + memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); + previous_privlen += privlen; + previous_publen += publen; + } + +/* + size_t first_privkeylen = key->privkeylen - key->privkeylen_cmp; size_t first_pubkeylen = key->pubkeylen - key->pubkeylen_cmp; memcpy(key->privkey, p, first_privkeylen); memcpy(key->privkey + first_privkeylen, p + first_privkeylen + first_pubkeylen, key->privkeylen_cmp); - memcpy(key->pubkey, p + first_privkeylen, first_pubkeylen); - memcpy(key->pubkey + first_pubkeylen, p + key->privkeylen + first_pubkeylen, key->pubkeylen_cmp); - + memcpy(key->pubkey, p + first_privkeylen, first_pubkeylen); + memcpy(key->pubkey + first_pubkeylen, p + key->privkeylen + first_pubkeylen, key->pubkeylen_cmp); + */ }else{ memcpy(key->privkey, p, key->privkeylen); memcpy(key->pubkey, p + key->privkeylen, key->pubkeylen); @@ -574,7 +634,10 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } } if (key->keytype == KEY_TYPE_CMP_SIG){ + int i; + char *name = OPENSSL_malloc(strlen(key->tls_name)); if (op == KEY_OP_PUBLIC){ +/* if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) @@ -591,24 +654,29 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) }else{ key->cmp_classical_pkey[key->numkeys - 2] = NULL; } - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ - EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) - { - npk = setECParams(npk, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid); - } - const unsigned char *enc_pubkey_comp = key->comp_pubkey[key->numkeys - 1]; - key->cmp_classical_pkey[key->numkeys - 1] = d2i_PublicKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key); - if (!key->cmp_classical_pkey[key->numkeys - 1]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; +*/ + for (i = 0; i < key->numkeys; i++){ + get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + if (get_tlsname_fromoqs(name) == 0){ + EVP_PKEY *npk = EVP_PKEY_new(); + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) + { + npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); + } + const unsigned char *enc_pubkey = key->comp_pubkey[i]; + key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); + if (!key->cmp_classical_pkey[i]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } - }else{ - key->cmp_classical_pkey[key->numkeys - 1] = NULL; + } } + if (op == KEY_OP_PRIVATE){ +/* if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ const unsigned char *enc_privkey = key->comp_privkey[key->numkeys - 2]; key->cmp_classical_pkey[key->numkeys - 2] = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); @@ -620,18 +688,22 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) }else{ key->cmp_classical_pkey[key->numkeys - 2] = NULL; } - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_privkey_comp = key->comp_privkey[key->numkeys - 1]; - key->cmp_classical_pkey[key->numkeys - 1] = d2i_PrivateKey(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey_comp, key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key); - if (!key->cmp_classical_pkey[key->numkeys - 1]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + */ + for (i = 0; i < key->numkeys; i++){ + get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + if (get_tlsname_fromoqs(name) == 0){ + const unsigned char *enc_privkey = key->comp_privkey[i]; + key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); + if (!key->cmp_classical_pkey[i]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } } - }else{ - key->cmp_classical_pkey[key->numkeys - 1] = NULL; + } } + OPENSSL_free(name); } return key; @@ -652,6 +724,10 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; ASN1_OCTET_STRING *oct = NULL; + X509_PUBKEY *p8info_buf = X509_PUBKEY_new(); + const unsigned char *buf; + unsigned char *concat_key; + int count, aux, i, buflen; if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) { @@ -663,11 +739,26 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, p = NULL; plen = 0; }else{ - unsigned char *buf, *temp, *concat_key; - int buflen, templen; - X509_PUBKEY *p8info_temp = X509_PUBKEY_new(); - X509_PUBKEY *p8info_buf = X509_PUBKEY_new(); + count = sk_ASN1_TYPE_num(sk); + concat_key = OPENSSL_secure_malloc(plen); + + aux = 0; + for (i = 0; i < count; i++){ + aType = sk_ASN1_TYPE_pop(sk); + buf = aType->value.sequence->data; + buflen = aType->value.sequence->length; + + p8info_buf = d2i_X509_PUBKEY(&p8info_buf, &buf, buflen); + if (!X509_PUBKEY_get0_param(NULL, &buf, &buflen, NULL, p8info_buf)) + return NULL; + + aux += buflen; + memcpy(concat_key + plen - aux, buf, buflen); + } + p = concat_key + plen - aux; + plen = aux; +/* aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm temp = aType->value.sequence->data; templen = aType->value.sequence->length; @@ -687,10 +778,14 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, memcpy(concat_key, buf, buflen); memcpy(concat_key + buflen, temp, templen); p = concat_key; - plen = templen + buflen; + plen = templen + buflen; +*/ + // OPENSSL_free(buf); + // OPENSSL_free(buflen); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); + return oqsx; } @@ -705,6 +800,10 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, const X509_ALGOR *palg; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; + const unsigned char *buf; + unsigned char *concat_key; + int count, aux, i, buflen; + PKCS8_PRIV_KEY_INFO *p8info_buf = PKCS8_PRIV_KEY_INFO_new(); if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return 0; @@ -727,31 +826,25 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p = NULL; plen = 0; }else{ - unsigned char *buf, *temp, *concat_key; - int buflen, templen; - PKCS8_PRIV_KEY_INFO *p8info_temp = PKCS8_PRIV_KEY_INFO_new(); - PKCS8_PRIV_KEY_INFO *p8info_buf = PKCS8_PRIV_KEY_INFO_new(); - - aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm - temp = aType->value.sequence->data; - templen = aType->value.sequence->length; - - p8info_temp = d2i_PKCS8_PRIV_KEY_INFO(&p8info_temp, &temp, templen); - PKCS8_pkey_get0(NULL, &temp, &templen, NULL, p8info_temp); - - aType = sk_ASN1_TYPE_pop(sk); //pop the first crypt algorithm - buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; - - p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); - PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info_buf); - - concat_key = OPENSSL_secure_malloc(buflen + templen); + count = sk_ASN1_TYPE_num(sk); + concat_key = OPENSSL_secure_malloc(plen); + + aux = 0; + for (i = 0; i < count; i++){ + aType = sk_ASN1_TYPE_pop(sk); + buf = aType->value.sequence->data; + buflen = aType->value.sequence->length; + + p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); + if (!PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info_buf)) + return NULL; + + aux += buflen; + memcpy(concat_key + plen - aux, buf, buflen); + } - memcpy(concat_key, buf, buflen); - memcpy(concat_key + buflen, temp, templen); - p = concat_key; - plen = templen + buflen; + p = concat_key + plen - aux; + plen = aux; } } @@ -903,7 +996,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, printf("13\n"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; - int ret2 = 0, ret3 = 0; + int ret2 = 0; if (ret == NULL) goto err; @@ -933,8 +1026,9 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { fprintf( stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?\n", @@ -962,17 +1056,17 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } #endif ret->privkeylen - = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; + = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_secret_key; ret->pubkeylen - = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key; ret->keytype = KEY_TYPE_SIG; break; case KEY_TYPE_KEM: ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); + if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( stderr, "Could not create OQS KEM algorithm %s. Enabled in liboqs?\n", @@ -980,15 +1074,15 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } ret->privkeylen - = ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key; + = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_secret_key; ret->pubkeylen - = ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key; + = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key; ret->keytype = KEY_TYPE_KEM; break; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); + if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( stderr, "Could not create OQS KEM algorithm %s. Enabled in liboqs?\n", @@ -1007,18 +1101,18 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key + + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_secret_key + evp_ctx->evp_info->length_private_key; ret->pubkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key + + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key + evp_ctx->evp_info->length_public_key; - ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; + ret->oqsx_provider_ctx[0].oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; break; case KEY_TYPE_HYB_SIG: - ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { fprintf( stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?\n", @@ -1036,38 +1130,59 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_secret_key + evp_ctx->evp_info->length_private_key; ret->pubkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key + evp_ctx->evp_info->length_public_key; - ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; + ret->oqsx_provider_ctx[0].oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; ret->evp_info = evp_ctx->evp_info; ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); break; case KEY_TYPE_CMP_SIG: - if (get_tlsname_fromoqs(oqs_name) != 0) - { - ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) + int i; + char* name = OPENSSL_malloc(strlen(tls_name)); + ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); + ret->privkeylen = 0; + ret->pubkeylen = 0; + ret->oqsx_provider_ctx = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + + for (i = 0; i < ret->numkeys; i++){ + get_cmpname(OBJ_sn2nid(tls_name), i, name); + if (get_tlsname_fromoqs(name) != 0) { - fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", oqs_name); - goto err; + ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(name); + if (!ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig) + { + fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", name); + goto err; + } + ret->privkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_public_key; } + else + { + evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); + ON_ERR_GOTO(!evp_ctx, err); + + ret2 = oqsx_hybsig_init(bit_security, evp_ctx, name); + ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); + ret->oqsx_provider_ctx[i].oqsx_evp_ctx = evp_ctx; + ret->privkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_private_key; + ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key; + } + ret->privkeylen += ret->privkeylen_cmp[i]; + ret->pubkeylen += ret->pubkeylen_cmp[i]; } - else - { - evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); - ON_ERR_GOTO(!evp_ctx, err); - - ret2 = oqsx_hybsig_init(bit_security, evp_ctx, oqs_name); - ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); - ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; - } - +/* if (get_tlsname_fromoqs(cmp_name) != 0) { ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); @@ -1085,12 +1200,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret3 = oqsx_hybsig_init(bit_security, evp_ctx, cmp_name); ON_ERR_GOTO(ret3 <= 0 || !evp_ctx->ctx, err); ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx = evp_ctx; - } + } - ret->numkeys = 2; - ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); if (ret2) { ret->privkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_private_key; @@ -1113,6 +1224,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } ret->privkeylen += ret->privkeylen_cmp; ret->pubkeylen += ret->pubkeylen_cmp; +*/ ret->keytype = primitive; break; @@ -1174,29 +1286,38 @@ void oqsx_key_free(OQSX_KEY *key) OPENSSL_free(key->comp_pubkey); OPENSSL_free(key->comp_privkey); if (key->keytype == KEY_TYPE_KEM) - OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); + OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM) { - OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); + OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); } else OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); EVP_PKEY_free(key->classical_pkey); if (key->oqsx_provider_ctx.oqsx_evp_ctx) { - EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx); - EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam); - OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); + EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); + EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); + OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); } if(key->keytype == KEY_TYPE_CMP_SIG){ - if (key->oqsx_provider_ctx.oqsx_qs_ctx.sig == NULL) - OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); - else - OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + int i; + char *name = OPENSSL_malloc(strlen(key->tls_name));; + for (i = 0; i < key->numkeys; i ++){ + get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + if (get_tlsname_fromoqs(name)) + OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); + else + OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); + + } + OPENSSL_free(name); +/* if (key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig == NULL) OPENSSL_free(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx); else OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); + */ }else - OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); @@ -1309,12 +1430,12 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { printf("18\n"); if (gen_kem) - return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, + return OQS_KEM_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem, key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1]); else { if (key->keytype == KEY_TYPE_CMP_SIG) - return -(OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, + return -(OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, key->comp_pubkey[key->numkeys-2], key->comp_privkey[key->numkeys-2]) || OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, @@ -1432,7 +1553,7 @@ int oqsx_key_gen(OQSX_KEY *key) } else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM || key->keytype == KEY_TYPE_HYB_SIG) { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[0].oqsx_evp_ctx, key->pubkey, key->privkey, 1); ON_ERR_GOTO(pkey == NULL, err); ret = !oqsx_key_set_composites(key); @@ -1448,22 +1569,39 @@ int oqsx_key_gen(OQSX_KEY *key) pkey = NULL; ret = oqsx_key_gen_oqs(key, 1); } - } else if(key->keytype == KEY_TYPE_CMP_SIG){ - if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 0); - ON_ERR_GOTO(pkey == NULL, err); - key->cmp_classical_pkey[0] = pkey; - ON_ERR_GOTO(ret, err); - } - else - { - ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->pubkey, key->privkey); - ON_ERR_GOTO(ret, err); - } - + } + else if (key->keytype == KEY_TYPE_CMP_SIG) + { + int i; + char* name = OPENSSL_malloc(strlen(key->tls_name)); ret = oqsx_key_set_composites(key); + for (i = 0; i < key->numkeys; i++){ + get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + if (get_tlsname_fromoqs(name) == 0) + { +// if (i == 0) +// pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->pubkey, key->privkey, 0); +// else + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); + ON_ERR_GOTO(pkey == NULL, err); + key->cmp_classical_pkey[i] = pkey; + ON_ERR_GOTO(ret, err); + } + else + { +// if (i == 0) +// ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->pubkey, key->privkey); +// else + ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); + ON_ERR_GOTO(ret, err); + } +// if (i == 0) +// ret = oqsx_key_set_composites(key); + + } - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) +/* + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name), key->numkeys - 1)) == 0) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1], 0); key->cmp_classical_pkey[key->numkeys - 1] = pkey; @@ -1475,10 +1613,13 @@ int oqsx_key_gen(OQSX_KEY *key) { ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen - key->privkeylen_cmp, key->pubkey + key->pubkeylen - key->pubkeylen_cmp); ON_ERR_GOTO(ret, err); - } + } +*/ -}else if (key->keytype == KEY_TYPE_SIG) { - ret = !oqsx_key_set_composites(key); + } + else if (key->keytype == KEY_TYPE_SIG) + { + ret = !oqsx_key_set_composites(key); // 1 ON_ERR_GOTO(ret, err); ret = oqsx_key_gen_oqs(key, 0); // 18 } @@ -1503,28 +1644,37 @@ int oqsx_key_maxsize(OQSX_KEY *key) { switch (key->keytype) { case KEY_TYPE_KEM: - return key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret; + return key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: - return key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->kex_length_secret - + key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret; + return key->oqsx_provider_ctx[0].oqsx_evp_ctx->evp_info->kex_length_secret + + key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_SIG: - return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; + return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature; case KEY_TYPE_HYB_SIG: - return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature - + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature + + key->oqsx_provider_ctx[0].oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; case KEY_TYPE_CMP_SIG: { int aux = sizeof(CompositeSignature); - if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0) - aux += key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature; - else - aux += key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name))) == 0) + int i; + char *name = OPENSSL_malloc(strlen(key->tls_name));; + for (i = 0; i < key->numkeys; i ++){ + get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + if (get_tlsname_fromoqs(name) == 0) + aux += key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; + else + aux += key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; + + } + OPENSSL_free(name); +/* + if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name), key->numkeys - 1)) == 0) aux += key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; else aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; + */ return aux; } default: From 3f2aab9028305a3e49b366be1b0bb36d1b5c9ca8 Mon Sep 17 00:00:00 2001 From: felipe Date: Tue, 21 Mar 2023 14:13:02 -0400 Subject: [PATCH 031/160] bugfix --- oqsprov/oqs_encode_key2any.c | 12 +++++------- oqsprov/oqsprov_keys.c | 6 +++--- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 0033f00a..cfa9a401 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -561,7 +561,6 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) #endif }else{ int len, i; - size_t previouslen = 0; char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -574,7 +573,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); len = oqsxkey->pubkeylen_cmp[i]; - buf = OPENSSL_memdup(oqsxkey->pubkey + previouslen, len); + buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); if(get_tlsname_fromoqs(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; @@ -594,7 +593,6 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - previouslen += len; } /* @@ -757,7 +755,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } }else{ int i; - size_t previouslen = 0; name = OPENSSL_malloc(strlen(oqsxkey->tls_name));; if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -769,8 +766,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) temp = NULL; get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); - buflen = oqsxkey->privkeylen_cmp[i]; - buf = OPENSSL_memdup(oqsxkey->privkey + previouslen, buflen); + buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; + buf = OPENSSL_malloc(buflen); + memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); + memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); if(get_tlsname_fromoqs(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; @@ -790,7 +789,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - previouslen += buflen; } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(name); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 25fbadd5..4ec2ca11 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -92,11 +92,11 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128}, - {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, "rsa3072", + {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, "p256", + {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "falcon512_p256", OQS_SIG_alg_falcon_512, "p256", + {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; From c8a1a6ac9fd66f990671e2bdac46febfecf4182f Mon Sep 17 00:00:00 2001 From: Felipe Date: Tue, 21 Mar 2023 15:32:52 -0400 Subject: [PATCH 032/160] removed prints and old commented code --- oqsprov/oqs_encode_key2any.c | 79 +------------ oqsprov/oqs_prov.h | 2 +- oqsprov/oqs_sig.c | 18 +-- oqsprov/oqsprov_keys.c | 210 ++++------------------------------- 4 files changed, 30 insertions(+), 279 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index cfa9a401..5aaec4fd 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -83,7 +83,6 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, void *params, int params_type, i2d_of_void *k2d) { - printf("e2\n" ); /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; int derlen; @@ -111,7 +110,6 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, struct key2any_ctx_st *ctx) { - printf("e3\n" ); X509_SIG *p8 = NULL; char kstr[PEM_BUFSIZE]; size_t klen = 0; @@ -156,7 +154,6 @@ static X509_PUBKEY *oqsx_key_to_pubkey(const void *key, int key_nid, void *params, int params_type, i2d_of_void k2d) { - printf("e5\n" ); /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; int derlen; @@ -205,7 +202,6 @@ static int key_to_epki_der_priv_bio(BIO *out, const void *key, int key_nid, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e6\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -234,7 +230,6 @@ static int key_to_epki_pem_priv_bio(BIO *out, const void *key, int key_nid, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e7\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -262,7 +257,6 @@ static int key_to_pki_der_priv_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e8\n" ); int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; @@ -294,7 +288,6 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e9\n" ); int ret = 0, cmp_len = 0; void *str = NULL, *strc = NULL; int strtype = V_ASN1_UNDEF; @@ -326,7 +319,6 @@ static int key_to_spki_der_pub_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e10\n" ); int ret = 0; OQSX_KEY *okey = (OQSX_KEY *)key; X509_PUBKEY *xpk = NULL; @@ -354,7 +346,6 @@ static int key_to_spki_pem_pub_bio(BIO *out, const void *key, int key_nid, key_to_paramstring_fn *p2s, i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - printf("e11\n" ); int ret = 0; X509_PUBKEY *xpk = NULL; void *str = NULL; @@ -477,7 +468,6 @@ called\n"); static int prepare_oqsx_params(const void *oqsxkey, int nid, int save, void **pstr, int *pstrtype) { - printf("e12\n" ); ASN1_OBJECT *params = NULL; OQSX_KEY *k = (OQSX_KEY *)oqsxkey; @@ -575,10 +565,10 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) len = oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); - if(get_tlsname_fromoqs(name) == 0) + if(get_oqsname_fromtls(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; else - nid = OBJ_sn2nid(get_tlsname_fromoqs(name)); + nid = OBJ_sn2nid(name); if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len)) keybloblen = 0; // signal error keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); @@ -594,56 +584,6 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) return -1; } - -/* - len = oqsxkey->pubkeylen - oqsxkey->pubkeylen_cmp;; - buf = OPENSSL_memdup(oqsxkey->pubkey, len); - - if(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) - nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid; - else - nid = OBJ_sn2nid(get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(oqsxkey->tls_name)))); - if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len)) - keybloblen = 0; // signal error - keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } - - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) - return -1; - - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); - p8info_internal = X509_PUBKEY_new(); - temp = NULL; - - len2 = oqsxkey->pubkeylen_cmp; - buf = OPENSSL_memdup(oqsxkey->pubkey + len, len2); - - if(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name))) == 0) - nid = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->nid; - else - nid = OBJ_sn2nid(get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(oqsxkey->tls_name)))); - if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len2)) - keybloblen = 0; // signal error - keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } - - - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) - return -1; - */ keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(name); return keybloblen; @@ -771,10 +711,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - if(get_tlsname_fromoqs(name) == 0) + if(get_oqsname_fromtls(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; else - nid = OBJ_sn2nid(get_tlsname_fromoqs(name)); + nid = OBJ_sn2nid(name); if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) keybloblen = 0; // signal error keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); @@ -908,7 +848,6 @@ static OSSL_FUNC_decoder_freectx_fn key2any_freectx; static void *key2any_newctx(void *provctx) { - printf("e15\n" ); struct key2any_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); OQS_ENC_PRINTF("OQS ENC provider: key2any_newctx called\n"); @@ -923,7 +862,6 @@ static void *key2any_newctx(void *provctx) static void key2any_freectx(void *vctx) { - printf("e16\n" ); struct key2any_ctx_st *ctx = vctx; OQS_ENC_PRINTF("OQS ENC provider: key2any_freectx called\n"); @@ -934,7 +872,6 @@ static void key2any_freectx(void *vctx) static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) { - printf("e17\n" ); static const OSSL_PARAM settables[] = { OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0), OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES, NULL, 0), @@ -948,7 +885,6 @@ static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { - printf("e18\n" ); struct key2any_ctx_st *ctx = vctx; OSSL_LIB_CTX *libctx = ctx->provctx->libctx; const OSSL_PARAM *cipherp @@ -985,13 +921,12 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } } - printf(" cipher set to %p: \n", ctx->cipher); + OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher); return 1; } static int key2any_check_selection(int selection, int selection_mask) { - printf("e19\n" ); /* * The selections are kinda sorta "levels", i.e. each selection given * here is assumed to include those following. @@ -1036,7 +971,6 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, key_to_paramstring_fn *key2paramstring, i2d_of_void *key2der) { - printf("e20\n" ); int ret = 0; int type = OBJ_sn2nid(typestr); OQSX_KEY *oqsk = (OQSX_KEY *)key; @@ -1049,7 +983,6 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, if (key == NULL || type <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_PASSED_NULL_PARAMETER); - printf("HERE\n" ); } else if (writer != NULL) { // Is ref counting really needed? For now, do it as per // https://beta.openssl.org/docs/manmaster/man3/BIO_new_from_core_bio.html: @@ -1067,7 +1000,7 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, } else { ERR_raise(ERR_LIB_USER, ERR_R_PASSED_INVALID_ARGUMENT); } - printf(" encode result: %d\n", ret); + OQS_ENC_PRINTF2(" encode result: %d\n", ret); // OQS_ENC_PRINTF2(" encode result: %d\n", ret); return ret; } diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 00eaadf5..0fa8c78a 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -206,7 +206,7 @@ char* get_oqsname(int nid); int get_cmpname(int nid, int index, char *out); int get_qntcmp(int nid); int get_keytype(int nid); -char* get_tlsname_fromoqs(char* oqsname); +char* get_oqsname_fromtls(char* oqsname); /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index d77cc06c..448b2d00 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -254,20 +254,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite) { max_sig_len = oqsx_key_maxsize(oqsxkey); -/* -max_sig_len += sizeof(CompositeSignature); - - if (is_composite_second_classic) - { - max_sig_len += oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - cmp_sig_len = oqsxkey->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - } - else - { - max_sig_len += cmp_key->length_signature; - cmp_sig_len = cmp_key->length_signature; - } -*/ }else { max_sig_len += oqs_key->length_signature; @@ -375,7 +361,7 @@ max_sig_len += sizeof(CompositeSignature); for (i = 0; i < oqsxkey->numkeys; i++){ get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); - if (get_tlsname_fromoqs(name)){ + if (get_oqsname_fromtls(name)){ oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; buf = OPENSSL_malloc(oqs_sig_len); if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) @@ -592,7 +578,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, buf_len = compsig->sig2->length; } - if (get_tlsname_fromoqs(name)){ + if (get_oqsname_fromtls(name)){ if (OQS_SIG_verify(oqs_key, tbs, tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 4ec2ca11..b956936a 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -133,20 +133,19 @@ static int get_keytype(int nid) return 0; } -//get the OQS name without captalization -//return 0 if is classical -char *get_tlsname_fromoqs(char *oqsname) + +char *get_oqsname_fromtls(char *tlsname) { int i; for (i = 0; i < NID_TABLE_LEN; i++) { if (nid_names[i].keytype == KEY_TYPE_SIG) { - if (!strcmp(nid_names[i].oqsname, oqsname) || !strcmp(nid_names[i].tlsname, oqsname)) - return nid_names[i].tlsname; + if (!strcmp(nid_names[i].oqsname, tlsname) || !strcmp(nid_names[i].tlsname, tlsname)) + return nid_names[i].oqsname; } } - return 0; + return 0; //classical } static char *get_oqsname(int nid) @@ -196,25 +195,6 @@ int get_qntcmp(int nid) return index; } -//count the amount of keys in composite structure -int get_qntcmp(int nid) -{ - int i, index = 0; - for (i = 0; i < NID_TABLE_LEN; i++) - { - if (nid_names[i].nid == nid && nid_names[i].keytype == KEY_TYPE_CMP_SIG){ - char* s = OPENSSL_strdup(nid_names[i].tlsname); - s = strtok(s, "_"); - while (s != NULL){ - s = strtok(NULL, "_"); - index++; - } - OPENSSL_free(s); - } - } - return index; -} - static int get_oqsalg_idx(int nid) { int i; @@ -312,7 +292,6 @@ void oqsx_freeprovctx(PROV_OQS_CTX *ctx) void oqsx_key_set0_libctx(OQSX_KEY *key, OSSL_LIB_CTX *libctx) { - printf("4\n"); key->libctx = libctx; } @@ -367,7 +346,6 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int plen, oqsx_key_op_t op, OSSL_LIB_CTX *libctx, const char *propq) { - printf("7\n"); OQSX_KEY *key = NULL; void **privkey, **pubkey; int nid = NID_undef; @@ -546,16 +524,6 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, previous_publen += publen; } -/* - size_t first_privkeylen = key->privkeylen - key->privkeylen_cmp; - size_t first_pubkeylen = key->pubkeylen - key->pubkeylen_cmp; - - memcpy(key->privkey, p, first_privkeylen); - memcpy(key->privkey + first_privkeylen, p + first_privkeylen + first_pubkeylen, key->privkeylen_cmp); - - memcpy(key->pubkey, p + first_privkeylen, first_pubkeylen); - memcpy(key->pubkey + first_pubkeylen, p + key->privkeylen + first_pubkeylen, key->pubkeylen_cmp); - */ }else{ memcpy(key->privkey, p, key->privkeylen); memcpy(key->pubkey, p + key->privkeylen, key->pubkeylen); @@ -637,27 +605,10 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) int i; char *name = OPENSSL_malloc(strlen(key->tls_name)); if (op == KEY_OP_PUBLIC){ -/* - if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) - { - npk = setECParams(npk, key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); - } - const unsigned char *enc_pubkey = key->comp_pubkey[key->numkeys - 2]; - key->cmp_classical_pkey[key->numkeys - 2] = d2i_PublicKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, plen); - if (!key->cmp_classical_pkey[key->numkeys - 2]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - }else{ - key->cmp_classical_pkey[key->numkeys - 2] = NULL; - } -*/ + for (i = 0; i < key->numkeys; i++){ get_cmpname(OBJ_sn2nid(key->tls_name), i, name); - if (get_tlsname_fromoqs(name) == 0){ + if (get_oqsname_fromtls(name) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) { @@ -676,22 +627,10 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (op == KEY_OP_PRIVATE){ -/* - if (get_tlsname_fromoqs(get_oqsname(OBJ_sn2nid(key->tls_name))) == 0){ - const unsigned char *enc_privkey = key->comp_privkey[key->numkeys - 2]; - key->cmp_classical_pkey[key->numkeys - 2] = d2i_PrivateKey(key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, plen); - if (!key->cmp_classical_pkey[key->numkeys - 2]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - }else{ - key->cmp_classical_pkey[key->numkeys - 2] = NULL; - } - */ + for (i = 0; i < key->numkeys; i++){ get_cmpname(OBJ_sn2nid(key->tls_name), i, name); - if (get_tlsname_fromoqs(name) == 0){ + if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); if (!key->cmp_classical_pkey[i]) @@ -716,7 +655,6 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, const char *propq) { - printf("8\n"); const unsigned char *p; int plen; X509_ALGOR *palg; @@ -758,30 +696,6 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, p = concat_key + plen - aux; plen = aux; -/* - aType = sk_ASN1_TYPE_pop(sk); //pop the second crypt algorithm - temp = aType->value.sequence->data; - templen = aType->value.sequence->length; - - p8info_temp = d2i_X509_PUBKEY(&p8info_temp, &temp, templen); - X509_PUBKEY_get0_param(NULL, &temp, &templen, NULL, p8info_temp); - - aType = sk_ASN1_TYPE_pop(sk); //pop the first crypt algorithm - buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; - - p8info_buf = d2i_X509_PUBKEY(&p8info_buf, &buf, buflen); - X509_PUBKEY_get0_param(NULL, &buf, &buflen, NULL, p8info_buf); - - concat_key = OPENSSL_secure_malloc(buflen + templen); - - memcpy(concat_key, buf, buflen); - memcpy(concat_key + buflen, temp, templen); - p = concat_key; - plen = templen + buflen; -*/ - // OPENSSL_free(buf); - // OPENSSL_free(buflen); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); @@ -792,7 +706,6 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OSSL_LIB_CTX *libctx, const char *propq) { - printf("9\n"); OQSX_KEY *oqsx = NULL; const unsigned char *p; int plen; @@ -881,7 +794,6 @@ static const OQSX_EVP_INFO nids_ecx[] = { static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, char *algname) { - printf("10\n"); int ret = 1; int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 2, err); @@ -925,7 +837,6 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("11\n"); int ret = 1; int idx = 0; while (idx < sizeof(OQSX_ECP_NAMES)) { @@ -956,7 +867,6 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { - printf("12\n"); int ret = 1; int idx = 0; @@ -993,7 +903,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, int alg_idx) { - printf("13\n"); OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; int ret2 = 0; @@ -1157,9 +1066,9 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, for (i = 0; i < ret->numkeys; i++){ get_cmpname(OBJ_sn2nid(tls_name), i, name); - if (get_tlsname_fromoqs(name) != 0) + if (get_oqsname_fromtls(name) != 0) { - ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(name); + ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(get_oqsname_fromtls(name)); if (!ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig) { fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", name); @@ -1182,49 +1091,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->privkeylen += ret->privkeylen_cmp[i]; ret->pubkeylen += ret->pubkeylen_cmp[i]; } -/* - if (get_tlsname_fromoqs(cmp_name) != 0) - { - ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig = OQS_SIG_new(cmp_name); - if (!ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig) - { - fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?B\n", cmp_name); - goto err; - } - } - else - { - evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); - ON_ERR_GOTO(!evp_ctx, err); - - ret3 = oqsx_hybsig_init(bit_security, evp_ctx, cmp_name); - ON_ERR_GOTO(ret3 <= 0 || !evp_ctx->ctx, err); - ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx = evp_ctx; - } - - if (ret2) - { - ret->privkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_private_key; - ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_public_key; - } - else - { - ret->privkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; - } - if (ret3) - { - ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_private_key; - ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_public_key; - } - else - { - ret->privkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen_cmp = ret->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_public_key; - } - ret->privkeylen += ret->privkeylen_cmp; - ret->pubkeylen += ret->pubkeylen_cmp; -*/ ret->keytype = primitive; break; @@ -1247,7 +1113,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } - printf("OQSX_KEY: new key created: %p\n", ret); + OQS_KEY_PRINTF2("OQSX_KEY: new key created: %p\n", ret); return ret; err: ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); @@ -1257,7 +1123,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, void oqsx_key_free(OQSX_KEY *key) { - printf("14\n"); int refcnt; if (key == NULL) return; @@ -1303,20 +1168,16 @@ void oqsx_key_free(OQSX_KEY *key) char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ get_cmpname(OBJ_sn2nid(key->tls_name), i, name); - if (get_tlsname_fromoqs(name)) + if (get_oqsname_fromtls(name)) OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); else OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); } OPENSSL_free(name); -/* - if (key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig == NULL) - OPENSSL_free(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx); - else - OQS_SIG_free(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig); - */ - }else + + } + else OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); #ifdef OQS_PROVIDER_NOATOMIC @@ -1329,7 +1190,6 @@ void oqsx_key_free(OQSX_KEY *key) int oqsx_key_up_ref(OQSX_KEY *key) { - printf("15\n"); int refcnt; #ifndef OQS_PROVIDER_NOATOMIC @@ -1349,7 +1209,6 @@ int oqsx_key_up_ref(OQSX_KEY *key) int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) { - printf("16\n"); int ret = 0, aux = 0; if (key->keytype != KEY_TYPE_CMP_SIG) @@ -1371,7 +1230,6 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { - printf("17\n"); const OSSL_PARAM *p; OQS_KEY_PRINTF("OQSX Key from data called\n"); @@ -1454,7 +1312,6 @@ printf("18\n"); static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *privkey, int encode) { - printf("19\n"); int ret = 0, ret2 = 0, aux = 0; // Free at errhyb: @@ -1536,7 +1393,6 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, * OQSX_KEY */ int oqsx_key_gen(OQSX_KEY *key) { - printf("20\n"); int ret = 0; EVP_PKEY *pkey = NULL; @@ -1577,7 +1433,7 @@ int oqsx_key_gen(OQSX_KEY *key) ret = oqsx_key_set_composites(key); for (i = 0; i < key->numkeys; i++){ get_cmpname(OBJ_sn2nid(key->tls_name), i, name); - if (get_tlsname_fromoqs(name) == 0) + if (get_oqsname_fromtls(name) == 0) { // if (i == 0) // pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->pubkey, key->privkey, 0); @@ -1589,32 +1445,14 @@ int oqsx_key_gen(OQSX_KEY *key) } else { -// if (i == 0) -// ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->pubkey, key->privkey); -// else - ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); + ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); ON_ERR_GOTO(ret, err); } -// if (i == 0) -// ret = oqsx_key_set_composites(key); + } -/* - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name), key->numkeys - 1)) == 0) - { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx_cmp.oqsx_evp_ctx, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1], 0); - key->cmp_classical_pkey[key->numkeys - 1] = pkey; - const unsigned char *pubkey = key->comp_pubkey[key->numkeys - 1]; - ON_ERR_GOTO(pkey == NULL, err); - } - else - { - ret = OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, key->privkey + key->privkeylen - key->privkeylen_cmp, key->pubkey + key->pubkeylen - key->pubkeylen_cmp); - ON_ERR_GOTO(ret, err); - } -*/ } else if (key->keytype == KEY_TYPE_SIG) @@ -1662,19 +1500,13 @@ int oqsx_key_maxsize(OQSX_KEY *key) char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ get_cmpname(OBJ_sn2nid(key->tls_name), i, name); - if (get_tlsname_fromoqs(name) == 0) + if (get_oqsname_fromtls(name) == 0) aux += key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; else aux += key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; } - OPENSSL_free(name); -/* - if (get_tlsname_fromoqs(get_cmpname(OBJ_sn2nid(key->tls_name), key->numkeys - 1)) == 0) - aux += key->oqsx_provider_ctx_cmp.oqsx_evp_ctx->evp_info->length_signature; - else - aux += key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig->length_signature; - */ + OPENSSL_free(name); return aux; } default: From 8d68a11bf286f960c145933c7496e688c4179704 Mon Sep 17 00:00:00 2001 From: Felipe Date: Tue, 21 Mar 2023 15:34:40 -0400 Subject: [PATCH 033/160] remove notes.txt --- notes.txt | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 notes.txt diff --git a/notes.txt b/notes.txt deleted file mode 100644 index f38caa07..00000000 --- a/notes.txt +++ /dev/null @@ -1,33 +0,0 @@ -###CREATE QUANTUM SAFE KEY PAIR - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl req -x509 -new -newkey p521_dilithium5 -keyout qsc.key -out qsc.crt -nodes -subj "/CN=oqstest" -days 365 -config /home/feventura/Documents/openssl/apps/openssl.cnf -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default - -###SIGN DATA - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -in test.txt -sign -signer qsc.crt -inkey qsc.key -nodetach -outform pem -binary -out signedfile -md sha512 -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider default -provider oqsprovider - -##VERIFY DATA - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -verify -CAfile qsc.crt -inform pem -in signedfile -crlfeol -out outputfile -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default - -##CREATE TEST SIGNATURE (from oqsprov/test) - -gcc oqs_test_signatures.c test_common.o -L ../openssl -lcrypto -o output_signatures - -##RUN TEST SIGNARURE (from oqsprov/test) - -./output_signatures oqsprovider /home/feventura/Documents/oqs-provider/test/oqs.cnf - -##IMPLEMENT CHANGES TO oqs_sig.c TO PROVIDER (from oqsprov/test) - -cd .. && cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && cd test/ - -##IMPLEMENT CHANGES THEN COMPILE AND RUN TEST (generic version, from oqsprov) - -cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf - -##IMPLEMENT CHANGES THEN BUILD DEPENDENCY LIBRARY THEN COMPILE AND RUN TEST (generic version, from oqsprov) - -cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc -Wall -c ./test/test_common.c && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf - - From 57c5f9e3e4e1d11453831444be240dffd7de1231 Mon Sep 17 00:00:00 2001 From: Felipe Date: Tue, 28 Mar 2023 13:52:00 -0400 Subject: [PATCH 034/160] signature ASN1 structure for 2+ keys --- oqsprov/oqs_prov.h | 3 +-- oqsprov/oqs_sig.c | 51 ++++++++++++++++++++++++++++++++-------------- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 0fa8c78a..e38b8d60 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -196,8 +196,7 @@ typedef struct oqsx_key_st OQSX_KEY; //composite signature struct SignatureModel{ - ASN1_BIT_STRING *sig1; - ASN1_BIT_STRING *sig2; + STACK_OF(ASN1_BIT_STRING) *sig; }; typedef struct SignatureModel CompositeSignature; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 448b2d00..482cd67f 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -87,8 +87,7 @@ static int get_aid(unsigned char **oidbuf, const char *tls_name) DECLARE_ASN1_FUNCTIONS(CompositeSignature) ASN1_NDEF_SEQUENCE(CompositeSignature) = { - ASN1_SIMPLE(CompositeSignature, sig1, ASN1_BIT_STRING), - ASN1_SIMPLE(CompositeSignature, sig2, ASN1_BIT_STRING) + ASN1_SET_OF(CompositeSignature, sig, ASN1_BIT_STRING), } ASN1_NDEF_SEQUENCE_END(CompositeSignature) IMPLEMENT_ASN1_FUNCTIONS(CompositeSignature) @@ -241,6 +240,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t actual_classical_sig_len = 0; size_t index = 0; int rv = 0; + ASN1_BIT_STRING *comp_sig; if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) { @@ -358,6 +358,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, CompositeSignature *compsig = CompositeSignature_new(); int i; char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); + if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) + goto endsign; for (i = 0; i < oqsxkey->numkeys; i++){ get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); @@ -435,17 +437,27 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } - if (i == 0){ //temporary condition + comp_sig = ASN1_BIT_STRING_new(); + comp_sig->data = OPENSSL_memdup(buf, oqs_sig_len); + comp_sig->length = oqs_sig_len; + if (!sk_ASN1_TYPE_push(compsig->sig, comp_sig)) + goto endsign; + + + /* if (i == 0){ //temporary condition compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig1->length = oqs_sig_len; }else{ compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig2->length = oqs_sig_len; - } + } +*/ } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); OPENSSL_free(name); + OPENSSL_free(compsig->sig); + OPENSSL_free(comp_sig); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) { @@ -481,6 +493,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; int rv = 0; + ASN1_BIT_STRING *comp_sig; OQS_SIG_PRINTF3( "OQS SIG provider: verify called with siglen %ld bytes and tbslen %ld\n", @@ -566,17 +579,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, size_t buf_len; if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) goto endverify; - + if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) + goto endverify; for(i = 0; i < oqsxkey->numkeys; i++){ get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); - - if (i == 0){ //temporary condition - buf = compsig->sig1->data; - buf_len = compsig->sig1->length; - }else{ - buf = compsig->sig2->data; - buf_len = compsig->sig2->length; - } if (get_oqsname_fromtls(name)){ if (OQS_SIG_verify(oqs_key, tbs, tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) @@ -635,12 +641,27 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; - } - + } } + comp_sig = ASN1_BIT_STRING_new(); + comp_sig->data = OPENSSL_memdup(buf, oqs_sig_len); + comp_sig->length = oqs_sig_len; + if (!sk_ASN1_TYPE_push(compsig->sig, comp_sig)) + goto endverify; + + /* if (i == 0){ //temporary condition + compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig1->length = oqs_sig_len; + }else{ + compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig2->length = oqs_sig_len; + } +*/ } OPENSSL_free(name); + OPENSSL_free(compsig->sig); + OPENSSL_free(comp_sig); }else { if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) From 88b3b2c47d35a9b89d225dfab1dc1f39e959d3d2 Mon Sep 17 00:00:00 2001 From: Felipe Date: Fri, 11 Aug 2023 16:02:02 -0400 Subject: [PATCH 035/160] Revert "remove notes.txt" This reverts commit 3d5bccc3f0f0fc2e8f24823582de2263fdd7e991. --- notes.txt | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 notes.txt diff --git a/notes.txt b/notes.txt new file mode 100644 index 00000000..f38caa07 --- /dev/null +++ b/notes.txt @@ -0,0 +1,33 @@ +###CREATE QUANTUM SAFE KEY PAIR + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl req -x509 -new -newkey p521_dilithium5 -keyout qsc.key -out qsc.crt -nodes -subj "/CN=oqstest" -days 365 -config /home/feventura/Documents/openssl/apps/openssl.cnf -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default + +###SIGN DATA + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -in test.txt -sign -signer qsc.crt -inkey qsc.key -nodetach -outform pem -binary -out signedfile -md sha512 -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider default -provider oqsprovider + +##VERIFY DATA + +LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -verify -CAfile qsc.crt -inform pem -in signedfile -crlfeol -out outputfile -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default + +##CREATE TEST SIGNATURE (from oqsprov/test) + +gcc oqs_test_signatures.c test_common.o -L ../openssl -lcrypto -o output_signatures + +##RUN TEST SIGNARURE (from oqsprov/test) + +./output_signatures oqsprovider /home/feventura/Documents/oqs-provider/test/oqs.cnf + +##IMPLEMENT CHANGES TO oqs_sig.c TO PROVIDER (from oqsprov/test) + +cd .. && cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && cd test/ + +##IMPLEMENT CHANGES THEN COMPILE AND RUN TEST (generic version, from oqsprov) + +cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf + +##IMPLEMENT CHANGES THEN BUILD DEPENDENCY LIBRARY THEN COMPILE AND RUN TEST (generic version, from oqsprov) + +cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc -Wall -c ./test/test_common.c && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf + + From 68f9960cd451f2a67f26ef71ad2d5ce31f354e5f Mon Sep 17 00:00:00 2001 From: eve Date: Mon, 21 Aug 2023 15:11:13 -0500 Subject: [PATCH 036/160] working 2keys and cert --- oqsprov/oqs_encode_key2any.c | 15 ++++----- oqsprov/oqs_prov.h | 5 +-- oqsprov/oqs_sig.c | 63 ++++++++++++++++-------------------- oqsprov/oqsprov_keys.c | 51 +++++++++++++++-------------- 4 files changed, 65 insertions(+), 69 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 5aaec4fd..6d106122 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -551,7 +551,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) #endif }else{ int len, i; - char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); +// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -560,7 +560,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) aType = ASN1_TYPE_new(); aString = ASN1_OCTET_STRING_new(); temp = NULL; - get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); len = oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); @@ -582,10 +582,10 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - + OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - OPENSSL_free(name); + return keybloblen; } @@ -695,7 +695,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } }else{ int i; - name = OPENSSL_malloc(strlen(oqsxkey->tls_name));; +// name = OPENSSL_malloc(strlen(oqsxkey->tls_name));; if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -704,7 +704,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) aType = ASN1_TYPE_new(); aString = ASN1_OCTET_STRING_new(); temp = NULL; - get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); @@ -728,10 +728,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - + OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - OPENSSL_free(name); OPENSSL_free(temp); OPENSSL_free(p8info_internal); OPENSSL_free(aType); diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index e38b8d60..6866e8e9 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -196,13 +196,14 @@ typedef struct oqsx_key_st OQSX_KEY; //composite signature struct SignatureModel{ - STACK_OF(ASN1_BIT_STRING) *sig; + ASN1_BIT_STRING *sig1; + ASN1_BIT_STRING *sig2; }; typedef struct SignatureModel CompositeSignature; char* get_oqsname(int nid); -int get_cmpname(int nid, int index, char *out); +char* get_cmpname(int nid, int index); int get_qntcmp(int nid); int get_keytype(int nid); char* get_oqsname_fromtls(char* oqsname); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 482cd67f..8dbd17fa 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -87,7 +87,8 @@ static int get_aid(unsigned char **oidbuf, const char *tls_name) DECLARE_ASN1_FUNCTIONS(CompositeSignature) ASN1_NDEF_SEQUENCE(CompositeSignature) = { - ASN1_SET_OF(CompositeSignature, sig, ASN1_BIT_STRING), + ASN1_SIMPLE(CompositeSignature, sig1, ASN1_BIT_STRING), + ASN1_SIMPLE(CompositeSignature, sig2, ASN1_BIT_STRING), } ASN1_NDEF_SEQUENCE_END(CompositeSignature) IMPLEMENT_ASN1_FUNCTIONS(CompositeSignature) @@ -240,7 +241,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t actual_classical_sig_len = 0; size_t index = 0; int rv = 0; - ASN1_BIT_STRING *comp_sig; if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) { @@ -357,11 +357,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, unsigned char *buf; CompositeSignature *compsig = CompositeSignature_new(); int i; - char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); - if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) - goto endsign; +// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); +// if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) +// goto endsign; for (i = 0; i < oqsxkey->numkeys; i++){ - get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); if (get_oqsname_fromtls(name)){ oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; @@ -437,27 +437,27 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } - comp_sig = ASN1_BIT_STRING_new(); +/* comp_sig = ASN1_BIT_STRING_new(); comp_sig->data = OPENSSL_memdup(buf, oqs_sig_len); comp_sig->length = oqs_sig_len; if (!sk_ASN1_TYPE_push(compsig->sig, comp_sig)) goto endsign; - +*/ - /* if (i == 0){ //temporary condition + if (i == 0){ compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig1->length = oqs_sig_len; }else{ compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig2->length = oqs_sig_len; } -*/ - + + OPENSSL_free(name); } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); - OPENSSL_free(name); - OPENSSL_free(compsig->sig); - OPENSSL_free(comp_sig); + +// OPENSSL_free(compsig->sig); + OPENSSL_free(compsig); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) { @@ -574,15 +574,22 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if(is_composite){ CompositeSignature* compsig = CompositeSignature_new(); int i; - char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); +// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); ASN1_STRING *buf; size_t buf_len; if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) goto endverify; - if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) - goto endverify; +// if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) +// goto endverify; for(i = 0; i < oqsxkey->numkeys; i++){ - get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i, name); + if (i == 0){ + buf = compsig->sig1->data; + buf_len = compsig->sig1->length; + }else{ + buf = compsig->sig2->data; + buf_len = compsig->sig2->length; + } + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); if (get_oqsname_fromtls(name)){ if (OQS_SIG_verify(oqs_key, tbs, tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) @@ -643,25 +650,11 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } } - comp_sig = ASN1_BIT_STRING_new(); - comp_sig->data = OPENSSL_memdup(buf, oqs_sig_len); - comp_sig->length = oqs_sig_len; - if (!sk_ASN1_TYPE_push(compsig->sig, comp_sig)) - goto endverify; - - /* if (i == 0){ //temporary condition - compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); - compsig->sig1->length = oqs_sig_len; - }else{ - compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); - compsig->sig2->length = oqs_sig_len; - } -*/ - } OPENSSL_free(name); - OPENSSL_free(compsig->sig); - OPENSSL_free(comp_sig); + } +// OPENSSL_free(compsig->sig); + OPENSSL_free(compsig); }else { if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index b956936a..a14a0a35 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -158,9 +158,10 @@ static char *get_oqsname(int nid) return 0; } -int get_cmpname(int nid, int index, char* name) +char* get_cmpname(int nid, int index) { int i, j; + char* name; for (i = 0; i < NID_TABLE_LEN; i++) { if (nid_names[i].nid == nid){ @@ -168,9 +169,10 @@ int get_cmpname(int nid, int index, char* name) char* token = strtok(s, "_"); for (j = 0; j < index; j ++) token = strtok(NULL, "_"); - OPENSSL_strlcpy(name, token, strlen(token) + 1); + name = OPENSSL_strdup(token); +// OPENSSL_strlcpy(name, token, strlen(token) + 1); OPENSSL_free(s); - return 1; + return name; } } return 0; @@ -603,11 +605,11 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (key->keytype == KEY_TYPE_CMP_SIG){ int i; - char *name = OPENSSL_malloc(strlen(key->tls_name)); +// char *name = OPENSSL_malloc(strlen(key->tls_name)); if (op == KEY_OP_PUBLIC){ for (i = 0; i < key->numkeys; i++){ - get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) @@ -622,6 +624,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) goto err; } } + OPENSSL_free(name); } } @@ -629,7 +632,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (op == KEY_OP_PRIVATE){ for (i = 0; i < key->numkeys; i++){ - get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); @@ -639,10 +642,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) goto err; } } - + OPENSSL_free(name); } } - OPENSSL_free(name); } return key; @@ -1053,11 +1055,11 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, break; case KEY_TYPE_CMP_SIG: int i; - char* name = OPENSSL_malloc(strlen(tls_name)); +// char* name = OPENSSL_malloc(strlen(tls_name)); ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); ret->privkeylen = 0; ret->pubkeylen = 0; - ret->oqsx_provider_ctx = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(ret->numkeys * sizeof(OQSX_PROVIDER_CTX)); ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); @@ -1065,7 +1067,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); for (i = 0; i < ret->numkeys; i++){ - get_cmpname(OBJ_sn2nid(tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(tls_name), i); if (get_oqsname_fromtls(name) != 0) { ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(get_oqsname_fromtls(name)); @@ -1090,8 +1092,11 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } ret->privkeylen += ret->privkeylen_cmp[i]; ret->pubkeylen += ret->pubkeylen_cmp[i]; + OPENSSL_free(name); } ret->keytype = primitive; + + break; default: @@ -1165,16 +1170,14 @@ void oqsx_key_free(OQSX_KEY *key) } if(key->keytype == KEY_TYPE_CMP_SIG){ int i; - char *name = OPENSSL_malloc(strlen(key->tls_name));; +// char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ - get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name)) OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); - else - OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); - + OPENSSL_free(name); } - OPENSSL_free(name); + } else @@ -1429,10 +1432,10 @@ int oqsx_key_gen(OQSX_KEY *key) else if (key->keytype == KEY_TYPE_CMP_SIG) { int i; - char* name = OPENSSL_malloc(strlen(key->tls_name)); +// char* name = OPENSSL_malloc(strlen(key->tls_name)); ret = oqsx_key_set_composites(key); for (i = 0; i < key->numkeys; i++){ - get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0) { // if (i == 0) @@ -1448,7 +1451,7 @@ int oqsx_key_gen(OQSX_KEY *key) ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); ON_ERR_GOTO(ret, err); } - + OPENSSL_free(name); } @@ -1497,16 +1500,16 @@ int oqsx_key_maxsize(OQSX_KEY *key) { int aux = sizeof(CompositeSignature); int i; - char *name = OPENSSL_malloc(strlen(key->tls_name));; +// char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ - get_cmpname(OBJ_sn2nid(key->tls_name), i, name); + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0) aux += key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; else aux += key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; - + OPENSSL_free(name); } - OPENSSL_free(name); + return aux; } default: From bba89f3924136eb08d040e9957c31572543c45c1 Mon Sep 17 00:00:00 2001 From: eve Date: Fri, 25 Aug 2023 10:33:22 -0500 Subject: [PATCH 037/160] added composite draft keys pairs --- oqsprov/oqs_decode_der2key.c | 16 ++++- oqsprov/oqs_encode_key2any.c | 66 ++++++++++++++++++- oqsprov/oqs_kmgmt.c | 77 ++++++++++++++++++++++ oqsprov/oqs_prov.h | 65 +++++++++++++++++- oqsprov/oqs_sig.c | 124 +++++++++++++++++++++-------------- oqsprov/oqsdecoders.inc | 30 ++++++++- oqsprov/oqsencoders.inc | 90 ++++++++++++++++++++++++- oqsprov/oqsprov.c | 34 +++++++++- oqsprov/oqsprov_keys.c | 101 +++++++++++++++++++++------- 9 files changed, 518 insertions(+), 85 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 48800944..21b8234c 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -608,10 +608,22 @@ MAKE_DECODER("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo); - MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); - MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium3_bp256", dilithium3_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium3_ed25519", dilithium3_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium5_bp384", dilithium5_bp384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium5_ed448", dilithium5_ed448, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 6d106122..5cc0c920 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -826,18 +826,36 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_sphincsshake128fsimple_input_type \ "rsa3072_sphincsshake128fsimple" #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" - # define dilithium3_rsa3072_evp_type 0 # define dilithium3_rsa3072_input_type "dilithium3_rsa3072" # define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" - # define dilithium3_p256_evp_type 0 # define dilithium3_p256_input_type "dilithium3_p256" # define dilithium3_p256_pem_type "dilithium3_p256" - # define falcon512_p256_evp_type 0 # define falcon512_p256_input_type "falcon512_p256" # define falcon512_p256_pem_type "falcon512_p256" +# define dilithium5_p384_evp_type 0 +# define dilithium5_p384_input_type "dilithium5_p384" +# define dilithium5_p384_pem_type "dilithium5_p384" +# define dilithium3_bp256_evp_type 0 +# define dilithium3_bp256_input_type "dilithium3_bp256" +# define dilithium3_bp256_pem_type "dilithium3_bp256" +# define dilithium3_ed25519_evp_type 0 +# define dilithium3_ed25519_input_type "dilithium3_ed25519" +# define dilithium3_ed25519_pem_type "dilithium3_ed25519" +# define dilithium5_bp384_evp_type 0 +# define dilithium5_bp384_input_type "dilithium5_bp384" +# define dilithium5_bp384_pem_type "dilithium5_bp384" +# define dilithium5_ed448_evp_type 0 +# define dilithium5_ed448_input_type "dilithium5_ed448" +# define dilithium5_ed448_pem_type "dilithium5_ed448" +# define falcon512_bp256_evp_type 0 +# define falcon512_bp256_input_type "falcon512_bp256" +# define falcon512_bp256_pem_type "falcon512_bp256" +# define falcon512_ed25519_evp_type 0 +# define falcon512_ed25519_input_type "falcon512_ed25519" +# define falcon512_ed25519_pem_type "falcon512_ed25519" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -1578,4 +1596,46 @@ MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_p384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_p384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_bp384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_bp384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_ed448, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium5_ed448, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(falcon512_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 6d57c4aa..4d2e8d4c 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -890,6 +890,76 @@ static void *falcon512_p256_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, 128); } +static void *dilithium5_p384_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192); +} + +static void *dilithium5_p384_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, 192); +} + +static void *dilithium3_bp256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *dilithium3_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 128); +} + +static void *dilithium3_ed25519_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *dilithium3_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128); +} + +static void *dilithium5_bp384_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384); +} + +static void *dilithium5_bp384_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384); +} + +static void *dilithium5_ed448_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192); +} + +static void *dilithium5_ed448_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192); +} + +static void *falcon512_bp256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *falcon512_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 128); +} + +static void *falcon512_ed25519_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *falcon512_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128); +} + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ @@ -1065,6 +1135,13 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_rsa3072) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_p256) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_p384) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_bp256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_ed25519) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 6866e8e9..41a24cc9 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -715,7 +715,6 @@ extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_en extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; - extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; @@ -724,7 +723,6 @@ extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encod extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; - extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; @@ -733,6 +731,62 @@ extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encode extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START @@ -765,6 +819,13 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 8dbd17fa..70b1af61 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -377,64 +377,77 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; buf = OPENSSL_malloc(oqs_sig_len); const EVP_MD *classical_md; + EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); int digest_len; + int aux; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } - - if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + if (name[0] == 'e'){ //ed25519 or ed448 + if (EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0 || + EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, tbs, tbslen) <= 0){ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + }else { + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || + EVP_PKEY_sign_init(classical_ctx_sign) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } - } - if (name[0] == 'p') - { - if (name[1] == '2') - { // p256 + + if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + } + if (name[0] == 'p' || name[0] == 'b') + { + if(name[0] == 'p') + aux = 1; + else aux = 2; + if (name[aux] == '2') + { // p256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[aux] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[aux] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + } + else + { // rsa3072 classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if (name[1] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[1] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); - } - } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || + (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } - if (oqs_sig_len > oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature) - { - /* sig is bigger than expected */ - ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); - goto endsign; + if (oqs_sig_len > oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature) + { + /* sig is bigger than expected */ + ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + goto endsign; + } } } /* comp_sig = ASN1_BIT_STRING_new(); @@ -600,6 +613,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, }else{ const EVP_MD *classical_md; int digest_len; + int aux; + EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL || @@ -616,21 +631,24 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } } - if (name[0] == 'p') + if (name[0] == 'p' || name[0] == 'b') { - if (name[1] == '2') + if (name[0] == 'p') + aux = 1; + else aux = 2; + if (name[aux] == '2') { // p256 classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if (name[1] == '3') + if (name[aux] == '3') { // p384 classical_md = EVP_sha384(); digest_len = SHA384_DIGEST_LENGTH; SHA384(tbs, tbslen, (unsigned char *)&digest); } - if (name[1] == '5') + if (name[aux] == '5') { // p521 classical_md = EVP_sha512(); digest_len = SHA512_DIGEST_LENGTH; @@ -643,7 +661,13 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || + if(name[0] == 'e'){ //ed25519 or ed448 + if((!EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) || + !EVP_DigestVerify(evp_ctx, buf, buf_len, tbs, tbslen) != 1)){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + } else if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index f3bfcc28..ef2f945b 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -65,6 +65,14 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), dilithium3_p256), DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, dilithium3_p256), + DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, + dilithium3_bp256), + DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, + dilithium3_bp256), + DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, + dilithium3_ed25519), + DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, + dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 @@ -74,6 +82,18 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), p521_dilithium5), DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5), + DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, + dilithium5_p384), + DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, + dilithium5_p384), + DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, + dilithium5_bp384), + DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, + dilithium5_bp384), + DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, + dilithium5_ed448), + DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, + dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), @@ -91,6 +111,14 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), falcon512_p256), DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256), + DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, + falcon512_bp256), + DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, + falcon512_bp256), + DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, + falcon512_ed25519), + DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, + falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), @@ -152,4 +180,4 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), #endif - ///// OQS_TEMPLATE_FRAGMENT_MAKE_END +///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 7a4b1fce..fa777a51 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -161,6 +161,31 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_p256", dilithium3_p256), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + SubjectPublicKeyInfo), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), @@ -183,6 +208,44 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p521_dilithium5", p521_dilithium5), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_p384", dilithium5_p384), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + SubjectPublicKeyInfo), #endif #ifdef OQS_ENABLE_SIG_falcon_512 ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), @@ -229,6 +292,31 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("falcon512_p256", falcon512_p256), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_bp256", falcon512_bp256), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + SubjectPublicKeyInfo), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), @@ -426,4 +514,4 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_TEXT("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple), #endif - ///// OQS_TEMPLATE_FRAGMENT_MAKE_END +///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 763d409b..f27b3953 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -47,7 +47,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; * List of all algorithms with given OIDs */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START -#define OQS_OID_CNT 52 +#define OQS_OID_CNT 59 const char *oqs_oid_alg_list[OQS_OID_CNT] = { "1.3.6.1.4.1.2.267.7.4.4", "dilithium2", @@ -99,8 +99,22 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "dilithium3_rsa3072", "2.16.840.1.114027.80.5.1.2", "dilithium3_p256", - "2.16.840.1.114027.80.5.1.8", - "falcon512_p256", + "2.16.840.1.114027.80.5.1.3", + "dilithium3_bp256", + "2.16.840.1.114027.80.5.1.4", + "dilithium3_ed25519", + "2.16.840.1.114027.80.5.1.5", + "dilithium5_p384", + "2.16.840.1.114027.80.5.1.6", + "dilithium5_bp384", + "2.16.840.1.114027.80.5.1.7", + "dilithium5_ed448", + "2.16.840.1.114027.80.5.1.8", + "falcon512_p256", + "2.16.840.1.114027.80.5.1.9", + "falcon512_bp256", + "2.16.840.1.114027.80.5.1.10", + "falcon512_ed25519", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; @@ -338,16 +352,23 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("p384_dilithium3", 192, oqs_signature_functions), SIGALG("dilithium3_rsa3072", 192, oqs_signature_functions), SIGALG("dilithium3_p256", 192, oqs_signature_functions), + SIGALG("dilithium3_bp256", 192, oqs_signature_functions), + SIGALG("dilithium3_ed25519", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_signature_functions), SIGALG("p521_dilithium5", 256, oqs_signature_functions), + SIGALG("dilithium5_p384", 256, oqs_signature_functions), + SIGALG("dilithium5_bp384", 256, oqs_signature_functions), + SIGALG("dilithium5_ed448", 256, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_signature_functions), SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), SIGALG("falcon512_p256", 128, oqs_signature_functions), + SIGALG("falcon512_bp256", 128, oqs_signature_functions), + SIGALG("falcon512_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_signature_functions), @@ -468,16 +489,23 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("p384_dilithium3", 192, oqs_p384_dilithium3_keymgmt_functions), SIGALG("dilithium3_rsa3072", 192, oqs_dilithium3_rsa3072_keymgmt_functions), SIGALG("dilithium3_p256", 192, oqs_dilithium3_p256_keymgmt_functions), + SIGALG("dilithium3_bp256", 192, oqs_dilithium3_bp256_keymgmt_functions), + SIGALG("dilithium3_ed25519", 192, oqs_dilithium3_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), SIGALG("p521_dilithium5", 256, oqs_p521_dilithium5_keymgmt_functions), + SIGALG("dilithium5_p384", 256, oqs_dilithium5_p384_keymgmt_functions), + SIGALG("dilithium5_bp384", 256, oqs_dilithium5_bp384_keymgmt_functions), + SIGALG("dilithium5_ed448", 256, oqs_dilithium5_ed448_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), SIGALG("falcon512_p256", 128, oqs_falcon512_p256_keymgmt_functions), + SIGALG("falcon512_bp256", 128, oqs_falcon512_bp256_keymgmt_functions), + SIGALG("falcon512_ed25519", 128, oqs_falcon512_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_falcon1024_keymgmt_functions), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index a14a0a35..9cb01752 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -55,7 +55,7 @@ typedef struct static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START -#define NID_TABLE_LEN 26 +#define NID_TABLE_LEN 34 static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, @@ -98,6 +98,20 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_CMP_SIG, 128}, {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, + KEY_TYPE_CMP_SIG, 192}, + {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, + KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, + KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, + KEY_TYPE_CMP_SIG, 384}, + {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, + KEY_TYPE_CMP_SIG, 192}, + {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, + KEY_TYPE_CMP_SIG, 128}, + {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, + KEY_TYPE_CMP_SIG, 128}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; @@ -617,7 +631,12 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); } const unsigned char *enc_pubkey = key->comp_pubkey[i]; - key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X25519 && + key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X448) + key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); + else + key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_pubkey, key->pubkeylen_cmp[i]); + if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -635,7 +654,11 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; - key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X25519 && + key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X448) + key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); + else + key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_privkey, key->pubkeylen_cmp[i]); if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -772,9 +795,14 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 72}, // 128 bit - {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit - p384 {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 141}, // 256 bit + {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit + {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit + {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit + {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit +// {EVP_PKEY_RSA_PSS, NID_pss,} }; // These two array need to stay synced: @@ -798,26 +826,48 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, { int ret = 1; int idx = (bit_security - 128) / 64; - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 5, err); if (!strncmp(algname, "rsa3072", 7)) - idx += 3; - else if (algname[0] != 'p') { - OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); - ret = 0; - goto err; + idx += 5; + else if (algname[0] != 'p' && algname[0] != 'e') + { + if (algname[0] == 'b'){ //bp + if (algname[2] == '2') //bp256 + idx += 1; + } + else + { + OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); + ret = 0; + goto err; + } } - ON_ERR_GOTO(idx < 0 || idx > 3, err); + ON_ERR_GOTO(idx < 0 || idx > 5, err); - evp_ctx->evp_info = &nids_sig[idx]; + if(algname[0] == 'e') //ED25519 or ED448 + { + evp_ctx->evp_info = &nids_sig[idx + 6]; - evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); + evp_ctx->keyParam = EVP_PKEY_new(); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); - if (idx < 3) { // EC - ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, free_evp_ctx); + ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + + evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + } else { + evp_ctx->evp_info = &nids_sig[idx]; + + evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); + ON_ERR_GOTO(!evp_ctx->ctx, err); + + if (idx < 5) + { // EC + ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); + ON_ERR_GOTO(ret <= 0, err); ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, evp_ctx->evp_info->nid); @@ -1339,17 +1389,23 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } + ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); + if (ctx->evp_info->raw_key_support) { // TODO: If available, use preallocated memory - pubkeylen = EVP_PKEY_get1_encoded_public_key(pkey, &pubkey_encoded); - ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key - || !pubkey_encoded, - ret, -3, errhyb); - memcpy(pubkey + aux, pubkey_encoded, pubkeylen); + if (ctx->evp_info->nid != NID_ED25519 && ctx->evp_info->nid != NID_ED448){ + pubkeylen = EVP_PKEY_get1_encoded_public_key(pkey, &pubkey_encoded); + ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key || !pubkey_encoded, ret, -3, errhyb); + memcpy(pubkey + aux, pubkey_encoded, pubkeylen); + }else{ + pubkeylen = ctx->evp_info->length_public_key; + ret2 = EVP_PKEY_get_raw_public_key(pkey, pubkey + aux, &pubkeylen); + ON_ERR_SET_GOTO(ret2 <= 0 || pubkeylen != ctx->evp_info->length_public_key, ret, -3, errhyb); + } privkeylen = ctx->evp_info->length_private_key; ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + aux, &privkeylen); @@ -1444,7 +1500,6 @@ int oqsx_key_gen(OQSX_KEY *key) pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[i] = pkey; - ON_ERR_GOTO(ret, err); } else { From dade517797ec5019ac1d99c4f49689020118559f Mon Sep 17 00:00:00 2001 From: eve Date: Mon, 11 Sep 2023 15:39:55 -0500 Subject: [PATCH 038/160] working PSS key and cert gen --- oqsprov/oqs_decode_der2key.c | 2 ++ oqsprov/oqs_encode_key2any.c | 6 ++++++ oqsprov/oqs_kmgmt.c | 11 +++++++++++ oqsprov/oqs_prov.h | 9 +++++++++ oqsprov/oqs_sig.c | 4 ++-- oqsprov/oqsdecoders.inc | 4 ++++ oqsprov/oqsencoders.inc | 14 ++++++++++++++ oqsprov/oqsprov.c | 8 +++++++- oqsprov/oqsprov_keys.c | 34 +++++++++++++++++++++++++--------- 9 files changed, 80 insertions(+), 12 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 21b8234c..13991d6c 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -626,4 +626,6 @@ MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER("dilithium3_pss", dilithium3_pss, oqsx, PrivateKeyInfo); +MAKE_DECODER("dilithium3_pss", dilithium3_pss, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 5cc0c920..beb09575 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -1638,4 +1638,10 @@ MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_pss, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(dilithium3_pss, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(dilithium3_pss, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(dilithium3_pss, oqsx, SubjectPublicKeyInfo, pem); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 4d2e8d4c..79aa3a02 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -960,6 +960,16 @@ static void *falcon512_ed25519_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128); } +static void *dilithium3_pss_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_pss", KEY_TYPE_CMP_SIG, NULL, 128); +} + +static void *dilithium3_pss_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_pss", KEY_TYPE_CMP_SIG, 128); +} + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ @@ -1142,6 +1152,7 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 41a24cc9..3fe3516c 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -787,6 +787,14 @@ extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_enc extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START @@ -826,6 +834,7 @@ extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 70b1af61..1827d12a 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -409,8 +409,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if(name[0] == 'p') aux = 1; else aux = 2; - if (name[aux] == '2') - { // p256 + if (name[aux] == '2' || name[aux] == 's') + { // p256 && pss classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index ef2f945b..2c1a9c12 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -73,6 +73,10 @@ DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), dilithium3_ed25519), DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), + DECODER_w_structure("dilithium3_pss", der, PrivateKeyInfo, + dilithium3_pss), + DECODER_w_structure("dilithium3_pss", der, SubjectPublicKeyInfo, + dilithium3_pss), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index fa777a51..e08fb503 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -186,6 +186,20 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_pss", dilithium3_pss), + #endif #ifdef OQS_ENABLE_SIG_dilithium_5 ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index f27b3953..b8d9132e 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -47,7 +47,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; * List of all algorithms with given OIDs */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START -#define OQS_OID_CNT 59 +#define OQS_OID_CNT 68 const char *oqs_oid_alg_list[OQS_OID_CNT] = { "1.3.6.1.4.1.2.267.7.4.4", "dilithium2", @@ -115,6 +115,8 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "falcon512_bp256", "2.16.840.1.114027.80.5.1.10", "falcon512_ed25519", + "2.16.840.1.114027.80.5.1.14", + "dilithium3_pss", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; @@ -354,6 +356,8 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium3_p256", 192, oqs_signature_functions), SIGALG("dilithium3_bp256", 192, oqs_signature_functions), SIGALG("dilithium3_ed25519", 192, oqs_signature_functions), + SIGALG("dilithium3_pss", 192, oqs_signature_functions), + #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_signature_functions), @@ -491,6 +495,8 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("dilithium3_p256", 192, oqs_dilithium3_p256_keymgmt_functions), SIGALG("dilithium3_bp256", 192, oqs_dilithium3_bp256_keymgmt_functions), SIGALG("dilithium3_ed25519", 192, oqs_dilithium3_ed25519_keymgmt_functions), + SIGALG("dilithium3_pss", 192, oqs_dilithium3_pss_keymgmt_functions), + #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 9cb01752..12be4049 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -55,7 +55,7 @@ typedef struct static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START -#define NID_TABLE_LEN 34 +#define NID_TABLE_LEN 35 static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, @@ -112,6 +112,9 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_CMP_SIG, 128}, {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + 0, "dilithium3_pss", OQS_SIG_alg_dilithium_3, + KEY_TYPE_CMP_SIG, 128}, + ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; @@ -800,9 +803,10 @@ static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit + {EVP_PKEY_RSA_PSS, NID_rsassaPss, 0, 398, 1269, 0, 384}, {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit -// {EVP_PKEY_RSA_PSS, NID_pss,} + }; // These two array need to stay synced: @@ -830,7 +834,9 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, if (!strncmp(algname, "rsa3072", 7)) idx += 5; - else if (algname[0] != 'p' && algname[0] != 'e') + else if (!strncmp(algname, "pss", 3)) + idx += 6; + else if (algname[0] != 'p' || algname[0] != 'e') { if (algname[0] == 'b'){ //bp if (algname[2] == '2') //bp256 @@ -844,11 +850,11 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, } } - ON_ERR_GOTO(idx < 0 || idx > 5, err); + ON_ERR_GOTO(idx < 0 || idx > 6, err); if(algname[0] == 'e') //ED25519 or ED448 { - evp_ctx->evp_info = &nids_sig[idx + 6]; + evp_ctx->evp_info = &nids_sig[idx + 7]; evp_ctx->keyParam = EVP_PKEY_new(); ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); @@ -1389,6 +1395,15 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } + if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) + { + ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(kgctx, EVP_sha256()); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); + ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_md(kgctx, EVP_sha256()); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); + ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(kgctx, 64); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); + } ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); @@ -1415,10 +1430,11 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, } else { unsigned char *pubkey_enc = pubkey + aux; const unsigned char *pubkey_enc2 = pubkey + aux; - pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); - ON_ERR_SET_GOTO( - !pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, - ret, -11, errhyb); + if(ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) + pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); + else + pubkeylen = i2d_PUBKEY(pkey, &pubkey_enc); + ON_ERR_SET_GOTO(!pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, ret, -11, errhyb); unsigned char *privkey_enc = privkey + aux; const unsigned char *privkey_enc2 = privkey + aux; privkeylen = i2d_PrivateKey(pkey, &privkey_enc); From 0eaf9f66ae241c9a7d2676f1690bd0418886949d Mon Sep 17 00:00:00 2001 From: eve Date: Tue, 12 Sep 2023 09:14:59 -0500 Subject: [PATCH 039/160] adding padding for pss signing & fix param bug --- oqsprov/oqs_sig.c | 9 +++++++++ oqsprov/oqsprov_keys.c | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 1827d12a..2b83d210 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -404,6 +404,15 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } + if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) + { + if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) || + (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0)) + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + } if (name[0] == 'p' || name[0] == 'b') { if(name[0] == 'p') diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 12be4049..0b11323b 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -836,7 +836,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, idx += 5; else if (!strncmp(algname, "pss", 3)) idx += 6; - else if (algname[0] != 'p' || algname[0] != 'e') + else if (algname[0] != 'p' && algname[0] != 'e') { if (algname[0] == 'b'){ //bp if (algname[2] == '2') //bp256 From 9021a83c412ff08ce792c4e7af188dc046dc951f Mon Sep 17 00:00:00 2001 From: eve Date: Wed, 13 Sep 2023 14:54:56 -0500 Subject: [PATCH 040/160] removed internal OIDS --- oqsprov/oqs_encode_key2any.c | 15 ++++++++---- oqsprov/oqs_kmgmt.c | 8 +++--- oqsprov/oqsprov_keys.c | 47 +++++++++++++++++++++++++++++------- 3 files changed, 52 insertions(+), 18 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index beb09575..ea28d2ea 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -601,7 +601,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; - ASN1_STRING *aString = NULL; + ASN1_STRING *aString = NULL, *tempOct = NULL; unsigned char *temp = NULL; char* name; PKCS8_PRIV_KEY_INFO *p8info_internal = NULL; @@ -703,15 +703,16 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) p8info_internal = PKCS8_PRIV_KEY_INFO_new(); aType = ASN1_TYPE_new(); aString = ASN1_OCTET_STRING_new(); + tempOct = ASN1_OCTET_STRING_new(); temp = NULL; name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; + buflen = oqsxkey->privkeylen_cmp[i];// + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); - memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); +// memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - if(get_oqsname_fromtls(name) == 0) +/* if(get_oqsname_fromtls(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; else nid = OBJ_sn2nid(name); @@ -722,7 +723,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - +*/ + + ASN1_STRING_set0(tempOct, buf, buflen); + keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); @@ -735,6 +739,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(p8info_internal); OPENSSL_free(aType); OPENSSL_free(aString); + OPENSSL_free(tempOct); OPENSSL_free(sk); } OPENSSL_secure_clear_free(buf, buflen); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 79aa3a02..2bffaf72 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -902,12 +902,12 @@ static void *dilithium5_p384_gen_init(void *provctx, int selection) static void *dilithium3_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256); } static void *dilithium3_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256); } static void *dilithium3_ed25519_new_key(void *provctx) @@ -942,12 +942,12 @@ static void *dilithium5_ed448_gen_init(void *provctx, int selection) static void *falcon512_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256); } static void *falcon512_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 256); } static void *falcon512_ed25519_new_key(void *provctx) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 0b11323b..faefebb5 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -343,6 +343,14 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}; const unsigned char p521params[] = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23}; + const char ed25519params[] + = {0x06, 0x03, 0x2b, 0x65, 0x70}; + const char ed448params[] + = {0x06, 0x03, 0x2b, 0x65, 0x71}; + const char bp256params[] + = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07}; + const char bp384params[] + = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b}; const unsigned char *params; switch (nid) { @@ -355,11 +363,24 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) case NID_secp521r1: params = p521params; return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(p521params)); + case NID_brainpoolP256r1: + params = bp256params; + return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(bp256params)); + case NID_brainpoolP384r1: + params = bp384params; + return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(bp384params)); + case NID_ED25519: + params = ed25519params; + return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(ed25519params)); + case NID_ED448: + params = ed448params; + return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(ed448params)); default: return NULL; } } + /* Re-create OQSX_KEY from encoding(s): Same end-state as after ken-gen */ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int plen, oqsx_key_op_t op, OSSL_LIB_CTX *libctx, @@ -629,15 +650,19 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA && + key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) { npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); } const unsigned char *enc_pubkey = key->comp_pubkey[i]; - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X25519 && - key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X448) - key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); - else + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0){ + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) + key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); + else + key->cmp_classical_pkey[i] = d2i_PUBKEY(&npk, &enc_pubkey, key->pubkeylen_cmp[i]); + + }else key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_pubkey, key->pubkeylen_cmp[i]); if (!key->cmp_classical_pkey[i]) @@ -657,8 +682,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X25519 && - key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_X448) + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0) key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); else key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_privkey, key->pubkeylen_cmp[i]); @@ -803,7 +827,7 @@ static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit - {EVP_PKEY_RSA_PSS, NID_rsassaPss, 0, 398, 1269, 0, 384}, + {EVP_PKEY_RSA_PSS, NID_rsassaPss, 0, 474, 1847, 0, 384}, {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit @@ -1032,6 +1056,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( @@ -1048,6 +1073,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, break; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( @@ -1078,6 +1104,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->keytype = primitive; break; case KEY_TYPE_HYB_SIG: + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { fprintf( @@ -1396,7 +1423,9 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) - { + { + ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); + ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(kgctx, EVP_sha256()); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_md(kgctx, EVP_sha256()); From e04e907b20958c786ef843c6db31da83ebb793aa Mon Sep 17 00:00:00 2001 From: eve Date: Fri, 15 Sep 2023 15:34:59 -0500 Subject: [PATCH 041/160] pss format fix, removed publickey copy from the end of privatekey --- oqsprov/oqs_sig.c | 30 ++++++++++++++++-------------- oqsprov/oqsprov_keys.c | 31 +++++++++++-------------------- 2 files changed, 27 insertions(+), 34 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 2b83d210..1150a259 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -396,23 +396,24 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } - if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + if (!strncmp(name, "pss", 3)) { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) + if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) || + (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0) || + (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } - } - if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) + } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { - if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) || - (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0)) + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } } + if (name[0] == 'p' || name[0] == 'b') { if(name[0] == 'p') @@ -438,18 +439,19 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } } else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); + {// rsa3072 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - goto endsign; - } + { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } if (oqs_sig_len > oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature) { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index faefebb5..00cad24b 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -650,18 +650,13 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA && - key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) + if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA ) { npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); } const unsigned char *enc_pubkey = key->comp_pubkey[i]; if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0){ - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) - key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); - else - key->cmp_classical_pkey[i] = d2i_PUBKEY(&npk, &enc_pubkey, key->pubkeylen_cmp[i]); - + key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); }else key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_pubkey, key->pubkeylen_cmp[i]); @@ -827,7 +822,7 @@ static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit - {EVP_PKEY_RSA_PSS, NID_rsassaPss, 0, 474, 1847, 0, 384}, +// {EVP_PKEY_RSA_PSS, NID_rsaEncryption, 0, 398, 1770, 0, 384}, {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit @@ -856,10 +851,8 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 5, err); - if (!strncmp(algname, "rsa3072", 7)) + if (!strncmp(algname, "rsa3072", 7) || !strncmp(algname, "pss", 3)) idx += 5; - else if (!strncmp(algname, "pss", 3)) - idx += 6; else if (algname[0] != 'p' && algname[0] != 'e') { if (algname[0] == 'b'){ //bp @@ -874,11 +867,11 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, } } - ON_ERR_GOTO(idx < 0 || idx > 6, err); + ON_ERR_GOTO(idx < 0 || idx > 5, err); if(algname[0] == 'e') //ED25519 or ED448 { - evp_ctx->evp_info = &nids_sig[idx + 7]; + evp_ctx->evp_info = &nids_sig[idx + 6]; evp_ctx->keyParam = EVP_PKEY_new(); ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); @@ -1418,11 +1411,12 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen_init(kgctx); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - if (ctx->evp_info->keytype == EVP_PKEY_RSA) { + if (ctx->evp_info->nid == NID_rsaEncryption) + { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } - if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) +/* if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); @@ -1433,7 +1427,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(kgctx, 64); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } - +*/ ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); @@ -1459,10 +1453,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, } else { unsigned char *pubkey_enc = pubkey + aux; const unsigned char *pubkey_enc2 = pubkey + aux; - if(ctx->evp_info->keytype != EVP_PKEY_RSA_PSS) - pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); - else - pubkeylen = i2d_PUBKEY(pkey, &pubkey_enc); + pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); ON_ERR_SET_GOTO(!pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, ret, -11, errhyb); unsigned char *privkey_enc = privkey + aux; const unsigned char *privkey_enc2 = privkey + aux; From 182a57198b786134404db1745a56913865b1bb8a Mon Sep 17 00:00:00 2001 From: eve Date: Thu, 21 Sep 2023 15:51:06 -0500 Subject: [PATCH 042/160] fixed unused bits check for encoding sigs --- oqsprov/oqs_encode_key2any.c | 3 +-- oqsprov/oqs_sig.c | 2 ++ oqsprov/oqsprov_keys.c | 4 +++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index ea28d2ea..1ebd0af9 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -724,7 +724,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } */ - ASN1_STRING_set0(tempOct, buf, buflen); keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); ASN1_STRING_set0(aString, temp, keybloblen); @@ -732,7 +731,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - OPENSSL_free(name); + OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(temp); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 1150a259..6cef6b33 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -471,9 +471,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (i == 0){ compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig1->length = oqs_sig_len; + compsig->sig1->flags = 8; //set as 8 to not check for unused bits }else{ compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); compsig->sig2->length = oqs_sig_len; + compsig->sig2->flags = 8; //set as 8 to not check for unused bits } OPENSSL_free(name); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 00cad24b..2f415960 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -654,6 +654,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); } + const unsigned char *enc_pubkey = key->comp_pubkey[i]; if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0){ key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); @@ -1411,11 +1412,12 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen_init(kgctx); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - if (ctx->evp_info->nid == NID_rsaEncryption) + if (ctx->evp_info->keytype == EVP_PKEY_RSA) { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } + /* if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); From 8b28941bdd3229f4765239eb695fe8e622e845fc Mon Sep 17 00:00:00 2001 From: eve Date: Mon, 25 Sep 2023 09:46:19 -0500 Subject: [PATCH 043/160] RSA encoding fixed --- oqsprov/oqs_encode_key2any.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 1ebd0af9..3a8c297a 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -706,10 +706,19 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) tempOct = ASN1_OCTET_STRING_new(); temp = NULL; name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - - buflen = oqsxkey->privkeylen_cmp[i];// + oqsxkey->pubkeylen_cmp[i]; + + if(get_oqsname_fromtls(name) == 0 && + oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size + unsigned char* enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); + OPENSSL_cleanse(enc_len, 2); + DECODE_UINT32(buflen, enc_len); + buflen += 4; + OPENSSL_free(enc_len); + //RSA needs it, maybe others classical also needs? + }else + buflen = oqsxkey->privkeylen_cmp[i];// + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); + memcpy(buf, oqsxkey->comp_privkey[i], buflen); // memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); /* if(get_oqsname_fromtls(name) == 0) From a2402d923fe8a855ee69c46d838be72bbc7d6fb8 Mon Sep 17 00:00:00 2001 From: eve Date: Tue, 26 Sep 2023 15:22:28 -0500 Subject: [PATCH 044/160] removed internal OID from pubkey & fixed key reconstruction to not look for internal OIDs --- oqsprov/oqs_encode_key2any.c | 14 ++++++++------ oqsprov/oqsprov_keys.c | 8 ++++---- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 3a8c297a..b5b4408c 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -507,7 +507,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; - ASN1_STRING *aString = NULL; + ASN1_STRING *aString = NULL, *tempOct = NULL; unsigned char *temp = NULL; X509_PUBKEY *p8info_internal = NULL; int ret = 0; @@ -559,13 +559,14 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) p8info_internal = X509_PUBKEY_new(); aType = ASN1_TYPE_new(); aString = ASN1_OCTET_STRING_new(); + tempOct = ASN1_OCTET_STRING_new(); temp = NULL; - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); +// char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); len = oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); - if(get_oqsname_fromtls(name) == 0) +/* if(get_oqsname_fromtls(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; else nid = OBJ_sn2nid(name); @@ -576,13 +577,15 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - +*/ + ASN1_STRING_set0(tempOct, buf, len); + keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); ASN1_STRING_set0(aString, temp, keybloblen); ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); if (!sk_ASN1_TYPE_push(sk, aType)) return -1; - OPENSSL_free(name); +// OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); @@ -714,7 +717,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) DECODE_UINT32(buflen, enc_len); buflen += 4; OPENSSL_free(enc_len); - //RSA needs it, maybe others classical also needs? }else buflen = oqsxkey->privkeylen_cmp[i];// + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 2f415960..91ed02b9 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -733,11 +733,11 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, aType = sk_ASN1_TYPE_pop(sk); buf = aType->value.sequence->data; buflen = aType->value.sequence->length; - +/* p8info_buf = d2i_X509_PUBKEY(&p8info_buf, &buf, buflen); if (!X509_PUBKEY_get0_param(NULL, &buf, &buflen, NULL, p8info_buf)) return NULL; - +*/ aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); } @@ -796,10 +796,10 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, buf = aType->value.sequence->data; buflen = aType->value.sequence->length; - p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); +/* p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); if (!PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info_buf)) return NULL; - +*/ aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); } From 0b628c9f5aa4394bd6bf13f3df5ba93e983f715b Mon Sep 17 00:00:00 2001 From: eve Date: Tue, 26 Sep 2023 15:33:46 -0500 Subject: [PATCH 045/160] free memory --- oqsprov/oqs_encode_key2any.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index b5b4408c..26a7f4bb 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -588,6 +588,11 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) // OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); + OPENSSL_free(temp); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(tempOct); + OPENSSL_free(sk); return keybloblen; } @@ -746,7 +751,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(temp); - OPENSSL_free(p8info_internal); +// OPENSSL_free(p8info_internal); OPENSSL_free(aType); OPENSSL_free(aString); OPENSSL_free(tempOct); From fddfe6d45b8ca8891053afc6a3f7cf348befa361 Mon Sep 17 00:00:00 2001 From: eve Date: Thu, 28 Sep 2023 12:12:25 -0500 Subject: [PATCH 046/160] CMS sign and verification --- oqsprov/oqs_encode_key2any.c | 21 +- oqsprov/oqs_sig.c | 107 +++++---- oqsprov/oqsprov_keys.c | 421 +++++++++++++++++++++-------------- 3 files changed, 331 insertions(+), 218 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 26a7f4bb..9dc62d57 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -715,18 +715,21 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) temp = NULL; name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - if(get_oqsname_fromtls(name) == 0 && - oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size - unsigned char* enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); - OPENSSL_cleanse(enc_len, 2); - DECODE_UINT32(buflen, enc_len); - buflen += 4; - OPENSSL_free(enc_len); + if(get_oqsname_fromtls(name) == 0){ + if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size + unsigned char* enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); + OPENSSL_cleanse(enc_len, 2); + DECODE_UINT32(buflen, enc_len); + buflen += 4; + OPENSSL_free(enc_len); + }else + buflen = oqsxkey->privkeylen_cmp[i]; }else - buflen = oqsxkey->privkeylen_cmp[i];// + oqsxkey->pubkeylen_cmp[i]; + buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); memcpy(buf, oqsxkey->comp_privkey[i], buflen); -// memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); + if(get_oqsname_fromtls(name) != 0) + memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); /* if(get_oqsname_fromtls(name) == 0) nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 6cef6b33..7ba93281 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -601,7 +601,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, CompositeSignature* compsig = CompositeSignature_new(); int i; // char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); - ASN1_STRING *buf; + unsigned char *buf; size_t buf_len; if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) goto endverify; @@ -630,62 +630,73 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL || - EVP_PKEY_verify_init(ctx_verify) <= 0) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + if(name[0] == 'e'){ //ed25519 or ed448 + if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) || + (EVP_DigestVerify(evp_ctx, buf, buf_len, tbs, tbslen) <= 0)){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + } else { + if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL || + EVP_PKEY_verify_init(ctx_verify) <= 0) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - } - if (name[0] == 'p' || name[0] == 'b') - { - if (name[0] == 'p') - aux = 1; - else aux = 2; - if (name[aux] == '2') - { // p256 + if (!strncmp(name, "pss", 3)) + { + if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PSS_PADDING) <= 0) || + (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx_verify, 64) <= 0) || + (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, EVP_sha256()) <= 0)) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) + { + if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + } + if (name[0] == 'p' || name[0] == 'b') + { + if(name[0] == 'p') + aux = 1; + else aux = 2; + if (name[aux] == '2' || name[aux] == 's') + { // p256 && pss + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(tbs, tbslen, (unsigned char *)&digest); + } + if (name[aux] == '3') + { // p384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(tbs, tbslen, (unsigned char *)&digest); + } + if (name[aux] == '5') + { // p521 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + } + } + else + { // rsa3072 classical_md = EVP_sha256(); digest_len = SHA256_DIGEST_LENGTH; SHA256(tbs, tbslen, (unsigned char *)&digest); } - if (name[aux] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[aux] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); - } - } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if(name[0] == 'e'){ //ed25519 or ed448 - if((!EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) || - !EVP_DigestVerify(evp_ctx, buf, buf_len, tbs, tbslen) != 1)){ + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || + (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) + { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; - } - } else if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || - (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } + } + } } OPENSSL_free(name); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 91ed02b9..d5dfe321 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -380,6 +380,157 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) } } +/* Key codes */ + +static const OQSX_EVP_INFO nids_sig[] = { + {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 72}, // 128 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit - p384 + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 141}, // 256 bit + {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit + {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit + {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit + {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit + {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit + +}; +// These two array need to stay synced: +static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; +static const OQSX_EVP_INFO nids_ecp[] = { + {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0} // 256 bit +}; + +// These two array need to stay synced: +static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", 0}; +static const OQSX_EVP_INFO nids_ecx[] = { + {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit + {EVP_PKEY_X448, 0, 1, 56, 56, 56, 0}, // 192 bit + {0, 0, 0, 0, 0, 0, 0} // 256 bit +}; + +static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, + char *algname) +{ + int ret = 1; + int idx = (bit_security - 128) / 64; + ON_ERR_GOTO(idx < 0 || idx > 5, err); + + if (!strncmp(algname, "rsa3072", 7) || !strncmp(algname, "pss", 3)) + idx += 5; + else if (algname[0] != 'p' && algname[0] != 'e') + { + if (algname[0] == 'b'){ //bp + if (algname[2] == '2') //bp256 + idx += 1; + } + else + { + OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); + ret = 0; + goto err; + } + } + + ON_ERR_GOTO(idx < 0 || idx > 5, err); + + if(algname[0] == 'e') //ED25519 or ED448 + { + evp_ctx->evp_info = &nids_sig[idx + 6]; + + evp_ctx->keyParam = EVP_PKEY_new(); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); + + ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + + evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + } else { + evp_ctx->evp_info = &nids_sig[idx]; + + evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); + ON_ERR_GOTO(!evp_ctx->ctx, err); + + if (idx < 5) + { // EC + ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); + ON_ERR_GOTO(ret <= 0, err); + + ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, + evp_ctx->evp_info->nid); + ON_ERR_GOTO(ret <= 0, free_evp_ctx); + + ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); + ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); + } + // RSA bit length set only during keygen + goto err; + +free_evp_ctx: + EVP_PKEY_CTX_free(evp_ctx->ctx); + evp_ctx->ctx = NULL; + +err: + return ret; +} + +sstatic const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) +{ + int ret = 1; + int idx = 0; + while (idx < sizeof(OQSX_ECP_NAMES)) { + if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) + break; + idx++; + } + ON_ERR_GOTO(idx < 0 || idx > 2, err); + + evp_ctx->evp_info = &nids_ecp[idx]; + + evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); + ON_ERR_GOTO(!evp_ctx->ctx, err); + + ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); + ON_ERR_GOTO(ret <= 0, err); + + ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, + evp_ctx->evp_info->nid); + ON_ERR_GOTO(ret <= 0, err); + + ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); + ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err); + +err: + return ret; +} + +static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) +{ + int ret = 1; + int idx = 0; + + while (idx < sizeof(OQSX_ECX_NAMES)) { + if (!strncmp(tls_name, OQSX_ECX_NAMES[idx], 4)) + break; + idx++; + } + ON_ERR_GOTO(idx < 0 || idx > 2, err); + + evp_ctx->evp_info = &nids_ecx[idx]; + + evp_ctx->keyParam = EVP_PKEY_new(); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); + + ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + + evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + +err: + return ret; +} /* Re-create OQSX_KEY from encoding(s): Same end-state as after ken-gen */ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, @@ -456,6 +607,45 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, } #endif } else { + if (key->keytype == KEY_TYPE_CMP_SIG){ + size_t privlen = 0; + size_t publen = 0; + size_t previous_privlen = 0; + size_t previous_publen = 0; + int pqc_pub_enc = 0; + int i; + + //check if key is the right size + for (i = 0; i < key->numkeys; i++){ + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + privlen = key->privkeylen_cmp[i]; + if (get_oqsname_fromtls(name) == 0)//classical key + publen = 0; + else//PQC key + publen = key->pubkeylen_cmp[i]; //pubkey in PQC privkey is OPTIONAL + + previous_privlen += privlen; + previous_publen += publen; + OPENSSL_free(name); + } + if (previous_privlen != plen) + { + //is ok, PQC pubkey might be in privkey + pqc_pub_enc = 1; + if (previous_privlen + previous_publen != plen){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + } + if (oqsx_key_allocate_keymaterial(key, 1)) + { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err; + } + previous_privlen = 0; + previous_publen = 0; + + }else{ int classical_privatekey_len = 0; // for plain OQS keys, we expect OQS priv||OQS pub key size_t actualprivkeylen = key->privkeylen; @@ -563,8 +753,45 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, previous_privlen += privlen; previous_publen += publen; } + for (i =0; i < key->numkeys; i++){ + size_t classic_publen = 0; + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + if (get_oqsname_fromtls(name) == 0){//classical key + publen = 0; //no pubkey encoded with privkey on classical keys. will recreate the pubkey later + if(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size + unsigned char* enc_len = OPENSSL_strndup(p + previous_privlen + previous_publen, 4); + OPENSSL_cleanse(enc_len, 2); + DECODE_UINT32(privlen, enc_len); + privlen += 4; + OPENSSL_free(enc_len); + }else + privlen = key->privkeylen_cmp[i]; + }else{//PQC key + privlen = key->privkeylen_cmp[i]; + if (pqc_pub_enc) + publen = key->pubkeylen_cmp[i]; + else + publen = 0; + + } + memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); + memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); + previous_privlen += privlen; + previous_publen += publen; + OPENSSL_free(name); + } }else{ + if (key->privkeylen + key->pubkeylen != plen) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + if (oqsx_key_allocate_keymaterial(key, 1)) + { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err; + } memcpy(key->privkey, p, key->privkeylen); memcpy(key->pubkey, p + key->privkeylen, key->pubkeylen); } @@ -656,11 +883,10 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } const unsigned char *enc_pubkey = key->comp_pubkey[i]; - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0){ + if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); }else - key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_pubkey, key->pubkeylen_cmp[i]); - + key->cmp_classical_pkey[i] = EVP_PKEY_new_raw_public_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, enc_pubkey, key->pubkeylen_cmp[i]); if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -678,15 +904,30 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support == 0) + if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support) key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); else - key->cmp_classical_pkey[i] = OPENSSL_memdup(enc_privkey, key->pubkeylen_cmp[i]); + key->cmp_classical_pkey[i] = EVP_PKEY_new_raw_private_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, enc_privkey, key->privkeylen_cmp[i]); if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ + unsigned char* comp_pubkey = key->comp_pubkey[i]; + int pubkeylen = i2d_PublicKey(key->cmp_classical_pkey[i], &comp_pubkey); + if (pubkeylen != key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + }else{ + size_t pubkeylen = key->pubkeylen_cmp[i]; + int ret = EVP_PKEY_get_raw_public_key(key->cmp_classical_pkey[i], key->comp_pubkey[i], &pubkeylen); + if (ret <= 0){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + } } OPENSSL_free(name); } @@ -763,7 +1004,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, ASN1_TYPE *aType = NULL; const unsigned char *buf; unsigned char *concat_key; - int count, aux, i, buflen; + int count, aux, i, buflen, rsa_diff = 0; PKCS8_PRIV_KEY_INFO *p8info_buf = PKCS8_PRIV_KEY_INFO_new(); if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) @@ -793,6 +1034,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, aux = 0; for (i = 0; i < count; i++){ aType = sk_ASN1_TYPE_pop(sk); + char *name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i); buf = aType->value.sequence->data; buflen = aType->value.sequence->length; @@ -802,172 +1044,29 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, */ aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); + //if is a RSA key the actual encoding size might be different from max size + //we calculate that difference for to facilitate the key reconstruction + if(!strncmp(name, "rsa3072", 7) || !strncmp(name, "pss", 3)) + rsa_diff = nids_sig[5].length_private_key - buflen; + OPENSSL_free(name); } p = concat_key + plen - aux; plen = aux; } } + if (rsa_diff > 4){//diff is too big, this means an decoding error + ASN1_OCTET_STRING_free(oct); + return NULL; + } + - oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PRIVATE, libctx, propq); + oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, + libctx, propq); ASN1_OCTET_STRING_free(oct); return oqsx; } -/* Key codes */ - -static const OQSX_EVP_INFO nids_sig[] = { - {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 72}, // 128 bit - {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit - p384 - {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 141}, // 256 bit - {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit - {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit - {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit -// {EVP_PKEY_RSA_PSS, NID_rsaEncryption, 0, 398, 1770, 0, 384}, - {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit - {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit - -}; - -// These two array need to stay synced: -static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; -static const OQSX_EVP_INFO nids_ecp[] = { - {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit - {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit - {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0} // 256 bit -}; - -// These two array need to stay synced: -static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", 0}; -static const OQSX_EVP_INFO nids_ecx[] = { - {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit - {EVP_PKEY_X448, 0, 1, 56, 56, 56, 0}, // 192 bit - {0, 0, 0, 0, 0, 0, 0} // 256 bit -}; - -static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, - char *algname) -{ - int ret = 1; - int idx = (bit_security - 128) / 64; - ON_ERR_GOTO(idx < 0 || idx > 5, err); - - if (!strncmp(algname, "rsa3072", 7) || !strncmp(algname, "pss", 3)) - idx += 5; - else if (algname[0] != 'p' && algname[0] != 'e') - { - if (algname[0] == 'b'){ //bp - if (algname[2] == '2') //bp256 - idx += 1; - } - else - { - OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); - ret = 0; - goto err; - } - } - - ON_ERR_GOTO(idx < 0 || idx > 5, err); - - if(algname[0] == 'e') //ED25519 or ED448 - { - evp_ctx->evp_info = &nids_sig[idx + 6]; - - evp_ctx->keyParam = EVP_PKEY_new(); - ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); - - ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); - ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); - - evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); - ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); - } else { - evp_ctx->evp_info = &nids_sig[idx]; - - evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); - - if (idx < 5) - { // EC - ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); - - ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, - evp_ctx->evp_info->nid); - ON_ERR_GOTO(ret <= 0, free_evp_ctx); - - ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); - ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); - } - // RSA bit length set only during keygen - goto err; - -free_evp_ctx: - EVP_PKEY_CTX_free(evp_ctx->ctx); - evp_ctx->ctx = NULL; - -err: - return ret; -} - -static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) -{ - int ret = 1; - int idx = 0; - while (idx < sizeof(OQSX_ECP_NAMES)) { - if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) - break; - idx++; - } - ON_ERR_GOTO(idx < 0 || idx > 2, err); - - evp_ctx->evp_info = &nids_ecp[idx]; - - evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); - - ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); - - ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, - evp_ctx->evp_info->nid); - ON_ERR_GOTO(ret <= 0, err); - - ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); - ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err); - -err: - return ret; -} - -static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) -{ - int ret = 1; - int idx = 0; - - while (idx < sizeof(OQSX_ECX_NAMES)) { - if (!strncmp(tls_name, OQSX_ECX_NAMES[idx], 4)) - break; - idx++; - } - ON_ERR_GOTO(idx < 0 || idx > 2, err); - - evp_ctx->evp_info = &nids_ecx[idx]; - - evp_ctx->keyParam = EVP_PKEY_new(); - ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); - - ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); - ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); - - evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); - ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); - -err: - return ret; -} - static const int (*init_kex_fun[])(char *, OQSX_EVP_CTX *) = {oqshybkem_init_ecp, oqshybkem_init_ecx}; #ifdef USE_ENCODING_LIB From 4c2764cd738d1cdf50811d09b0b8336a2c2d33e0 Mon Sep 17 00:00:00 2001 From: eve Date: Thu, 28 Sep 2023 13:07:30 -0500 Subject: [PATCH 047/160] Removed unused comments --- oqsprov/oqs_encode_key2any.c | 37 +++++------------------------------- oqsprov/oqs_sig.c | 17 ----------------- oqsprov/oqsprov_keys.c | 36 +++-------------------------------- 3 files changed, 8 insertions(+), 82 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 9dc62d57..2f0b9cc2 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -561,23 +561,9 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) aString = ASN1_OCTET_STRING_new(); tempOct = ASN1_OCTET_STRING_new(); temp = NULL; -// char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); len = oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); - -/* if(get_oqsname_fromtls(name) == 0) - nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; - else - nid = OBJ_sn2nid(name); - if (!X509_PUBKEY_set0_param(p8info_internal, OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL, buf, len)) - keybloblen = 0; // signal error - keybloblen = i2d_X509_PUBKEY(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } -*/ ASN1_STRING_set0(tempOct, buf, len); keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); ASN1_STRING_set0(aString, temp, keybloblen); @@ -585,7 +571,6 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType)) return -1; -// OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(temp); @@ -703,7 +688,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } }else{ int i; -// name = OPENSSL_malloc(strlen(oqsxkey->tls_name));; if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -726,23 +710,14 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) buflen = oqsxkey->privkeylen_cmp[i]; }else buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; + buf = OPENSSL_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[i], buflen); - if(get_oqsname_fromtls(name) != 0) + + if(get_oqsname_fromtls(name) != 0)//include pubkey in privkey for PQC memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - -/* if(get_oqsname_fromtls(name) == 0) - nid = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid; else - nid = OBJ_sn2nid(name); - if (!PKCS8_pkey_set0(p8info_internal, OBJ_nid2obj(nid), 0, V_ASN1_UNDEF, NULL, buf, buflen)) - keybloblen = 0; // signal error - keybloblen = i2d_PKCS8_PRIV_KEY_INFO(p8info_internal, &temp); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - keybloblen = 0; // signal error - } -*/ + memcpy(buf, oqsxkey->comp_privkey[i], buflen); + ASN1_STRING_set0(tempOct, buf, buflen); keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); ASN1_STRING_set0(aString, temp, keybloblen); @@ -754,7 +729,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); OPENSSL_free(temp); -// OPENSSL_free(p8info_internal); OPENSSL_free(aType); OPENSSL_free(aString); OPENSSL_free(tempOct); @@ -1041,7 +1015,6 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, ERR_raise(ERR_LIB_USER, ERR_R_PASSED_INVALID_ARGUMENT); } OQS_ENC_PRINTF2(" encode result: %d\n", ret); -// OQS_ENC_PRINTF2(" encode result: %d\n", ret); return ret; } diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 7ba93281..e58e13b9 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -248,9 +248,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, return rv; } - - - if (is_composite) { max_sig_len = oqsx_key_maxsize(oqsxkey); @@ -357,9 +354,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, unsigned char *buf; CompositeSignature *compsig = CompositeSignature_new(); int i; -// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); -// if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) -// goto endsign; for (i = 0; i < oqsxkey->numkeys; i++){ char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); @@ -461,12 +455,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } } } -/* comp_sig = ASN1_BIT_STRING_new(); - comp_sig->data = OPENSSL_memdup(buf, oqs_sig_len); - comp_sig->length = oqs_sig_len; - if (!sk_ASN1_TYPE_push(compsig->sig, comp_sig)) - goto endsign; -*/ if (i == 0){ compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); @@ -482,7 +470,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); -// OPENSSL_free(compsig->sig); OPENSSL_free(compsig); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) @@ -600,13 +587,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if(is_composite){ CompositeSignature* compsig = CompositeSignature_new(); int i; -// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); unsigned char *buf; size_t buf_len; if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) goto endverify; -// if((compsig->sig = sk_ASN1_TYPE_new_null()) == NULL) -// goto endverify; for(i = 0; i < oqsxkey->numkeys; i++){ if (i == 0){ buf = compsig->sig1->data; @@ -701,7 +685,6 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, OPENSSL_free(name); } -// OPENSSL_free(compsig->sig); OPENSSL_free(compsig); }else { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index d5dfe321..ed73a278 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -187,7 +187,6 @@ char* get_cmpname(int nid, int index) for (j = 0; j < index; j ++) token = strtok(NULL, "_"); name = OPENSSL_strdup(token); -// OPENSSL_strlcpy(name, token, strlen(token) + 1); OPENSSL_free(s); return name; } @@ -973,12 +972,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, for (i = 0; i < count; i++){ aType = sk_ASN1_TYPE_pop(sk); buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; -/* - p8info_buf = d2i_X509_PUBKEY(&p8info_buf, &buf, buflen); - if (!X509_PUBKEY_get0_param(NULL, &buf, &buflen, NULL, p8info_buf)) - return NULL; -*/ + buflen = aType->value.sequence->length; aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); } @@ -1036,12 +1030,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, aType = sk_ASN1_TYPE_pop(sk); char *name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i); buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; - -/* p8info_buf = d2i_PKCS8_PRIV_KEY_INFO(&p8info_buf, &buf, buflen); - if (!PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, p8info_buf)) - return NULL; -*/ + buflen = aType->value.sequence->length; aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); //if is a RSA key the actual encoding size might be different from max size @@ -1231,7 +1220,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, break; case KEY_TYPE_CMP_SIG: int i; -// char* name = OPENSSL_malloc(strlen(tls_name)); ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); ret->privkeylen = 0; ret->pubkeylen = 0; @@ -1346,7 +1334,6 @@ void oqsx_key_free(OQSX_KEY *key) } if(key->keytype == KEY_TYPE_CMP_SIG){ int i; -// char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name)) @@ -1517,18 +1504,6 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } -/* if (ctx->evp_info->keytype == EVP_PKEY_RSA_PSS) - { - ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); - ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(kgctx, EVP_sha256()); - ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_md(kgctx, EVP_sha256()); - ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - ret2 = EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(kgctx, 64); - ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - } -*/ ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); @@ -1625,16 +1600,12 @@ int oqsx_key_gen(OQSX_KEY *key) else if (key->keytype == KEY_TYPE_CMP_SIG) { int i; -// char* name = OPENSSL_malloc(strlen(key->tls_name)); ret = oqsx_key_set_composites(key); for (i = 0; i < key->numkeys; i++){ char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0) { -// if (i == 0) -// pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->pubkey, key->privkey, 0); -// else - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[i] = pkey; } @@ -1692,7 +1663,6 @@ int oqsx_key_maxsize(OQSX_KEY *key) { int aux = sizeof(CompositeSignature); int i; -// char *name = OPENSSL_malloc(strlen(key->tls_name));; for (i = 0; i < key->numkeys; i ++){ char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0) From 4846d78ce1b297e5a274ff8050bbbe2bb976c294 Mon Sep 17 00:00:00 2001 From: eve Date: Thu, 28 Sep 2023 13:25:12 -0500 Subject: [PATCH 048/160] fixed bug from last commit --- oqsprov/oqs_encode_key2any.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 2f0b9cc2..58b53c4e 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -712,10 +712,11 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; buf = OPENSSL_malloc(buflen); - - if(get_oqsname_fromtls(name) != 0)//include pubkey in privkey for PQC + memcpy(buf, oqsxkey->comp_privkey[i], buflen); + if(get_oqsname_fromtls(name) != 0){//include pubkey in privkey for PQC + memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - else + }else memcpy(buf, oqsxkey->comp_privkey[i], buflen); ASN1_STRING_set0(tempOct, buf, buflen); From 5515b4b4d084b2f06a7a935b9c6e796ae070de15 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 5 Oct 2023 07:44:19 +0200 Subject: [PATCH 049/160] KEM en/decoders (#266) * KEM algorithms' encoding & decoding added: permits generating and persisting KEM algorithm key pairs via the openssl genpkey command --- .github/workflows/linux.yml | 20 + ALGORITHMS.md | 47 + CMakeLists.txt | 6 + CONFIGURE.md | 12 + oqs-template/ALGORITHMS.md/oids.fragment | 12 + oqs-template/generate.py | 13 + oqs-template/generate.yml | 5 + .../decoder_make.fragment | 21 +- .../encoder_defines.fragment | 11 + .../encoder_make.fragment | 50 +- .../oqs_prov.h/endecoder_functions.fragment | 28 + .../oqsprov/oqsdecoders.inc/make.fragment | 15 + .../oqsprov/oqsencoders.inc/make.fragment | 26 + .../oqsprov.c/assign_sig_oids.fragment | 25 +- .../oqsprov/oqsprov.c/oid_patching.fragment | 22 +- .../oqsprov/oqsprov_keys.c/oqsnames.fragment | 25 + oqsprov/oqs_decode_der2key.c | 273 ++++-- oqsprov/oqs_encode_key2any.c | 800 ++++++++++++++---- oqsprov/oqs_kmgmt.c | 10 +- oqsprov/oqs_prov.h | 702 ++++++++++++++- oqsprov/oqsdecoders.inc | 156 +++- oqsprov/oqsencoders.inc | 467 +++++++++- oqsprov/oqsprov.c | 268 +++++- oqsprov/oqsprov_keys.c | 120 ++- scripts/fullbuild.sh | 5 +- test/oqs_test_endecode.c | 68 +- 26 files changed, 2867 insertions(+), 340 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7c249698..2324be25 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -8,6 +8,26 @@ on: jobs: + linux_baseline: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + cmake-params: [ "", "-DOQS_KEM_ENCODERS=ON" ] + container: + image: openquantumsafe/ci-ubuntu-jammy:latest + env: + MAKE_PARAMS: "-j 18" + steps: + - name: Checkout code + uses: actions/checkout@v2 + - name: Full build + run: OQSPROV_CMAKE_PARAMS=${{ matrix.cmake-params}} ./scripts/fullbuild.sh + - name: Enable sibling oqsprovider for testing + run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so + - name: Test + run: ./scripts/runtests.sh -V + linux_intel: runs-on: ubuntu-latest strategy: diff --git a/ALGORITHMS.md b/ALGORITHMS.md index ef208b76..a76bcb59 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -159,6 +159,53 @@ adapting the OIDs of all supported signature algorithms as per the table below. | p521_sphincsshake256fsimple | 1.3.9999.6.9.11 |No| OQS_OID_P521_SPHINCSSHAKE256FSIMPLE | sphincsshake256ssimple | 1.3.9999.6.9.12 |No| OQS_OID_SPHINCSSHAKE256SSIMPLE | p521_sphincsshake256ssimple | 1.3.9999.6.9.13 |No| OQS_OID_P521_SPHINCSSHAKE256SSIMPLE + +If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following list is also available: + +|Algorithm name | default OID | environment variable | +|---------------|:-----------------:|----------------------| +| frodo640aes | 1.3.9999.99.50 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.49 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.38 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.52 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.51 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.39 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.54 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.53 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.40 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.56 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.55 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.41 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.58 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.57 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.60 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.59 | OQS_OID_P521_FRODO1344SHAKE +| kyber512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_KYBER512 +| p256_kyber512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_KYBER512 +| x25519_kyber512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_KYBER512 +| kyber768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_KYBER768 +| p384_kyber768 | 1.3.9999.99.61 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.42 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.43 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.44 | OQS_OID_P256_KYBER768 +| kyber1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_KYBER1024 +| p521_kyber1024 | 1.3.9999.99.62 | OQS_OID_P521_KYBER1024 +| bikel1 | 1.3.9999.99.64 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.63 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.45 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.66 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.65 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.46 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.68 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.67 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.70 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.69 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.47 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.72 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.71 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.48 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.74 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.73 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/CMakeLists.txt b/CMakeLists.txt index 002a4e9c..977b7437 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,6 +25,12 @@ else() set(OQS_ADDL_SOCKET_LIBS "") endif() +option(OQS_KEM_ENCODERS "Provide encoders (and decoders) for KEM algorithms " OFF) +if(${OQS_KEM_ENCODERS}) + message(STATUS "Build provides support for encoding KEMs") + add_compile_definitions( OQS_KEM_ENCODERS ) +endif() + option(NOPUBKEY_IN_PRIVKEY "Do not include public keys in private key structures/PKCS#8 " OFF) if(${NOPUBKEY_IN_PRIVKEY}) message(STATUS "Build will not store public keys alongside private keys in PKCS#8 structures") diff --git a/CONFIGURE.md b/CONFIGURE.md index c6b6c4a8..b1718b9b 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -50,6 +50,13 @@ By setting this to "ON", it can be specified to omit explicitly serializing the public key in a `privateKey` structure, e.g., for interoperability testing. The default value is `OFF`. +### OQS_KEM_ENCODERS + +By setting this to "ON", `oqsprovider` is configured to provide encoders and decoders for +KEM algorithms both for public and private key file formats. This increases the size of +the provider but enables further use cases. +The default value is `OFF`. + ### OQS_PROVIDER_BUILD_STATIC By setting `-DOQS_PROVIDER_BUILD_STATIC=ON` at compile-time, oqs-provider can be @@ -125,6 +132,11 @@ command used to build `openssl`, e.g., "-j 8" to activate 8-fold parallel builds to reduce the compilation time on a suitable multicore machine. +### OQSPROV_CMAKE_PARAMS + +This environment variable permits passing parameters to the `cmake` +command used to build `oqsprovider`. + ### OQS_SKIP_TESTS By setting this tests environment variable, testing of specific diff --git a/oqs-template/ALGORITHMS.md/oids.fragment b/oqs-template/ALGORITHMS.md/oids.fragment index 57d8acd8..cea8c3c3 100644 --- a/oqs-template/ALGORITHMS.md/oids.fragment +++ b/oqs-template/ALGORITHMS.md/oids.fragment @@ -11,3 +11,15 @@ {%- endfor %} {%- endfor %} +If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following list is also available: + +|Algorithm name | default OID | environment variable | +|---------------|:-----------------:|----------------------| + +{%- for kem in config['kems'] %} +| {{kem['name_group']}} | {{ kem['oid'] }} | OQS_OID_{{ kem['name_group']|upper }} +{%- for hybrid in kem['hybrids'] %} +| {{ hybrid['hybrid_group'] }}_{{kem['name_group']}} | {{hybrid['hybrid_oid']}} | OQS_OID_{{ hybrid['hybrid_group']|upper }}_{{ kem['name_group']|upper }} +{%- endfor -%} +{%- endfor %} + diff --git a/oqs-template/generate.py b/oqs-template/generate.py index f72509e6..e25fe300 100644 --- a/oqs-template/generate.py +++ b/oqs-template/generate.py @@ -9,6 +9,8 @@ import subprocess import yaml +kemoidcnt=0 + # For files generated, the copyright message can be adapted # see https://github.com/open-quantum-safe/oqs-provider/issues/2#issuecomment-920904048 # SPDX message to be leading, OpenSSL Copyright notice to be deleted @@ -90,6 +92,11 @@ def nist_to_bits(nistlevel): else: return None +def get_tmp_kem_oid(): + global kemoidcnt + kemoidcnt = kemoidcnt+1 + return "1.3.9999.99."+str(kemoidcnt) + def complete_config(config): for kem in config['kems']: bits_level = nist_to_bits(get_kem_nistlevel(kem)) @@ -111,7 +118,11 @@ def complete_config(config): exit(1) phyb['bit_security']=bits_level phyb['nid']=kem['nid_hybrid'] + if 'hybrid_oid' in kem: phyb['hybrid_oid']=kem['hybrid_oid'] + else: phyb['hybrid_oid'] = get_tmp_kem_oid() kem['hybrids'].insert(0, phyb) + if not 'oid' in kem: + kem['oid'] = get_tmp_kem_oid() for famsig in config['sigs']: for sig in famsig['variants']: @@ -203,6 +214,8 @@ def load_config(include_disabled_sigs=False): extra_hybrid['bit_security'] = 192 if extra_hybrid['hybrid_group'] == "p521": extra_hybrid['bit_security'] = 256 + if not 'hybrid_oid' in extra_hybrid: + extra_hybrid['hybrid_oid'] = get_tmp_kem_oid() kem['hybrids'].append(extra_hybrid) if 'hybrid_group' in extra_hybrid: extra_hybrid_nid = extra_hybrid['nid'] diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 4865eb79..269388a9 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -85,11 +85,14 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber512' nid: '0x023A' + oid: '1.3.6.1.4.1.22554.5.6.1' nid_hybrid: '0x2F3A' + hybrid_oid: '1.3.6.1.4.1.22554.5.7.1' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: current: - hybrid_group: "x25519" + hybrid_oid: '1.3.6.1.4.1.22554.5.8.1' nid: '0x2F39' old: - implementation_version: NIST Round 2 submission @@ -107,6 +110,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber768' nid: '0x023C' + oid: '1.3.6.1.4.1.22554.5.6.2' nid_hybrid: '0x2F3C' extra_nids: current: @@ -129,6 +133,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber1024' nid: '0x023D' + oid: '1.3.6.1.4.1.22554.5.6.3' nid_hybrid: '0x2F3D' extra_nids: old: diff --git a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment index b43617a6..be39a93e 100644 --- a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment +++ b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment @@ -1,10 +1,23 @@ + +#ifdef OQS_KEM_ENCODERS + +{% for kem in config['kems'] %} +MAKE_DECODER(, "{{ kem['name_group'] }}", {{ kem['name_group'] }}, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "{{ kem['name_group'] }}", {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo); +{% for hybrid in kem['hybrids'] %} +MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo); +MAKE_DECODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo); +{%- endfor %} +{%- endfor %} +#endif /* OQS_KEM_ENCODERS */ + {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} -MAKE_DECODER("{{ variant['name'] }}", {{ variant['name'] }}, oqsx, PrivateKeyInfo); -MAKE_DECODER("{{ variant['name'] }}", {{ variant['name'] }}, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "{{ variant['name'] }}", {{ variant['name'] }}, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "{{ variant['name'] }}", {{ variant['name'] }}, oqsx, SubjectPublicKeyInfo); {%- for classical_alg in variant['mix_with'] %} -MAKE_DECODER("{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo); -MAKE_DECODER("{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo); {%- endfor -%} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment index 92c8546c..e5caab63 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment @@ -1,3 +1,14 @@ +{% for kem in config['kems'] %} +# define {{ kem['name_group'] }}_evp_type 0 +# define {{ kem['name_group'] }}_input_type "{{ kem['name_group'] }}" +# define {{ kem['name_group'] }}_pem_type "{{ kem['name_group'] }}" +{% for hybrid in kem['hybrids'] %} +# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_evp_type 0 +# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_input_type "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}" +# define {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_pem_type "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}" +{%- endfor %} +{%- endfor %} + {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} # define {{ variant['name'] }}_evp_type 0 diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment index f21b9d5d..edc87530 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment @@ -1,20 +1,42 @@ + +#ifdef OQS_KEM_ENCODERS + +{% for kem in config['kems'] %} +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, {{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, {{ kem['name_group'] }}); +{% for hybrid in kem['hybrids'] %} +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER({% if hybrid['hybrid_group'].startswith('x') %}_ecx{% else %}_ecp{% endif %}, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}); +{%- endfor %} +{%- endfor %} +#endif /* OQS_KEM_ENCODERS */ {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} -MAKE_ENCODER({{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER({{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER({{ variant['name'] }}, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER({{ variant['name'] }}, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER({{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER({{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER({{ variant['name'] }}); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, {{ variant['name'] }}); {%- for classical_alg in variant['mix_with'] %} -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER({{ classical_alg['name'] }}_{{ variant['name'] }}); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}); {%- endfor -%} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment index 98916dbf..43f1c3b0 100644 --- a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment @@ -1,3 +1,31 @@ + +#ifdef OQS_KEM_ENCODERS + +{% for kem in config['kems'] %} +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ kem['name_group'] }}_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{ kem['name_group'] }}_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{ kem['name_group'] }}_decoder_functions[]; + {%- for hybrid in kem['hybrids'] -%} +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}_decoder_functions[]; + {%- endfor -%} +{%- endfor %} + +#endif /* OQS_KEM_ENCODERS */ + {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_to_PrivateKeyInfo_der_encoder_functions[]; diff --git a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment index 95669631..a2d28c45 100644 --- a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment @@ -1,3 +1,18 @@ + +#ifdef OQS_KEM_ENCODERS +{% for kem in config['kems'] %} +#ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} +DECODER_w_structure("{{ kem['name_group'] }}", der, PrivateKeyInfo, {{ kem['name_group'] }}), +DECODER_w_structure("{{ kem['name_group'] }}", der, SubjectPublicKeyInfo, {{ kem['name_group'] }}), +{% for hybrid in kem['hybrids'] -%} +DECODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", der, PrivateKeyInfo, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), +DECODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", der, SubjectPublicKeyInfo, {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), +{%- endfor %} +#endif +{%- endfor %} + +#endif /* OQS_KEM_ENCODERS */ + {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} #ifdef OQS_ENABLE_SIG_{{ variant['oqs_meth']|replace("OQS_SIG_alg_","") }} diff --git a/oqs-template/oqsprov/oqsencoders.inc/make.fragment b/oqs-template/oqsprov/oqsencoders.inc/make.fragment index 53e1831a..90464d6d 100644 --- a/oqs-template/oqsprov/oqsencoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsencoders.inc/make.fragment @@ -1,3 +1,29 @@ + +#ifdef OQS_KEM_ENCODERS + +{% for kem in config['kems'] %} +#ifdef OQS_ENABLE_KEM_{{ kem['oqs_alg']|replace("OQS_KEM_alg_","") }} +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, der, PrivateKeyInfo), +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, pem, PrivateKeyInfo), +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, der, SubjectPublicKeyInfo), +ENCODER_w_structure("{{ kem['name_group'] }}", {{ kem['name_group'] }}, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("{{ kem['name_group'] }}", {{ kem['name_group'] }}), +{% for hybrid in kem['hybrids'] -%} +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, PrivateKeyInfo), +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, PrivateKeyInfo), +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, der, SubjectPublicKeyInfo), +ENCODER_w_structure("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{hybrid['hybrid_group']}}_{{ kem['name_group'] }}), +{% endfor -%} +#endif +{%- endfor %} + +#endif /* OQS_KEM_ENCODERS */ + {% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} #ifdef OQS_ENABLE_SIG_{{ variant['oqs_meth']|replace("OQS_SIG_alg_","") }} diff --git a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment index 9f063c69..bb0c6e00 100644 --- a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment +++ b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment @@ -1,3 +1,11 @@ +{% set kemcount = namespace(val=0) %} +{% for kem in config['kems'] %} +{%- set kemcount.val = kemcount.val + 1 -%} +{% for hybrid in kem['hybrids'] %} +{%- set kemcount.val = kemcount.val + 1 -%} +{%- endfor -%} +{%- endfor -%} + {% set count = namespace(val=0) %} {%- for sig in config['sigs'] %} {%- for variant in sig['variants'] %} @@ -7,11 +15,26 @@ {%- endfor %} {%- endfor %} {%- endfor %} + +#ifdef OQS_KEM_ENCODERS +#define OQS_OID_CNT {{ count.val*2 + kemcount.val*2 }} +#else #define OQS_OID_CNT {{ count.val*2 }} +#endif const char* oqs_oid_alg_list[OQS_OID_CNT] = { -{%- for sig in config['sigs'] %} +#ifdef OQS_KEM_ENCODERS +{% for kem in config['kems'] %} +"{{ kem['oid'] }}", "{{ kem['name_group'] }}", +{%- for hybrid in kem['hybrids'] %} +"{{hybrid['hybrid_oid']}}", "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", +{%- endfor -%} +{%- endfor %} + +#endif /* OQS_KEM_ENCODERS */ + +{% for sig in config['sigs'] %} {%- for variant in sig['variants'] %} "{{ variant['oid'] }}", "{{ variant['name'] }}", {%- for classical_alg in variant['mix_with'] %} diff --git a/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment b/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment index 824bf15a..35d21571 100644 --- a/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment +++ b/oqs-template/oqsprov/oqsprov.c/oid_patching.fragment @@ -1,11 +1,29 @@ {% set cnt = namespace(val=-2) %} + +#ifdef OQS_KEM_ENCODERS + +{% set kemcount = namespace(val=-2) %} +{% for kem in config['kems'] %} +{% set kemcount.val = kemcount.val + 2 -%} + if (getenv("OQS_OID_{{kem['name_group']|upper}}")) oqs_oid_alg_list[{{ kemcount.val }}] = getenv("OQS_OID_{{kem['name_group']|upper}}"); +{% for hybrid in kem['hybrids'] %} +{% set kemcount.val = kemcount.val + 2 -%} + if (getenv("OQS_OID_{{ hybrid['hybrid_group']|upper }}_{{kem['name_group']|upper}}")) oqs_oid_alg_list[{{ kemcount.val }}] = getenv("OQS_OID_{{ hybrid['hybrid_group']|upper }}_{{kem['name_group']|upper}}"); +{%- endfor -%} +{%- endfor %} + +#define OQS_KEMOID_CNT {{ kemcount.val }}+2 +#else +#define OQS_KEMOID_CNT 0 +#endif /* OQS_KEM_ENCODERS */ + {%- for sig in config['sigs'] %} {%- for variant in sig['variants'] %} {%- set cnt.val = cnt.val + 2 %} - if (getenv("OQS_OID_{{variant['name']|upper}}")) oqs_oid_alg_list[{{ cnt.val }}] = getenv("OQS_OID_{{variant['name']|upper}}"); + if (getenv("OQS_OID_{{variant['name']|upper}}")) oqs_oid_alg_list[{{ cnt.val }}+OQS_KEMOID_CNT] = getenv("OQS_OID_{{variant['name']|upper}}"); {%- for classical_alg in variant['mix_with'] %} {%- set cnt.val = cnt.val + 2 %} - if (getenv("OQS_OID_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}")) oqs_oid_alg_list[{{ cnt.val }}] = getenv("OQS_OID_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}"); + if (getenv("OQS_OID_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}")) oqs_oid_alg_list[{{ cnt.val }}+OQS_KEMOID_CNT] = getenv("OQS_OID_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}"); {%- endfor %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment index b9d12afd..c452b649 100644 --- a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment +++ b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment @@ -1,4 +1,14 @@ + {% set count = namespace(val=0) %} +{% set kemcount = namespace(val=0) %} + +{% for kem in config['kems'] %} +{%- set kemcount.val = kemcount.val + 1 -%} +{% for hybrid in kem['hybrids'] %} +{%- set kemcount.val = kemcount.val + 1 -%} +{%- endfor -%} +{%- endfor -%} + {%- for sig in config['sigs'] %} {%- for variant in sig['variants'] -%} {%- set count.val = count.val + 1 -%} @@ -7,9 +17,24 @@ {%- endfor -%} {%- endfor -%} {%- endfor %} + +#ifdef OQS_KEM_ENCODERS +#define NID_TABLE_LEN {{ count.val + kemcount.val }} +#else #define NID_TABLE_LEN {{ count.val }} +#endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { +#ifdef OQS_KEM_ENCODERS +{% for kem in config['kems'] %} + { 0, "{{ kem['name_group'] }}", {{ kem['oqs_alg'] }}, KEY_TYPE_KEM, {{ kem['bit_security'] }} }, +{%- for hybrid in kem['hybrids'] %} + { 0, "{{hybrid['hybrid_group']}}_{{ kem['name_group'] }}", {{ kem['oqs_alg'] }}, {% if hybrid['hybrid_group'].startswith('p') -%} KEY_TYPE_ECP_HYB_KEM {% else %} KEY_TYPE_ECX_HYB_KEM {% endif %}, {{ kem['bit_security'] }} }, +{%- endfor -%} +{%- endfor %} + +#endif /* OQS_KEM_ENCODERS */ + {%- for sig in config['sigs'] -%} {%- for variant in sig['variants'] %} { 0, "{{variant['name']}}", {{variant['oqs_meth']}}, KEY_TYPE_SIG, {{variant['security']}} }, diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index da4d666b..52c2b44c 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -491,10 +491,11 @@ static void oqsx_key_adjust(void *key, struct der2key_ctx_st *ctx) * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. * It takes the following arguments: * + * oqskemhyb Possible prefix for OQS KEM hybrids; typically empty * keytype_name The implementation key type as a string. * keytype The implementation key type. This must correspond exactly * to our existing keymgmt keytype names... in other words, - * there must exist an ossl_##keytype##_keymgmt_functions. + * there must exist an oqs_##keytype##_keymgmt_functions. * type The type name for the set of functions that implement the * decoder for the key type. This isn't necessarily the same * as keytype. For example, the key types ed25519, ed448, @@ -505,104 +506,228 @@ static void oqsx_key_adjust(void *key, struct der2key_ctx_st *ctx) * structure. */ // reverted const to be able to change NID/evp_type after assignment -#define MAKE_DECODER(keytype_name, keytype, type, kind) \ - static struct keytype_desc_st kind##_##keytype##_desc = { \ - keytype_name, oqs_##keytype##_keymgmt_functions, DO_##kind(keytype)}; \ - \ - static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ - \ - static void *kind##_der2##keytype##_newctx(void *provctx) \ - { \ - OQS_DEC_PRINTF("OQS DEC provider: _newctx called.\n"); \ - return der2key_newctx(provctx, &kind##_##keytype##_desc, \ - keytype_name); \ - } \ - static int kind##_der2##keytype##_does_selection(void *provctx, \ - int selection) \ - { \ - OQS_DEC_PRINTF("OQS DEC provider: _does_selection called.\n"); \ - return der2key_check_selection(selection, &kind##_##keytype##_desc); \ - } \ - const OSSL_DISPATCH oqs_##kind##_der_to_##keytype##_decoder_functions[] \ - = {{OSSL_FUNC_DECODER_NEWCTX, \ - (void (*)(void))kind##_der2##keytype##_newctx}, \ - {OSSL_FUNC_DECODER_FREECTX, (void (*)(void))der2key_freectx}, \ - {OSSL_FUNC_DECODER_DOES_SELECTION, \ - (void (*)(void))kind##_der2##keytype##_does_selection}, \ - {OSSL_FUNC_DECODER_DECODE, (void (*)(void))oqs_der2key_decode}, \ - {OSSL_FUNC_DECODER_EXPORT_OBJECT, \ - (void (*)(void))der2key_export_object}, \ +#define MAKE_DECODER(oqskemhyb, keytype_name, keytype, type, kind) \ + static struct keytype_desc_st kind##_##keytype##_desc \ + = {keytype_name, oqs##oqskemhyb##_##keytype##_keymgmt_functions, \ + DO_##kind(keytype)}; \ + \ + static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ + \ + static void *kind##_der2##keytype##_newctx(void *provctx) \ + { \ + OQS_DEC_PRINTF("OQS DEC provider: _newctx called.\n"); \ + return der2key_newctx(provctx, &kind##_##keytype##_desc, \ + keytype_name); \ + } \ + static int kind##_der2##keytype##_does_selection(void *provctx, \ + int selection) \ + { \ + OQS_DEC_PRINTF("OQS DEC provider: _does_selection called.\n"); \ + return der2key_check_selection(selection, &kind##_##keytype##_desc); \ + } \ + const OSSL_DISPATCH oqs_##kind##_der_to_##keytype##_decoder_functions[] \ + = {{OSSL_FUNC_DECODER_NEWCTX, \ + (void (*)(void))kind##_der2##keytype##_newctx}, \ + {OSSL_FUNC_DECODER_FREECTX, (void (*)(void))der2key_freectx}, \ + {OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))kind##_der2##keytype##_does_selection}, \ + {OSSL_FUNC_DECODER_DECODE, (void (*)(void))oqs_der2key_decode}, \ + {OSSL_FUNC_DECODER_EXPORT_OBJECT, \ + (void (*)(void))der2key_export_object}, \ {0, NULL}} ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_START -MAKE_DECODER("dilithium2", dilithium2, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium2", dilithium2, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p256_dilithium2", p256_dilithium2, oqsx, PrivateKeyInfo); -MAKE_DECODER("p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); -MAKE_DECODER("rsa3072_dilithium2", rsa3072_dilithium2, oqsx, +#ifdef OQS_KEM_ENCODERS + +MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "kyber512", kyber512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "kyber512", kyber512, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "kyber768", kyber768, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "kyber768", kyber768, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_kyber768", p384_kyber768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_kyber768", p384_kyber768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "kyber1024", kyber1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "kyber1024", kyber1024, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "bikel1", bikel1, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "bikel1", bikel1, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_bikel1", p256_bikel1, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_bikel1", p256_bikel1, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_bikel1", x25519_bikel1, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_bikel1", x25519_bikel1, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "bikel3", bikel3, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "bikel3", bikel3, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_bikel3", p384_bikel3, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_bikel3", p384_bikel3, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_bikel3", x448_bikel3, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_bikel3", x448_bikel3, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "bikel5", bikel5, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "bikel5", bikel5, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_bikel5", p521_bikel5, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_bikel5", p521_bikel5, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "hqc128", hqc128, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "hqc128", hqc128, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_hqc128", p256_hqc128, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_hqc128", p256_hqc128, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_hqc128", x25519_hqc128, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_hqc128", x25519_hqc128, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "hqc192", hqc192, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "hqc192", hqc192, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_hqc192", p384_hqc192, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_hqc192", p384_hqc192, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_hqc192", x448_hqc192, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_hqc192", x448_hqc192, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "hqc256", hqc256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "hqc256", hqc256, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, SubjectPublicKeyInfo); +#endif /* OQS_KEM_ENCODERS */ + +MAKE_DECODER(, "dilithium2", dilithium2, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2", dilithium2, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3", dilithium3, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); -MAKE_DECODER("p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium5", dilithium5, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); -MAKE_DECODER("p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("falcon512", falcon512, oqsx, PrivateKeyInfo); -MAKE_DECODER("falcon512", falcon512, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); -MAKE_DECODER("p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); -MAKE_DECODER("rsa3072_falcon512", rsa3072_falcon512, oqsx, +MAKE_DECODER(, "dilithium3", dilithium3, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("falcon1024", falcon1024, oqsx, PrivateKeyInfo); -MAKE_DECODER("falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); -MAKE_DECODER("p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("sphincssha2128fsimple", sphincssha2128fsimple, oqsx, +MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("sphincssha2128fsimple", sphincssha2128fsimple, oqsx, +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("sphincssha2128ssimple", sphincssha2128ssimple, oqsx, +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("sphincssha2128ssimple", sphincssha2128ssimple, oqsx, +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("sphincssha2192fsimple", sphincssha2192fsimple, oqsx, +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("sphincssha2192fsimple", sphincssha2192fsimple, oqsx, +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("sphincsshake128fsimple", sphincsshake128fsimple, oqsx, +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("sphincsshake128fsimple", sphincsshake128fsimple, oqsx, +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 7704da89..63246f5e 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -649,6 +649,148 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) // OQS provider uses NIDs generated at load time as EVP_type identifiers // so initially this must be 0 and set to a real value by OBJ_sn2nid later ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_START +#define frodo640aes_evp_type 0 +#define frodo640aes_input_type "frodo640aes" +#define frodo640aes_pem_type "frodo640aes" + +#define p256_frodo640aes_evp_type 0 +#define p256_frodo640aes_input_type "p256_frodo640aes" +#define p256_frodo640aes_pem_type "p256_frodo640aes" +#define x25519_frodo640aes_evp_type 0 +#define x25519_frodo640aes_input_type "x25519_frodo640aes" +#define x25519_frodo640aes_pem_type "x25519_frodo640aes" +#define frodo640shake_evp_type 0 +#define frodo640shake_input_type "frodo640shake" +#define frodo640shake_pem_type "frodo640shake" + +#define p256_frodo640shake_evp_type 0 +#define p256_frodo640shake_input_type "p256_frodo640shake" +#define p256_frodo640shake_pem_type "p256_frodo640shake" +#define x25519_frodo640shake_evp_type 0 +#define x25519_frodo640shake_input_type "x25519_frodo640shake" +#define x25519_frodo640shake_pem_type "x25519_frodo640shake" +#define frodo976aes_evp_type 0 +#define frodo976aes_input_type "frodo976aes" +#define frodo976aes_pem_type "frodo976aes" + +#define p384_frodo976aes_evp_type 0 +#define p384_frodo976aes_input_type "p384_frodo976aes" +#define p384_frodo976aes_pem_type "p384_frodo976aes" +#define x448_frodo976aes_evp_type 0 +#define x448_frodo976aes_input_type "x448_frodo976aes" +#define x448_frodo976aes_pem_type "x448_frodo976aes" +#define frodo976shake_evp_type 0 +#define frodo976shake_input_type "frodo976shake" +#define frodo976shake_pem_type "frodo976shake" + +#define p384_frodo976shake_evp_type 0 +#define p384_frodo976shake_input_type "p384_frodo976shake" +#define p384_frodo976shake_pem_type "p384_frodo976shake" +#define x448_frodo976shake_evp_type 0 +#define x448_frodo976shake_input_type "x448_frodo976shake" +#define x448_frodo976shake_pem_type "x448_frodo976shake" +#define frodo1344aes_evp_type 0 +#define frodo1344aes_input_type "frodo1344aes" +#define frodo1344aes_pem_type "frodo1344aes" + +#define p521_frodo1344aes_evp_type 0 +#define p521_frodo1344aes_input_type "p521_frodo1344aes" +#define p521_frodo1344aes_pem_type "p521_frodo1344aes" +#define frodo1344shake_evp_type 0 +#define frodo1344shake_input_type "frodo1344shake" +#define frodo1344shake_pem_type "frodo1344shake" + +#define p521_frodo1344shake_evp_type 0 +#define p521_frodo1344shake_input_type "p521_frodo1344shake" +#define p521_frodo1344shake_pem_type "p521_frodo1344shake" +#define kyber512_evp_type 0 +#define kyber512_input_type "kyber512" +#define kyber512_pem_type "kyber512" + +#define p256_kyber512_evp_type 0 +#define p256_kyber512_input_type "p256_kyber512" +#define p256_kyber512_pem_type "p256_kyber512" +#define x25519_kyber512_evp_type 0 +#define x25519_kyber512_input_type "x25519_kyber512" +#define x25519_kyber512_pem_type "x25519_kyber512" +#define kyber768_evp_type 0 +#define kyber768_input_type "kyber768" +#define kyber768_pem_type "kyber768" + +#define p384_kyber768_evp_type 0 +#define p384_kyber768_input_type "p384_kyber768" +#define p384_kyber768_pem_type "p384_kyber768" +#define x448_kyber768_evp_type 0 +#define x448_kyber768_input_type "x448_kyber768" +#define x448_kyber768_pem_type "x448_kyber768" +#define x25519_kyber768_evp_type 0 +#define x25519_kyber768_input_type "x25519_kyber768" +#define x25519_kyber768_pem_type "x25519_kyber768" +#define p256_kyber768_evp_type 0 +#define p256_kyber768_input_type "p256_kyber768" +#define p256_kyber768_pem_type "p256_kyber768" +#define kyber1024_evp_type 0 +#define kyber1024_input_type "kyber1024" +#define kyber1024_pem_type "kyber1024" + +#define p521_kyber1024_evp_type 0 +#define p521_kyber1024_input_type "p521_kyber1024" +#define p521_kyber1024_pem_type "p521_kyber1024" +#define bikel1_evp_type 0 +#define bikel1_input_type "bikel1" +#define bikel1_pem_type "bikel1" + +#define p256_bikel1_evp_type 0 +#define p256_bikel1_input_type "p256_bikel1" +#define p256_bikel1_pem_type "p256_bikel1" +#define x25519_bikel1_evp_type 0 +#define x25519_bikel1_input_type "x25519_bikel1" +#define x25519_bikel1_pem_type "x25519_bikel1" +#define bikel3_evp_type 0 +#define bikel3_input_type "bikel3" +#define bikel3_pem_type "bikel3" + +#define p384_bikel3_evp_type 0 +#define p384_bikel3_input_type "p384_bikel3" +#define p384_bikel3_pem_type "p384_bikel3" +#define x448_bikel3_evp_type 0 +#define x448_bikel3_input_type "x448_bikel3" +#define x448_bikel3_pem_type "x448_bikel3" +#define bikel5_evp_type 0 +#define bikel5_input_type "bikel5" +#define bikel5_pem_type "bikel5" + +#define p521_bikel5_evp_type 0 +#define p521_bikel5_input_type "p521_bikel5" +#define p521_bikel5_pem_type "p521_bikel5" +#define hqc128_evp_type 0 +#define hqc128_input_type "hqc128" +#define hqc128_pem_type "hqc128" + +#define p256_hqc128_evp_type 0 +#define p256_hqc128_input_type "p256_hqc128" +#define p256_hqc128_pem_type "p256_hqc128" +#define x25519_hqc128_evp_type 0 +#define x25519_hqc128_input_type "x25519_hqc128" +#define x25519_hqc128_pem_type "x25519_hqc128" +#define hqc192_evp_type 0 +#define hqc192_input_type "hqc192" +#define hqc192_pem_type "hqc192" + +#define p384_hqc192_evp_type 0 +#define p384_hqc192_input_type "p384_hqc192" +#define p384_hqc192_pem_type "p384_hqc192" +#define x448_hqc192_evp_type 0 +#define x448_hqc192_input_type "x448_hqc192" +#define x448_hqc192_pem_type "x448_hqc192" +#define hqc256_evp_type 0 +#define hqc256_input_type "hqc256" +#define hqc256_pem_type "hqc256" + +#define p521_hqc256_evp_type 0 +#define p521_hqc256_input_type "p521_hqc256" +#define p521_hqc256_pem_type "p521_hqc256" + #define dilithium2_evp_type 0 #define dilithium2_input_type "dilithium2" #define dilithium2_pem_type "dilithium2" @@ -993,6 +1135,7 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, * MAKE_ENCODER is the single driver for creating OSSL_DISPATCH tables. * It takes the following arguments: * + * oqskemhyb OQS KEM hybrid prefix; possibly empty * impl This is the key type name that's being implemented. * type This is the type name for the set of functions that implement * the key type. For example, ed25519, ed448, x25519 and x448 @@ -1006,7 +1149,7 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, * * oqs_##impl##_to_##kind##_##output##_encoder_functions */ -#define MAKE_ENCODER(impl, type, kind, output) \ +#define MAKE_ENCODER(oqskemhyb, impl, type, kind, output) \ static OSSL_FUNC_encoder_import_object_fn \ impl##_to_##kind##_##output##_import_object; \ static OSSL_FUNC_encoder_free_object_fn \ @@ -1019,13 +1162,14 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, struct key2any_ctx_st *ctx = vctx; \ \ OQS_ENC_PRINTF("OQS ENC provider: _import_object called\n"); \ - return oqs_prov_import_key(oqs_##impl##_keymgmt_functions, \ - ctx->provctx, selection, params); \ + return oqs_prov_import_key( \ + oqs##oqskemhyb##_##impl##_keymgmt_functions, ctx->provctx, \ + selection, params); \ } \ static void impl##_to_##kind##_##output##_free_object(void *key) \ { \ OQS_ENC_PRINTF("OQS ENC provider: _free_object called\n"); \ - oqs_prov_free_key(oqs_##impl##_keymgmt_functions, key); \ + oqs_prov_free_key(oqs##oqskemhyb##_##impl##_keymgmt_functions, key); \ } \ static int impl##_to_##kind##_##output##_does_selection(void *ctx, \ int selection) \ @@ -1236,7 +1380,7 @@ key2text_encode(void *vctx, const void *key, int selection, OSSL_CORE_BIO *cout, return ret; } -#define MAKE_TEXT_ENCODER(impl) \ +#define MAKE_TEXT_ENCODER(oqskemhyb, impl) \ static OSSL_FUNC_encoder_import_object_fn impl##2text_import_object; \ static OSSL_FUNC_encoder_free_object_fn impl##2text_free_object; \ static OSSL_FUNC_encoder_encode_fn impl##2text_encode; \ @@ -1244,12 +1388,13 @@ key2text_encode(void *vctx, const void *key, int selection, OSSL_CORE_BIO *cout, static void *impl##2text_import_object(void *ctx, int selection, \ const OSSL_PARAM params[]) \ { \ - return oqs_prov_import_key(oqs_##impl##_keymgmt_functions, ctx, \ - selection, params); \ + return oqs_prov_import_key( \ + oqs##oqskemhyb##_##impl##_keymgmt_functions, ctx, selection, \ + params); \ } \ static void impl##2text_free_object(void *key) \ { \ - oqs_prov_free_key(oqs_##impl##_keymgmt_functions, key); \ + oqs_prov_free_key(oqs##oqskemhyb##_##impl##_keymgmt_functions, key); \ } \ static int impl##2text_encode( \ void *vctx, OSSL_CORE_BIO *cout, const void *key, \ @@ -1288,167 +1433,484 @@ key2text_encode(void *vctx, const void *key, int selection, OSSL_CORE_BIO *cout, * PEM_write_bio_PUBKEY() and PEM_write_bio_Parameters(). */ ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_START -MAKE_ENCODER(dilithium2, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium2, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium2, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium2, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium2, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(dilithium2); -MAKE_ENCODER(p256_dilithium2, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p256_dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p256_dilithium2, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p256_dilithium2, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p256_dilithium2, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p256_dilithium2, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p256_dilithium2); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(rsa3072_dilithium2); -MAKE_ENCODER(dilithium3, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(dilithium3); -MAKE_ENCODER(p384_dilithium3, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p384_dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p384_dilithium3, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p384_dilithium3, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p384_dilithium3, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p384_dilithium3, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p384_dilithium3); -MAKE_ENCODER(dilithium5, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium5, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium5, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(dilithium5); -MAKE_ENCODER(p521_dilithium5, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p521_dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p521_dilithium5, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p521_dilithium5, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p521_dilithium5, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p521_dilithium5, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p521_dilithium5); -MAKE_ENCODER(falcon512, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(falcon512, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(falcon512, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(falcon512, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(falcon512, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(falcon512, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(falcon512); -MAKE_ENCODER(p256_falcon512, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p256_falcon512, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p256_falcon512, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p256_falcon512, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p256_falcon512, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p256_falcon512, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p256_falcon512); -MAKE_ENCODER(rsa3072_falcon512, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_falcon512, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_falcon512, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(rsa3072_falcon512); -MAKE_ENCODER(falcon1024, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(falcon1024, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(falcon1024, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(falcon1024, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(falcon1024, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(falcon1024); -MAKE_ENCODER(p521_falcon1024, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p521_falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p521_falcon1024, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p521_falcon1024, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p521_falcon1024, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p521_falcon1024, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p521_falcon1024); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(sphincssha2128fsimple); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p256_sphincssha2128fsimple); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(rsa3072_sphincssha2128fsimple); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(sphincssha2128ssimple); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p256_sphincssha2128ssimple); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(rsa3072_sphincssha2128ssimple); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(sphincssha2192fsimple); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p384_sphincssha2192fsimple); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(sphincsshake128fsimple); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(p256_sphincsshake128fsimple); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, +#ifdef OQS_KEM_ENCODERS + +MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo640aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo640aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo640aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo640aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo640aes); + +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_frodo640aes); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_frodo640aes); +MAKE_ENCODER(, frodo640shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo640shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo640shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo640shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo640shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo640shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo640shake); + +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_frodo640shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_frodo640shake); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_frodo640shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_frodo640shake); +MAKE_ENCODER(, frodo976aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo976aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo976aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo976aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo976aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo976aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo976aes); + +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_frodo976aes); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_frodo976aes); +MAKE_ENCODER(, frodo976shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo976shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo976shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo976shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo976shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo976shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo976shake); + +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_frodo976shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_frodo976shake); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_frodo976shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_frodo976shake); +MAKE_ENCODER(, frodo1344aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo1344aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo1344aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo1344aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo1344aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo1344aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo1344aes); + +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344aes, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_frodo1344aes); +MAKE_ENCODER(, frodo1344shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, frodo1344shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, frodo1344shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, frodo1344shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, frodo1344shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, frodo1344shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, frodo1344shake); + +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_frodo1344shake, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_frodo1344shake); +MAKE_ENCODER(, kyber512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, kyber512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, kyber512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, kyber512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, kyber512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, kyber512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, kyber512); + +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_kyber512); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_kyber512); +MAKE_ENCODER(, kyber768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, kyber768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, kyber768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, kyber768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, kyber768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, kyber768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, kyber768); + +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_kyber768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_kyber768); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_kyber768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_kyber768); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_kyber768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_kyber768); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_kyber768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_kyber768); +MAKE_ENCODER(, kyber1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, kyber1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, kyber1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, kyber1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, kyber1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, kyber1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, kyber1024); + +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_kyber1024); +MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, bikel1, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, bikel1, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, bikel1, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, bikel1, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, bikel1); + +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_bikel1, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_bikel1); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_bikel1, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_bikel1); +MAKE_ENCODER(, bikel3, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, bikel3, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, bikel3, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, bikel3, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, bikel3, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, bikel3, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, bikel3); + +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_bikel3, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_bikel3); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_bikel3, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_bikel3); +MAKE_ENCODER(, bikel5, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, bikel5, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, bikel5, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, bikel5, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, bikel5, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, bikel5, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, bikel5); + +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_bikel5, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_bikel5); +MAKE_ENCODER(, hqc128, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, hqc128, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, hqc128, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, hqc128, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, hqc128, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, hqc128, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, hqc128); + +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_hqc128, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_hqc128); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_hqc128, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_hqc128); +MAKE_ENCODER(, hqc192, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, hqc192, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, hqc192, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, hqc192, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, hqc192, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, hqc192, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, hqc192); + +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_hqc192, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_hqc192); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_hqc192, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_hqc192); +MAKE_ENCODER(, hqc256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, hqc256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, hqc256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, hqc256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, hqc256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, hqc256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, hqc256); + +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_hqc256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_hqc256); +#endif /* OQS_KEM_ENCODERS */ + +MAKE_ENCODER(, dilithium2, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2); +MAKE_ENCODER(, p256_dilithium2, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_dilithium2, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_dilithium2, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_dilithium2, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_dilithium2, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_dilithium2); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_dilithium2); +MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3); +MAKE_ENCODER(, p384_dilithium3, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p384_dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p384_dilithium3, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p384_dilithium3, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p384_dilithium3); +MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5); +MAKE_ENCODER(, p521_dilithium5, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p521_dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p521_dilithium5, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p521_dilithium5, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p521_dilithium5); +MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512); +MAKE_ENCODER(, p256_falcon512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_falcon512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falcon512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_falcon512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falcon512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_falcon512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_falcon512); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_falcon512); +MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon1024); +MAKE_ENCODER(, p521_falcon1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p521_falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falcon1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p521_falcon1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p521_falcon1024); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, sphincssha2128fsimple); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_sphincssha2128fsimple); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, + der); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, + pem); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_sphincssha2128fsimple); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, sphincssha2128ssimple); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_sphincssha2128ssimple); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, + der); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, + pem); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_sphincssha2128ssimple); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, sphincssha2192fsimple); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p384_sphincssha2192fsimple); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, sphincsshake128fsimple); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_sphincsshake128fsimple); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(rsa3072_sphincsshake128fsimple); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_sphincsshake128fsimple); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 39c2b673..88e927ea 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -158,21 +158,22 @@ static int oqsx_match(const void *keydata1, const void *keydata2, int selection) if ((key1->privkey == NULL && key2->privkey != NULL) || (key1->privkey != NULL && key2->privkey == NULL) || ((key1->tls_name != NULL && key2->tls_name != NULL) - && strcmp(key1->tls_name, key2->tls_name))) + && strcmp(key1->tls_name, key2->tls_name))) { ok = 0; - else + } else { ok = ((key1->privkey == NULL && key2->privkey == NULL) || ((key1->privkey != NULL) && CRYPTO_memcmp(key1->privkey, key2->privkey, key1->privkeylen) == 0)); + } } if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { if ((key1->pubkey == NULL && key2->pubkey != NULL) || (key1->pubkey != NULL && key2->pubkey == NULL) || ((key1->tls_name != NULL && key2->tls_name != NULL) - && strcmp(key1->tls_name, key2->tls_name))) + && strcmp(key1->tls_name, key2->tls_name))) { // special case now: If domain parameter matching requested, // consider private key match sufficient: ok = ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) @@ -180,13 +181,14 @@ static int oqsx_match(const void *keydata1, const void *keydata2, int selection) && (CRYPTO_memcmp(key1->privkey, key2->privkey, key1->privkeylen) == 0); - else + } else { ok = ok && ((key1->pubkey == NULL && key2->pubkey == NULL) || ((key1->pubkey != NULL) && CRYPTO_memcmp(key1->pubkey, key2->pubkey, key1->pubkeylen) == 0)); + } } if (!ok) OQS_KM_PRINTF("OQSKEYMGMT: match failed!\n"); diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1a8a74f4..1c938bf1 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -8,7 +8,6 @@ */ /* Internal OQS functions for other submodules: not for application use */ - #ifndef OQSX_H #define OQSX_H @@ -239,6 +238,707 @@ extern const OSSL_DISPATCH oqs_hybrid_kem_functions[]; extern const OSSL_DISPATCH oqs_signature_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_START +#ifdef OQS_KEM_ENCODERS + +extern const OSSL_DISPATCH + oqs_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_hqc256_decoder_functions[]; + +#endif /* OQS_KEM_ENCODERS */ + extern const OSSL_DISPATCH oqs_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 73c04631..94f65d15 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -34,8 +34,162 @@ } ///// OQS_TEMPLATE_FRAGMENT_MAKE_START +#ifdef OQS_KEM_ENCODERS + +# ifdef OQS_ENABLE_KEM_frodokem_640_aes +DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), + DECODER_w_structure("frodo640aes", der, SubjectPublicKeyInfo, frodo640aes), + DECODER_w_structure("p256_frodo640aes", der, PrivateKeyInfo, + p256_frodo640aes), + DECODER_w_structure("p256_frodo640aes", der, SubjectPublicKeyInfo, + p256_frodo640aes), + DECODER_w_structure("x25519_frodo640aes", der, PrivateKeyInfo, + x25519_frodo640aes), + DECODER_w_structure("x25519_frodo640aes", der, SubjectPublicKeyInfo, + x25519_frodo640aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_640_shake + DECODER_w_structure("frodo640shake", der, PrivateKeyInfo, frodo640shake), + DECODER_w_structure("frodo640shake", der, SubjectPublicKeyInfo, + frodo640shake), + DECODER_w_structure("p256_frodo640shake", der, PrivateKeyInfo, + p256_frodo640shake), + DECODER_w_structure("p256_frodo640shake", der, SubjectPublicKeyInfo, + p256_frodo640shake), + DECODER_w_structure("x25519_frodo640shake", der, PrivateKeyInfo, + x25519_frodo640shake), + DECODER_w_structure("x25519_frodo640shake", der, SubjectPublicKeyInfo, + x25519_frodo640shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_aes + DECODER_w_structure("frodo976aes", der, PrivateKeyInfo, frodo976aes), + DECODER_w_structure("frodo976aes", der, SubjectPublicKeyInfo, frodo976aes), + DECODER_w_structure("p384_frodo976aes", der, PrivateKeyInfo, + p384_frodo976aes), + DECODER_w_structure("p384_frodo976aes", der, SubjectPublicKeyInfo, + p384_frodo976aes), + DECODER_w_structure("x448_frodo976aes", der, PrivateKeyInfo, + x448_frodo976aes), + DECODER_w_structure("x448_frodo976aes", der, SubjectPublicKeyInfo, + x448_frodo976aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_shake + DECODER_w_structure("frodo976shake", der, PrivateKeyInfo, frodo976shake), + DECODER_w_structure("frodo976shake", der, SubjectPublicKeyInfo, + frodo976shake), + DECODER_w_structure("p384_frodo976shake", der, PrivateKeyInfo, + p384_frodo976shake), + DECODER_w_structure("p384_frodo976shake", der, SubjectPublicKeyInfo, + p384_frodo976shake), + DECODER_w_structure("x448_frodo976shake", der, PrivateKeyInfo, + x448_frodo976shake), + DECODER_w_structure("x448_frodo976shake", der, SubjectPublicKeyInfo, + x448_frodo976shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_aes + DECODER_w_structure("frodo1344aes", der, PrivateKeyInfo, frodo1344aes), + DECODER_w_structure("frodo1344aes", der, SubjectPublicKeyInfo, + frodo1344aes), + DECODER_w_structure("p521_frodo1344aes", der, PrivateKeyInfo, + p521_frodo1344aes), + DECODER_w_structure("p521_frodo1344aes", der, SubjectPublicKeyInfo, + p521_frodo1344aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_shake + DECODER_w_structure("frodo1344shake", der, PrivateKeyInfo, frodo1344shake), + DECODER_w_structure("frodo1344shake", der, SubjectPublicKeyInfo, + frodo1344shake), + DECODER_w_structure("p521_frodo1344shake", der, PrivateKeyInfo, + p521_frodo1344shake), + DECODER_w_structure("p521_frodo1344shake", der, SubjectPublicKeyInfo, + p521_frodo1344shake), +# endif +# ifdef OQS_ENABLE_KEM_kyber_512 + DECODER_w_structure("kyber512", der, PrivateKeyInfo, kyber512), + DECODER_w_structure("kyber512", der, SubjectPublicKeyInfo, kyber512), + DECODER_w_structure("p256_kyber512", der, PrivateKeyInfo, p256_kyber512), + DECODER_w_structure("p256_kyber512", der, SubjectPublicKeyInfo, + p256_kyber512), + DECODER_w_structure("x25519_kyber512", der, PrivateKeyInfo, + x25519_kyber512), + DECODER_w_structure("x25519_kyber512", der, SubjectPublicKeyInfo, + x25519_kyber512), +# endif +# ifdef OQS_ENABLE_KEM_kyber_768 + DECODER_w_structure("kyber768", der, PrivateKeyInfo, kyber768), + DECODER_w_structure("kyber768", der, SubjectPublicKeyInfo, kyber768), + DECODER_w_structure("p384_kyber768", der, PrivateKeyInfo, p384_kyber768), + DECODER_w_structure("p384_kyber768", der, SubjectPublicKeyInfo, + p384_kyber768), + DECODER_w_structure("x448_kyber768", der, PrivateKeyInfo, x448_kyber768), + DECODER_w_structure("x448_kyber768", der, SubjectPublicKeyInfo, + x448_kyber768), + DECODER_w_structure("x25519_kyber768", der, PrivateKeyInfo, + x25519_kyber768), + DECODER_w_structure("x25519_kyber768", der, SubjectPublicKeyInfo, + x25519_kyber768), + DECODER_w_structure("p256_kyber768", der, PrivateKeyInfo, p256_kyber768), + DECODER_w_structure("p256_kyber768", der, SubjectPublicKeyInfo, + p256_kyber768), +# endif +# ifdef OQS_ENABLE_KEM_kyber_1024 + DECODER_w_structure("kyber1024", der, PrivateKeyInfo, kyber1024), + DECODER_w_structure("kyber1024", der, SubjectPublicKeyInfo, kyber1024), + DECODER_w_structure("p521_kyber1024", der, PrivateKeyInfo, p521_kyber1024), + DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, + p521_kyber1024), +# endif +# ifdef OQS_ENABLE_KEM_bike_l1 + DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), + DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), + DECODER_w_structure("p256_bikel1", der, PrivateKeyInfo, p256_bikel1), + DECODER_w_structure("p256_bikel1", der, SubjectPublicKeyInfo, p256_bikel1), + DECODER_w_structure("x25519_bikel1", der, PrivateKeyInfo, x25519_bikel1), + DECODER_w_structure("x25519_bikel1", der, SubjectPublicKeyInfo, + x25519_bikel1), +# endif +# ifdef OQS_ENABLE_KEM_bike_l3 + DECODER_w_structure("bikel3", der, PrivateKeyInfo, bikel3), + DECODER_w_structure("bikel3", der, SubjectPublicKeyInfo, bikel3), + DECODER_w_structure("p384_bikel3", der, PrivateKeyInfo, p384_bikel3), + DECODER_w_structure("p384_bikel3", der, SubjectPublicKeyInfo, p384_bikel3), + DECODER_w_structure("x448_bikel3", der, PrivateKeyInfo, x448_bikel3), + DECODER_w_structure("x448_bikel3", der, SubjectPublicKeyInfo, x448_bikel3), +# endif +# ifdef OQS_ENABLE_KEM_bike_l5 + DECODER_w_structure("bikel5", der, PrivateKeyInfo, bikel5), + DECODER_w_structure("bikel5", der, SubjectPublicKeyInfo, bikel5), + DECODER_w_structure("p521_bikel5", der, PrivateKeyInfo, p521_bikel5), + DECODER_w_structure("p521_bikel5", der, SubjectPublicKeyInfo, p521_bikel5), +# endif +# ifdef OQS_ENABLE_KEM_hqc_128 + DECODER_w_structure("hqc128", der, PrivateKeyInfo, hqc128), + DECODER_w_structure("hqc128", der, SubjectPublicKeyInfo, hqc128), + DECODER_w_structure("p256_hqc128", der, PrivateKeyInfo, p256_hqc128), + DECODER_w_structure("p256_hqc128", der, SubjectPublicKeyInfo, p256_hqc128), + DECODER_w_structure("x25519_hqc128", der, PrivateKeyInfo, x25519_hqc128), + DECODER_w_structure("x25519_hqc128", der, SubjectPublicKeyInfo, + x25519_hqc128), +# endif +# ifdef OQS_ENABLE_KEM_hqc_192 + DECODER_w_structure("hqc192", der, PrivateKeyInfo, hqc192), + DECODER_w_structure("hqc192", der, SubjectPublicKeyInfo, hqc192), + DECODER_w_structure("p384_hqc192", der, PrivateKeyInfo, p384_hqc192), + DECODER_w_structure("p384_hqc192", der, SubjectPublicKeyInfo, p384_hqc192), + DECODER_w_structure("x448_hqc192", der, PrivateKeyInfo, x448_hqc192), + DECODER_w_structure("x448_hqc192", der, SubjectPublicKeyInfo, x448_hqc192), +# endif +# ifdef OQS_ENABLE_KEM_hqc_256 + DECODER_w_structure("hqc256", der, PrivateKeyInfo, hqc256), + DECODER_w_structure("hqc256", der, SubjectPublicKeyInfo, hqc256), + DECODER_w_structure("p521_hqc256", der, PrivateKeyInfo, p521_hqc256), + DECODER_w_structure("p521_hqc256", der, SubjectPublicKeyInfo, p521_hqc256), +# endif + +#endif /* OQS_KEM_ENCODERS */ + #ifdef OQS_ENABLE_SIG_dilithium_2 -DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), + DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), DECODER_w_structure("dilithium2", der, SubjectPublicKeyInfo, dilithium2), DECODER_w_structure("p256_dilithium2", der, PrivateKeyInfo, p256_dilithium2), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 7e61e711..62010dfd 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -79,8 +79,473 @@ */ ///// OQS_TEMPLATE_FRAGMENT_MAKE_START +#ifdef OQS_KEM_ENCODERS + +# ifdef OQS_ENABLE_KEM_frodokem_640_aes +ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, der, SubjectPublicKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("frodo640aes", frodo640aes), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_frodo640aes", p256_frodo640aes), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_frodo640aes", x25519_frodo640aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_640_shake + ENCODER_w_structure("frodo640shake", frodo640shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo640shake", frodo640shake), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_frodo640shake", p256_frodo640shake), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_frodo640shake", x25519_frodo640shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_aes + ENCODER_w_structure("frodo976aes", frodo976aes, der, PrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, der, SubjectPublicKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("frodo976aes", frodo976aes), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_frodo976aes", p384_frodo976aes), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_frodo976aes", x448_frodo976aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_shake + ENCODER_w_structure("frodo976shake", frodo976shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo976shake", frodo976shake), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_frodo976shake", p384_frodo976shake), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_frodo976shake", x448_frodo976shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_aes + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, PrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo1344aes", frodo1344aes), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_frodo1344aes", p521_frodo1344aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_shake + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo1344shake", frodo1344shake), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_frodo1344shake", p521_frodo1344shake), +# endif +# ifdef OQS_ENABLE_KEM_kyber_512 + ENCODER_w_structure("kyber512", kyber512, der, PrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber512", kyber512), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_kyber512", p256_kyber512), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_kyber512", x25519_kyber512), +# endif +# ifdef OQS_ENABLE_KEM_kyber_768 + ENCODER_w_structure("kyber768", kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber768", kyber768), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_kyber768", p384_kyber768), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_kyber768", x448_kyber768), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_kyber768", x25519_kyber768), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_kyber768", p256_kyber768), +# endif +# ifdef OQS_ENABLE_KEM_kyber_1024 + ENCODER_w_structure("kyber1024", kyber1024, der, PrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber1024", kyber1024), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, PrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_kyber1024", p521_kyber1024), +# endif +# ifdef OQS_ENABLE_KEM_bike_l1 + ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel1", bikel1), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_bikel1", p256_bikel1), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_bikel1", x25519_bikel1), +# endif +# ifdef OQS_ENABLE_KEM_bike_l3 + ENCODER_w_structure("bikel3", bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel3", bikel3), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p384_bikel3", p384_bikel3), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("x448_bikel3", x448_bikel3), +# endif +# ifdef OQS_ENABLE_KEM_bike_l5 + ENCODER_w_structure("bikel5", bikel5, der, PrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel5", bikel5), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, PrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p521_bikel5", p521_bikel5), +# endif +# ifdef OQS_ENABLE_KEM_hqc_128 + ENCODER_w_structure("hqc128", hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc128", hqc128), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_hqc128", p256_hqc128), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_hqc128", x25519_hqc128), +# endif +# ifdef OQS_ENABLE_KEM_hqc_192 + ENCODER_w_structure("hqc192", hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc192", hqc192), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p384_hqc192", p384_hqc192), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("x448_hqc192", x448_hqc192), +# endif +# ifdef OQS_ENABLE_KEM_hqc_256 + ENCODER_w_structure("hqc256", hqc256, der, PrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc256", hqc256), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, PrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p521_hqc256", p521_hqc256), +# endif + +#endif /* OQS_KEM_ENCODERS */ + #ifdef OQS_ENABLE_SIG_dilithium_2 -ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), ENCODER_w_structure("dilithium2", dilithium2, pem, PrivateKeyInfo), ENCODER_w_structure("dilithium2", dilithium2, der, EncryptedPrivateKeyInfo), ENCODER_w_structure("dilithium2", dilithium2, pem, EncryptedPrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index cd32a5a3..615d00fe 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -47,8 +47,103 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; * List of all algorithms with given OIDs */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START -#define OQS_OID_CNT 46 + +#ifdef OQS_KEM_ENCODERS +# define OQS_OID_CNT 130 +#else +# define OQS_OID_CNT 46 +#endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { + +#ifdef OQS_KEM_ENCODERS + + "1.3.9999.99.13", + "frodo640aes", + "1.3.9999.99.12", + "p256_frodo640aes", + "1.3.9999.99.1", + "x25519_frodo640aes", + "1.3.9999.99.15", + "frodo640shake", + "1.3.9999.99.14", + "p256_frodo640shake", + "1.3.9999.99.2", + "x25519_frodo640shake", + "1.3.9999.99.17", + "frodo976aes", + "1.3.9999.99.16", + "p384_frodo976aes", + "1.3.9999.99.3", + "x448_frodo976aes", + "1.3.9999.99.19", + "frodo976shake", + "1.3.9999.99.18", + "p384_frodo976shake", + "1.3.9999.99.4", + "x448_frodo976shake", + "1.3.9999.99.21", + "frodo1344aes", + "1.3.9999.99.20", + "p521_frodo1344aes", + "1.3.9999.99.23", + "frodo1344shake", + "1.3.9999.99.22", + "p521_frodo1344shake", + "1.3.6.1.4.1.22554.5.6.1", + "kyber512", + "1.3.6.1.4.1.22554.5.7.1", + "p256_kyber512", + "1.3.6.1.4.1.22554.5.8.1", + "x25519_kyber512", + "1.3.6.1.4.1.22554.5.6.2", + "kyber768", + "1.3.9999.99.24", + "p384_kyber768", + "1.3.9999.99.5", + "x448_kyber768", + "1.3.9999.99.6", + "x25519_kyber768", + "1.3.9999.99.7", + "p256_kyber768", + "1.3.6.1.4.1.22554.5.6.3", + "kyber1024", + "1.3.9999.99.25", + "p521_kyber1024", + "1.3.9999.99.27", + "bikel1", + "1.3.9999.99.26", + "p256_bikel1", + "1.3.9999.99.8", + "x25519_bikel1", + "1.3.9999.99.29", + "bikel3", + "1.3.9999.99.28", + "p384_bikel3", + "1.3.9999.99.9", + "x448_bikel3", + "1.3.9999.99.31", + "bikel5", + "1.3.9999.99.30", + "p521_bikel5", + "1.3.9999.99.33", + "hqc128", + "1.3.9999.99.32", + "p256_hqc128", + "1.3.9999.99.10", + "x25519_hqc128", + "1.3.9999.99.35", + "hqc192", + "1.3.9999.99.34", + "p384_hqc192", + "1.3.9999.99.11", + "x448_hqc192", + "1.3.9999.99.37", + "hqc256", + "1.3.9999.99.36", + "p521_hqc256", + +#endif /* OQS_KEM_ENCODERS */ + "1.3.6.1.4.1.2.267.7.4.4", "dilithium2", "1.3.9999.2.7.1", @@ -101,52 +196,177 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { int oqs_patch_oids(void) { ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_START + +#ifdef OQS_KEM_ENCODERS + + if (getenv("OQS_OID_FRODO640AES")) + oqs_oid_alg_list[0] = getenv("OQS_OID_FRODO640AES"); + + if (getenv("OQS_OID_P256_FRODO640AES")) + oqs_oid_alg_list[2] = getenv("OQS_OID_P256_FRODO640AES"); + if (getenv("OQS_OID_X25519_FRODO640AES")) + oqs_oid_alg_list[4] = getenv("OQS_OID_X25519_FRODO640AES"); + if (getenv("OQS_OID_FRODO640SHAKE")) + oqs_oid_alg_list[6] = getenv("OQS_OID_FRODO640SHAKE"); + + if (getenv("OQS_OID_P256_FRODO640SHAKE")) + oqs_oid_alg_list[8] = getenv("OQS_OID_P256_FRODO640SHAKE"); + if (getenv("OQS_OID_X25519_FRODO640SHAKE")) + oqs_oid_alg_list[10] = getenv("OQS_OID_X25519_FRODO640SHAKE"); + if (getenv("OQS_OID_FRODO976AES")) + oqs_oid_alg_list[12] = getenv("OQS_OID_FRODO976AES"); + + if (getenv("OQS_OID_P384_FRODO976AES")) + oqs_oid_alg_list[14] = getenv("OQS_OID_P384_FRODO976AES"); + if (getenv("OQS_OID_X448_FRODO976AES")) + oqs_oid_alg_list[16] = getenv("OQS_OID_X448_FRODO976AES"); + if (getenv("OQS_OID_FRODO976SHAKE")) + oqs_oid_alg_list[18] = getenv("OQS_OID_FRODO976SHAKE"); + + if (getenv("OQS_OID_P384_FRODO976SHAKE")) + oqs_oid_alg_list[20] = getenv("OQS_OID_P384_FRODO976SHAKE"); + if (getenv("OQS_OID_X448_FRODO976SHAKE")) + oqs_oid_alg_list[22] = getenv("OQS_OID_X448_FRODO976SHAKE"); + if (getenv("OQS_OID_FRODO1344AES")) + oqs_oid_alg_list[24] = getenv("OQS_OID_FRODO1344AES"); + + if (getenv("OQS_OID_P521_FRODO1344AES")) + oqs_oid_alg_list[26] = getenv("OQS_OID_P521_FRODO1344AES"); + if (getenv("OQS_OID_FRODO1344SHAKE")) + oqs_oid_alg_list[28] = getenv("OQS_OID_FRODO1344SHAKE"); + + if (getenv("OQS_OID_P521_FRODO1344SHAKE")) + oqs_oid_alg_list[30] = getenv("OQS_OID_P521_FRODO1344SHAKE"); + if (getenv("OQS_OID_KYBER512")) + oqs_oid_alg_list[32] = getenv("OQS_OID_KYBER512"); + + if (getenv("OQS_OID_P256_KYBER512")) + oqs_oid_alg_list[34] = getenv("OQS_OID_P256_KYBER512"); + if (getenv("OQS_OID_X25519_KYBER512")) + oqs_oid_alg_list[36] = getenv("OQS_OID_X25519_KYBER512"); + if (getenv("OQS_OID_KYBER768")) + oqs_oid_alg_list[38] = getenv("OQS_OID_KYBER768"); + + if (getenv("OQS_OID_P384_KYBER768")) + oqs_oid_alg_list[40] = getenv("OQS_OID_P384_KYBER768"); + if (getenv("OQS_OID_X448_KYBER768")) + oqs_oid_alg_list[42] = getenv("OQS_OID_X448_KYBER768"); + if (getenv("OQS_OID_X25519_KYBER768")) + oqs_oid_alg_list[44] = getenv("OQS_OID_X25519_KYBER768"); + if (getenv("OQS_OID_P256_KYBER768")) + oqs_oid_alg_list[46] = getenv("OQS_OID_P256_KYBER768"); + if (getenv("OQS_OID_KYBER1024")) + oqs_oid_alg_list[48] = getenv("OQS_OID_KYBER1024"); + + if (getenv("OQS_OID_P521_KYBER1024")) + oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); + if (getenv("OQS_OID_BIKEL1")) + oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); + + if (getenv("OQS_OID_P256_BIKEL1")) + oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); + if (getenv("OQS_OID_X25519_BIKEL1")) + oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); + if (getenv("OQS_OID_BIKEL3")) + oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); + + if (getenv("OQS_OID_P384_BIKEL3")) + oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); + if (getenv("OQS_OID_X448_BIKEL3")) + oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); + if (getenv("OQS_OID_BIKEL5")) + oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); + + if (getenv("OQS_OID_P521_BIKEL5")) + oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); + if (getenv("OQS_OID_HQC128")) + oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); + + if (getenv("OQS_OID_P256_HQC128")) + oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); + if (getenv("OQS_OID_X25519_HQC128")) + oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); + if (getenv("OQS_OID_HQC192")) + oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); + + if (getenv("OQS_OID_P384_HQC192")) + oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); + if (getenv("OQS_OID_X448_HQC192")) + oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); + if (getenv("OQS_OID_HQC256")) + oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); + + if (getenv("OQS_OID_P521_HQC256")) + oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); + +# define OQS_KEMOID_CNT 82 + 2 +#else +# define OQS_KEMOID_CNT 0 +#endif /* OQS_KEM_ENCODERS */ if (getenv("OQS_OID_DILITHIUM2")) - oqs_oid_alg_list[0] = getenv("OQS_OID_DILITHIUM2"); + oqs_oid_alg_list[0 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM2"); if (getenv("OQS_OID_P256_DILITHIUM2")) - oqs_oid_alg_list[2] = getenv("OQS_OID_P256_DILITHIUM2"); + oqs_oid_alg_list[2 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_DILITHIUM2"); if (getenv("OQS_OID_RSA3072_DILITHIUM2")) - oqs_oid_alg_list[4] = getenv("OQS_OID_RSA3072_DILITHIUM2"); + oqs_oid_alg_list[4 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_DILITHIUM2"); if (getenv("OQS_OID_DILITHIUM3")) - oqs_oid_alg_list[6] = getenv("OQS_OID_DILITHIUM3"); + oqs_oid_alg_list[6 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM3"); if (getenv("OQS_OID_P384_DILITHIUM3")) - oqs_oid_alg_list[8] = getenv("OQS_OID_P384_DILITHIUM3"); + oqs_oid_alg_list[8 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P384_DILITHIUM3"); if (getenv("OQS_OID_DILITHIUM5")) - oqs_oid_alg_list[10] = getenv("OQS_OID_DILITHIUM5"); + oqs_oid_alg_list[10 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM5"); if (getenv("OQS_OID_P521_DILITHIUM5")) - oqs_oid_alg_list[12] = getenv("OQS_OID_P521_DILITHIUM5"); + oqs_oid_alg_list[12 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_DILITHIUM5"); if (getenv("OQS_OID_FALCON512")) - oqs_oid_alg_list[14] = getenv("OQS_OID_FALCON512"); + oqs_oid_alg_list[14 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); if (getenv("OQS_OID_P256_FALCON512")) - oqs_oid_alg_list[16] = getenv("OQS_OID_P256_FALCON512"); + oqs_oid_alg_list[16 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_FALCON512"); if (getenv("OQS_OID_RSA3072_FALCON512")) - oqs_oid_alg_list[18] = getenv("OQS_OID_RSA3072_FALCON512"); + oqs_oid_alg_list[18 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_FALCON512"); if (getenv("OQS_OID_FALCON1024")) - oqs_oid_alg_list[20] = getenv("OQS_OID_FALCON1024"); + oqs_oid_alg_list[20 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); if (getenv("OQS_OID_P521_FALCON1024")) - oqs_oid_alg_list[22] = getenv("OQS_OID_P521_FALCON1024"); + oqs_oid_alg_list[22 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_FALCON1024"); if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[24] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); + oqs_oid_alg_list[24 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[26] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); + oqs_oid_alg_list[26 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[28] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); + oqs_oid_alg_list[28 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[30] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); + oqs_oid_alg_list[30 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[32] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); + oqs_oid_alg_list[32 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[34] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); + oqs_oid_alg_list[34 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[36] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); + oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[38] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); + oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[40] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); + oqs_oid_alg_list[40 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[42] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); + oqs_oid_alg_list[42 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[44] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); + oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index d240c300..b3ff332e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -52,9 +52,70 @@ typedef struct { static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START -#define NID_TABLE_LEN 23 + +#ifdef OQS_KEM_ENCODERS +# define NID_TABLE_LEN 65 +#else +# define NID_TABLE_LEN 23 +#endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { +#ifdef OQS_KEM_ENCODERS + + {0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128}, + {0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM, + 128}, + {0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, + KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128}, + {0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, + KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, + KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192}, + {0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM, + 192}, + {0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM, + 192}, + {0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192}, + {0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, + KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, + KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256}, + {0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, + KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256}, + {0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, + KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128}, + {0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192}, + {0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256}, + {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, + {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192}, + {0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256}, + {0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128}, + {0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192}, + {0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256}, + {0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM, 256}, + +#endif /* OQS_KEM_ENCODERS */ {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, {0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, @@ -283,6 +344,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } + OQS_KEY_PRINTF2("OQSX KEY: Recreated OQSX key %s\n", key->tls_name); if (op == KEY_OP_PUBLIC) { #ifdef USE_ENCODING_LIB @@ -439,12 +501,17 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) goto rec_err; } if (op == KEY_OP_PUBLIC) { + const unsigned char *enc_pubkey = key->comp_pubkey[0]; DECODE_UINT32(classical_pubkey_len, key->pubkey); if (key->evp_info->raw_key_support) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; + key->classical_pkey = EVP_PKEY_new_raw_public_key( + key->evp_info->keytype, NULL, enc_pubkey, + classical_pubkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } } else { - const unsigned char *enc_pubkey = key->comp_pubkey[0]; EVP_PKEY *npk = EVP_PKEY_new(); if (key->evp_info->keytype != EVP_PKEY_RSA) { npk = setECParams(npk, key->evp_info->nid); @@ -461,12 +528,31 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (op == KEY_OP_PRIVATE) { DECODE_UINT32(classical_privkey_len, key->privkey); + const unsigned char *enc_privkey = key->comp_privkey[0]; + unsigned char *enc_pubkey = key->comp_pubkey[0]; if (key->evp_info->raw_key_support) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; + key->classical_pkey = EVP_PKEY_new_raw_private_key( + key->evp_info->keytype, NULL, enc_privkey, + classical_privkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#ifndef NOPUBKEY_IN_PRIVKEY + // re-create classic public key part from private key: + size_t pubkeylen; + + EVP_PKEY_get_raw_public_key(key->classical_pkey, NULL, + &pubkeylen); + if (pubkeylen != key->evp_info->length_public_key + || EVP_PKEY_get_raw_public_key(key->classical_pkey, + enc_pubkey, &pubkeylen) + != 1) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#endif } else { - const unsigned char *enc_privkey = key->comp_privkey[0]; - unsigned char *enc_pubkey = key->comp_pubkey[0]; key->classical_pkey = d2i_PrivateKey(key->evp_info->keytype, NULL, &enc_privkey, classical_privkey_len); @@ -780,6 +866,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, + evp_ctx->evp_info->length_public_key; ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; + ret->evp_info = evp_ctx->evp_info; break; case KEY_TYPE_HYB_SIG: ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); @@ -829,7 +916,9 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } - OQS_KEY_PRINTF2("OQSX_KEY: new key created: %p\n", ret); + OQS_KEY_PRINTF2("OQSX_KEY: new key created: %s\n", ret->tls_name); + OQS_KEY_PRINTF3("OQSX_KEY: new key created: %p (type: %d)\n", ret, + ret->keytype); return ret; err: ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); @@ -1062,8 +1151,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, return NULL; } -/* allocates OQS and classical keys; retains EVP_PKEY on success for sig - * OQSX_KEY */ +/* allocates OQS and classical keys */ int oqsx_key_gen(OQSX_KEY *key) { int ret = 0; @@ -1090,14 +1178,8 @@ int oqsx_key_gen(OQSX_KEY *key) OQS_KEY_PRINTF3("OQSKM: OQSX_KEY privkeylen %ld & pubkeylen: %ld\n", key->privkeylen, key->pubkeylen); - if (key->keytype == KEY_TYPE_HYB_SIG) { - key->classical_pkey = pkey; - ret = oqsx_key_gen_oqs(key, 0); - } else { - EVP_PKEY_free(pkey); - pkey = NULL; - ret = oqsx_key_gen_oqs(key, 1); - } + key->classical_pkey = pkey; + ret = oqsx_key_gen_oqs(key, key->keytype != KEY_TYPE_HYB_SIG); } else if (key->keytype == KEY_TYPE_SIG) { ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index abe0c495..a411d901 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -4,6 +4,7 @@ # Argument -f: Soft clean, ensuring re-build of oqs-provider binary # Argument -F: Hard clean, ensuring checkout and build of all dependencies # EnvVar MAKE_PARAMS: passed to invocations of make; sample value: "-j" +# EnvVar OQSPROV_CMAKE_PARAMS: passed to invocations of oqsprovider cmake # EnvVar LIBOQS_BRANCH: Defines branch/release of liboqs; default value "main" # EnvVar OQS_ALGS_ENABLED: If set, defines OQS algs to be enabled, e.g., "STD" # EnvVar OPENSSL_INSTALL: If set, defines (binary) OpenSSL installation to use @@ -123,9 +124,9 @@ if [ ! -f "_build/lib/oqsprovider.$SHLIBEXT" ]; then BUILD_TYPE="" # for omitting public key in private keys add -DNOPUBKEY_IN_PRIVKEY=ON if [ -z "$OPENSSL_INSTALL" ]; then - cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE -S . -B _build && cmake --build _build + cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build else - cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE -S . -B _build && cmake --build _build + cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build fi if [ $? -ne 0 ]; then echo "provider build failed. Exiting." diff --git a/test/oqs_test_endecode.c b/test/oqs_test_endecode.c index 220f7d0b..1427d121 100644 --- a/test/oqs_test_endecode.c +++ b/test/oqs_test_endecode.c @@ -165,7 +165,7 @@ static int decode_EVP_PKEY_prov(const char *input_type, const char *structure, return ok; } -static int test_oqs_encdec(const char *sigalg_name) +static int test_oqs_encdec(const char *alg_name) { EVP_PKEY *pkey = NULL; EVP_PKEY *decoded_pkey = NULL; @@ -174,7 +174,7 @@ static int test_oqs_encdec(const char *sigalg_name) int ok = 0; for (i = 0; i < nelem(test_params_list); i++) { - pkey = oqstest_make_key(sigalg_name, NULL, NULL); + pkey = oqstest_make_key(alg_name, NULL, NULL); if (pkey == NULL) goto end; @@ -182,7 +182,7 @@ static int test_oqs_encdec(const char *sigalg_name) test_params_list[i].structure, test_params_list[i].pass, test_params_list[i].selection, &encoded)) { - printf("Failed encoding %s", sigalg_name); + printf("Failed encoding %s", alg_name); goto end; } if (!decode_EVP_PKEY_prov( @@ -190,12 +190,14 @@ static int test_oqs_encdec(const char *sigalg_name) test_params_list[i].pass, test_params_list[i].keytype, test_params_list[i].selection, &decoded_pkey, encoded->data, encoded->length)) { - printf("Failed decoding %s", sigalg_name); + printf("Failed decoding %s", alg_name); goto end; } - if (EVP_PKEY_eq(pkey, decoded_pkey) != 1) + if (EVP_PKEY_eq(pkey, decoded_pkey) != 1) { + printf("Key equality failed for %s", alg_name); goto end; + } EVP_PKEY_free(pkey); pkey = NULL; EVP_PKEY_free(decoded_pkey); @@ -211,12 +213,31 @@ static int test_oqs_encdec(const char *sigalg_name) return ok; } +static int test_algs(const OSSL_ALGORITHM *algs) +{ + int errcnt = 0; + for (; algs->algorithm_names != NULL; algs++) { + if (test_oqs_encdec(algs->algorithm_names)) { + fprintf(stderr, + cGREEN " Encoding/Decoding test succeeded: %s" cNORM "\n", + algs->algorithm_names); + } else { + fprintf(stderr, + cRED " Encoding/Decoding test failed: %s" cNORM "\n", + algs->algorithm_names); + ERR_print_errors_fp(stderr); + errcnt++; + } + } + return errcnt; +} + int main(int argc, char *argv[]) { size_t i; int errcnt = 0, test = 0, query_nocache; OSSL_PROVIDER *oqsprov = NULL; - const OSSL_ALGORITHM *sigalgs; + const OSSL_ALGORITHM *algs; T((libctx = OSSL_LIB_CTX_new()) != NULL); T(argc == 3); @@ -233,30 +254,29 @@ int main(int argc, char *argv[]) keyprov = OSSL_PROVIDER_load(keyctx, modulename); oqsprov = OSSL_PROVIDER_load(libctx, modulename); - sigalgs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, - &query_nocache); - - if (sigalgs) { - for (; sigalgs->algorithm_names != NULL; sigalgs++) { - if (test_oqs_encdec(sigalgs->algorithm_names)) { - fprintf(stderr, - cGREEN " Encoding/Decoding test succeeded: %s" cNORM - "\n", - sigalgs->algorithm_names); - } else { - fprintf(stderr, - cRED " Encoding/Decoding test failed: %s" cNORM "\n", - sigalgs->algorithm_names); - ERR_print_errors_fp(stderr); - errcnt++; - } - } + algs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, + &query_nocache); + + if (algs) { + errcnt += test_algs(algs); } else { fprintf(stderr, cRED " No signature algorithms found" cNORM "\n"); ERR_print_errors_fp(stderr); errcnt++; } +#ifdef OQS_KEM_ENCODERS + algs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_KEM, &query_nocache); + + if (algs) { + errcnt += test_algs(algs); + } else { + fprintf(stderr, cRED " No KEM algorithms found" cNORM "\n"); + ERR_print_errors_fp(stderr); + errcnt++; + } +#endif /* OQS_KEM_ENCODERS */ + OSSL_PROVIDER_unload(dfltprov); OSSL_PROVIDER_unload(keyprov); if (OPENSSL_VERSION_PREREQ(3, 1)) From b045a38bad5ffa59637f27d03358a3895dc37858 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 09:31:17 -0500 Subject: [PATCH 050/160] rebase to the open-quantum-safe master branch --- oqsprov/oqs_encode_key2any.c | 3 + oqsprov/oqs_kmgmt.c | 88 +++++++++++++++++------ oqsprov/oqs_prov.h | 9 +-- oqsprov/oqs_sig.c | 2 +- oqsprov/oqsencoders.inc | 10 --- oqsprov/oqsprov_keys.c | 135 +++++++++++++---------------------- 6 files changed, 120 insertions(+), 127 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 58b53c4e..100c9704 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -842,6 +842,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) # define dilithium3_ed25519_evp_type 0 # define dilithium3_ed25519_input_type "dilithium3_ed25519" # define dilithium3_ed25519_pem_type "dilithium3_ed25519" +# define dilithium3_pss_evp_type 0 +# define dilithium3_pss_input_type "dilithium3_pss" +# define dilithium3_pss_pem_type "dilithium3_pss" # define dilithium5_bp384_evp_type 0 # define dilithium5_bp384_input_type "dilithium5_bp384" # define dilithium5_bp384_pem_type "dilithium5_bp384" diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 2bffaf72..ae25f55b 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -862,112 +862,156 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, static void *dilithium3_rsa3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 23); } static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 23); } static void *dilithium3_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 24); } static void *dilithium3_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 24); } static void *falcon512_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 25); } static void *falcon512_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 25); } static void *dilithium5_p384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 26); } static void *dilithium5_p384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, 192); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 26); } static void *dilithium3_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 27); } static void *dilithium3_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 27); } static void *dilithium3_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 28); } static void *dilithium3_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 28); } static void *dilithium5_bp384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 29); } static void *dilithium5_bp384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 29); } static void *dilithium5_ed448_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 30); } static void *dilithium5_ed448_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 30); } static void *falcon512_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); } static void *falcon512_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 256); + return oqsx_gen_init + (provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); } static void *falcon512_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); } static void *falcon512_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); } static void *dilithium3_pss_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_pss", KEY_TYPE_CMP_SIG, NULL, 128); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_pss", KEY_TYPE_CMP_SIG, NULL, 128, 33); } static void *dilithium3_pss_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_pss", KEY_TYPE_CMP_SIG, 128); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_pss", KEY_TYPE_CMP_SIG, 128, 33); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 3fe3516c..490581f0 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -155,11 +155,10 @@ struct oqsx_key_st { #endif char *propq; OQSX_KEY_TYPE keytype; - OQSX_PROVIDER_CTX oqsx_provider_ctx; + OQSX_PROVIDER_CTX *oqsx_provider_ctx; #ifdef USE_ENCODING_LIB OQSX_ENCODING_CTX oqsx_encoding_ctx; #endif - OQSX_PROVIDER_CTX oqsx_provider_ctx_cmp; EVP_PKEY** cmp_classical_pkey; EVP_PKEY *classical_pkey; // for hybrid sigs const OQSX_EVP_INFO *evp_info; @@ -202,12 +201,6 @@ struct SignatureModel{ typedef struct SignatureModel CompositeSignature; -char* get_oqsname(int nid); -char* get_cmpname(int nid, int index); -int get_qntcmp(int nid); -int get_keytype(int nid); -char* get_oqsname_fromtls(char* oqsname); - /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index e58e13b9..811c485f 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -696,7 +696,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, siglen - classical_sig_len, oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) { + != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index e08fb503..d6f695e9 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -147,7 +147,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, @@ -160,7 +159,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_p256", dilithium3_p256), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, @@ -173,7 +171,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, @@ -198,7 +195,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_pss", dilithium3_pss), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 @@ -234,7 +230,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_p384", dilithium5_p384), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, PrivateKeyInfo), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, @@ -247,7 +242,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, PrivateKeyInfo), ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, @@ -279,7 +273,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_falcon512", p256_falcon512), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, @@ -292,7 +285,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, @@ -305,7 +297,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_p256", falcon512_p256), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, @@ -318,7 +309,6 @@ ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_bp256", falcon512_bp256), ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index ed73a278..39a51333 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -112,7 +112,7 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_CMP_SIG, 128}, {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - 0, "dilithium3_pss", OQS_SIG_alg_dilithium_3, + {0, "dilithium3_pss", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END @@ -462,6 +462,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); + } } // RSA bit length set only during keygen goto err; @@ -474,7 +475,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, return ret; } -sstatic const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) +static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; int idx = 0; @@ -606,6 +607,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, } #endif } else { + int classical_privatekey_len = 0; + // for plain OQS keys, we expect OQS priv||OQS pub key + size_t actualprivkeylen = key->privkeylen; + // for hybrid keys, we expect classic priv key||OQS priv key||OQS pub + // key classic pub key must/can be re-created from classic private key if (key->keytype == KEY_TYPE_CMP_SIG){ size_t privlen = 0; size_t publen = 0; @@ -626,7 +632,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, previous_privlen += privlen; previous_publen += publen; OPENSSL_free(name); - } + } if (previous_privlen != plen) { //is ok, PQC pubkey might be in privkey @@ -643,13 +649,34 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, } previous_privlen = 0; previous_publen = 0; - - }else{ - int classical_privatekey_len = 0; - // for plain OQS keys, we expect OQS priv||OQS pub key - size_t actualprivkeylen = key->privkeylen; - // for hybrid keys, we expect classic priv key||OQS priv key||OQS pub - // key classic pub key must/can be re-created from classic private key + for (i = 0; i < key->numkeys; i++){ + size_t classic_publen = 0; + char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + if (get_oqsname_fromtls(name) == 0){//classical key + publen = 0; //no pubkey encoded with privkey on classical keys. will recreate the pubkey later + if(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size + unsigned char* enc_len = OPENSSL_strndup(p + previous_privlen + previous_publen, 4); + OPENSSL_cleanse(enc_len, 2); + DECODE_UINT32(privlen, enc_len); + privlen += 4; + OPENSSL_free(enc_len); + }else + privlen = key->privkeylen_cmp[i]; + }else{//PQC key + privlen = key->privkeylen_cmp[i]; + if (pqc_pub_enc) + publen = key->pubkeylen_cmp[i]; + else + publen = 0; + + } + memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); + memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); + previous_privlen += privlen; + previous_publen += publen; + OPENSSL_free(name); + } + }else{ if (key->numkeys == 2) { DECODE_UINT32(classical_privatekey_len, p); // actual classic key len @@ -739,62 +766,8 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, memcpy(key->pubkey, p + key->privkeylen, plen - key->privkeylen); #endif - if (key->keytype == KEY_TYPE_CMP_SIG){ - size_t privlen, publen; - size_t previous_privlen = 0; - size_t previous_publen = 0; - int i; - for (i =0; i < key->numkeys; i++){ - privlen = key->privkeylen_cmp[i]; - publen = key->pubkeylen_cmp[i]; - memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); - memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); - previous_privlen += privlen; - previous_publen += publen; - } - for (i =0; i < key->numkeys; i++){ - size_t classic_publen = 0; - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); - if (get_oqsname_fromtls(name) == 0){//classical key - publen = 0; //no pubkey encoded with privkey on classical keys. will recreate the pubkey later - if(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size - unsigned char* enc_len = OPENSSL_strndup(p + previous_privlen + previous_publen, 4); - OPENSSL_cleanse(enc_len, 2); - DECODE_UINT32(privlen, enc_len); - privlen += 4; - OPENSSL_free(enc_len); - }else - privlen = key->privkeylen_cmp[i]; - }else{//PQC key - privlen = key->privkeylen_cmp[i]; - if (pqc_pub_enc) - publen = key->pubkeylen_cmp[i]; - else - publen = 0; - - } - memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); - memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); - previous_privlen += privlen; - previous_publen += publen; - OPENSSL_free(name); } - - }else{ - if (key->privkeylen + key->pubkeylen != plen) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; } - if (oqsx_key_allocate_keymaterial(key, 1)) - { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(key->privkey, p, key->privkeylen); - memcpy(key->pubkey, p + key->privkeylen, key->pubkeylen); - } - } #ifdef USE_ENCODING_LIB } #endif @@ -869,7 +842,6 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (key->keytype == KEY_TYPE_CMP_SIG){ int i; -// char *name = OPENSSL_malloc(strlen(key->tls_name)); if (op == KEY_OP_PUBLIC){ for (i = 0; i < key->numkeys; i++){ @@ -889,7 +861,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto rec_err; } } OPENSSL_free(name); @@ -910,21 +882,21 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto rec_err; } if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ unsigned char* comp_pubkey = key->comp_pubkey[i]; int pubkeylen = i2d_PublicKey(key->cmp_classical_pkey[i], &comp_pubkey); if (pubkeylen != key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key){ ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto rec_err; } }else{ size_t pubkeylen = key->pubkeylen_cmp[i]; int ret = EVP_PKEY_get_raw_public_key(key->cmp_classical_pkey[i], key->comp_pubkey[i], &pubkeylen); if (ret <= 0){ ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto rec_err; } } } @@ -933,11 +905,10 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } } - return key; + return 1; -err: - oqsx_key_free(key); - return NULL; +rec_err: + return 0; } OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, @@ -1325,9 +1296,9 @@ void oqsx_key_free(OQSX_KEY *key) || key->keytype == KEY_TYPE_ECX_HYB_KEM) { OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); } else - OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); EVP_PKEY_free(key->classical_pkey); - if (key->oqsx_provider_ctx.oqsx_evp_ctx) { + if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); @@ -1458,15 +1429,7 @@ printf("18\n"); key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1]); else { - if (key->keytype == KEY_TYPE_CMP_SIG) - return -(OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys-2], - key->comp_privkey[key->numkeys-2]) - || OQS_SIG_keypair(key->oqsx_provider_ctx_cmp.oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys-1], - key->comp_privkey[key->numkeys-1])); - - return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, + return OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, key->comp_pubkey[key->numkeys-1], key->comp_privkey[key->numkeys-1]); } @@ -1687,10 +1650,10 @@ int oqsx_key_get_oqs_public_key_len(OQSX_KEY *k) case KEY_TYPE_KEM: return k->pubkeylen; case KEY_TYPE_HYB_SIG: - return k->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; + return k->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - return k->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key; + return k->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key; default: OQS_KEY_PRINTF2("OQSX_KEY: Unknown key type encountered: %d\n", k->keytype); From 19553bc81c837d0c84459cb44d0a15cd7aaa92e6 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 09:57:51 -0500 Subject: [PATCH 051/160] getting up-to-date with oqsprov upstream --- oqsprov/oqs_decode_der2key.c | 66 ++++++++++++------ oqsprov/oqs_encode_key2any.c | 132 +++++++++++++++++------------------ 2 files changed, 110 insertions(+), 88 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 6bd71b71..89fa1569 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -731,26 +731,48 @@ MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3_rsa3072", dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER("falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3_bp256", dilithium3_bp256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3_ed25519", dilithium3_ed25519, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium5_bp384", dilithium5_bp384, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium5_ed448", dilithium5_ed448, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER("falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER("falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER("dilithium3_pss", dilithium3_pss, oqsx, PrivateKeyInfo); -MAKE_DECODER("dilithium3_pss", dilithium3_pss, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_pss", dilithium3_pss, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_pss", dilithium3_pss, + oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 583a419b..5cfc0948 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -2051,70 +2051,70 @@ MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_sphincsshake128fsimple); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(falcon512_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_p384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_p384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_bp384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_bp384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_ed448, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium5_ed448, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(falcon512_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(falcon512_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_pss, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(dilithium3_pss, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(dilithium3_pss, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(dilithium3_pss, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss, oqsx, SubjectPublicKeyInfo, pem); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END From 5ec35224ea362337533865d628373eb9794cab4c Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 11:12:38 -0500 Subject: [PATCH 052/160] fixed oid list len --- oqsprov/oqsprov.c | 2 +- oqsprov/oqsprov_keys.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index d9441547..532e8543 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 130 +# define OQS_OID_CNT 155 #else # define OQS_OID_CNT 68 #endif diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 4714d655..56ff26b2 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -57,9 +57,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 65 +# define NID_TABLE_LEN 76 #else -# define NID_TABLE_LEN 35 +# define NID_TABLE_LEN 34 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { From 1c497677d27422936697c2b37a4044ba88b10a7c Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 12:52:13 -0500 Subject: [PATCH 053/160] removed notes.txt --- notes.txt | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 notes.txt diff --git a/notes.txt b/notes.txt deleted file mode 100644 index f38caa07..00000000 --- a/notes.txt +++ /dev/null @@ -1,33 +0,0 @@ -###CREATE QUANTUM SAFE KEY PAIR - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl req -x509 -new -newkey p521_dilithium5 -keyout qsc.key -out qsc.crt -nodes -subj "/CN=oqstest" -days 365 -config /home/feventura/Documents/openssl/apps/openssl.cnf -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default - -###SIGN DATA - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -in test.txt -sign -signer qsc.crt -inkey qsc.key -nodetach -outform pem -binary -out signedfile -md sha512 -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider default -provider oqsprovider - -##VERIFY DATA - -LD_LIBRARY_PATH=/home/feventura/Documents/openssl ../../bin/openssl cms -verify -CAfile qsc.crt -inform pem -in signedfile -crlfeol -out outputfile -provider-path /home/feventura/Documents/oqs-provider/_build/oqsprov -provider oqsprovider -provider default - -##CREATE TEST SIGNATURE (from oqsprov/test) - -gcc oqs_test_signatures.c test_common.o -L ../openssl -lcrypto -o output_signatures - -##RUN TEST SIGNARURE (from oqsprov/test) - -./output_signatures oqsprovider /home/feventura/Documents/oqs-provider/test/oqs.cnf - -##IMPLEMENT CHANGES TO oqs_sig.c TO PROVIDER (from oqsprov/test) - -cd .. && cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && cd test/ - -##IMPLEMENT CHANGES THEN COMPILE AND RUN TEST (generic version, from oqsprov) - -cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf - -##IMPLEMENT CHANGES THEN BUILD DEPENDENCY LIBRARY THEN COMPILE AND RUN TEST (generic version, from oqsprov) - -cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local -DCMAKE_PREFIX_PATH=$(pwd)/.local -S . -B _build && cmake --build _build && gcc -Wall -c ./test/test_common.c && gcc ./test/oqs_test_signatures.c ./test/test_common.o -L ./openssl -lcrypto -o ./test/output_signatures && ./test/output_signatures oqsprovider $(pwd)/test/oqs.cnf - - From 4cffb7c841efc011458083292abb33f221c22105 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 15:06:02 -0500 Subject: [PATCH 054/160] comments for pre-hash --- oqsprov/oqs_sig.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 811c485f..2a28b548 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -357,7 +357,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, for (i = 0; i < oqsxkey->numkeys; i++){ char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - if (get_oqsname_fromtls(name)){ + //pre-hash and concat of oids + + if (get_oqsname_fromtls(name)){ //PQC signing oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; buf = OPENSSL_malloc(oqs_sig_len); if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) From 1ae06de2d15a7f391367c247dad22e519a170d5f Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 15:24:04 -0500 Subject: [PATCH 055/160] comments for pre-hash on verification --- oqsprov/oqs_sig.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 2a28b548..12c709f0 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -601,6 +601,9 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, buf = compsig->sig2->data; buf_len = compsig->sig2->length; } + + //pre-hash and concat of oids + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); if (get_oqsname_fromtls(name)){ From 4716eae233c4f9d6e4d6b5ab6c176c79310ee55b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 5 Oct 2023 15:41:45 -0500 Subject: [PATCH 056/160] test commit --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 12c709f0..a97e3053 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -602,7 +602,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, buf_len = compsig->sig2->length; } - //pre-hash and concat of oids + //pre-hash and concat of oids test char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); From 5fd47f991a8a04887d1313d287f7ba5ba5fbaefa Mon Sep 17 00:00:00 2001 From: Paul Schweigert Date: Fri, 6 Oct 2023 00:57:10 -0400 Subject: [PATCH 057/160] remove duplicate LIBOQS_BRANCH option in config doc (#274) Signed-off-by: Paul S. Schweigert There were two entries for LIBOQS_BRANCH in the CONFIGURE doc. This change drops the second one and makes a slight tweak to the wording of the first. --- CONFIGURE.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/CONFIGURE.md b/CONFIGURE.md index b1718b9b..416bfb88 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -110,8 +110,8 @@ code deficiencies related to providers in such old OpenSSL branches. This defines the branch of `liboqs` against which `oqs-provider` is built. This can be used, for example, to facilitate a release of `oqsprovider` -to track an old/stable `liboqs` release. -Default is "main" (most current code). +to track an old/stable `liboqs` release. If this variable is not set, the +"main" branch is built. ### liboqs_DIR @@ -120,11 +120,6 @@ used from the directory specified in this variable: Both `include` and `lib` directories must be present in that location. By not setting this variable, `liboqs` is build from source. -### LIBOQS_BRANCH - -If set, this environment variable designates the `liboqs` branch to -be built. If this variable is not set, the "main" branch is built. - ### MAKE_PARAMS This environment variable permits passing parameters to the `make` From 9bb30016e44a84e199074d3bc01463e3db9f2295 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Tue, 10 Oct 2023 19:20:30 +0200 Subject: [PATCH 058/160] add cloudflare interop tests (#278) --- scripts/oqsprovider-externalinterop.sh | 26 ++++++++++++++++++++++++++ scripts/runtests.sh | 4 ++++ 2 files changed, 30 insertions(+) create mode 100755 scripts/oqsprovider-externalinterop.sh diff --git a/scripts/oqsprovider-externalinterop.sh b/scripts/oqsprovider-externalinterop.sh new file mode 100755 index 00000000..d90dff68 --- /dev/null +++ b/scripts/oqsprovider-externalinterop.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +set -e + +# Use newly built oqsprovider to test interop with external sites + +if [ -z "$OPENSSL_APP" ]; then + echo "OPENSSL_APP env var not set. Exiting." + exit 1 +fi + +if [ -z "$OPENSSL_MODULES" ]; then + echo "Warning: OPENSSL_MODULES env var not set." +fi + +# Set OSX DYLD_LIBRARY_PATH if not already externally set +if [ -z "$DYLD_LIBRARY_PATH" ]; then + export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH +fi + +echo " Cloudflare:" +export OQS_CODEPOINT_X25519_KYBER512=65072 +(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | $OPENSSL_APP s_client -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 +(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | $OPENSSL_APP s_client -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 + + diff --git a/scripts/runtests.sh b/scripts/runtests.sh index 8d7d02d5..79762205 100755 --- a/scripts/runtests.sh +++ b/scripts/runtests.sh @@ -180,6 +180,10 @@ fi echo +# Run interop tests with external sites +echo "External interop tests commencing" +${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-externalinterop.sh + # Run built-in tests: # Without removing OPENSSL_CONF ctest hangs... ??? unset OPENSSL_CONF From b6f8886970c3968125c4833442bca0c2007a0b7b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 12 Oct 2023 14:55:09 -0500 Subject: [PATCH 059/160] Version 10 pre-hash added --- oqsprov/oqs_prov.h | 5 + oqsprov/oqs_sig.c | 308 ++++++++++++++++++++++++++++++----------- oqsprov/oqsprov.c | 22 +-- oqsprov/oqsprov_keys.c | 49 ++++--- 4 files changed, 272 insertions(+), 112 deletions(-) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 2a06202b..1fc85e6d 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -200,6 +200,11 @@ struct SignatureModel{ typedef struct SignatureModel CompositeSignature; +char *get_oqsname_fromtls(char *tlsname); +char *get_oqsname(int nid); +char* get_cmpname(int nid, int index); +int get_oqsalg_idx(int nid); + /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index a97e3053..141016d2 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -20,7 +20,6 @@ #include #include #include -#include "oqs_prov.h" #include #include @@ -217,6 +216,34 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } +static const char *composite_OID_hash[] = { + "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", //dilithium3_rsa3072 + "69642D4D4C44534136352D45434453412D503235362D534841323536", //dilithium3_p256 + "69642D46616C6F6E3531322D45434453412D503235362D534841323536", //falcon512_p256 + "69642D4D4C44534138372D45434453412D503338342D534841333834", //dilithium5_p384 + "69642D4D4C44534136352D45434453412D627261696E706F6F6C5032353672312D534841323536", //dilithium3_bp256 + "69642D4D4C44534136352D456432353531392D534841353132", //dilithium3_ed25519 + "69642D4D4C44534138372D45434453412D627261696E706F6F6C5033383472312D534841333834", //dilithium5_bp384 + "69642D4D4C44534138372D45643434382D5348414B45323536", //dilithium5_ed448 + "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", //falcon512_bp256 + "69642D46616C636F6E3531322D456432353531392D534841353132", //falcon512_ed25519 + "69642D4D4C44534136352D525341333037322D5053532D534841323536", //dilithium3_pss +}; + +static const size_t composite_OID_hash_len[] = { + 64, //dilithium3_rsa3072 + 56, //dilithium3_p256 + 58, //falcon512_p256 + 56, //dilithium5_p384 + 78, //dilithium3_bp256 + 50, //dilithium3_ed25519 + 78, //dilithium5_bp384 + 50, //dilithium5_ed448 + 82, //falcon512_bp256 + 54, //falcon512_ed25519 + 58, //dilithium3_pss +}; + /* On entry to this function, data to be signed (tbs) might have been hashed * already: this would be the case if poqs_sigctx->mdctx != NULL; if that is * NULL, we have to hash in case of hybrid signatures @@ -354,15 +381,71 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, unsigned char *buf; CompositeSignature *compsig = CompositeSignature_new(); int i; + const char *oid_hash = composite_OID_hash[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; + const size_t oid_hash_len = composite_OID_hash_len[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; + char *final_tbs; + size_t final_tbslen = oid_hash_len; + + //prepare the pre hash + for (i = 0; i < oqsxkey->numkeys; i++){ + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + unsigned char *tbs_hash; + if (!get_oqsname_fromtls(name)){ + if (name[0] == 'e'){//ed25519 or ed448 + if(name[2] == '2'){//ed25519 + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + }else{//ed4448 + unsigned int tbs_hash_len; + tbs_hash = OPENSSL_malloc(64); + if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + final_tbslen += tbs_hash_len; + } + }else if (name[0] == 'p' || name[0] == 'b' || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 + int aux; + if (name[0] == 'b') + aux = 2; + else + aux = 1; + switch(name[aux]){ + case 's'://pss or rsa + case '2'://p256 or bp256 + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case '3'://p384 or bp384 + tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); + SHA384(tbs, tbslen, tbs_hash); + final_tbslen += SHA384_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + }else{ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_hash, oid_hash_len); + memcpy(final_tbs + oid_hash_len, tbs_hash, final_tbslen - oid_hash_len); + OPENSSL_free(tbs_hash); + } + OPENSSL_free(name); + } + for (i = 0; i < oqsxkey->numkeys; i++){ char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - - //pre-hash and concat of oids if (get_oqsname_fromtls(name)){ //PQC signing oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; buf = OPENSSL_malloc(oqs_sig_len); - if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) + if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs, final_tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); goto endsign; @@ -375,18 +458,17 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, const EVP_MD *classical_md; EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); int digest_len; - int aux; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ if (name[0] == 'e'){ //ed25519 or ed448 - if (EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0 || - EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, tbs, tbslen) <= 0){ + if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0 ) + || (EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, final_tbs, final_tbslen) <= 0)){ ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } }else { - if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL || - EVP_PKEY_sign_init(classical_ctx_sign) <= 0) + if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL + || (EVP_PKEY_sign_init(classical_ctx_sign) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; @@ -394,9 +476,9 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (!strncmp(name, "pss", 3)) { - if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) || - (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0) || - (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, EVP_sha256()) <= 0)) + if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) + || (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0) + || (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; @@ -410,40 +492,40 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } } - if (name[0] == 'p' || name[0] == 'b') + if ((name[0] == 'p') + || (name[0] == 'b') + || (name[0] == 'r')) { - if(name[0] == 'p') + int aux; + if(name[0] == 'b') + aux = 2; + else aux = 1; - else aux = 2; - if (name[aux] == '2' || name[aux] == 's') - { // p256 && pss - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if (name[aux] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[aux] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + switch(name[aux]){ + case 's'://pss or rsa + case '2'://p256 or bp256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, (unsigned char *)&digest); + break; + case '3'://p384 or bp384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(final_tbs, final_tbslen, (unsigned char *)&digest); + break; + case '5'://p512 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; } } - else - {// rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - - } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) || - (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) + || (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; @@ -473,6 +555,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, oqs_sig_len = i2d_CompositeSignature(compsig, &sig); OPENSSL_free(compsig); + OPENSSL_free(final_tbs); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) { @@ -488,7 +571,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (classical_ctx_sign) { EVP_PKEY_CTX_free(classical_ctx_sign); } - printf("rv %i\n", rv); return rv; } @@ -591,8 +673,72 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, int i; unsigned char *buf; size_t buf_len; + const char *oid_hash = composite_OID_hash[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; + const size_t oid_hash_len = composite_OID_hash_len[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; + char *final_tbs; + size_t final_tbslen = oid_hash_len; + if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; + } + + //prepare the pre-hash + for (i = 0; i < oqsxkey->numkeys; i++){ + char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + unsigned char *tbs_hash; + if (!get_oqsname_fromtls(name)){ + if (name[0] == 'e'){//ed25519 or ed448 + if(name[2] == '2'){//ed25519 + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + }else{//ed4448 + unsigned int tbs_hash_len; + tbs_hash = OPENSSL_malloc(64); + if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endverify; + } + final_tbslen += tbs_hash_len; + } + }else if (name[0] == 'p' + || name[0] == 'b' + || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 + int aux; + if (name[0] == 'b') + aux = 2; + else + aux = 1; + switch(name[aux]){ + case 's'://pss or rsa + case '2'://p256 or bp256 + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case '3'://p384 or bp384 + tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); + SHA384(tbs, tbslen, tbs_hash); + final_tbslen += SHA384_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + }else{ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_hash, oid_hash_len); + memcpy(final_tbs + oid_hash_len, tbs_hash, final_tbslen - oid_hash_len); + OPENSSL_free(tbs_hash); + } + OPENSSL_free(name); + } + for(i = 0; i < oqsxkey->numkeys; i++){ if (i == 0){ buf = compsig->sig1->data; @@ -602,12 +748,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, buf_len = compsig->sig2->length; } - //pre-hash and concat of oids test - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); if (get_oqsname_fromtls(name)){ - if (OQS_SIG_verify(oqs_key, tbs, tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) + if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; @@ -620,23 +764,23 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ if(name[0] == 'e'){ //ed25519 or ed448 - if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) || - (EVP_DigestVerify(evp_ctx, buf, buf_len, tbs, tbslen) <= 0)){ + if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) + || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, final_tbslen) <= 0)){ ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } } else { - if ((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL || - EVP_PKEY_verify_init(ctx_verify) <= 0) + if (((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL) + || (EVP_PKEY_verify_init(ctx_verify) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } if (!strncmp(name, "pss", 3)) { - if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PSS_PADDING) <= 0) || - (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx_verify, 64) <= 0) || - (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, EVP_sha256()) <= 0)) + if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PSS_PADDING) <= 0) + || (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx_verify, 64) <= 0) + || (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); goto endverify; @@ -649,38 +793,39 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } } - if (name[0] == 'p' || name[0] == 'b') + if ((name[0] == 'p') + || (name[0] == 'b') + || (name[0] == 'r')) { - if(name[0] == 'p') - aux = 1; - else aux = 2; - if (name[aux] == '2' || name[aux] == 's') - { // p256 && pss - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if (name[aux] == '3') - { // p384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(tbs, tbslen, (unsigned char *)&digest); - } - if (name[aux] == '5') - { // p521 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + int aux; + if(name[0] == 'b') + aux = 2; + else + aux = 1; + switch(name[aux]){ + case 's'://pss or rsa + case '2'://p256 or bp256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, (unsigned char *)&digest); + break; + case '3'://p384 or bp384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(final_tbs, final_tbslen, (unsigned char *)&digest); + break; + case '5'://p512 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(tbs, tbslen, (unsigned char *)&digest); + break; + default: + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; } } - else - { // rsa3072 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(tbs, tbslen, (unsigned char *)&digest); - } - if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || - (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) + || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; @@ -691,6 +836,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, OPENSSL_free(name); } OPENSSL_free(compsig); + OPENSSL_free(final_tbs); }else { if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 532e8543..867b11b1 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -190,27 +190,27 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_sphincsshake128fsimple", "1.3.9999.6.7.15", "rsa3072_sphincsshake128fsimple", - "2.16.840.1.114027.80.5.1.1", + "2.16.840.1.114027.80.7.1.7", "dilithium3_rsa3072", - "2.16.840.1.114027.80.5.1.2", + "2.16.840.1.114027.80.7.1.8", "dilithium3_p256", - "2.16.840.1.114027.80.5.1.3", + "2.16.840.1.114027.80.7.1.9", "dilithium3_bp256", - "2.16.840.1.114027.80.5.1.4", + "2.16.840.1.114027.80.7.1.10", "dilithium3_ed25519", - "2.16.840.1.114027.80.5.1.5", + "2.16.840.1.114027.80.7.1.11", "dilithium5_p384", - "2.16.840.1.114027.80.5.1.6", + "2.16.840.1.114027.80.7.1.12", "dilithium5_bp384", - "2.16.840.1.114027.80.5.1.7", + "2.16.840.1.114027.80.7.1.13", "dilithium5_ed448", - "2.16.840.1.114027.80.5.1.8", + "2.16.840.1.114027.80.7.1.14", "falcon512_p256", - "2.16.840.1.114027.80.5.1.9", + "2.16.840.1.114027.80.7.1.15", "falcon512_bp256", - "2.16.840.1.114027.80.5.1.10", + "2.16.840.1.114027.80.7.1.16", "falcon512_ed25519", - "2.16.840.1.114027.80.5.1.14", + "2.16.840.1.114027.80.7.1.6", "dilithium3_pss", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 56ff26b2..862f1f58 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -162,7 +162,7 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 128}, + KEY_TYPE_CMP_SIG, 256}, {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, @@ -170,7 +170,7 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, - KEY_TYPE_CMP_SIG, 128}, + KEY_TYPE_CMP_SIG, 256}, {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, {0, "dilithium3_pss", OQS_SIG_alg_dilithium_3, @@ -226,7 +226,7 @@ char *get_oqsname_fromtls(char *tlsname) return 0; //classical } -static char *get_oqsname(int nid) +char *get_oqsname(int nid) { int i; for (i = 0; i < NID_TABLE_LEN; i++) { @@ -274,7 +274,7 @@ int get_qntcmp(int nid) return index; } -static int get_oqsalg_idx(int nid) +int get_oqsalg_idx(int nid) { int i; for (i = 0; i < NID_TABLE_LEN; i++) { @@ -444,7 +444,7 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 72}, // 128 bit - {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit - p384 + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 141}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit @@ -694,7 +694,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, previous_privlen += privlen; previous_publen += publen; OPENSSL_free(name); - } + } if (previous_privlen != plen) { //is ok, PQC pubkey might be in privkey @@ -703,6 +703,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } + if (oqsx_key_allocate_keymaterial(key, 0)) + { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err; + } } if (oqsx_key_allocate_keymaterial(key, 1)) { @@ -1372,7 +1377,6 @@ void oqsx_key_free(OQSX_KEY *key) #endif OPENSSL_free(key->propq); - OPENSSL_free(key->tls_name); OPENSSL_secure_clear_free(key->privkey, key->privkeylen); OPENSSL_secure_clear_free(key->pubkey, key->pubkeylen); OPENSSL_free(key->comp_pubkey); @@ -1382,27 +1386,32 @@ void oqsx_key_free(OQSX_KEY *key) else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM) { OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); - } else - OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); - EVP_PKEY_free(key->classical_pkey); - if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { - EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); - EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); - OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); } - if(key->keytype == KEY_TYPE_CMP_SIG){ + else if(key->keytype == KEY_TYPE_CMP_SIG){ int i; for (i = 0; i < key->numkeys; i ++){ char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name)) OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); + else{ + EVP_PKEY_free(key->classical_pkey); + EVP_PKEY_CTX_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->ctx); + EVP_PKEY_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->keyParam); + OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); + } OPENSSL_free(name); - } - - - } - else + } + }else{ OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); + EVP_PKEY_free(key->classical_pkey); + if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { + EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); + EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); + OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); + } + } + OPENSSL_free(key->tls_name); + #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); From c35c5068543d139c509a59cc683f43ab8fa8a770 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 13 Oct 2023 12:26:22 -0500 Subject: [PATCH 060/160] set up SHAKE256 size to 512bits --- oqsprov/oqs_sig.c | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 141016d2..c84922d2 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -397,15 +397,22 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, SHA512(tbs, tbslen, tbs_hash); final_tbslen += SHA512_DIGEST_LENGTH; }else{//ed4448 - unsigned int tbs_hash_len; - tbs_hash = OPENSSL_malloc(64); - if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){ + EVP_MD_CTX *shake = EVP_MD_CTX_new(); + unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; + tbs_hash = OPENSSL_malloc(tbs_hash_len); + + if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) + || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) + || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } final_tbslen += tbs_hash_len; + EVP_MD_CTX_free(shake); } - }else if (name[0] == 'p' || name[0] == 'b' || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 + }else if ((name[0] == 'p') + || (name[0] == 'b') + || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 int aux; if (name[0] == 'b') aux = 2; @@ -695,17 +702,22 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, SHA512(tbs, tbslen, tbs_hash); final_tbslen += SHA512_DIGEST_LENGTH; }else{//ed4448 - unsigned int tbs_hash_len; - tbs_hash = OPENSSL_malloc(64); - if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + EVP_MD_CTX *shake = EVP_MD_CTX_new(); + unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; + tbs_hash = OPENSSL_malloc(tbs_hash_len); + + if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) + || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) + || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } final_tbslen += tbs_hash_len; + EVP_MD_CTX_free(shake); } - }else if (name[0] == 'p' - || name[0] == 'b' - || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 + }else if ((name[0] == 'p') + || (name[0] == 'b') + || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 int aux; if (name[0] == 'b') aux = 2; From 208d9d2785429f483a5718e8c7d7e27ea7485b32 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 13 Oct 2023 16:31:32 -0500 Subject: [PATCH 061/160] added MLDSA44 algs --- oqsprov/oqs_decode_der2key.c | 24 ++++++++++- oqsprov/oqs_encode_key2any.c | 65 +++++++++++++++++++++++----- oqsprov/oqs_kmgmt.c | 84 +++++++++++++++++++++++++++++++++--- oqsprov/oqs_prov.h | 63 +++++++++++++++++++++++---- oqsprov/oqs_sig.c | 14 +++++- oqsprov/oqsdecoders.inc | 48 +++++++++++++++++++-- oqsprov/oqsencoders.inc | 72 ++++++++++++++++++++++++++++--- oqsprov/oqsprov.c | 30 ++++++++++--- oqsprov/oqsprov_keys.c | 45 +++++++++++++------ 9 files changed, 389 insertions(+), 56 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 89fa1569..5ea20a50 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -771,8 +771,28 @@ MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_pss", dilithium3_pss, +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss", dilithium3_pss, +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 5cfc0948..a4164731 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -966,7 +966,22 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_sphincsshake128fsimple_input_type \ "rsa3072_sphincsshake128fsimple" #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" -# define dilithium3_rsa3072_evp_type 0 +# define dilithium2_pss2048_evp_type 0 +# define dilithium2_pss2048_input_type "dilithium2_pss2048" +# define dilithium2_pss2048_pem_type "dilithium2_pss2048" +# define dilithium2_rsa2048_evp_type 0 +# define dilithium2_rsa2048_input_type "dilithium2_rsa2048" +# define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" +# define dilithium2_ed25519_evp_type 0 +# define dilithium2_ed25519_input_type "dilithium2_ed25519" +# define dilithium2_ed25519_pem_type "dilithium2_ed25519" +# define dilithium2_p256_evp_type 0 +# define dilithium2_p256_input_type "dilithium2_p256" +# define dilithium2_p256_pem_type "dilithium2_p256" +# define dilithium2_bp256_evp_type 0 +# define dilithium2_bp256_input_type "dilithium2_bp256" +# define dilithium2_bp256_pem_type "dilithium2_bp256" +# define dilithium3_rsa2048_evp_type 0 # define dilithium3_rsa3072_input_type "dilithium3_rsa3072" # define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" # define dilithium3_p256_evp_type 0 @@ -984,9 +999,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) # define dilithium3_ed25519_evp_type 0 # define dilithium3_ed25519_input_type "dilithium3_ed25519" # define dilithium3_ed25519_pem_type "dilithium3_ed25519" -# define dilithium3_pss_evp_type 0 -# define dilithium3_pss_input_type "dilithium3_pss" -# define dilithium3_pss_pem_type "dilithium3_pss" +# define dilithium3_pss3072_evp_type 0 +# define dilithium3_pss3072_input_type "dilithium3_pss3072" +# define dilithium3_pss3072_pem_type "dilithium3_pss3072" # define dilithium5_bp384_evp_type 0 # define dilithium5_bp384_input_type "dilithium5_bp384" # define dilithium5_bp384_pem_type "dilithium5_bp384" @@ -2111,10 +2126,40 @@ MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, pem); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 6a08fa7d..9f5d5f41 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -1002,20 +1002,89 @@ static void *falcon512_ed25519_gen_init(void *provctx, int selection) "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); } -static void *dilithium3_pss_new_key(void *provctx) +static void *dilithium3_pss3072_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_pss", KEY_TYPE_CMP_SIG, NULL, 128, 33); + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 33); } -static void *dilithium3_pss_gen_init(void *provctx, int selection) +static void *dilithium3_pss3072_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_pss", KEY_TYPE_CMP_SIG, 128, 33); + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 33); } +static void *dilithium2_pss2048_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 34); +} + +static void *dilithium2_pss2048_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 34); +} + +static void *dilithium2_rsa2048_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 35); +} + +static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 35); +} + +static void *dilithium2_ed25519_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 36); +} + +static void *dilithium2_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 36); +} + +static void *dilithium2_p256_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 37); +} + +static void *dilithium2_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 37); +} + +static void *dilithium2_bp256_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 38); +} + +static void *dilithium2_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init + (provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 38); +} ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ @@ -1198,7 +1267,12 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_pss2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_rsa2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_ed25519) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_bp256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1fc85e6d..5d402e60 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1485,14 +1485,54 @@ extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_enc extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START @@ -1532,7 +1572,12 @@ extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index c84922d2..b6d57726 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -227,7 +227,12 @@ static const char *composite_OID_hash[] = { "69642D4D4C44534138372D45643434382D5348414B45323536", //dilithium5_ed448 "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", //falcon512_bp256 "69642D46616C636F6E3531322D456432353531392D534841353132", //falcon512_ed25519 - "69642D4D4C44534136352D525341333037322D5053532D534841323536", //dilithium3_pss + "69642D4D4C44534136352D525341333037322D5053532D534841323536", //dilithium3_pss3072 + "69642D4D4C44534134342D525341323034382D5053532D534841323536", //dilithium2_pss2048 + "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", //dilithium2_rsa2048 + "69642D4D4C44534134342D456432353531392D534841353132", //dilithium2_ed25519 + "69642D4D4C44534134342D45434453412D503235362D534841323536", //dilithium2_p256 + "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536," //dilithium2_bp256 }; static const size_t composite_OID_hash_len[] = { @@ -241,7 +246,12 @@ static const size_t composite_OID_hash_len[] = { 50, //dilithium5_ed448 82, //falcon512_bp256 54, //falcon512_ed25519 - 58, //dilithium3_pss + 58, //dilithium3_pss3072 + 58, //dilithium2_pss2048 + 61, //dilithium2_rsa2048 + 50, //dilithium2_ed25519 + 56, //dilithium2_p256 + 79, //dilithium2_bp256 }; /* On entry to this function, data to be signed (tbs) might have been hashed diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 96775d49..e300a86c 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -199,6 +199,46 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_dilithium2), DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, rsa3072_dilithium2), + DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, + dilithium2_bp256), + DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, + dilithium2_bp256), + DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, + dilithium2_bp256), + DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, + dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), @@ -227,10 +267,10 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), dilithium3_ed25519), DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), - DECODER_w_structure("dilithium3_pss", der, PrivateKeyInfo, - dilithium3_pss), - DECODER_w_structure("dilithium3_pss", der, SubjectPublicKeyInfo, - dilithium3_pss), + DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, + dilithium3_pss3072), + DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, + dilithium3_pss3072), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index b944c047..52e97f29 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -578,6 +578,66 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + SubjectPublicKeyInfo), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), @@ -648,17 +708,17 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss", dilithium3_pss, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, SubjectPublicKeyInfo), #endif diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 867b11b1..93fced6a 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,9 +49,9 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 155 +# define OQS_OID_CNT 165 #else -# define OQS_OID_CNT 68 +# define OQS_OID_CNT 78 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { @@ -211,7 +211,17 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "2.16.840.1.114027.80.7.1.16", "falcon512_ed25519", "2.16.840.1.114027.80.7.1.6", - "dilithium3_pss", + "dilithium3_pss3072", + "2.16.840.1.114027.80.7.1.1", + "dilithium2_pss2048", + "2.16.840.1.114027.80.7.1.2", + "dilithium2_rsa2048", + "2.16.840.1.114027.80.7.1.3", + "dilithium2_ed25519", + "2.16.840.1.114027.80.7.1.4", + "dilithium2_p256", + "2.16.840.1.114027.80.7.1.5", + "dilithium2_bp256", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; @@ -568,6 +578,11 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium2", 128, oqs_signature_functions), SIGALG("p256_dilithium2", 128, oqs_signature_functions), SIGALG("rsa3072_dilithium2", 128, oqs_signature_functions), + SIGALG("dilithium2_pss2048", 128, oqs_signature_functions), + SIGALG("dilithium2_rsa2048", 128, oqs_signature_functions), + SIGALG("dilithium2_ed25519", 128, oqs_signature_functions), + SIGALG("dilithium2_p256", 128, oqs_signature_functions), + SIGALG("dilithium2_bp256", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_signature_functions), @@ -576,7 +591,7 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium3_p256", 192, oqs_signature_functions), SIGALG("dilithium3_bp256", 192, oqs_signature_functions), SIGALG("dilithium3_ed25519", 192, oqs_signature_functions), - SIGALG("dilithium3_pss", 192, oqs_signature_functions), + SIGALG("dilithium3_pss3072", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 @@ -707,6 +722,11 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("dilithium2", 128, oqs_dilithium2_keymgmt_functions), SIGALG("p256_dilithium2", 128, oqs_p256_dilithium2_keymgmt_functions), SIGALG("rsa3072_dilithium2", 128, oqs_rsa3072_dilithium2_keymgmt_functions), + SIGALG("dilithium2_pss2048", 128, oqs_dilithium2_pss2048_keymgmt_functions), + SIGALG("dilithium2_rsa2048", 128, oqs_dilithium2_rsa2048_keymgmt_functions), + SIGALG("dilithium2_ed25519", 128, oqs_dilithium2_ed25519_keymgmt_functions), + SIGALG("dilithium2_p256", 128, oqs_dilithium2_p256_keymgmt_functions), + SIGALG("dilithium2_bp256", 128, oqs_dilithium2_bp256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_dilithium3_keymgmt_functions), @@ -715,7 +735,7 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("dilithium3_p256", 192, oqs_dilithium3_p256_keymgmt_functions), SIGALG("dilithium3_bp256", 192, oqs_dilithium3_bp256_keymgmt_functions), SIGALG("dilithium3_ed25519", 192, oqs_dilithium3_ed25519_keymgmt_functions), - SIGALG("dilithium3_pss", 192, oqs_dilithium3_pss_keymgmt_functions), + SIGALG("dilithium3_pss3072", 192, oqs_dilithium3_pss3072_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 862f1f58..5707ece1 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -57,9 +57,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 76 +# define NID_TABLE_LEN 81 #else -# define NID_TABLE_LEN 34 +# define NID_TABLE_LEN 39 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { @@ -173,9 +173,18 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_CMP_SIG, 256}, {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_pss", OQS_SIG_alg_dilithium_3, + {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - + {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, + KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, + KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, + KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, + KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, + KEY_TYPE_CMP_SIG, 256}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; @@ -449,8 +458,9 @@ static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit - {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit - {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit + {EVP_PKEY_RSA, NID_rsaEncryption, 0, 270, 1193, 0, 256}, // 112 bit + {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit + {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit }; // These two array need to stay synced: @@ -476,9 +486,11 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 5, err); - if (!strncmp(algname, "rsa3072", 7) || !strncmp(algname, "pss", 3)) + if (!strncmp(algname, "rsa", 3) || !strncmp(algname, "pss", 3)){ idx += 5; - else if (algname[0] != 'p' && algname[0] != 'e') + if (bit_security == 112) + idx += 1; + } else if (algname[0] != 'p' && algname[0] != 'e') { if (algname[0] == 'b'){ //bp if (algname[2] == '2') //bp256 @@ -492,11 +504,11 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, } } - ON_ERR_GOTO(idx < 0 || idx > 5, err); + ON_ERR_GOTO(idx < 0 || idx > 6, err); if(algname[0] == 'e') //ED25519 or ED448 { - evp_ctx->evp_info = &nids_sig[idx + 6]; + evp_ctx->evp_info = &nids_sig[idx + 7]; evp_ctx->keyParam = EVP_PKEY_new(); ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); @@ -1095,8 +1107,12 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, memcpy(concat_key + plen - aux, buf, buflen); //if is a RSA key the actual encoding size might be different from max size //we calculate that difference for to facilitate the key reconstruction - if(!strncmp(name, "rsa3072", 7) || !strncmp(name, "pss", 3)) - rsa_diff = nids_sig[5].length_private_key - buflen; + if(!strncmp(name, "rsa", 3) || !strncmp(name, "pss", 3)) { + if (name[3] == '3') //3072 + rsa_diff = nids_sig[5].length_private_key - buflen; + else //2048 + rsa_diff = nids_sig[6].length_private_key - buflen; + } OPENSSL_free(name); } @@ -1559,7 +1575,10 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); if (ctx->evp_info->keytype == EVP_PKEY_RSA) { - ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); + if (ctx->evp_info->length_public_key > 270) + ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); + else + ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 2048); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } From afd36e7761bdcb8e88846c6239c5ed9506525dc9 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Mon, 16 Oct 2023 08:40:57 +0200 Subject: [PATCH 062/160] Add releasetest (#281) * add releasetest for all algs/combinations --- .gitignore | 1 + oqs-template/generate.py | 1 + .../scripts/common.py/kex_algs.fragment | 10 ++ .../scripts/common.py/sig_algs.fragment | 12 ++ scripts/README.md | 21 +++ scripts/common.py | 165 ++++++++++++++++++ scripts/conftest.py | 20 +++ scripts/pytest.ini | 2 + scripts/release-test.sh | 39 +++++ scripts/test_tls_full.py | 30 ++++ 10 files changed, 301 insertions(+) create mode 100644 oqs-template/scripts/common.py/kex_algs.fragment create mode 100644 oqs-template/scripts/common.py/sig_algs.fragment create mode 100644 scripts/README.md create mode 100644 scripts/common.py create mode 100644 scripts/conftest.py create mode 100644 scripts/pytest.ini create mode 100755 scripts/release-test.sh create mode 100644 scripts/test_tls_full.py diff --git a/.gitignore b/.gitignore index 4c607356..003421d7 100644 --- a/.gitignore +++ b/.gitignore @@ -16,6 +16,7 @@ tmp interop.log # pycache oqs-template/__pycache__ +scripts/__pycache__ # Visual Studio Code .vscode diff --git a/oqs-template/generate.py b/oqs-template/generate.py index e25fe300..03271e8f 100644 --- a/oqs-template/generate.py +++ b/oqs-template/generate.py @@ -244,6 +244,7 @@ def load_config(include_disabled_sigs=False): populate('oqsprov/oqs_encode_key2any.c', config, '/////') populate('oqsprov/oqs_decode_der2key.c', config, '/////') populate('oqsprov/oqsprov_keys.c', config, '/////') +populate('scripts/common.py', config, '#####') config2 = load_config(include_disabled_sigs=True) config2 = complete_config(config2) diff --git a/oqs-template/scripts/common.py/kex_algs.fragment b/oqs-template/scripts/common.py/kex_algs.fragment new file mode 100644 index 00000000..c8805d32 --- /dev/null +++ b/oqs-template/scripts/common.py/kex_algs.fragment @@ -0,0 +1,10 @@ + + # post-quantum key exchanges + {% for kem in config['kems'] %}'{{ kem['name_group'] }}', {%- endfor %} + # post-quantum + classical key exchanges + {% for kem in config['kems'] -%} + {%- for hybrid in kem['hybrids'] -%} + '{{ hybrid['hybrid_group'] }}_{{kem['name_group']}}', + {%- endfor -%} + {% endfor %} + diff --git a/oqs-template/scripts/common.py/sig_algs.fragment b/oqs-template/scripts/common.py/sig_algs.fragment new file mode 100644 index 00000000..2541638a --- /dev/null +++ b/oqs-template/scripts/common.py/sig_algs.fragment @@ -0,0 +1,12 @@ + + # post-quantum signatures + {% for sig in config['sigs'] %}{% for variant in sig['variants'] %}'{{ variant['name'] }}', + {%- endfor %} {%- endfor %} + # post-quantum + classical signatures + {% for sig in config['sigs'] -%} + {%- for variant in sig['variants'] -%} + {%- for classical_alg in variant['mix_with'] -%} + '{{ classical_alg['name'] }}_{{ variant['name'] }}', + {%- endfor -%} + {%- endfor %} {%- endfor %} + diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 00000000..40bb7936 --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,21 @@ +# Build and test support scripts + +This directory contains various scripts aiming to ease build and test of `oqsprovider`. + +## Building + +The key file is [fullbuild.sh](fullbuild.sh) with options documented [here](https://github.com/open-quantum-safe/oqs-provider/blob/main/CONFIGURE.md#convenience-build-script-options). + +## Testing + +### API testing + +All features and enabled algorithms are API tested by `ctest` driven code contained in the [test directory](https://github.com/open-quantum-safe/oqs-provider/tree/main/test). + +### Command line testing + +All features and enabled algorithms are tested via `openssl` command line instructions via the [runtests.sh](runtests.sh) script with options documented [here](https://github.com/open-quantum-safe/oqs-provider/blob/main/CONFIGURE.md#convenience-build-script-options). + +### Release testing + +All features and all algorithms can be tested in a full matrix running all possible signature and KEM algorithms in client/server setup via the corresponding `openssl s_server/s_client` commands via the [release-test.sh](release-test.sh) script. To run this test successfully, installation of `python3` and `pytest` with `xdist` extension is required, e.g., via `sudo apt install python3 python3-pytest python3-pytest-xdist python3-psutil`. The test must be executed within the main project directory, e.g., as such `./scripts/release-test.sh`. For full operation, a local and up-to-date (release) installation of `openssl` and `liboqs` (e.g., built via `scripts/fulltest.sh`) is recommended. diff --git a/scripts/common.py b/scripts/common.py new file mode 100644 index 00000000..7b936214 --- /dev/null +++ b/scripts/common.py @@ -0,0 +1,165 @@ +import os +import subprocess +import pathlib +import psutil +import time + +key_exchanges = [ +##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_START + # post-quantum key exchanges + 'frodo640aes','frodo640shake','frodo976aes','frodo976shake','frodo1344aes','frodo1344shake','kyber512','kyber768','kyber1024','bikel1','bikel3','bikel5','hqc128','hqc192','hqc256', + # post-quantum + classical key exchanges + 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', +##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_END +] +signatures = [ + 'ecdsap256', 'rsa3072', +##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_START + # post-quantum signatures + 'dilithium2','dilithium3','dilithium5','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', + # post-quantum + classical signatures + 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', +##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END +] + +SERVER_START_ATTEMPTS = 10 + +def all_pq_groups(): + ag = "" + for kex in key_exchanges: + if len(ag)==0: + ag = kex + else: + ag = ag + ":" + kex + return ag + +def run_subprocess(command, working_dir='.', expected_returncode=0, input=None, env=os.environ): + """ + Helper function to run a shell command and report success/failure + depending on the exit status of the shell command. + """ + + # Note we need to capture stdout/stderr from the subprocess, + # then print it, which pytest will then capture and + # buffer appropriately + print(working_dir + " > " + " ".join(command)) + result = subprocess.run( + command, + input=input, + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT, + cwd=working_dir, + env=env + ) + if result.returncode != expected_returncode: + print(result.stdout.decode('utf-8')) + assert False, "Got unexpected return code {}".format(result.returncode) + return result.stdout.decode('utf-8') + +def start_server(ossl, test_artifacts_dir, sig_alg, worker_id): + command = [ossl, 's_server', + '-cert', os.path.join(test_artifacts_dir, '{}_{}_srv.crt'.format(worker_id, sig_alg)), + '-key', os.path.join(test_artifacts_dir, '{}_{}_srv.key'.format(worker_id, sig_alg)), + '-CAfile', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(worker_id, sig_alg)), + '-tls1_3', + '-quiet', +# add X25519 for baseline server test and all PQ KEMs for single PQ KEM tests: + '-groups', "x25519:"+all_pq_groups(), + # On UNIX-like systems, binding to TCP port 0 + # is a request to dynamically generate an unused + # port number. + # TODO: Check if Windows behaves similarly + '-accept', '0'] + + print(" > " + " ".join(command)) + server = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + server_info = psutil.Process(server.pid) + + # Try SERVER_START_ATTEMPTS times to see + # what port the server is bound to. + server_start_attempt = 1 + while server_start_attempt <= SERVER_START_ATTEMPTS: + if server_info.connections(): + break + else: + server_start_attempt += 1 + time.sleep(2) + server_port = str(server_info.connections()[0].laddr.port) + + # Check SERVER_START_ATTEMPTS times to see + # if the server is responsive. + server_start_attempt = 1 + while server_start_attempt <= SERVER_START_ATTEMPTS: + result = subprocess.run([ossl, 's_client', '-connect', 'localhost:{}'.format(server_port)], + input='Q'.encode(), + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT) + if result.returncode == 0: + break + else: + server_start_attempt += 1 + time.sleep(2) + + if server_start_attempt > SERVER_START_ATTEMPTS: + raise Exception('Cannot start OpenSSL server') + + return server, server_port + +def gen_keys(ossl, ossl_config, sig_alg, test_artifacts_dir, filename_prefix): + pathlib.Path(test_artifacts_dir).mkdir(parents=True, exist_ok=True) + if sig_alg == 'ecdsap256': + run_subprocess([ossl, 'ecparam', + '-name', 'prime256v1', + '-out', os.path.join(test_artifacts_dir, '{}_prime256v1.pem'.format(filename_prefix))]) + run_subprocess([ossl, 'req', '-x509', '-new', + '-newkey', 'ec:{}'.format(os.path.join(test_artifacts_dir, '{}_prime256v1.pem'.format(filename_prefix))), + '-keyout', os.path.join(test_artifacts_dir, '{}_ecdsap256_CA.key'.format(filename_prefix)), + '-out', os.path.join(test_artifacts_dir, '{}_ecdsap256_CA.crt'.format(filename_prefix)), + '-nodes', + '-subj', '/CN=oqstest_CA', + '-days', '365', + '-config', ossl_config]) + run_subprocess([ossl, 'req', '-new', + '-newkey', 'ec:{}'.format(os.path.join(test_artifacts_dir, '{}_prime256v1.pem'.format(filename_prefix))), + '-keyout', os.path.join(test_artifacts_dir, '{}_ecdsap256_srv.key'.format(filename_prefix)), + '-out', os.path.join(test_artifacts_dir, '{}_ecdsap256_srv.csr'.format(filename_prefix)), + '-nodes', + '-subj', '/CN=oqstest_server', + '-config', ossl_config]) + else: + if sig_alg == 'rsa3072': + ossl_sig_alg_arg = 'rsa:3072' + else: + ossl_sig_alg_arg = sig_alg + run_subprocess([ossl, 'req', '-x509', '-new', + '-newkey', ossl_sig_alg_arg, + '-keyout', os.path.join(test_artifacts_dir, '{}_{}_CA.key'.format(filename_prefix, sig_alg)), + '-out', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(filename_prefix, sig_alg)), + '-nodes', + '-subj', '/CN=oqstest_CA', + '-days', '365', + '-config', ossl_config]) + run_subprocess([ossl, 'req', '-new', + '-newkey', ossl_sig_alg_arg, + '-keyout', os.path.join(test_artifacts_dir, '{}_{}_srv.key'.format(filename_prefix, sig_alg)), + '-out', os.path.join(test_artifacts_dir, '{}_{}_srv.csr'.format(filename_prefix, sig_alg)), + '-nodes', + '-subj', '/CN=oqstest_server', + '-config', ossl_config]) + + run_subprocess([ossl, 'x509', '-req', + '-in', os.path.join(test_artifacts_dir, '{}_{}_srv.csr'.format(filename_prefix, sig_alg)), + '-out', os.path.join(test_artifacts_dir, '{}_{}_srv.crt'.format(filename_prefix, sig_alg)), + '-CA', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(filename_prefix, sig_alg)), + '-CAkey', os.path.join(test_artifacts_dir, '{}_{}_CA.key'.format(filename_prefix, sig_alg)), + '-CAcreateserial', + '-days', '365']) + + # also create pubkeys from certs for dgst verify tests: + env = os.environ + #env["OPENSSL_CONF"]=os.path.join("scripts", "openssl.cnf") + #env["OPENSSL_MODULES"]=os.path.join("_build", "lib") + run_subprocess([ossl, 'req', + '-in', os.path.join(test_artifacts_dir, '{}_{}_srv.csr'.format(filename_prefix, sig_alg)), + '-pubkey', '-out', os.path.join(test_artifacts_dir, '{}_{}_srv.pubk'.format(filename_prefix, sig_alg)) ], + env=env) diff --git a/scripts/conftest.py b/scripts/conftest.py new file mode 100644 index 00000000..758d1e23 --- /dev/null +++ b/scripts/conftest.py @@ -0,0 +1,20 @@ +import os +import pytest +import subprocess + +def pytest_addoption(parser): + parser.addoption("--ossl", action="store", help="ossl: Path to standalone OpenSSL executable.") + parser.addoption("--ossl-config", action="store", help="ossl-config: Path to openssl.cnf file.") + parser.addoption("--test-artifacts-dir", action="store", help="test-artifacts-dir: Path to directory containing files generated during the testing process.") + +@pytest.fixture +def ossl_config(request): + return os.path.normpath(request.config.getoption("--ossl-config")) + +@pytest.fixture +def ossl(request): + return os.path.normpath(request.config.getoption("--ossl")) + +@pytest.fixture +def test_artifacts_dir(request): + return os.path.normpath(request.config.getoption("--test-artifacts-dir")) diff --git a/scripts/pytest.ini b/scripts/pytest.ini new file mode 100644 index 00000000..ef297a1d --- /dev/null +++ b/scripts/pytest.ini @@ -0,0 +1,2 @@ +[pytest] +addopts = --verbose --ossl=.local/bin/openssl --ossl-config=scripts/openssl-ca.cnf --test-artifacts-dir=tmp diff --git a/scripts/release-test.sh b/scripts/release-test.sh new file mode 100755 index 00000000..df3a60b2 --- /dev/null +++ b/scripts/release-test.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# Stop in case of error +set -e + +# To be run as part of a release test only on Linux +# requires python, pytest, xdist; install e.g. via +# sudo apt install python3 python3-pytest python3-pytest-xdist python3-psutil + +# must be run in main folder +# multicore machine recommended for fast execution + +# expect (ideally latest/release-test) liboqs to be already build and present +if [ -d liboqs ]; then + export LIBOQS_SRC_DIR=`pwd`/liboqs +else + echo "liboqs not found. Exiting." + exit 1 +fi + +if [ -d oqs-template ]; then + # just a temp setup + git checkout -b reltest + # Activate all algorithms + sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml + python3 oqs-template/generate.py + rm -rf _build + ./scripts/fullbuild.sh + ./scripts/runtests.sh + if [ -f .local/bin/openssl ]; then + OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py + else + echo "For full TLS PQ SIG/KEM matrix test, build (latest) openssl locally." + fi + git reset --hard && git checkout main && git branch -D reltest +else + echo "$0 must be run in main oqs-provider folder. Exiting." +fi + diff --git a/scripts/test_tls_full.py b/scripts/test_tls_full.py new file mode 100644 index 00000000..a1639140 --- /dev/null +++ b/scripts/test_tls_full.py @@ -0,0 +1,30 @@ +import common +import pytest +import sys +import os + +@pytest.fixture(params=common.signatures) +def server(ossl, ossl_config, test_artifacts_dir, request, worker_id): + # Setup: start ossl server + common.gen_keys(ossl, ossl_config, request.param, test_artifacts_dir, worker_id) + server, port = common.start_server(ossl, test_artifacts_dir, request.param, worker_id) + # Run tests + yield (request.param, port) + # Teardown: stop ossl server + server.kill() + +@pytest.mark.parametrize('kex_name', common.key_exchanges) +def test_sig_kem_pair(ossl, server, test_artifacts_dir, kex_name, worker_id): + client_output = common.run_subprocess([ossl, 's_client', + '-groups', kex_name, + '-CAfile', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(worker_id, server[0])), + '-verify_return_error', + '-connect', 'localhost:{}'.format(server[1])], + input='Q'.encode()) +# OpenSSL3 by default does not output KEM used; so rely on forced client group and OK handshake completion: + if not "SSL handshake has read" in client_output: + assert False, "Handshake failure." + +if __name__ == "__main__": + import sys + pytest.main(sys.argv) From 39fdbfe9593607bc7f4a9fee9dee0ab322cf21de Mon Sep 17 00:00:00 2001 From: Mouse Date: Thu, 19 Oct 2023 13:21:51 -0400 Subject: [PATCH 063/160] Support web proxy in external interop tests (#288) Update oqsprovider-externalinterop.sh to support web proxy in external interop tests. To determine whether to resort to proxy handling, checks if env var `HTTP_PROXY` is set --- scripts/oqsprovider-externalinterop.sh | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/scripts/oqsprovider-externalinterop.sh b/scripts/oqsprovider-externalinterop.sh index d90dff68..f2af0f32 100755 --- a/scripts/oqsprovider-externalinterop.sh +++ b/scripts/oqsprovider-externalinterop.sh @@ -18,9 +18,15 @@ if [ -z "$DYLD_LIBRARY_PATH" ]; then export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH fi +# We assume the value of env var HTTP_PROXY is "http://host.domain:port_num" +if [ ! -z "${HTTP_PROXY}" ]; then + echo "Using Web proxy \"${HTTP_PROXY}\"" + export USE_PROXY="-proxy ${HTTP_PROXY#http://} -allow_proxy_certs" +else + export USE_PROXY="" +fi + echo " Cloudflare:" export OQS_CODEPOINT_X25519_KYBER512=65072 -(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | $OPENSSL_APP s_client -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 -(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | $OPENSSL_APP s_client -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 - - +(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 +(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 From e52c34cb8638e231bf2149d3dda4a8b0b2490182 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Fri, 20 Oct 2023 16:30:43 +0200 Subject: [PATCH 064/160] Get Windows CI to work again; prepare for release (#291) * Change version preparing for release * eliminate failing Debug MSVC native tests --- .github/workflows/windows.yml | 2 +- CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index a5b187a6..a03fc8bb 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -215,7 +215,7 @@ jobs: msarch: - x64 type: - - Debug +# - Debug - Release runs-on: ${{matrix.os}} steps: diff --git a/CMakeLists.txt b/CMakeLists.txt index 977b7437..c930ad3f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ else() cmake_minimum_required(VERSION 3.0 FATAL_ERROR) endif() project(oqs-provider LANGUAGES C) -set(OQSPROVIDER_VERSION_TEXT "0.5.2-dev") +set(OQSPROVIDER_VERSION_TEXT "0.5.2") set(CMAKE_C_STANDARD 11) set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS ON) if(CMAKE_BUILD_TYPE STREQUAL "Debug") From b32dfe2be5eb8cd506838777a8c83cff5bb15545 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 21 Oct 2023 08:06:08 +0200 Subject: [PATCH 065/160] add 0.5.2 release documentation --- RELEASE.md | 55 ++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 49 insertions(+), 6 deletions(-) diff --git a/RELEASE.md b/RELEASE.md index 5483fa73..dd4f0b58 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,20 +1,20 @@ -# oqs-provider 0.5.2-dev +# oqs-provider 0.5.2 ## About The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. -**oqs-provider** is a standalone [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and hybrid key exchange for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS and dgst operations. +**oqs-provider** is a standalone [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and [hybrid key exchange](https://datatracker.ietf.org/doc/draft-ietf-pquip-pqt-hybrid-terminology) for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS, CMP and `dgst` (signature) operations. -When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. +When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. The ultimate goal is that all `openssl` functionality shall be [PQC-enabled](https://csrc.nist.gov/projects/post-quantum-cryptography). -In general, the oqs-provider `main` branch is meant to be useable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). +In general, the oqs-provider `main` branch is meant to be usable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). Further details on building, testing and use can be found in [README.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md). See in particular limitations on intended use. ## Release notes -This is version 0.5.2-dev of oqs-provider. +This is version 0.5.2 of oqs-provider. ### Security considerations @@ -22,10 +22,53 @@ None. ### What's New -This release continues from the 0.5.1 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This code is in sync with `liboqs` "main" branch. +This release continues from the 0.5.1 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This release is guaranteed to be in sync with v0.9.0 of `liboqs`. + +This release also makes available ready-to-run binaries for Windows (.dll) and MacOS (.dylib) compiled for `x64` CPUs. Activation and use is documented in [USAGE.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/USAGE.md). ### Additional new feature highlights +- Algorithm updates as documented in the [liboqs 0.9.0 release notes](https://github.com/open-quantum-safe/liboqs/releases/tag/0.9.0) +- [Standard coding style](https://github.com/open-quantum-safe/oqs-provider/blob/main/CONTRIBUTING.md#coding-style) +- Enhanced memory leak protection +- [Added community cooperation documentation](https://github.com/open-quantum-safe/oqs-provider/blob/main/CONTRIBUTING.md) +- (optional) [KEM algorithm en-/decoder feature](https://github.com/open-quantum-safe/oqs-provider/blob/main/CONFIGURE.md#oqs_kem_encoders) + +## What's Changed +* switch repo to -dev mode/unlock release by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/225 +* add C API and cleanup PQ terminology [skip ci] by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/226 +* Clarify install instructions by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/232 +* sigalg config warning by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/235 +* Fix a missing `-DOQS_PROVIDER_BUILD_STATIC=ON` in CircleCI build static jobs. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/242 +* Fix DOQS_ALGS_ENABLED setting for cmake by @marcbrevoort-cyberhive in https://github.com/open-quantum-safe/oqs-provider/pull/238 +* Fix #224: Add a clang-format that matches the best the OpenSSL coding style. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/241 +* corner case object creation added by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/243 +* fix for runtests.sh: skip non-working OpenSSL versions by @bhess in https://github.com/open-quantum-safe/oqs-provider/pull/244 +* Add a GithubCI job to test oqs-provider against memory leaks. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/246 +* Fix various memory leaks. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/245 +* remove unneeded OQS context reference from CCI PRs by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/250 +* Cross-compile to linux-aarch64 from linux-x64 in GitHub actions. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/253 +* add manual approval step to use restricted CCI context by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/254 +* Create SECURITY.md by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/257 +* Create CODE_OF_CONDUCT.md by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/258 +* adding contributing guideline [skip ci] by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/259 +* CI & cmake changes by @qnfm in https://github.com/open-quantum-safe/oqs-provider/pull/263 +* fix for txt output length of plain PQ key material by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/268 +* KEM en/decoders by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/266 +* Remove duplicate LIBOQS_BRANCH option in CONFIGURE.md by @psschwei in https://github.com/open-quantum-safe/oqs-provider/pull/274 +* add cloudflare interop tests by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/278 +* Add releasetest by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/281 +* Support web proxy in external interop tests by @mouse07410 in https://github.com/open-quantum-safe/oqs-provider/pull/288 +* Get Windows CI to work again; prepare for release by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/291 + +## New Contributors +* @marcbrevoort-cyberhive made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/238 +* @qnfm made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/263 +* @psschwei made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/274 +* @mouse07410 made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/288 + +**Full Changelog**: https://github.com/open-quantum-safe/oqs-provider/compare/0.5.1...0.5.2 + Previous Release Notes ====================== From 270d423057930bd8cb9df613b5f7fe23caf17c8b Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 21 Oct 2023 08:34:59 +0200 Subject: [PATCH 066/160] switch repo to -dev mode/unlock release --- CMakeLists.txt | 2 +- RELEASE.md | 27 ++++++++++++++++++++++++--- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c930ad3f..7958247c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ else() cmake_minimum_required(VERSION 3.0 FATAL_ERROR) endif() project(oqs-provider LANGUAGES C) -set(OQSPROVIDER_VERSION_TEXT "0.5.2") +set(OQSPROVIDER_VERSION_TEXT "0.5.3-dev") set(CMAKE_C_STANDARD 11) set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS ON) if(CMAKE_BUILD_TYPE STREQUAL "Debug") diff --git a/RELEASE.md b/RELEASE.md index dd4f0b58..0959a5a4 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,3 +1,27 @@ +# oqs-provider 0.5.3-dev + +## About + +The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. + +**oqs-provider** is a standalone [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and [hybrid key exchange](https://datatracker.ietf.org/doc/draft-ietf-pquip-pqt-hybrid-terminology) for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS, CMP and `dgst` (signature) operations. + +When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. The ultimate goal is that all `openssl` functionality shall be [PQC-enabled](https://csrc.nist.gov/projects/post-quantum-cryptography). + +In general, the oqs-provider `main` branch is meant to be usable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). + +Further details on building, testing and use can be found in [README.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md). See in particular limitations on intended use. + +## Release notes + +This is version 0.5.3-dev of oqs-provider. + + + + +Previous Release Notes +====================== + # oqs-provider 0.5.2 ## About @@ -69,9 +93,6 @@ This release also makes available ready-to-run binaries for Windows (.dll) and M **Full Changelog**: https://github.com/open-quantum-safe/oqs-provider/compare/0.5.1...0.5.2 -Previous Release Notes -====================== - ## This is version 0.5.1 of oqs-provider. ### Security considerations From 8a96fed20927d17762bc1b5d9e27aa3c26b6bd49 Mon Sep 17 00:00:00 2001 From: Alex Bozarth Date: Mon, 23 Oct 2023 14:56:30 -0500 Subject: [PATCH 067/160] Clarify liboqs_DIR naming convention (#292) * Clarify liboqs_DIR naming convention As per discussion in #277 we want to clarify why the env var `liboqs_DIR` does not follow standard naming convention by using lowercase. * added link to cmake command doc --- CONFIGURE.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CONFIGURE.md b/CONFIGURE.md index 416bfb88..afae2735 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -36,6 +36,8 @@ This environment variable must be set to the location of the `liboqs` installati utilized in the build. By default, this is un-set, requiring installation of `liboqs` in a standard location for the OS. +This uses the [`find_package`](https://cmake.org/cmake/help/latest/command/find_package.html) +command in `cmake`, which checks for local builds of a package at `_DIR` ### USE_ENCODING_LIB From 4dac252a16815b0612e79e63efd5b8aebeacd98a Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 26 Oct 2023 06:42:05 +0200 Subject: [PATCH 068/160] check empty params lists passed (#296) --- oqsprov/oqs_encode_key2any.c | 1 + oqsprov/oqs_kmgmt.c | 4 ++++ oqsprov/oqs_sig.c | 1 + oqsprov/oqsprov.c | 1 + oqsprov/oqsprov_keys.c | 35 ++++++++++++++++++++--------------- 5 files changed, 27 insertions(+), 15 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 63246f5e..04b561ad 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -944,6 +944,7 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } } OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher); + // not passing in a cipher param will lead to no-op hence no error return 1; } diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 88e927ea..5be50149 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -257,6 +257,7 @@ int oqsx_key_to_params(const OQSX_KEY *key, OSSL_PARAM_BLD *tmpl, goto err; } } + // not passing in params to respond to is no error; the response is empty ret = 1; err: return ret; @@ -373,6 +374,7 @@ static int oqsx_get_params(void *key, OSSL_PARAM params[]) return 0; } + // not passing in params to respond to is no error return 1; } @@ -443,6 +445,7 @@ static int oqsx_set_params(void *key, const OSSL_PARAM params[]) } } + // not passing in params to set is no error, just a no-op return 1; } @@ -571,6 +574,7 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (gctx->propq == NULL) return 0; } + // not passing in params is no error; subsequent operations may fail, though return 1; } diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 69e4ff04..86a4ae3a 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -745,6 +745,7 @@ static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) return 0; } + // not passing in parameters we can act on is no error return 1; } diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 615d00fe..dba438c0 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -850,6 +850,7 @@ static int oqsprovider_get_params(void *provctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS); if (p != NULL && !OSSL_PARAM_set_int(p, 1)) // provider is always running return 0; + // not passing in params to respond to is no error; response is empty then return 1; } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index b3ff332e..1b7d062e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1013,44 +1013,49 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], int include_private) { - const OSSL_PARAM *p; + const OSSL_PARAM *pp1, *pp2; OQS_KEY_PRINTF("OQSX Key from data called\n"); - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + pp1 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); + pp2 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); + // at least one parameter must be given + if (pp1 == NULL && pp2 == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return 0; + } + if (pp1 != NULL) { + if (pp1->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } - if (key->privkeylen != p->data_size) { + if (key->privkeylen != pp1->data_size) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE); return 0; } - OPENSSL_secure_clear_free(key->privkey, p->data_size); - key->privkey = OPENSSL_secure_malloc(p->data_size); + OPENSSL_secure_clear_free(key->privkey, pp1->data_size); + key->privkey = OPENSSL_secure_malloc(pp1->data_size); if (key->privkey == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } - memcpy(key->privkey, p->data, p->data_size); + memcpy(key->privkey, pp1->data, pp1->data_size); } - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + if (pp2 != NULL) { + if (pp2->data_type != OSSL_PARAM_OCTET_STRING) { OQS_KEY_PRINTF("invalid data type\n"); return 0; } - if (key->pubkeylen != p->data_size) { + if (key->pubkeylen != pp2->data_size) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE); return 0; } - OPENSSL_secure_clear_free(key->pubkey, p->data_size); - key->pubkey = OPENSSL_secure_malloc(p->data_size); + OPENSSL_secure_clear_free(key->pubkey, pp2->data_size); + key->pubkey = OPENSSL_secure_malloc(pp2->data_size); if (key->pubkey == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } - memcpy(key->pubkey, p->data, p->data_size); + memcpy(key->pubkey, pp2->data, pp2->data_size); } if (!oqsx_key_set_composites(key) || !oqsx_key_recreate_classickey( From b099bf5c472a5fc10063ef7c9983f3c82d85324f Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 27 Nov 2023 14:04:13 -0600 Subject: [PATCH 069/160] Fixed memory issues and added optimizations --- oqsprov/oqs_encode_key2any.c | 151 +++++++++++------- oqsprov/oqs_sig.c | 289 +++++++++++++++++++++-------------- oqsprov/oqsprov_keys.c | 149 ++++++++++++------ 3 files changed, 370 insertions(+), 219 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 374652aa..b0b4bbd7 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -289,9 +289,8 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, struct key2any_ctx_st *ctx) { int ret = 0, cmp_len = 0; - void *str = NULL, *strc = NULL; + void *str = NULL; int strtype = V_ASN1_UNDEF; - int strtypec = V_ASN1_UNDEF; PKCS8_PRIV_KEY_INFO *p8info; OQS_ENC_PRINTF("OQS ENC provider: key_to_pki_pem_priv_bio called\n"); @@ -506,10 +505,6 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) unsigned char *keyblob, *buf; int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; - ASN1_TYPE *aType = NULL; - ASN1_STRING *aString = NULL, *tempOct = NULL; - unsigned char *temp = NULL; - X509_PUBKEY *p8info_internal = NULL; int ret = 0; OQS_ENC_PRINTF("OQS ENC provider: oqsx_spki_pub_to_der called\n"); @@ -550,33 +545,49 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } #endif }else{ + ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); + ASN1_STRING **aString = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + ASN1_STRING **tempOct = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + unsigned char **cbuf = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); int len, i; -// char *name = OPENSSL_malloc(strlen(oqsxkey->tls_name)); if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; for (i = 0; i < oqsxkey->numkeys; i++){ - p8info_internal = X509_PUBKEY_new(); - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); - tempOct = ASN1_OCTET_STRING_new(); - temp = NULL; + aType[i] = ASN1_TYPE_new(); + aString[i] = ASN1_OCTET_STRING_new(); + tempOct[i] = ASN1_OCTET_STRING_new(); + temp[i] = NULL; len = oqsxkey->pubkeylen_cmp[i]; - buf = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); - ASN1_STRING_set0(tempOct, buf, len); - keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) + cbuf[i] = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); + ASN1_STRING_set0(tempOct[i], cbuf[i], len); + keybloblen = i2d_ASN1_OCTET_STRING(tempOct[i], &temp[i]); + ASN1_STRING_set0(aString[i], temp[i], keybloblen); + ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); + + if (!sk_ASN1_TYPE_push(sk, aType[i])){ + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } + OPENSSL_free(sk); return -1; + } } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - OPENSSL_free(temp); - OPENSSL_free(aType); - OPENSSL_free(aString); - OPENSSL_free(tempOct); + + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } OPENSSL_free(sk); return keybloblen; @@ -593,11 +604,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_OCTET_STRING oct; int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; - ASN1_TYPE *aType = NULL; - ASN1_STRING *aString = NULL, *tempOct = NULL; - unsigned char *temp = NULL; char* name; - PKCS8_PRIV_KEY_INFO *p8info_internal = NULL; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -687,17 +694,33 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } }else{ + ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); + ASN1_STRING **aString = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + ASN1_STRING **tempOct = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + unsigned char **cbuf = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); int i; if((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; for (i = 0; i < oqsxkey->numkeys; i++){ - p8info_internal = PKCS8_PRIV_KEY_INFO_new(); - aType = ASN1_TYPE_new(); - aString = ASN1_OCTET_STRING_new(); - tempOct = ASN1_OCTET_STRING_new(); - temp = NULL; - name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + aType[i] = ASN1_TYPE_new(); + aString[i] = ASN1_OCTET_STRING_new(); + tempOct[i] = ASN1_OCTET_STRING_new(); + temp[i] = NULL; + + if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) == NULL){ + OPENSSL_free(name); + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } + OPENSSL_free(sk); + return -1; + } if(get_oqsname_fromtls(name) == 0){ if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size @@ -706,38 +729,64 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) DECODE_UINT32(buflen, enc_len); buflen += 4; OPENSSL_free(enc_len); + if (buflen > oqsxkey->privkeylen_cmp[i]){ + OPENSSL_free(name); + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } + OPENSSL_free(sk); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return -1; + } }else buflen = oqsxkey->privkeylen_cmp[i]; }else buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; - buf = OPENSSL_malloc(buflen); - memcpy(buf, oqsxkey->comp_privkey[i], buflen); + cbuf[i] = OPENSSL_malloc(buflen); + memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); if(get_oqsname_fromtls(name) != 0){//include pubkey in privkey for PQC - memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); - memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); + memcpy(cbuf[i], oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); + memcpy(cbuf[i] + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); }else - memcpy(buf, oqsxkey->comp_privkey[i], buflen); - - ASN1_STRING_set0(tempOct, buf, buflen); - keybloblen = i2d_ASN1_OCTET_STRING(tempOct, &temp); - ASN1_STRING_set0(aString, temp, keybloblen); - ASN1_TYPE_set(aType, V_ASN1_SEQUENCE, aString); - - if (!sk_ASN1_TYPE_push(sk, aType)) + memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); + + ASN1_STRING_set0(tempOct[i], cbuf[i], buflen); + keybloblen = i2d_ASN1_OCTET_STRING(tempOct[i], &temp[i]); + ASN1_STRING_set0(aString[i], temp[i], keybloblen); + ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); + + if (!sk_ASN1_TYPE_push(sk, aType[i])){ + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } + OPENSSL_free(sk); + OPENSSL_free(name); return -1; + } OPENSSL_free(name); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - OPENSSL_free(temp); - OPENSSL_free(aType); - OPENSSL_free(aString); - OPENSSL_free(tempOct); + + for (i = 0; i < oqsxkey->numkeys; i++){ + OPENSSL_free(temp[i]); + OPENSSL_free(cbuf[i]); + OPENSSL_free(aType[i]); + OPENSSL_free(aString[i]); + OPENSSL_free(tempOct[i]); + } + OPENSSL_free(sk); } OPENSSL_secure_clear_free(buf, buflen); - - return keybloblen; } diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 6ea88e08..85943ccb 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,6 +27,7 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ +#define COMPOSITE_IDX_ADJUST 23 /*idx to the frist composite in the composite idx block*/ #ifdef NDEBUG # define OQS_SIG_PRINTF(a) @@ -216,7 +217,7 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } -static const char *composite_OID_hash[] = { +static const char *composite_OID_prefix[] = { "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", //dilithium3_rsa3072 "69642D4D4C44534136352D45434453412D503235362D534841323536", //dilithium3_p256 "69642D46616C6F6E3531322D45434453412D503235362D534841323536", //falcon512_p256 @@ -232,10 +233,10 @@ static const char *composite_OID_hash[] = { "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", //dilithium2_rsa2048 "69642D4D4C44534134342D456432353531392D534841353132", //dilithium2_ed25519 "69642D4D4C44534134342D45434453412D503235362D534841323536", //dilithium2_p256 - "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536," //dilithium2_bp256 + "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", //dilithium2_bp256 }; -static const size_t composite_OID_hash_len[] = { +static const size_t composite_OID_prefix_len[] = { 64, //dilithium3_rsa3072 56, //dilithium3_p256 58, //falcon512_p256 @@ -248,10 +249,10 @@ static const size_t composite_OID_hash_len[] = { 54, //falcon512_ed25519 58, //dilithium3_pss3072 58, //dilithium2_pss2048 - 61, //dilithium2_rsa2048 + 64, //dilithium2_rsa2048 50, //dilithium2_ed25519 56, //dilithium2_p256 - 79, //dilithium2_bp256 + 78, //dilithium2_bp256 }; /* On entry to this function, data to be signed (tbs) might have been hashed @@ -291,7 +292,6 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, }else { max_sig_len += oqs_key->length_signature; - oqs_sig_len = oqs_key->length_signature; } if (is_hybrid) @@ -391,14 +391,20 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, unsigned char *buf; CompositeSignature *compsig = CompositeSignature_new(); int i; - const char *oid_hash = composite_OID_hash[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; - const size_t oid_hash_len = composite_OID_hash_len[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; + int nid = OBJ_sn2nid(oqsxkey->tls_name); + const char *oid_prefix = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + const size_t oid_prefix_len = composite_OID_prefix_len[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; char *final_tbs; - size_t final_tbslen = oid_hash_len; + size_t final_tbslen = oid_prefix_len; //prepare the pre hash for (i = 0; i < oqsxkey->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + char *name; + if ((name = get_cmpname(nid, i)) == NULL){ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + goto endsign; + } unsigned char *tbs_hash; if (!get_oqsname_fromtls(name)){ if (name[0] == 'e'){//ed25519 or ed448 @@ -415,6 +421,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); goto endsign; } final_tbslen += tbs_hash_len; @@ -442,22 +449,29 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, break; default: ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); goto endsign; } }else{ ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); goto endsign; } final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_hash, oid_hash_len); - memcpy(final_tbs + oid_hash_len, tbs_hash, final_tbslen - oid_hash_len); + memcpy(final_tbs, oid_prefix, oid_prefix_len); + memcpy(final_tbs + oid_prefix_len, tbs_hash, final_tbslen - oid_prefix_len); OPENSSL_free(tbs_hash); } OPENSSL_free(name); } for (i = 0; i < oqsxkey->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + char *name; + if((name = get_cmpname(nid, i)) == NULL){ + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + goto endsign; + } if (get_oqsname_fromtls(name)){ //PQC signing oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; @@ -465,6 +479,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs, final_tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } }else @@ -481,6 +497,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0 ) || (EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, final_tbs, final_tbslen) <= 0)){ ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } }else { @@ -488,6 +506,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, || (EVP_PKEY_sign_init(classical_ctx_sign) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } @@ -498,6 +518,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, || (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) @@ -505,6 +527,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } } @@ -514,10 +538,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, || (name[0] == 'r')) { int aux; - if(name[0] == 'b') + if(name[0] == 'b'){ aux = 2; - else + }else { aux = 1; + } switch(name[aux]){ case 's'://pss or rsa case '2'://p256 or bp256 @@ -533,10 +558,12 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, case '5'://p512 classical_md = EVP_sha512(); digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + SHA512(final_tbs, final_tbslen, (unsigned char *)&digest); break; default: ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } } @@ -545,6 +572,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, || (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } @@ -552,6 +581,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, { /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + OPENSSL_free(name); + OPENSSL_free(buf); goto endsign; } } @@ -567,7 +598,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, compsig->sig2->flags = 8; //set as 8 to not check for unused bits } - OPENSSL_free(name); + OPENSSL_free(buf); + OPENSSL_free(name); } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); @@ -686,50 +718,57 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, index += classical_sig_len; } if(is_composite){ - CompositeSignature* compsig = CompositeSignature_new(); - int i; - unsigned char *buf; - size_t buf_len; - const char *oid_hash = composite_OID_hash[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; - const size_t oid_hash_len = composite_OID_hash_len[get_oqsalg_idx(OBJ_sn2nid(oqsxkey->tls_name)) - 23]; - char *final_tbs; - size_t final_tbslen = oid_hash_len; - - if(d2i_CompositeSignature(&compsig, &sig, siglen) == NULL) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } + CompositeSignature* compsig; + int i; + int nid = OBJ_sn2nid(oqsxkey->tls_name); + unsigned char *buf; + size_t buf_len; + const char *oid_prefix = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + const size_t oid_prefix_len = composite_OID_prefix_len[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + char *final_tbs; + size_t final_tbslen = oid_prefix_len; + + if((compsig = d2i_CompositeSignature(NULL, &sig, siglen)) == NULL) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } - //prepare the pre-hash - for (i = 0; i < oqsxkey->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); - unsigned char *tbs_hash; - if (!get_oqsname_fromtls(name)){ - if (name[0] == 'e'){//ed25519 or ed448 - if(name[2] == '2'){//ed25519 - tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); - SHA512(tbs, tbslen, tbs_hash); - final_tbslen += SHA512_DIGEST_LENGTH; - }else{//ed4448 - EVP_MD_CTX *shake = EVP_MD_CTX_new(); - unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; - tbs_hash = OPENSSL_malloc(tbs_hash_len); - - if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) - || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) - || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - final_tbslen += tbs_hash_len; - EVP_MD_CTX_free(shake); - } - }else if ((name[0] == 'p') - || (name[0] == 'b') - || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 - int aux; - if (name[0] == 'b') + //prepare the pre-hash + for (i = 0; i < oqsxkey->numkeys; i++){ + char *name; + if ((name = get_cmpname(nid, i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + unsigned char *tbs_hash; + if (!get_oqsname_fromtls(name)){ + if (name[0] == 'e'){//ed25519 or ed448 + if(name[2] == '2'){//ed25519 + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + }else{//ed4448 + EVP_MD_CTX *shake = EVP_MD_CTX_new(); + unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; + tbs_hash = OPENSSL_malloc(tbs_hash_len); + + if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) + || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) + || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + final_tbslen += tbs_hash_len; + EVP_MD_CTX_free(shake); + } + }else if ((name[0] == 'p') + || (name[0] == 'b') + || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 + int aux; + if (name[0] == 'b') aux = 2; else aux = 1; @@ -747,57 +786,67 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, break; default: ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); goto endverify; } - }else{ - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_hash, oid_hash_len); - memcpy(final_tbs + oid_hash_len, tbs_hash, final_tbslen - oid_hash_len); - OPENSSL_free(tbs_hash); - } - OPENSSL_free(name); - } - - for(i = 0; i < oqsxkey->numkeys; i++){ - if (i == 0){ - buf = compsig->sig1->data; - buf_len = compsig->sig1->length; - }else{ - buf = compsig->sig2->data; - buf_len = compsig->sig2->length; + }else{ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_prefix, oid_prefix_len); + memcpy(final_tbs + oid_prefix_len, tbs_hash, final_tbslen - oid_prefix_len); + OPENSSL_free(tbs_hash); + } + OPENSSL_free(name); } - char *name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i); + for(i = 0; i < oqsxkey->numkeys; i++){ + if (i == 0){ + buf = compsig->sig1->data; + buf_len = compsig->sig1->length; + }else{ + buf = compsig->sig2->data; + buf_len = compsig->sig2->length; + } - if (get_oqsname_fromtls(name)){ - if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) - { + char *name; + if((name = get_cmpname(nid, i)) == NULL){ + OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - }else{ - const EVP_MD *classical_md; - int digest_len; - int aux; - EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if(name[0] == 'e'){ //ed25519 or ed448 - if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) - || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, final_tbslen) <= 0)){ - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - } else { - if (((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL) - || (EVP_PKEY_verify_init(ctx_verify) <= 0)) + if (get_oqsname_fromtls(name)){ + if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); goto endverify; } + }else{ + const EVP_MD *classical_md; + int digest_len; + int aux; + EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); + unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if(name[0] == 'e'){ //ed25519 or ed448 + if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) + || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, final_tbslen) <= 0)){ + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } else { + if (((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL) + || (EVP_PKEY_verify_init(ctx_verify) <= 0)) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } if (!strncmp(name, "pss", 3)) { if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PSS_PADDING) <= 0) @@ -805,6 +854,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, || (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + OPENSSL_free(name); goto endverify; } } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) @@ -812,6 +862,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + OPENSSL_free(name); goto endverify; } } @@ -839,10 +890,11 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, case '5'://p512 classical_md = EVP_sha512(); digest_len = SHA512_DIGEST_LENGTH; - SHA512(tbs, tbslen, (unsigned char *)&digest); + SHA512(final_tbs, final_tbslen, (unsigned char *)&digest); break; default: ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); goto endverify; } } @@ -850,32 +902,33 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); goto endverify; } } } - OPENSSL_free(name); - } - OPENSSL_free(compsig); - OPENSSL_free(final_tbs); - }else - { - if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - goto endverify; - } - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, - siglen - classical_sig_len, - oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) + OPENSSL_free(name); + } + OPENSSL_free(compsig); + OPENSSL_free(final_tbs); + }else { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; + if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + goto endverify; + } + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, + siglen - classical_sig_len, + oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) + != OQS_SUCCESS) + { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } } - } - rv = 1; + rv = 1; endverify: if (ctx_verify) { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 664810b3..9fec210d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -249,36 +249,42 @@ char* get_cmpname(int nid, int index) { int i, j; char* name; - for (i = 0; i < NID_TABLE_LEN; i++) - { - if (nid_names[i].nid == nid){ - char* s = OPENSSL_strdup(nid_names[i].tlsname); - char* token = strtok(s, "_"); - for (j = 0; j < index; j ++) - token = strtok(NULL, "_"); - name = OPENSSL_strdup(token); - OPENSSL_free(s); - return name; - } + char* first_token; + char* token; + char* s; + if ((i = get_oqsalg_idx(nid)) == -1) + return NULL; + s = OPENSSL_strdup(nid_names[i].tlsname); + first_token = strtok_r(s, "_", &s); + token; + if (index == 0){ + name = OPENSSL_strdup(first_token); + }else{ + for (j = 0; j < index; j ++) + token = strtok_r(s, "_", &s); + name = OPENSSL_strdup(token); } - return 0; + OPENSSL_free(first_token); + return name; } -//count the amount of keys in composite structure +//count the amount of keys in the structure int get_qntcmp(int nid) { - int i, index = 0; - for (i = 0; i < NID_TABLE_LEN; i++) - { - if (nid_names[i].nid == nid && nid_names[i].keytype == KEY_TYPE_CMP_SIG){ - char* s = OPENSSL_strdup(nid_names[i].tlsname); - s = strtok(s, "_"); - while (s != NULL){ - s = strtok(NULL, "_"); - index++; - } - OPENSSL_free(s); + int i; + int index = 1; + if ((i = get_oqsalg_idx(nid)) == -1) + return -1; + if (nid_names[i].keytype == KEY_TYPE_CMP_SIG){ + char* s = OPENSSL_strdup(nid_names[i].tlsname); + char* first_token = strtok_r(s, "_", &s); + char* token; + index = 0; + while (token != NULL){ + token = strtok_r(s, "_", &s); + index++; } + OPENSSL_free(first_token); } return index; } @@ -313,7 +319,7 @@ static int oqsx_key_set_composites(OQSX_KEY *key) for (i = 0; i < key->numkeys; i++){ if (key->privkey) { - key->comp_privkey[i] = key->privkey + privlen; + key->comp_privkey[i] = (char *)key->privkey + privlen; privlen += key->privkeylen_cmp[i]; } else @@ -322,7 +328,7 @@ static int oqsx_key_set_composites(OQSX_KEY *key) } if (key->pubkey) { - key->comp_pubkey[i] = key->pubkey + publen; + key->comp_pubkey[i] = (char *)key->pubkey + publen; publen += key->pubkeylen_cmp[i]; } else @@ -334,20 +340,20 @@ static int oqsx_key_set_composites(OQSX_KEY *key) int classic_pubkey_len, classic_privkey_len; if (key->privkey) { - key->comp_privkey[0] = key->privkey + SIZE_OF_UINT32; + key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; DECODE_UINT32(classic_privkey_len, key->privkey); key->comp_privkey[1] - = key->privkey + classic_privkey_len + SIZE_OF_UINT32; + = (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; } else { key->comp_privkey[0] = NULL; key->comp_privkey[1] = NULL; } if (key->pubkey) { - key->comp_pubkey[0] = key->pubkey + SIZE_OF_UINT32; + key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; DECODE_UINT32(classic_pubkey_len, key->pubkey); key->comp_pubkey[1] - = key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; + = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; } else { key->comp_pubkey[0] = NULL; @@ -696,13 +702,18 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, //check if key is the right size for (i = 0; i < key->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); - privlen = key->privkeylen_cmp[i]; - if (get_oqsname_fromtls(name) == 0)//classical key + char *name; + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + privlen = key->privkeylen_cmp[i]; + if (get_oqsname_fromtls(name) == 0){//classical key publen = 0; - else//PQC key + }else{//PQC key publen = key->pubkeylen_cmp[i]; //pubkey in PQC privkey is OPTIONAL - + } previous_privlen += privlen; previous_publen += publen; OPENSSL_free(name); @@ -730,7 +741,12 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, previous_publen = 0; for (i = 0; i < key->numkeys; i++){ size_t classic_publen = 0; - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + char *name; + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } if (get_oqsname_fromtls(name) == 0){//classical key publen = 0; //no pubkey encoded with privkey on classical keys. will recreate the pubkey later if(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size @@ -739,6 +755,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, DECODE_UINT32(privlen, enc_len); privlen += 4; OPENSSL_free(enc_len); + if (privlen > key->privkeylen_cmp[i]){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } }else privlen = key->privkeylen_cmp[i]; }else{//PQC key @@ -946,7 +967,12 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (op == KEY_OP_PUBLIC){ for (i = 0; i < key->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + char *name; + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } if (get_oqsname_fromtls(name) == 0){ EVP_PKEY *npk = EVP_PKEY_new(); if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA ) @@ -962,6 +988,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + OPENSSL_free(name); goto rec_err; } } @@ -973,7 +1000,12 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (op == KEY_OP_PRIVATE){ for (i = 0; i < key->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + char *name; + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } if (get_oqsname_fromtls(name) == 0){ const unsigned char *enc_privkey = key->comp_privkey[i]; if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support) @@ -983,6 +1015,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + OPENSSL_free(name); goto rec_err; } if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ @@ -990,6 +1023,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) int pubkeylen = i2d_PublicKey(key->cmp_classical_pkey[i], &comp_pubkey); if (pubkeylen != key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key){ ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + OPENSSL_free(name); goto rec_err; } }else{ @@ -997,6 +1031,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) int ret = EVP_PKEY_get_raw_public_key(key->cmp_classical_pkey[i], key->comp_pubkey[i], &pubkeylen); if (ret <= 0){ ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + OPENSSL_free(name); goto rec_err; } } @@ -1034,8 +1069,8 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG){ sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); if (sk == NULL){ - p = NULL; - plen = 0; + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return NULL; }else{ count = sk_ASN1_TYPE_num(sk); concat_key = OPENSSL_secure_malloc(plen); @@ -1049,8 +1084,9 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, memcpy(concat_key + plen - aux, buf, buflen); } - p = concat_key + plen - aux; + p = OPENSSL_memdup (concat_key + plen - aux, aux); plen = aux; + OPENSSL_free(concat_key); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); @@ -1091,8 +1127,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, }else{ sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); if (sk == NULL){ - p = NULL; - plen = 0; + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return NULL; }else{ count = sk_ASN1_TYPE_num(sk); concat_key = OPENSSL_secure_malloc(plen); @@ -1100,7 +1136,12 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, aux = 0; for (i = 0; i < count; i++){ aType = sk_ASN1_TYPE_pop(sk); - char *name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i); + char *name; + if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return NULL; + } buf = aType->value.sequence->data; buflen = aType->value.sequence->length; aux += buflen; @@ -1308,7 +1349,12 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); for (i = 0; i < ret->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(tls_name), i); + char *name; + if ((name = get_cmpname(OBJ_sn2nid(tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } if (get_oqsname_fromtls(name) != 0) { ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(get_oqsname_fromtls(name)); @@ -1532,7 +1578,6 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], // OQS key always the last of the numkeys comp keys static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { -printf("18\n"); if (gen_kem) return OQS_KEM_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem, key->comp_pubkey[key->numkeys-1], @@ -1669,20 +1714,24 @@ int oqsx_key_gen(OQSX_KEY *key) int i; ret = oqsx_key_set_composites(key); for (i = 0; i < key->numkeys; i++){ - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); + char *name; + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + OPENSSL_free(name); + ON_ERR_GOTO(ret, err); + } if (get_oqsname_fromtls(name) == 0) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); + OPENSSL_free(name); ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[i] = pkey; } else { ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); + OPENSSL_free(name); ON_ERR_GOTO(ret, err); - } - OPENSSL_free(name); - + } } From d540c284c42da16b174347783a153b498ada79a4 Mon Sep 17 00:00:00 2001 From: Mariam John Date: Wed, 29 Nov 2023 11:15:00 -0600 Subject: [PATCH 070/160] Fix minor typos in documentation (#304) Fixed minor typos and incorrect links in README.md and STANDARDS.md --- README.md | 2 +- STANDARDS.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index eaa24aa6..23d07b70 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ via the standard commands, i.e., In addition, algorithms not denoted with "\*" above are not enabled for TLS operations. This designation [can be changed by modifying the -"enabled" flags in the main alorithm configuration file](CONFIGURE.md#pre-build-configuration). +"enabled" flags in the main algorithm configuration file](CONFIGURE.md#pre-build-configuration). In order to support parallel use of classic and quantum-safe cryptography this provider also provides different hybrid algorithms, combining classic diff --git a/STANDARDS.md b/STANDARDS.md index cb1a6a28..fae1379d 100644 --- a/STANDARDS.md +++ b/STANDARDS.md @@ -26,5 +26,5 @@ components, this provider implements the following standards: - Hybrid post-quantum / traditional private keys: - Simple concatenation of traditional and post-quantum components in plain binary / OCTET_STRING representations. -Additionally worthwhile noting is that only quantum-safe [signature algorithms](#signature-algorithms) are persisted via PKCS#8 and X.509. No corresponding encoder/decoder logic exists for quantum safe [KEM algorithms](#kem-algorithms) -- See also #194. +Additionally worthwhile noting is that only quantum-safe [signature algorithms](README.md#signature-algorithms) are persisted via PKCS#8 and X.509. No corresponding encoder/decoder logic exists for quantum safe [KEM algorithms](README.md#kem-algorithms) -- See also [#194](https://github.com/open-quantum-safe/oqs-provider/issues/194). From 18e82d1b97331e6ba2a2b08c595cb0320a51bed5 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 30 Nov 2023 09:27:00 -0600 Subject: [PATCH 071/160] fixed memory leak and typos --- oqsprov/oqs_sig.c | 4 +++- oqsprov/oqsprov_keys.c | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 85943ccb..49cd26f5 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,7 +27,7 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ -#define COMPOSITE_IDX_ADJUST 23 /*idx to the frist composite in the composite idx block*/ +#define COMPOSITE_IDX_ADJUST 23 /*idx to the first composite in the composite idx block*/ #ifdef NDEBUG # define OQS_SIG_PRINTF(a) @@ -603,6 +603,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); + OPENSSL_free(compsig->sig1->data); + OPENSSL_free(compsig->sig2->data); OPENSSL_free(compsig); OPENSSL_free(final_tbs); } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 9fec210d..c2cf872e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -285,6 +285,10 @@ int get_qntcmp(int nid) index++; } OPENSSL_free(first_token); + }else{ + if (nid_names[i].keytype == KEY_TYPE_HYB_SIG){ + index = 2; + } } return index; } From c73dcc927908a3e983caeccc0ee08155452b7a6a Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Dec 2023 13:28:39 -0600 Subject: [PATCH 072/160] fixed memory issues with single sigs --- oqsprov/oqsprov_keys.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index c2cf872e..2f9cafcb 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -286,7 +286,9 @@ int get_qntcmp(int nid) } OPENSSL_free(first_token); }else{ - if (nid_names[i].keytype == KEY_TYPE_HYB_SIG){ + if ((nid_names[i].keytype == KEY_TYPE_HYB_SIG) + ||(nid_names[i].keytype == KEY_TYPE_ECP_HYB_KEM) + ||(nid_names[i].keytype == KEY_TYPE_ECX_HYB_KEM)){ index = 2; } } @@ -1220,7 +1222,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); + ret->oqsx_provider_ctx[0].oqsx_evp_ctx = NULL; ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { fprintf( @@ -1259,7 +1262,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); + ret->oqsx_provider_ctx[0].oqsx_evp_ctx = NULL; ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( @@ -1276,7 +1280,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, break; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { fprintf( @@ -1308,7 +1312,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->evp_info = evp_ctx->evp_info; break; case KEY_TYPE_HYB_SIG: - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(void *)); + ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { fprintf( @@ -1469,7 +1473,6 @@ void oqsx_key_free(OQSX_KEY *key) } }else{ OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); - EVP_PKEY_free(key->classical_pkey); if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); @@ -1482,6 +1485,7 @@ void oqsx_key_free(OQSX_KEY *key) #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); #endif + OPENSSL_free(key->oqsx_provider_ctx); OPENSSL_free(key->classical_pkey); OPENSSL_free(key->cmp_classical_pkey); OPENSSL_free(key); From 91b38467ff3b53cffb54de587cf8a46a9fe371da Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 2 Dec 2023 00:45:02 +0100 Subject: [PATCH 073/160] HQC code point update (#306) * HQC code point updates * adding liboqs 0.9.0 generator YAML * remove Win 2019 from CI --- .circleci/config.yml | 4 +- .github/workflows/windows.yml | 2 +- ALGORITHMS.md | 16 +- oqs-template/generate.yml | 47 +- oqs-template/generate.yml-0.9.0 | 1228 +++++++++++++++++++++++++++++++ oqs-template/oqs-kem-info.md | 8 + oqsprov/oqsprov_capabilities.c | 16 +- 7 files changed, 1295 insertions(+), 26 deletions(-) create mode 100644 oqs-template/generate.yml-0.9.0 diff --git a/.circleci/config.yml b/.circleci/config.yml index 1cfbca05..d06837c1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -301,12 +301,12 @@ workflows: - macOS: name: macOS-shared CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF - OPENSSL_PREINSTALL: openssl@3.1 + OPENSSL_PREINSTALL: openssl@3 - macOS: name: macOS-static OQS_PROVIDER_BUILD_STATIC: true CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF - OPENSSL_PREINSTALL: openssl@3.1 + OPENSSL_PREINSTALL: openssl@3 on-main-branch: when: or: diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index a03fc8bb..8e73be13 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -204,7 +204,7 @@ jobs: strategy: matrix: os: - - windows-2019 +# - windows-2019 - windows-2022 platform: - arch: win64 diff --git a/ALGORITHMS.md b/ALGORITHMS.md index a76bcb59..9ec32f93 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -46,14 +46,14 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | x448_bikel3 | 0x2FAF | Yes | OQS_CODEPOINT_X448_BIKEL3 | | bikel5 | 0x0243 | Yes | OQS_CODEPOINT_BIKEL5 | | p521_bikel5 | 0x2F43 | Yes | OQS_CODEPOINT_P521_BIKEL5 | -| hqc128 | 0x022C | Yes | OQS_CODEPOINT_HQC128 | -| p256_hqc128 | 0x2F2C | Yes | OQS_CODEPOINT_P256_HQC128 | -| x25519_hqc128 | 0x2FAC | Yes | OQS_CODEPOINT_X25519_HQC128 | -| hqc192 | 0x022D | Yes | OQS_CODEPOINT_HQC192 | -| p384_hqc192 | 0x2F2D | Yes | OQS_CODEPOINT_P384_HQC192 | -| x448_hqc192 | 0x2FAD | Yes | OQS_CODEPOINT_X448_HQC192 | -| hqc256 | 0x022E | Yes | OQS_CODEPOINT_HQC256 | -| p521_hqc256 | 0x2F2E | Yes | OQS_CODEPOINT_P521_HQC256 | +| hqc128 | 0x0244 | Yes | OQS_CODEPOINT_HQC128 | +| p256_hqc128 | 0x2F44 | Yes | OQS_CODEPOINT_P256_HQC128 | +| x25519_hqc128 | 0x2FB0 | Yes | OQS_CODEPOINT_X25519_HQC128 | +| hqc192 | 0x0245 | Yes | OQS_CODEPOINT_HQC192 | +| p384_hqc192 | 0x2F45 | Yes | OQS_CODEPOINT_P384_HQC192 | +| x448_hqc192 | 0x2FB1 | Yes | OQS_CODEPOINT_X448_HQC192 | +| hqc256 | 0x0246 | Yes | OQS_CODEPOINT_HQC256 | +| p521_hqc256 | 0x2F46 | Yes | OQS_CODEPOINT_P521_HQC256 | | dilithium2 | 0xfea0 |Yes| OQS_CODEPOINT_DILITHIUM2 | p256_dilithium2 | 0xfea1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2 | rsa3072_dilithium2 | 0xfea2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2 diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 269388a9..099d36ed 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -1,5 +1,5 @@ # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs -# Next free plain KEM ID: 0x0244, p-hybrid: 0x2F44, X-hybrid: 0x2FB0 +# Next free plain KEM ID: 0x0247, p-hybrid: 0x2F47, X-hybrid: 0x2FB2 kems: - family: 'FrodoKEM' @@ -297,29 +297,62 @@ kems: - family: 'HQC' name_group: 'hqc128' - nid: '0x022C' - nid_hybrid: '0x2F2C' + nid: '0x0244' + nid_hybrid: '0x2F44' oqs_alg: 'OQS_KEM_alg_hqc_128' extra_nids: current: - hybrid_group: "x25519" + nid: '0x2FB0' + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x022C' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp256_r1 + nid: '0x2F2C' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x25519 nid: '0x2FAC' - family: 'HQC' name_group: 'hqc192' - nid: '0x022D' - nid_hybrid: '0x2F2D' + nid: '0x0245' + nid_hybrid: '0x2F45' oqs_alg: 'OQS_KEM_alg_hqc_192' extra_nids: current: - hybrid_group: "x448" + nid: '0x2FB1' + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x022D' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp384_r1 + nid: '0x2F2D' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x448 nid: '0x2FAD' - family: 'HQC' name_group: 'hqc256' - nid: '0x022E' - nid_hybrid: '0x2F2E' + nid: '0x0246' + nid_hybrid: '0x2F46' oqs_alg: 'OQS_KEM_alg_hqc_256' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x022E' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp521_r1 + nid: '0x2F2E' kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' diff --git a/oqs-template/generate.yml-0.9.0 b/oqs-template/generate.yml-0.9.0 new file mode 100644 index 00000000..269388a9 --- /dev/null +++ b/oqs-template/generate.yml-0.9.0 @@ -0,0 +1,1228 @@ +# This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs +# Next free plain KEM ID: 0x0244, p-hybrid: 0x2F44, X-hybrid: 0x2FB0 +kems: + - + family: 'FrodoKEM' + name_group: 'frodo640aes' + nid: '0x0200' + nid_hybrid: '0x2F00' + oqs_alg: 'OQS_KEM_alg_frodokem_640_aes' + extra_nids: + current: + - hybrid_group: "x25519" + nid: '0x2F80' + - + family: 'FrodoKEM' + name_group: 'frodo640shake' + nid: '0x0201' + nid_hybrid: '0x2F01' + oqs_alg: 'OQS_KEM_alg_frodokem_640_shake' + extra_nids: + current: + - hybrid_group: "x25519" + nid: '0x2F81' + - + family: 'FrodoKEM' + name_group: 'frodo976aes' + nid: '0x0202' + nid_hybrid: '0x2F02' + oqs_alg: 'OQS_KEM_alg_frodokem_976_aes' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2F82' + - + family: 'FrodoKEM' + name_group: 'frodo976shake' + nid: '0x0203' + nid_hybrid: '0x2F03' + oqs_alg: 'OQS_KEM_alg_frodokem_976_shake' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2F83' + - + family: 'FrodoKEM' + name_group: 'frodo1344aes' + nid: '0x0204' + nid_hybrid: '0x2F04' + oqs_alg: 'OQS_KEM_alg_frodokem_1344_aes' + - + family: 'FrodoKEM' + name_group: 'frodo1344shake' + nid: '0x0205' + nid_hybrid: '0x2F05' + oqs_alg: 'OQS_KEM_alg_frodokem_1344_shake' + - + family: 'BIKE' + name_group: 'bike1l1cpa' + bit_security: 128 + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0206' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp256_r1 + nid: '0x2F06' + oqs_alg: 'OQS_KEM_alg_bike1_l1_cpa' + - + family: 'BIKE' + name_group: 'bike1l3cpa' + bit_security: 192 + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0207' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp384_r1 + nid: '0x2F07' + oqs_alg: 'OQS_KEM_alg_bike1_l3_cpa' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber512' + nid: '0x023A' + oid: '1.3.6.1.4.1.22554.5.6.1' + nid_hybrid: '0x2F3A' + hybrid_oid: '1.3.6.1.4.1.22554.5.7.1' + oqs_alg: 'OQS_KEM_alg_kyber_512' + extra_nids: + current: + - hybrid_group: "x25519" + hybrid_oid: '1.3.6.1.4.1.22554.5.8.1' + nid: '0x2F39' + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x020F' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp256_r1 + nid: '0x2F0F' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: x25519 + nid: '0x2F26' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber768' + nid: '0x023C' + oid: '1.3.6.1.4.1.22554.5.6.2' + nid_hybrid: '0x2F3C' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2F90' + - hybrid_group: "x25519" + nid: '0x6399' + - hybrid_group: "p256" + nid: '0x639A' + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0210' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp384_r1 + nid: '0x2F10' + oqs_alg: 'OQS_KEM_alg_kyber_768' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber1024' + nid: '0x023D' + oid: '1.3.6.1.4.1.22554.5.6.3' + nid_hybrid: '0x2F3D' + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0211' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp521_r1 + nid: '0x2F11' + oqs_alg: 'OQS_KEM_alg_kyber_1024' + - + family: 'BIKE' + name_group: 'bike1l1fo' + bit_security: 128 + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0223' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp256_r1 + nid: '0x2F23' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: "x25519" + nid: '0x2F28' + oqs_alg: 'OQS_KEM_alg_bike1_l1_fo' + - + family: 'BIKE' + name_group: 'bike1l3fo' + bit_security: 192 + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0224' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp384_r1 + nid: '0x2F24' + oqs_alg: 'OQS_KEM_alg_bike1_l3_fo' + - + family: 'BIKE' + name_group: 'bikel1' + implementation_version: '5.1' + nid: '0x0241' + nid_hybrid: '0x2F41' + oqs_alg: 'OQS_KEM_alg_bike_l1' + extra_nids: + current: + - hybrid_group: "x25519" + nid: '0x2FAE' + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x0238' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x25519 + nid: '0x2F37' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp256_r1 + nid: '0x2F38' + - + family: 'BIKE' + name_group: 'bikel3' + implementation_version: '5.1' + nid: '0x0242' + nid_hybrid: '0x2F42' + oqs_alg: 'OQS_KEM_alg_bike_l3' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2FAF' + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023B' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp384_r1 + nid: '0x2F3B' + - + family: 'BIKE' + name_group: 'bikel5' + implementation_version: '5.1' + nid: '0x0243' + nid_hybrid: '0x2F43' + oqs_alg: 'OQS_KEM_alg_bike_l5' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber90s512' + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x0229' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp256_r1 + nid: '0x2F29' + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023E' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp256_r1 + nid: '0x2F3E' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x25519 + nid: '0x2FA9' + oqs_alg: 'OQS_KEM_alg_kyber_512_90s' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber90s768' + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x022A' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp384_r1 + nid: '0x2F2A' + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023F' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp384_r1 + nid: '0x2F3F' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x448 + nid: '0x2FAA' + oqs_alg: 'OQS_KEM_alg_kyber_768_90s' + - + family: 'CRYSTALS-Kyber' + name_group: 'kyber90s1024' + extra_nids: + old: + - implementation_version: NIST Round 2 submission + nist-round: 2 + nid: '0x022B' + - implementation_version: NIST Round 2 submission + nist-round: 2 + hybrid_group: secp521_r1 + nid: '0x2F2B' + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x0240' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp521_r1 + nid: '0x2F40' + oqs_alg: 'OQS_KEM_alg_kyber_1024_90s' + - + family: 'HQC' + name_group: 'hqc128' + nid: '0x022C' + nid_hybrid: '0x2F2C' + oqs_alg: 'OQS_KEM_alg_hqc_128' + extra_nids: + current: + - hybrid_group: "x25519" + nid: '0x2FAC' + - + family: 'HQC' + name_group: 'hqc192' + nid: '0x022D' + nid_hybrid: '0x2F2D' + oqs_alg: 'OQS_KEM_alg_hqc_192' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2FAD' + - + family: 'HQC' + name_group: 'hqc256' + nid: '0x022E' + nid_hybrid: '0x2F2E' + oqs_alg: 'OQS_KEM_alg_hqc_256' + +kem_nid_end: '0x0250' +kem_nid_hybrid_end: '0x2FFF' +# need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values + +# Next free signature ID: 0xfed0 +sigs: + # - + # iso (1) + # identified-organization (3) + # reserved (9999) + # oqs_sig_default (1) + # disabled + #variants: + # - + # name: 'oqs_sig_default' + # pretty_name: 'OQS Default Signature Algorithm' + # oqs_meth: 'OQS_SIG_alg_default' + # oid: '1.3.9999.1.1' + # code_point: '0xfe00' + # enable: true + # mix_with: [{'name': 'p256', + # 'pretty_name': 'ECDSA p256', + # 'oid': '1.3.9999.1.2', + # 'code_point': '0xfe01'}, + # {'name': 'rsa3072', + # 'pretty_name': 'RSA3072', + # 'oid': '1.3.9999.1.3', + # 'code_point': '0xfe02'}] + - + # OID scheme for hybrid variants of Dilithium: + # iso (1) + # identified-organization (3) + # reserved (9999) + # dilithium (2) + # OID scheme for plain Dilithium: + # iso (1) + # identified-organization (3) + # dod (6) + # internet (1) + # private (4) + # enterprise (1) + # IBM (2) + # qsc (267) + # Dilithium-r3 (7) + family: 'CRYSTALS-Dilithium' + variants: + - + name: 'dilithium2' + pretty_name: 'Dilithium2' + oqs_meth: 'OQS_SIG_alg_dilithium_2' + oid: '1.3.6.1.4.1.2.267.7.4.4' + code_point: '0xfea0' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.2.7.1', + 'code_point': '0xfea1'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.2.7.2', + 'code_point': '0xfea2'}] + - + name: 'dilithium3' + pretty_name: 'Dilithium3' + oqs_meth: 'OQS_SIG_alg_dilithium_3' + oid: '1.3.6.1.4.1.2.267.7.6.5' + code_point: '0xfea3' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + enable: true + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.2.7.3', + 'code_point': '0xfea4'}] + - + name: 'dilithium5' + pretty_name: 'Dilithium5' + oqs_meth: 'OQS_SIG_alg_dilithium_5' + oid: '1.3.6.1.4.1.2.267.7.8.7' + code_point: '0xfea5' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + enable: true + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.2.7.4', + 'code_point': '0xfea6'}] + - + name: 'dilithium2_aes' + pretty_name: 'Dilithium2_AES' + oqs_meth: 'OQS_SIG_alg_dilithium_2_aes' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.11.4.4' + code_point: '0xfea7' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.2.11.1', + 'code_point': '0xfea8'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.2.11.2', + 'code_point': '0xfea9'}] + - + name: 'dilithium3_aes' + pretty_name: 'Dilithium3_AES' + oqs_meth: 'OQS_SIG_alg_dilithium_3_aes' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.11.6.5' + code_point: '0xfeaa' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.2.11.3', + 'code_point': '0xfeab'}] + - + name: 'dilithium5_aes' + pretty_name: 'Dilithium5_AES' + oqs_meth: 'OQS_SIG_alg_dilithium_5_aes' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.11.8.7' + code_point: '0xfeac' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.2.11.4', + 'code_point': '0xfead'}] + - + # iso (1) + # identified-organization (3) + # reserved (9999) + # falcon (3) + family: 'Falcon' + variants: + - + name: 'falcon512' + pretty_name: 'Falcon-512' + oqs_meth: 'OQS_SIG_alg_falcon_512' + oid: '1.3.9999.3.6' + code_point: '0xfeae' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.7', + 'code_point': '0xfeaf'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.8', + 'code_point': '0xfeb0'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.3.1' + code_point: '0xfe0b' + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.2', + 'code_point': '0xfe0c'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.3', + 'code_point': '0xfe0d'}] + - + name: 'falcon1024' + pretty_name: 'Falcon-1024' + oqs_meth: 'OQS_SIG_alg_falcon_1024' + oid: '1.3.9999.3.9' + code_point: '0xfeb1' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.10', + 'code_point': '0xfeb2'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.3.4' + code_point: '0xfe0e' + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.5', + 'code_point': '0xfe0f'}] + - + family: 'SPHINCS-Haraka' + variants: + - + name: 'sphincsharaka128frobust' + pretty_name: 'SPHINCS+-Haraka-128f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_128f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.1.1' + code_point: '0xfe42' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.1.2', + 'code_point': '0xfe43'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.1.3', + 'code_point': '0xfe44'}] + - + name: 'sphincsharaka128fsimple' + pretty_name: 'SPHINCS+-Haraka-128f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_128f_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.1.4' + code_point: '0xfe45' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.1.5', + 'code_point': '0xfe46'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.1.6', + 'code_point': '0xfe47'}] + - + name: 'sphincsharaka128srobust' + pretty_name: 'SPHINCS+-Haraka-128s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_128s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.1.7' + code_point: '0xfe48' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.1.8', + 'code_point': '0xfe49'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.1.9', + 'code_point': '0xfe4a'}] + - + name: 'sphincsharaka128ssimple' + pretty_name: 'SPHINCS+-Haraka-128s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_128s_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.1.10' + code_point: '0xfe4b' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.1.11', + 'code_point': '0xfe4c'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.1.12', + 'code_point': '0xfe4d'}] + - + name: 'sphincsharaka192frobust' + pretty_name: 'SPHINCS+-Haraka-192f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_192f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.2.1' + code_point: '0xfe4e' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.2.2', + 'code_point': '0xfe4f'}] + - + name: 'sphincsharaka192fsimple' + pretty_name: 'SPHINCS+-Haraka-192f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_192f_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.2.3' + code_point: '0xfe50' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.2.4', + 'code_point': '0xfe51'}] + - + name: 'sphincsharaka192srobust' + pretty_name: 'SPHINCS+-Haraka-192s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_192s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.2.5' + code_point: '0xfe52' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.2.6', + 'code_point': '0xfe53'}] + - + name: 'sphincsharaka192ssimple' + pretty_name: 'SPHINCS+-Haraka-192s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_192s_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.2.7' + code_point: '0xfe54' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.2.8', + 'code_point': '0xfe55'}] + - + name: 'sphincsharaka256frobust' + pretty_name: 'SPHINCS+-Haraka-256f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_256f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.3.1' + code_point: '0xfe56' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.3.2', + 'code_point': '0xfe57'}] + - + name: 'sphincsharaka256fsimple' + pretty_name: 'SPHINCS+-Haraka-256f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_256f_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.3.3' + code_point: '0xfe58' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.3.4', + 'code_point': '0xfe59'}] + - + name: 'sphincsharaka256srobust' + pretty_name: 'SPHINCS+-Haraka-256s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_256s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.3.5' + code_point: '0xfe5a' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.3.6', + 'code_point': '0xfe5b'}] + - + name: 'sphincsharaka256ssimple' + pretty_name: 'SPHINCS+-Haraka-256s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_haraka_256s_simple' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.3.7' + code_point: '0xfe5c' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.3.8', + 'code_point': '0xfe5d'}] + - + family: 'SPHINCS-SHA2' + variants: + - + name: 'sphincssha26128frobust' + pretty_name: 'SPHINCS+-SHA256-128f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_128f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.4.1' + code_point: '0xfe5e' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.2', + 'code_point': '0xfe5f'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.3', + 'code_point': '0xfe60'}] + - + name: 'sphincssha2128fsimple' + pretty_name: 'SPHINCS+-SHA2-128f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_128f_simple' + oid: '1.3.9999.6.4.13' + code_point: '0xfeb3' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.14', + 'code_point': '0xfeb4'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.15', + 'code_point': '0xfeb5'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.4.4' + code_point: '0xfe61' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.5', + 'code_point': '0xfe62'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.6', + 'code_point': '0xfe63'}] + - + name: 'sphincssha256128srobust' + pretty_name: 'SPHINCS+-SHA256-128s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_128s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.4.7' + code_point: '0xfe64' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.8', + 'code_point': '0xfe65'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.9', + 'code_point': '0xfe66'}] + - + name: 'sphincssha2128ssimple' + pretty_name: 'SPHINCS+-SHA2-128s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_128s_simple' + oid: '1.3.9999.6.4.16' + code_point: '0xfeb6' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.17', + 'code_point': '0xfeb7'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.18', + 'code_point': '0xfeb8'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.4.10' + code_point: '0xfe67' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.4.11', + 'code_point': '0xfe68'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.4.12', + 'code_point': '0xfe69'}] + - + name: 'sphincssha256192frobust' + pretty_name: 'SPHINCS+-SHA256-192f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_192f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.5.1' + code_point: '0xfe6a' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.2', + 'code_point': '0xfe6b'}] + - + name: 'sphincssha2192fsimple' + pretty_name: 'SPHINCS+-SHA2-192f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_192f_simple' + oid: '1.3.9999.6.5.10' + code_point: '0xfeb9' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: true + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.11', + 'code_point': '0xfeba'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.5.3' + code_point: '0xfe6c' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.4', + 'code_point': '0xfe6d'}] + - + name: 'sphincssha256192srobust' + pretty_name: 'SPHINCS+-SHA256-192s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_192s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.5.5' + code_point: '0xfe6e' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.6', + 'code_point': '0xfe6f'}] + - + name: 'sphincssha2192ssimple' + pretty_name: 'SPHINCS+-SHA2-192s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_192s_simple' + oid: '1.3.9999.6.5.12' + code_point: '0xfebb' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.13', + 'code_point': '0xfebc'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.5.7' + code_point: '0xfe70' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.5.8', + 'code_point': '0xfe71'}] + - + name: 'sphincssha256256frobust' + pretty_name: 'SPHINCS+-SHA256-256f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_256f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.6.1' + code_point: '0xfe72' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.2', + 'code_point': '0xfe73'}] + - + name: 'sphincssha2256fsimple' + pretty_name: 'SPHINCS+-SHA2-256f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_256f_simple' + oid: '1.3.9999.6.6.10' + code_point: '0xfebd' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.11', + 'code_point': '0xfebe'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.6.3' + code_point: '0xfe74' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.4', + 'code_point': '0xfe75'}] + - + name: 'sphincssha256256srobust' + pretty_name: 'SPHINCS+-SHA256-256s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_sha256_256s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.6.5' + code_point: '0xfe76' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.6', + 'code_point': '0xfe77'}] + - + name: 'sphincssha2256ssimple' + pretty_name: 'SPHINCS+-SHA2-256s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_sha2_256s_simple' + oid: '1.3.9999.6.6.12' + code_point: '0xfec0' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.13', + 'code_point': '0xfec1'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.6.7' + code_point: '0xfe78' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.6.8', + 'code_point': '0xfe79'}] + - + family: 'SPHINCS-SHAKE' + variants: + - + name: 'sphincsshake256128frobust' + pretty_name: 'SPHINCS+-SHAKE256-128f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_128f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.7.1' + code_point: '0xfe7a' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.2', + 'code_point': '0xfe7b'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.3', + 'code_point': '0xfe7c'}] + - + name: 'sphincsshake128fsimple' + pretty_name: 'SPHINCS+-SHAKE-128f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_128f_simple' + oid: '1.3.9999.6.7.13' + code_point: '0xfec2' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.14', + 'code_point': '0xfec3'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.15', + 'code_point': '0xfec4'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.7.4' + code_point: '0xfe7d' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.5', + 'code_point': '0xfe7e'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.6', + 'code_point': '0xfe7f'}] + - + name: 'sphincsshake256128srobust' + pretty_name: 'SPHINCS+-SHAKE256-128s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_128s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.7.7' + code_point: '0xfe80' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.8', + 'code_point': '0xfe81'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.9', + 'code_point': '0xfe82'}] + - + name: 'sphincsshake128ssimple' + pretty_name: 'SPHINCS+-SHAKE-128s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_128s_simple' + oid: '1.3.9999.6.7.16' + code_point: '0xfec5' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.17', + 'code_point': '0xfec6'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.18', + 'code_point': '0xfec7'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.7.10' + code_point: '0xfe83' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.6.7.11', + 'code_point': '0xfe84'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.6.7.12', + 'code_point': '0xfe85'}] + - + name: 'sphincsshake256192frobust' + pretty_name: 'SPHINCS+-SHAKE256-192f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_192f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.8.1' + code_point: '0xfe86' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.2', + 'code_point': '0xfe87'}] + - + name: 'sphincsshake192fsimple' + pretty_name: 'SPHINCS+-SHAKE-192f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_192f_simple' + oid: '1.3.9999.6.8.10' + code_point: '0xfec8' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.11', + 'code_point': '0xfec9'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.8.3' + code_point: '0xfe88' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.4', + 'code_point': '0xfe89'}] + - + name: 'sphincsshake256192srobust' + pretty_name: 'SPHINCS+-SHAKE256-192s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_192s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.8.5' + code_point: '0xfe8a' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.6', + 'code_point': '0xfe8b'}] + - + name: 'sphincsshake192ssimple' + pretty_name: 'SPHINCS+-SHAKE-192s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_192s_simple' + oid: '1.3.9999.6.8.12' + code_point: '0xfeca' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.13', + 'code_point': '0xfecb'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.8.7' + code_point: '0xfe8c' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.6.8.8', + 'code_point': '0xfe8d'}] + - + name: 'sphincsshake256256frobust' + pretty_name: 'SPHINCS+-SHAKE256-256f-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_256f_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.9.1' + code_point: '0xfe8e' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.2', + 'code_point': '0xfe8f'}] + - + name: 'sphincsshake256fsimple' + pretty_name: 'SPHINCS+-SHAKE-256f-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_256f_simple' + oid: '1.3.9999.6.9.10' + code_point: '0xfecc' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.11', + 'code_point': '0xfecd'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.9.3' + code_point: '0xfe90' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.4', + 'code_point': '0xfe91'}] + - + name: 'sphincsshake256256srobust' + pretty_name: 'SPHINCS+-SHAKE256-256s-robust' + oqs_meth: 'OQS_SIG_alg_sphincs_shake256_256s_robust' + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.9.5' + code_point: '0xfe92' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.6', + 'code_point': '0xfe93'}] + - + name: 'sphincsshake256ssimple' + pretty_name: 'SPHINCS+-SHAKE-256s-simple' + oqs_meth: 'OQS_SIG_alg_sphincs_shake_256s_simple' + oid: '1.3.9999.6.9.12' + code_point: '0xfece' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + enable: false + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.13', + 'code_point': '0xfecf'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.9999.6.9.7' + code_point: '0xfe94' + supported_encodings: ['draft-uni-qsckeys-sphincsplus-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.6.9.8', + 'code_point': '0xfe95'}] + + diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index d45c8a1e..d85fca20 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -77,3 +77,11 @@ | HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2FAD | x448 | | HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x022E | | | HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x2F2E | secp521_r1 | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x0244 | | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2F44 | secp256_r1 | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2FB0 | x25519 | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x0245 | | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2F45 | secp384_r1 | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2FB1 | x448 | +| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x0246 | | +| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x2F46 | secp521_r1 | diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 001dd419..6255b041 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -81,17 +81,17 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { {0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x022C, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F2C, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FAC, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x022D, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F2D, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FAD, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x022E, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F2E, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1}, ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END }; From ced75e42afe966b846f196865f822222ff2674d9 Mon Sep 17 00:00:00 2001 From: Mariam John Date: Tue, 5 Dec 2023 04:59:57 -0600 Subject: [PATCH 074/160] Fix broken circleci job for macOS (#305) This PR updates the openssl version to be installed for testing macOS builds The circleci config file currently points to openssl@3.1 to install openssl for macOS. This change was made as part of the following [PR](https://github.com/open-quantum-safe/oqs-provider/commit/080c3dd2703a6b26f0aca12b265346a15f87c43e), where previously `openssl@3` pointed to `openssl v3.0.x` which was causing errors trying to build oqs-provider. So the change was made to specify `openssl@3.1`. OpenSSL v3.2 was released last week and the circleci jobs for macOS started failing since `openssl@3.1` is no longer available to install using homebrew. Instead the following are the options: `openssl@3` (which points to the current stable version, v3.2), `openssl@3.0` and `openssl@1.1`. Changes made in this PR include: - pointing the openssl version back to `openssl@3` since it now points to the latest 3.2 - a small doc change to the CONTRIBUTING doc to update the circleci command to run a specific job locally. (In the latest version (currently vv0.1.29314), this command does not have the --job flag) --- .circleci/config.yml | 4 ++-- CONTRIBUTING.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d06837c1..c900afdb 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -166,7 +166,7 @@ jobs: - when: condition: not: - equal: [ openssl@3.1, << parameters.OPENSSL_PREINSTALL >> ] + equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Clone and build OpenSSL(3) master @@ -186,7 +186,7 @@ jobs: fi - when: condition: - equal: [ openssl@3.1, << parameters.OPENSSL_PREINSTALL >> ] + equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Build OQS-OpenSSL provider diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bcd1793f..ea800111 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -37,7 +37,7 @@ run the following command in the project main directory prior to finishing a PR: If encountering CI errors in CircleCI, it may be helpful to execute the test jobs locally to debug. This can be facilitated by executing the command - circleci local execute --job some-test-job + circleci local execute [--job] some-test-job assuming "some-test-job" is the name of the test to be executed and the CircleCI [command line tools have been installed](https://circleci.com/docs/local-cli). From 61ef3a2dc2ca61e8748472b7657b617cc3d81cfc Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:03:14 +0100 Subject: [PATCH 075/160] Contribution policy (#286) * add new issue template * add GOVERNANCE policy * feedback by @levitte * Clarifications on voting * updates following SustainOSS feedback * Clarify reinstatement into role * Make Leave of absence its own section, and clarify some details Co-authored-by: Richard Levitte Co-authored-by: Spencer Wilson Co-authored-by: Douglas Stebila --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- .github/ISSUE_TEMPLATE/discussion.md | 25 ++++++++++ GOVERNANCE.md | 70 ++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 1 deletion(-) create mode 100644 .github/ISSUE_TEMPLATE/discussion.md create mode 100644 GOVERNANCE.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 22234bd7..08658392 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -2,7 +2,7 @@ name: Bug report about: Create a report to help us improve title: '' -labels: '' +labels: 'bug' assignees: '' --- diff --git a/.github/ISSUE_TEMPLATE/discussion.md b/.github/ISSUE_TEMPLATE/discussion.md new file mode 100644 index 00000000..328941c5 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/discussion.md @@ -0,0 +1,25 @@ +--- +name: Question, Feature, Documentation +labels: 'question' +about: Ask question, request feature or documentation update +--- + +### Thank you for taking the time to share your thoughts with us. + +We welcome all suggestions for new features or documentation updates +helping others to make better use of this project. + +As with any other topic you'd like to discuss with the community, +we'd primarily like to invite you to [open a discussion](https://github.com/open-quantum-safe/oqs-provider/discussions) +item with your concern. + +If you have a bug to report please use the [Bug report template](https://github.com/open-quantum-safe/oqs-provider/issues/new?assignees=&labels=&projects=&template=bug_report.md&title=). + +If you have an issue with the project that does not qualify as a bug +and have already explored the code to the extent that you can make a +proposal how to handle the issue, please feel free to open a +"blank issue" providing all information you have already collected. + +Please remember to tell us which code version/branch you are using and +then briefly describe the issue and proposal how to resolve it if +available. diff --git a/GOVERNANCE.md b/GOVERNANCE.md new file mode 100644 index 00000000..4207602a --- /dev/null +++ b/GOVERNANCE.md @@ -0,0 +1,70 @@ +# Governance + +## Foreword + +This file documents the governance guidelines used for this project. It is principally concerned with defining the roles of project contributors, the associated rights and responsibilities, and the process for transitioning between them. As such, this document is written in a fairly formal and precise tone, so as to be succint and unambiguous. This should not be interpreted as a lack of warmth on the part of the OQS team---we're really quite friendly! We do not intend to act as gatekeepers by laying out this tier of roles and the associated rules. Instead, we hope that clearly defining these roles and the processes for attaining them shows contributors a clear path by which to become more involved in project governance, if they so wish. We welcome all questions, discussions, and contributions, and we would love to have more people on board. + +We recognize that some of the policies discussed here can seem intimidating---for instance, revocation of privileges or code of conduct violations. It is our hope that we don't have to rely on these guidelines; however, we believe that it is important to have them in place should they be needed. + +## Roles + +The following roles exist in the project: + +1. Maintainer: Person with GitHub administrative rights. + +2. Committer: Person with GitHub "Write" privileges; this entails the right and obligation to review PRs by Contributors and to actively participate in discussions. + +3. Contributor: Person that has contributed code. + +4. Users: Person using the project passively or actively, e.g., by participating in discussions. + +## Relationships between roles + +Any User may also be a Contributor. Any Contributor may also be a Committer. Any Committer may also be a Maintainer. A Maintainer must be a Committer. + +## Change of role + +Any User may become a Contributor by creating a pull request (PR) and getting it successfully reviewed and merged by Committers. + +Any Contributor can become a Committer by contributing sufficient code and displaying deep subject matter knowledge in discussions such that a majority of Committers vote for this change of role. A Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of Committers. + +As such a voting decision may be considered subjective, Contributors striving to become Committers are encouraged to ask for advice by Committers as to what---if anything---should be done to attain this status (additional to already documented knowledge in contributions). Baseline requirements for contributions are documented in [CONTRIBUTING.md](CONTRIBUTING.md). Any Contributor can create a discussion item to request a vote to become Committer. + +Any Committer can become a Maintainer by majority vote of voting Committers. A current Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of all Committers. + +A Maintainer is not permitted to remove another Maintainer's GitHub privileges. + +A Committer may be automatically moved to Contributor status if not actively contributing by discussion or PR review during the last 90 days or by voluntarily suspending this status (e.g., by taking a ["Leave of absence"](#leave-of-absence)). If a Maintainer loses or relinquishes the Committer status and, hence, the Maintainer status, the Committers have to determine whether a new Maintainer needs to be elected. + +Any person violating the [code of conduct](CODE_OF_CONDUCT.md], consistently not fulfilling the role responsibilities or other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree. + +Depending on the reason for removal, a Maintainer may be converted to Emeritus status. Emeritus Maintainers may still be consulted on some project matters, and can be returned to Maintainer status if their availability changes and a simple majority of Committers agrees. + +## Leave of absence + +Any Committer may voluntarily step down from the role for a documented period of time, losing voting rights for that time period. The period is documented in this file next to the person's name below. At the end of this time period, the Committer automatically regains their voting rights. + +A leave of absence may not be longer than a year. If the Committer needs to be away for longer than that, they must step down from that role unconditionally, and regaining that role becomes subject of normal procedures to become Committer, as described in ["Change of role"](#change-of-role) above. + +## Voting + +Change of role or changes to this document is subject to voting. + +Votes are to be executed by way of open GitHub discussions. No quorum is needed for votes open for 4 weeks. Urgent matters may be decided by majority vote among Maintainers or 2/3 majority by all Committers within an arbitrary voting period. + +## Documentation of roles + +Current Maintainers and Committers are to be documented below by way of reference to their GitHub handles. + +### Maintainers + +@baentsch +@dstebila + +### Committers + +@baentsch +@bhess +@dstebila +@thb-sb +@christianpaquin From cb60fda9b284ba86ea0ad8612829a86a780529d3 Mon Sep 17 00:00:00 2001 From: PI <74706004+pi-314159@users.noreply.github.com> Date: Wed, 6 Dec 2023 01:16:19 -0600 Subject: [PATCH 076/160] Fix link in GOVERNANCE.md (#309) Fix the link to CODE_OF_CONDUCT.md --- GOVERNANCE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/GOVERNANCE.md b/GOVERNANCE.md index 4207602a..a90d4d15 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -36,7 +36,7 @@ A Maintainer is not permitted to remove another Maintainer's GitHub privileges. A Committer may be automatically moved to Contributor status if not actively contributing by discussion or PR review during the last 90 days or by voluntarily suspending this status (e.g., by taking a ["Leave of absence"](#leave-of-absence)). If a Maintainer loses or relinquishes the Committer status and, hence, the Maintainer status, the Committers have to determine whether a new Maintainer needs to be elected. -Any person violating the [code of conduct](CODE_OF_CONDUCT.md], consistently not fulfilling the role responsibilities or other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree. +Any person violating the [code of conduct](CODE_OF_CONDUCT.md), consistently not fulfilling the role responsibilities or other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree. Depending on the reason for removal, a Maintainer may be converted to Emeritus status. Emeritus Maintainers may still be consulted on some project matters, and can be returned to Maintainer status if their availability changes and a simple majority of Committers agrees. From 70856b8dd40d94e2c47e586db39f9e76cb03deb0 Mon Sep 17 00:00:00 2001 From: thomas <108470890+thb-sb@users.noreply.github.com> Date: Wed, 6 Dec 2023 08:17:34 +0100 Subject: [PATCH 077/160] Add a example of how to load oqsprovider using `OSSL_PROVIDER_add_builtin`. (#308) This commit adds an example under the `examples/` directory of how to load oqsprovider using [`OSSL_PROVIDER_add_builtin`]. A CMake test target has been added to ensure that the example works. Note that this target is skipped if `OQS_PROVIDER_BUILD_STATIC` is not enabled. [`OSSL_PROVIDER_add_builtin`]: https://www.openssl.org/docs/man3.2/man3/OSSL_PROVIDER_add_builtin.html --- CMakeLists.txt | 3 ++ CONFIGURE.md | 3 ++ examples/CMakeLists.txt | 7 +++ examples/static_oqsprovider.c | 95 +++++++++++++++++++++++++++++++++++ 4 files changed, 108 insertions(+) create mode 100644 examples/CMakeLists.txt create mode 100644 examples/static_oqsprovider.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 7958247c..fad726df 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -89,3 +89,6 @@ add_subdirectory(oqsprov) # Testing enable_testing() add_subdirectory(test) + +# Examples +add_subdirectory(examples) diff --git a/CONFIGURE.md b/CONFIGURE.md index afae2735..dff28861 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -91,6 +91,9 @@ void load_oqs_provider(OSSL_LIB_CTX *libctx) { > **Warning** > `OQS_PROVIDER_BUILD_STATIC` and `BUILD_SHARED_LIBS` are mutually exclusive. +See [`examples/static_oqsprovider.c`](examples/static_oqsprovider.c) for a complete +example of how to load oqsprovider using `OSSL_PROVIDER_add_builtin`. + ## Convenience build script options For anyone interested in building the complete software stack diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt new file mode 100644 index 00000000..43ec0ca8 --- /dev/null +++ b/examples/CMakeLists.txt @@ -0,0 +1,7 @@ +if (OQS_PROVIDER_BUILD_STATIC) + add_executable(example_static_oqsprovider static_oqsprovider.c) + target_link_libraries(example_static_oqsprovider PRIVATE ${OPENSSL_CRYPTO_LIBRARY} oqsprovider) + targets_set_static_provider(example_static_oqsprovider) + add_test(NAME test_example_static_oqsprovider + COMMAND example_static_oqsprovider) +endif() diff --git a/examples/static_oqsprovider.c b/examples/static_oqsprovider.c new file mode 100644 index 00000000..14285340 --- /dev/null +++ b/examples/static_oqsprovider.c @@ -0,0 +1,95 @@ +/** + * \file + * \brief Example of how to load oqsprovider when compiled as a static library + * `using OSSL_PROVIDER_add_builtin`. + */ + +#include + +#include +#include +#include + +/** \brief The initialization function of oqsprovider. */ +extern OSSL_provider_init_fn oqs_provider_init; + +/** \brief Name of the oqsprovider. */ +static const char *kOQSProviderName = "oqsprovider"; + +/** \brief Tries to load the oqsprovider named "oqsprovider". + * + * \param libctx Context of the OpenSSL library in which to load the + * oqsprovider. + * + * \returns 0 if success, else -1. */ +static int load_oqs_provider(OSSL_LIB_CTX *libctx) +{ + OSSL_PROVIDER *provider; + int ret; + + ret = OSSL_PROVIDER_available(libctx, kOQSProviderName); + if (ret != 0) { + fprintf(stderr, + "`OSSL_PROVIDER_available` returned %i, but 0 was expected\n", + ret); + return -1; + } + + ret = OSSL_PROVIDER_add_builtin(libctx, kOQSProviderName, + oqs_provider_init); + if (ret != 1) { + fprintf(stderr, + "`OSSL_PROVIDER_add_builtin` failed with returned code %i\n", + ret); + return -1; + } + + provider = OSSL_PROVIDER_load(libctx, kOQSProviderName); + if (provider == NULL) { + fputs("`OSSL_PROVIDER_load` failed\n", stderr); + return -1; + } + + ret = OSSL_PROVIDER_available(libctx, kOQSProviderName); + if (ret != 1) { + fprintf(stderr, + "`OSSL_PROVIDER_available` returned %i, but 0 was expected\n", + ret); + return -1; + } + + ret = OSSL_PROVIDER_self_test(provider); + if (ret != 1) { + fprintf(stderr, + "`OSSL_PROVIDER_self_test` failed with returned code %i\n", + ret); + return -1; + } + + return 0; +} + +int main() +{ + OSSL_LIB_CTX *libctx; + int ret; + + libctx = OSSL_LIB_CTX_new(); + if (libctx == NULL) { + fputs("`OSSL_LIB_CTX_new` failed. Cannot initialize OpenSSL.\n", + stderr); + return 1; + } + + ret = load_oqs_provider(libctx); + if (ret != 0) { + fputs("`load_oqs_provider` failed. Dumping OpenSSL error queue.\n", + stderr); + ERR_print_errors_fp(stderr); + return 2; + } + + OSSL_LIB_CTX_free(libctx); + + return 0; +} From 99f42714eb4acf65ff1499bd36bc8a5bb7742f4d Mon Sep 17 00:00:00 2001 From: qnfm <104289862+qnfm@users.noreply.github.com> Date: Thu, 7 Dec 2023 07:10:03 +0000 Subject: [PATCH 078/160] Get Windows CI to work again (#310) * Change osslconfig for Windows build * Re-activate Debug build --- .github/workflows/windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 8e73be13..ca6bfaef 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -101,7 +101,7 @@ jobs: platform: - arch: win64 oqsconfig: -DOQS_ALGS_ENABLED=STD - osslconfig: no-shared no-fips VC-WIN64A-masm + osslconfig: no-shared no-fips VC-WIN64A # - arch: win32 # oqsconfig: -DOQS_ALGS_ENABLED=STD # osslconfig: --strict-warnings no-fips enable-quic @@ -215,7 +215,7 @@ jobs: msarch: - x64 type: -# - Debug + - Debug - Release runs-on: ${{matrix.os}} steps: From 1792423667af4522f9132329001ce9817d9e13ac Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 8 Dec 2023 11:46:43 -0600 Subject: [PATCH 079/160] added TEXT encoder options for composite --- oqsprov/oqs_encode_key2any.c | 158 ++++++++++++++++++++++++++--------- oqsprov/oqs_prov.h | 16 ++++ oqsprov/oqsencoders.inc | 18 ++++ 3 files changed, 152 insertions(+), 40 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index b0b4bbd7..199188e8 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -1475,6 +1475,10 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) <= 0) return 0; break; + case KEY_TYPE_CMP_SIG: + if (BIO_printf(out, "%s composite private key:\n", okey->tls_name) <= 0) + return 0; + break; default: ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; @@ -1497,6 +1501,10 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) if (BIO_printf(out, "%s hybrid public key:\n", okey->tls_name) <= 0) return 0; break; + case KEY_TYPE_CMP_SIG: + if (BIO_printf(out, "%s composite public key:\n", okey->tls_name) <= 0) + return 0; + break; default: ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; @@ -1505,51 +1513,105 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if (okey->privkey) { - if (okey->numkeys > 1) { // hybrid key - char classic_label[200]; - int classic_key_len = 0; - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); - DECODE_UINT32(classic_key_len, okey->privkey); - if (!print_labeled_buf(out, classic_label, - okey->comp_privkey[0], classic_key_len)) - return 0; - /* finally print pure PQ key */ - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_privkey[okey->numkeys - 1], - okey->privkeylen - classic_key_len - - SIZE_OF_UINT32)) - return 0; - } else { // plain PQ key - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_privkey[okey->numkeys - 1], - okey->privkeylen)) - return 0; + if (okey->keytype == KEY_TYPE_CMP_SIG){ + char *name; + char label[200]; + int i, privlen; + for (i = 0; i < okey->numkeys; i++){ + if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); + return 0; + } + sprintf(label, "%s key material:", name); + + if(get_oqsname_fromtls(name) == 0 //classical key + && okey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size + unsigned char* enc_len = OPENSSL_strndup(okey->comp_privkey[i], 4); + OPENSSL_cleanse(enc_len, 2); + DECODE_UINT32(privlen, enc_len); + privlen += 4; + OPENSSL_free(enc_len); + if (privlen > okey->privkeylen_cmp[i]){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + return 0; + } + }else + privlen = okey->privkeylen_cmp[i]; + if (!print_labeled_buf(out, label, + okey->comp_privkey[i], privlen)) + return 0; + + OPENSSL_free(name); + } + }else{ + if (okey->numkeys > 1) { // hybrid key + char classic_label[200]; + int classic_key_len = 0; + sprintf(classic_label, + "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); + DECODE_UINT32(classic_key_len, okey->privkey); + if (!print_labeled_buf(out, classic_label, + okey->comp_privkey[0], classic_key_len)) + return 0; + /* finally print pure PQ key */ + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen - classic_key_len + - SIZE_OF_UINT32)) + return 0; + } else { // plain PQ key + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen)) + return 0; + } } } } if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { if (okey->pubkey) { - if (okey->numkeys > 1) { // hybrid key - char classic_label[200]; - int classic_key_len = 0; - DECODE_UINT32(classic_key_len, okey->pubkey); - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); - if (!print_labeled_buf(out, classic_label, okey->comp_pubkey[0], - classic_key_len)) - return 0; - /* finally print pure PQ key */ - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_pubkey[okey->numkeys - 1], - okey->pubkeylen - classic_key_len - - SIZE_OF_UINT32)) - return 0; - } else { // PQ key only - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_pubkey[okey->numkeys - 1], - okey->pubkeylen)) - return 0; + if (okey->keytype == KEY_TYPE_CMP_SIG){ + char *name; + char label[200]; + int i; + for (i = 0; i < okey->numkeys; i++){ + if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL){ + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); + return 0; + } + sprintf(label, "%s key material:", name); + + if (!print_labeled_buf(out, label, + okey->comp_pubkey[i], okey->pubkeylen_cmp[i])) + return 0; + + OPENSSL_free(name); + } + }else{ + if (okey->numkeys > 1) { // hybrid key + char classic_label[200]; + int classic_key_len = 0; + DECODE_UINT32(classic_key_len, okey->pubkey); + sprintf(classic_label, + "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); + if (!print_labeled_buf(out, classic_label, okey->comp_pubkey[0], + classic_key_len)) + return 0; + /* finally print pure PQ key */ + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen - classic_key_len + - SIZE_OF_UINT32)) + return 0; + } else { // PQ key only + if (!print_labeled_buf(out, "PQ key material:", + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen)) + return 0; + } } } } @@ -2122,94 +2184,110 @@ MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_rsa3072); MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_p256); MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_p256); MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_p384); MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_bp256); MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_ed25519); MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_bp384); MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_ed448); MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_bp256); MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_ed25519); MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_pss3072); MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_pss2048); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_rsa2048); MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_ed25519); MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_p256); MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_bp256); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 5d402e60..fb7a7ee6 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1411,6 +1411,7 @@ extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1419,6 +1420,7 @@ extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_en extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1427,6 +1429,7 @@ extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_enc extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1435,6 +1438,7 @@ extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_en extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1443,6 +1447,7 @@ extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_e extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1451,6 +1456,7 @@ extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1459,6 +1465,7 @@ extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_e extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1467,6 +1474,7 @@ extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_e extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1475,6 +1483,7 @@ extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_en extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1483,6 +1492,7 @@ extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_ extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1491,6 +1501,7 @@ extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1499,6 +1510,7 @@ extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1507,6 +1519,7 @@ extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1515,6 +1528,7 @@ extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1523,6 +1537,7 @@ extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_en extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; @@ -1531,6 +1546,7 @@ extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_e extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 52e97f29..e12e45cb 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -590,6 +590,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, PrivateKeyInfo), ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, @@ -602,6 +603,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, PrivateKeyInfo), ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, @@ -614,6 +616,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, @@ -626,6 +629,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_p256", dilithium2_p256), ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, @@ -638,6 +642,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), @@ -672,6 +677,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, @@ -684,6 +690,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_p256", dilithium3_p256), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, @@ -696,6 +703,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, @@ -708,6 +716,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, @@ -720,6 +729,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 @@ -755,6 +765,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_p384", dilithium5_p384), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, PrivateKeyInfo), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, @@ -767,6 +778,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, PrivateKeyInfo), ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, @@ -779,6 +791,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), @@ -798,6 +811,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_falcon512", p256_falcon512), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, @@ -810,6 +824,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, @@ -822,6 +837,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_p256", falcon512_p256), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, @@ -834,6 +850,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_bp256", falcon512_bp256), ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, @@ -846,6 +863,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), From bd7653736c3dbf4939d7f029be9fa026e9a47ece Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 8 Dec 2023 14:10:07 -0600 Subject: [PATCH 080/160] fix composite adjust --- oqsprov/oqs_sig.c | 7 ++++++- oqsprov/oqsprov.c | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 49cd26f5..8a9bec70 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,7 +27,12 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ -#define COMPOSITE_IDX_ADJUST 23 /*idx to the first composite in the composite idx block*/ +#ifdef OQS_KEM_ENCODERS /*idx to the first composite in the composite idx block*/ +# define COMPOSITE_IDX_ADJUST 65 +#else +# define COMPOSITE_IDX_ADJUST 23 +#endif + #ifdef NDEBUG # define OQS_SIG_PRINTF(a) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 57a91509..bf7ad14e 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 165 +# define OQS_OID_CNT 162 #else # define OQS_OID_CNT 78 #endif From 913bd7c600c91687ac7cec5d5ec715905fe23745 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 8 Dec 2023 14:45:12 -0600 Subject: [PATCH 081/160] bugfix --- oqsprov/oqsprov_keys.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 2f9cafcb..b4ef7b17 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -256,7 +256,6 @@ char* get_cmpname(int nid, int index) return NULL; s = OPENSSL_strdup(nid_names[i].tlsname); first_token = strtok_r(s, "_", &s); - token; if (index == 0){ name = OPENSSL_strdup(first_token); }else{ @@ -1345,7 +1344,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); break; case KEY_TYPE_CMP_SIG: - int i; ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); ret->privkeylen = 0; ret->pubkeylen = 0; From 67254ca0418d91b20ecae5fa1b88d3abbb86b916 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 8 Dec 2023 14:48:30 -0600 Subject: [PATCH 082/160] bugfix --- oqsprov/oqsprov_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index b4ef7b17..36612370 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1191,7 +1191,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, { OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); OQSX_EVP_CTX *evp_ctx = NULL; - int ret2 = 0; + int ret2 = 0, i; if (ret == NULL) goto err; From c72ccc5d942eec9dbaf30cb0acfe31893fa882df Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 11 Dec 2023 09:24:40 -0600 Subject: [PATCH 083/160] changed to OpenSSL coding style --- oqsprov/oqs_decode_der2key.c | 107 ++- oqsprov/oqs_encode_key2any.c | 355 +++++----- oqsprov/oqs_kem.c | 9 +- oqsprov/oqs_kmgmt.c | 163 ++--- oqsprov/oqs_prov.h | 400 +++++++---- oqsprov/oqs_sig.c | 1253 ++++++++++++++++++---------------- oqsprov/oqsdecoders.inc | 35 +- oqsprov/oqsencoders.inc | 106 ++- oqsprov/oqsprov.c | 48 +- oqsprov/oqsprov_keys.c | 803 +++++++++++----------- 10 files changed, 1704 insertions(+), 1575 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 5ea20a50..8a0629c8 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -731,68 +731,47 @@ MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, - oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, + SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 199188e8..6d424017 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -9,6 +9,7 @@ */ #include "oqs_endecoder_local.h" +#include "oqs_prov.h" #include #include #include @@ -21,7 +22,6 @@ #include #include #include -#include "oqs_prov.h" #include #include @@ -57,7 +57,6 @@ struct key2any_ctx_st { void *pwcbarg; }; - typedef int check_key_type_fn(const void *key, int nid); typedef int key_to_paramstring_fn(const void *key, int nid, int save, void **str, int *strtype); @@ -302,11 +301,11 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, int key_nid, if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; - p8info = key_to_p8info(key, key_nid, str, strtype, k2d); - if (p8info != NULL) - ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); - else - free_asn1_data(strtype, str); + p8info = key_to_p8info(key, key_nid, str, strtype, k2d); + if (p8info != NULL) + ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); + else + free_asn1_data(strtype, str); PKCS8_PRIV_KEY_INFO_free(p8info); @@ -329,10 +328,8 @@ static int key_to_spki_der_pub_bio(BIO *out, const void *key, int key_nid, if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; - xpk = oqsx_key_to_pubkey(key, key_nid, str, strtype, k2d); - if (xpk != NULL) ret = i2d_X509_PUBKEY_bio(out, xpk); @@ -513,7 +510,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_PASSED_NULL_PARAMETER); return 0; } - if (oqsxkey->keytype != KEY_TYPE_CMP_SIG){ + if (oqsxkey->keytype != KEY_TYPE_CMP_SIG) { #ifdef USE_ENCODING_LIB if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { @@ -525,8 +522,8 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) buf = OPENSSL_secure_zalloc(buflen); ret = qsc_encode(encoding_ctx->encoding_ctx, - encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, 0, - 0, 1); + encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, + 0, 0, 1); if (ret != QSC_ENC_OK) return -1; @@ -541,20 +538,25 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } *pder = keyblob; return oqsxkey->pubkeylen; - #ifdef USE_ENCODING_LIB +#ifdef USE_ENCODING_LIB } - #endif - }else{ - ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); - ASN1_STRING **aString = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - ASN1_STRING **tempOct = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); - unsigned char **cbuf = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); +#endif + } else { + ASN1_TYPE **aType + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); + ASN1_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + ASN1_STRING **tempOct + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + unsigned char **temp + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + unsigned char **cbuf + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); int len, i; - if((sk = sk_ASN1_TYPE_new_null()) == NULL) + if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); aString[i] = ASN1_OCTET_STRING_new(); tempOct[i] = ASN1_OCTET_STRING_new(); @@ -567,8 +569,8 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) ASN1_STRING_set0(aString[i], temp[i], keybloblen); ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); - if (!sk_ASN1_TYPE_push(sk, aType[i])){ - for (i = 0; i < oqsxkey->numkeys; i++){ + if (!sk_ASN1_TYPE_push(sk, aType[i])) { + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -581,7 +583,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -589,11 +591,9 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(tempOct[i]); } OPENSSL_free(sk); - + return keybloblen; } - - } static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) @@ -604,7 +604,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_OCTET_STRING oct; int keybloblen, nid; STACK_OF(ASN1_TYPE) *sk = NULL; - char* name; + char *name; OQS_ENC_PRINTF("OQS ENC provider: oqsx_pki_priv_to_der called\n"); @@ -623,7 +623,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) // only concatenate private classic key (if any) and OQS private and public // key NOT saving public classic key component (if any) - if (oqsxkey->keytype != KEY_TYPE_CMP_SIG){ + if (oqsxkey->keytype != KEY_TYPE_CMP_SIG) { privkeylen = oqsxkey->privkeylen; if (oqsxkey->numkeys > 1) { // hybrid int actualprivkeylen; @@ -635,51 +635,51 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) privkeylen -= (oqsxkey->evp_info->length_private_key - actualprivkeylen); } - #ifdef USE_ENCODING_LIB +#ifdef USE_ENCODING_LIB if (oqsxkey->oqsx_encoding_ctx.encoding_ctx != NULL && oqsxkey->oqsx_encoding_ctx.encoding_impl != NULL) { const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; int ret = 0; - # ifdef NOPUBKEY_IN_PRIVKEY - int withoptional - = (encoding_ctx->encoding_ctx->raw_private_key_encodes_public_key - ? 1 - : 0); - # else +# ifdef NOPUBKEY_IN_PRIVKEY + int withoptional = (encoding_ctx->encoding_ctx + ->raw_private_key_encodes_public_key + ? 1 + : 0); +# else int withoptional = 1; - # endif - buflen - = (withoptional ? encoding_ctx->encoding_impl->crypto_secretkeybytes - : encoding_ctx->encoding_impl - ->crypto_secretkeybytes_nooptional); +# endif + buflen = (withoptional + ? encoding_ctx->encoding_impl->crypto_secretkeybytes + : encoding_ctx->encoding_impl + ->crypto_secretkeybytes_nooptional); buf = OPENSSL_secure_zalloc(buflen); ret = qsc_encode(encoding_ctx->encoding_ctx, - encoding_ctx->encoding_impl, - oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], 0, - oqsxkey->privkey, &buf, withoptional); + encoding_ctx->encoding_impl, + oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], 0, + oqsxkey->privkey, &buf, withoptional); if (ret != QSC_ENC_OK) return -1; } else { - #endif - #ifdef NOPUBKEY_IN_PRIVKEY +#endif +#ifdef NOPUBKEY_IN_PRIVKEY buflen = privkeylen; buf = OPENSSL_secure_malloc(buflen); OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); - #else +#else buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); buf = OPENSSL_secure_malloc(buflen); OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], - oqsx_key_get_oqs_public_key_len(oqsxkey)); - #endif - #ifdef USE_ENCODING_LIB + oqsx_key_get_oqs_public_key_len(oqsxkey)); +#endif +#ifdef USE_ENCODING_LIB } - #endif +#endif oct.data = buf; oct.length = buflen; @@ -693,25 +693,31 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } - }else{ - ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); - ASN1_STRING **aString = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - ASN1_STRING **tempOct = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); - unsigned char **cbuf = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + } else { + ASN1_TYPE **aType + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); + ASN1_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + ASN1_STRING **tempOct + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + unsigned char **temp + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + unsigned char **cbuf + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); int i; - if((sk = sk_ASN1_TYPE_new_null()) == NULL) + if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); aString[i] = ASN1_OCTET_STRING_new(); tempOct[i] = ASN1_OCTET_STRING_new(); temp[i] = NULL; - if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) + == NULL) { OPENSSL_free(name); - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -721,17 +727,20 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(sk); return -1; } - - if(get_oqsname_fromtls(name) == 0){ - if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size - unsigned char* enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); + + if (get_oqsname_fromtls(name) == 0) { + if (oqsxkey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + == EVP_PKEY_RSA) { // get the RSA real key size + unsigned char *enc_len + = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); OPENSSL_cleanse(enc_len, 2); DECODE_UINT32(buflen, enc_len); buflen += 4; OPENSSL_free(enc_len); - if (buflen > oqsxkey->privkeylen_cmp[i]){ + if (buflen > oqsxkey->privkeylen_cmp[i]) { OPENSSL_free(name); - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -742,17 +751,20 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return -1; } - }else + } else buflen = oqsxkey->privkeylen_cmp[i]; - }else + } else buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; cbuf[i] = OPENSSL_malloc(buflen); memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); - if(get_oqsname_fromtls(name) != 0){//include pubkey in privkey for PQC - memcpy(cbuf[i], oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); - memcpy(cbuf[i] + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - }else + if (get_oqsname_fromtls(name) + != 0) { // include pubkey in privkey for PQC + memcpy(cbuf[i], oqsxkey->comp_privkey[i], + oqsxkey->privkeylen_cmp[i]); + memcpy(cbuf[i] + oqsxkey->privkeylen_cmp[i], + oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); + } else memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); ASN1_STRING_set0(tempOct[i], cbuf[i], buflen); @@ -760,8 +772,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_STRING_set0(aString[i], temp[i], keybloblen); ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); - if (!sk_ASN1_TYPE_push(sk, aType[i])){ - for (i = 0; i < oqsxkey->numkeys; i++){ + if (!sk_ASN1_TYPE_push(sk, aType[i])) { + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -776,7 +788,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); - for (i = 0; i < oqsxkey->numkeys; i++){ + for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_free(temp[i]); OPENSSL_free(cbuf[i]); OPENSSL_free(aType[i]); @@ -1015,54 +1027,54 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_sphincsshake128fsimple_input_type \ "rsa3072_sphincsshake128fsimple" #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" -# define dilithium2_pss2048_evp_type 0 -# define dilithium2_pss2048_input_type "dilithium2_pss2048" -# define dilithium2_pss2048_pem_type "dilithium2_pss2048" -# define dilithium2_rsa2048_evp_type 0 -# define dilithium2_rsa2048_input_type "dilithium2_rsa2048" -# define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" -# define dilithium2_ed25519_evp_type 0 -# define dilithium2_ed25519_input_type "dilithium2_ed25519" -# define dilithium2_ed25519_pem_type "dilithium2_ed25519" -# define dilithium2_p256_evp_type 0 -# define dilithium2_p256_input_type "dilithium2_p256" -# define dilithium2_p256_pem_type "dilithium2_p256" -# define dilithium2_bp256_evp_type 0 -# define dilithium2_bp256_input_type "dilithium2_bp256" -# define dilithium2_bp256_pem_type "dilithium2_bp256" -# define dilithium3_rsa2048_evp_type 0 -# define dilithium3_rsa3072_input_type "dilithium3_rsa3072" -# define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" -# define dilithium3_p256_evp_type 0 -# define dilithium3_p256_input_type "dilithium3_p256" -# define dilithium3_p256_pem_type "dilithium3_p256" -# define falcon512_p256_evp_type 0 -# define falcon512_p256_input_type "falcon512_p256" -# define falcon512_p256_pem_type "falcon512_p256" -# define dilithium5_p384_evp_type 0 -# define dilithium5_p384_input_type "dilithium5_p384" -# define dilithium5_p384_pem_type "dilithium5_p384" -# define dilithium3_bp256_evp_type 0 -# define dilithium3_bp256_input_type "dilithium3_bp256" -# define dilithium3_bp256_pem_type "dilithium3_bp256" -# define dilithium3_ed25519_evp_type 0 -# define dilithium3_ed25519_input_type "dilithium3_ed25519" -# define dilithium3_ed25519_pem_type "dilithium3_ed25519" -# define dilithium3_pss3072_evp_type 0 -# define dilithium3_pss3072_input_type "dilithium3_pss3072" -# define dilithium3_pss3072_pem_type "dilithium3_pss3072" -# define dilithium5_bp384_evp_type 0 -# define dilithium5_bp384_input_type "dilithium5_bp384" -# define dilithium5_bp384_pem_type "dilithium5_bp384" -# define dilithium5_ed448_evp_type 0 -# define dilithium5_ed448_input_type "dilithium5_ed448" -# define dilithium5_ed448_pem_type "dilithium5_ed448" -# define falcon512_bp256_evp_type 0 -# define falcon512_bp256_input_type "falcon512_bp256" -# define falcon512_bp256_pem_type "falcon512_bp256" -# define falcon512_ed25519_evp_type 0 -# define falcon512_ed25519_input_type "falcon512_ed25519" -# define falcon512_ed25519_pem_type "falcon512_ed25519" +#define dilithium2_pss2048_evp_type 0 +#define dilithium2_pss2048_input_type "dilithium2_pss2048" +#define dilithium2_pss2048_pem_type "dilithium2_pss2048" +#define dilithium2_rsa2048_evp_type 0 +#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" +#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" +#define dilithium2_ed25519_evp_type 0 +#define dilithium2_ed25519_input_type "dilithium2_ed25519" +#define dilithium2_ed25519_pem_type "dilithium2_ed25519" +#define dilithium2_p256_evp_type 0 +#define dilithium2_p256_input_type "dilithium2_p256" +#define dilithium2_p256_pem_type "dilithium2_p256" +#define dilithium2_bp256_evp_type 0 +#define dilithium2_bp256_input_type "dilithium2_bp256" +#define dilithium2_bp256_pem_type "dilithium2_bp256" +#define dilithium3_rsa2048_evp_type 0 +#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" +#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" +#define dilithium3_p256_evp_type 0 +#define dilithium3_p256_input_type "dilithium3_p256" +#define dilithium3_p256_pem_type "dilithium3_p256" +#define falcon512_p256_evp_type 0 +#define falcon512_p256_input_type "falcon512_p256" +#define falcon512_p256_pem_type "falcon512_p256" +#define dilithium5_p384_evp_type 0 +#define dilithium5_p384_input_type "dilithium5_p384" +#define dilithium5_p384_pem_type "dilithium5_p384" +#define dilithium3_bp256_evp_type 0 +#define dilithium3_bp256_input_type "dilithium3_bp256" +#define dilithium3_bp256_pem_type "dilithium3_bp256" +#define dilithium3_ed25519_evp_type 0 +#define dilithium3_ed25519_input_type "dilithium3_ed25519" +#define dilithium3_ed25519_pem_type "dilithium3_ed25519" +#define dilithium3_pss3072_evp_type 0 +#define dilithium3_pss3072_input_type "dilithium3_pss3072" +#define dilithium3_pss3072_pem_type "dilithium3_pss3072" +#define dilithium5_bp384_evp_type 0 +#define dilithium5_bp384_input_type "dilithium5_bp384" +#define dilithium5_bp384_pem_type "dilithium5_bp384" +#define dilithium5_ed448_evp_type 0 +#define dilithium5_ed448_input_type "dilithium5_ed448" +#define dilithium5_ed448_pem_type "dilithium5_ed448" +#define falcon512_bp256_evp_type 0 +#define falcon512_bp256_input_type "falcon512_bp256" +#define falcon512_bp256_pem_type "falcon512_bp256" +#define falcon512_ed25519_evp_type 0 +#define falcon512_ed25519_input_type "falcon512_ed25519" +#define falcon512_ed25519_pem_type "falcon512_ed25519" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -1476,7 +1488,8 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) return 0; break; case KEY_TYPE_CMP_SIG: - if (BIO_printf(out, "%s composite private key:\n", okey->tls_name) <= 0) + if (BIO_printf(out, "%s composite private key:\n", okey->tls_name) + <= 0) return 0; break; default: @@ -1502,7 +1515,8 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) return 0; break; case KEY_TYPE_CMP_SIG: - if (BIO_printf(out, "%s composite public key:\n", okey->tls_name) <= 0) + if (BIO_printf(out, "%s composite public key:\n", okey->tls_name) + <= 0) return 0; break; default: @@ -1513,58 +1527,65 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if (okey->privkey) { - if (okey->keytype == KEY_TYPE_CMP_SIG){ + if (okey->keytype == KEY_TYPE_CMP_SIG) { char *name; char label[200]; int i, privlen; - for (i = 0; i < okey->numkeys; i++){ - if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL){ + for (i = 0; i < okey->numkeys; i++) { + if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; } sprintf(label, "%s key material:", name); - if(get_oqsname_fromtls(name) == 0 //classical key - && okey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size - unsigned char* enc_len = OPENSSL_strndup(okey->comp_privkey[i], 4); + if (get_oqsname_fromtls(name) == 0 // classical key + && okey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + == EVP_PKEY_RSA) { // get the RSA real key size + unsigned char *enc_len + = OPENSSL_strndup(okey->comp_privkey[i], 4); OPENSSL_cleanse(enc_len, 2); DECODE_UINT32(privlen, enc_len); privlen += 4; OPENSSL_free(enc_len); - if (privlen > okey->privkeylen_cmp[i]){ + if (privlen > okey->privkeylen_cmp[i]) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } - }else - privlen = okey->privkeylen_cmp[i]; - if (!print_labeled_buf(out, label, - okey->comp_privkey[i], privlen)) + } else + privlen = okey->privkeylen_cmp[i]; + if (!print_labeled_buf(out, label, okey->comp_privkey[i], + privlen)) return 0; - + OPENSSL_free(name); } - }else{ + } else { if (okey->numkeys > 1) { // hybrid key char classic_label[200]; int classic_key_len = 0; - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); + sprintf(classic_label, "%s key material:", + OBJ_nid2sn(okey->evp_info->nid)); DECODE_UINT32(classic_key_len, okey->privkey); if (!print_labeled_buf(out, classic_label, - okey->comp_privkey[0], classic_key_len)) + okey->comp_privkey[0], + classic_key_len)) return 0; /* finally print pure PQ key */ - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_privkey[okey->numkeys - 1], - okey->privkeylen - classic_key_len - - SIZE_OF_UINT32)) + if (!print_labeled_buf( + out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen - classic_key_len + - SIZE_OF_UINT32)) return 0; } else { // plain PQ key - if (!print_labeled_buf(out, "PQ key material:", - okey->comp_privkey[okey->numkeys - 1], - okey->privkeylen)) + if (!print_labeled_buf( + out, "PQ key material:", + okey->comp_privkey[okey->numkeys - 1], + okey->privkeylen)) return 0; } } @@ -1572,44 +1593,46 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) } if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { if (okey->pubkey) { - if (okey->keytype == KEY_TYPE_CMP_SIG){ + if (okey->keytype == KEY_TYPE_CMP_SIG) { char *name; char label[200]; int i; - for (i = 0; i < okey->numkeys; i++){ - if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL){ + for (i = 0; i < okey->numkeys; i++) { + if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; } sprintf(label, "%s key material:", name); - if (!print_labeled_buf(out, label, - okey->comp_pubkey[i], okey->pubkeylen_cmp[i])) + if (!print_labeled_buf(out, label, okey->comp_pubkey[i], + okey->pubkeylen_cmp[i])) return 0; - + OPENSSL_free(name); } - }else{ + } else { if (okey->numkeys > 1) { // hybrid key char classic_label[200]; int classic_key_len = 0; DECODE_UINT32(classic_key_len, okey->pubkey); - sprintf(classic_label, - "%s key material:", OBJ_nid2sn(okey->evp_info->nid)); - if (!print_labeled_buf(out, classic_label, okey->comp_pubkey[0], - classic_key_len)) + sprintf(classic_label, "%s key material:", + OBJ_nid2sn(okey->evp_info->nid)); + if (!print_labeled_buf(out, classic_label, + okey->comp_pubkey[0], + classic_key_len)) return 0; /* finally print pure PQ key */ if (!print_labeled_buf(out, "PQ key material:", - okey->comp_pubkey[okey->numkeys - 1], - okey->pubkeylen - classic_key_len - - SIZE_OF_UINT32)) + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen - classic_key_len + - SIZE_OF_UINT32)) return 0; } else { // PQ key only if (!print_labeled_buf(out, "PQ key material:", - okey->comp_pubkey[okey->numkeys - 1], - okey->pubkeylen)) + okey->comp_pubkey[okey->numkeys - 1], + okey->pubkeylen)) return 0; } } diff --git a/oqsprov/oqs_kem.c b/oqsprov/oqs_kem.c index fee636bb..ce68ef39 100644 --- a/oqsprov/oqs_kem.c +++ b/oqsprov/oqs_kem.c @@ -171,7 +171,8 @@ static int oqs_evp_kem_encaps_keyslot(void *vpkemctx, unsigned char *ct, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx + = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; size_t pubkey_kexlen = 0; size_t kexDeriveLen = 0, pkeylen = 0; @@ -249,7 +250,8 @@ static int oqs_evp_kem_decaps_keyslot(void *vpkemctx, unsigned char *secret, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx + = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; size_t pubkey_kexlen = evp_ctx->evp_info->length_public_key; size_t kexDeriveLen = evp_ctx->evp_info->kex_length_secret; @@ -351,7 +353,8 @@ static int oqs_hyb_kem_decaps(void *vpkemctx, unsigned char *secret, { int ret = OQS_SUCCESS; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx + = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; size_t secretLen0 = 0, secretLen1 = 0; diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index e5abf132..dcde2dbc 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -468,10 +468,8 @@ static void *oqsx_gen_init(void *provctx, int selection, char *oqs_name, OSSL_LIB_CTX *libctx = PROV_OQS_LIBCTX_OF(provctx); struct oqsx_gen_ctx *gctx = NULL; - OQS_KM_PRINTF2("OQSKEYMGMT: gen_init called for key %s \n", oqs_name); - if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) { gctx->libctx = libctx; gctx->cmp_name = NULL; @@ -865,229 +863,196 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 22); } - static void *dilithium3_rsa3072_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 23); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 23); } static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 23); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 23); } static void *dilithium3_p256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 24); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 24); } static void *dilithium3_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 24); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 24); } static void *falcon512_p256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 25); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 25); } static void *falcon512_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 25); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 25); } static void *dilithium5_p384_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 26); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 26); } static void *dilithium5_p384_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 26); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 26); } static void *dilithium3_bp256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 27); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 27); } static void *dilithium3_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 27); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 27); } static void *dilithium3_ed25519_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 28); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 28); } static void *dilithium3_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 28); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 28); } static void *dilithium5_bp384_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 29); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 29); } static void *dilithium5_bp384_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 29); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 29); } static void *dilithium5_ed448_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 30); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 30); } static void *dilithium5_ed448_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 30); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 30); } static void *falcon512_bp256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); } static void *falcon512_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init - (provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); } static void *falcon512_ed25519_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); } static void *falcon512_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); } static void *dilithium3_pss3072_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 33); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 33); } static void *dilithium3_pss3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 33); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 33); } static void *dilithium2_pss2048_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 34); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 34); } static void *dilithium2_pss2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 34); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 34); } static void *dilithium2_rsa2048_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 35); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 35); } static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 35); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 35); } static void *dilithium2_ed25519_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 36); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 36); } static void *dilithium2_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 36); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 36); } static void *dilithium2_p256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 37); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 37); } static void *dilithium2_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 37); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 37); } static void *dilithium2_bp256_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 38); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 38); } static void *dilithium2_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init - (provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 38); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 38); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index fb7a7ee6..79d5edaa 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -158,7 +158,7 @@ struct oqsx_key_st { #ifdef USE_ENCODING_LIB OQSX_ENCODING_CTX oqsx_encoding_ctx; #endif - EVP_PKEY** cmp_classical_pkey; + EVP_PKEY **cmp_classical_pkey; EVP_PKEY *classical_pkey; // for hybrid sigs const OQSX_EVP_INFO *evp_info; size_t numkeys; @@ -177,8 +177,8 @@ struct oqsx_key_st { #endif int references; - /* point to actual priv key material -- classic key, if present, first, unless is composite - * i.e., OQS key always at comp_*key[numkeys-1] + /* point to actual priv key material -- classic key, if present, first, + * unless is composite i.e., OQS key always at comp_*key[numkeys-1] */ void **comp_privkey; void **comp_pubkey; @@ -192,17 +192,17 @@ struct oqsx_key_st { typedef struct oqsx_key_st OQSX_KEY; -//composite signature -struct SignatureModel{ - ASN1_BIT_STRING *sig1; - ASN1_BIT_STRING *sig2; +// composite signature +struct SignatureModel { + ASN1_BIT_STRING *sig1; + ASN1_BIT_STRING *sig2; }; typedef struct SignatureModel CompositeSignature; char *get_oqsname_fromtls(char *tlsname); char *get_oqsname(int nid); -char* get_cmpname(int nid, int index); +char *get_cmpname(int nid, int index); int get_oqsalg_idx(int nid); /* Register given NID with tlsname in OSSL3 registry */ @@ -1405,150 +1405,278 @@ extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions []; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 8a9bec70..1dddeb4e 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,13 +27,13 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ -#ifdef OQS_KEM_ENCODERS /*idx to the first composite in the composite idx block*/ -# define COMPOSITE_IDX_ADJUST 65 +#ifdef OQS_KEM_ENCODERS /*idx to the first composite in the composite idx \ + block*/ +# define COMPOSITE_IDX_ADJUST 65 #else -# define COMPOSITE_IDX_ADJUST 23 +# define COMPOSITE_IDX_ADJUST 23 #endif - #ifdef NDEBUG # define OQS_SIG_PRINTF(a) # define OQS_SIG_PRINTF2(a, b) @@ -104,19 +104,19 @@ IMPLEMENT_ASN1_FUNCTIONS(CompositeSignature) typedef struct { - OSSL_LIB_CTX *libctx; - char *propq; - OQSX_KEY *sig; + OSSL_LIB_CTX *libctx; + char *propq; + OQSX_KEY *sig; - /* - * Flag to determine if the hash function can be changed (1) or not (0) - * Because it's dangerous to change during a DigestSign or DigestVerify - * operation, this flag is cleared by their Init function, and set again - * by their Final function. - */ - unsigned int flag_allow_md : 1; + /* + * Flag to determine if the hash function can be changed (1) or not (0) + * Because it's dangerous to change during a DigestSign or DigestVerify + * operation, this flag is cleared by their Init function, and set again + * by their Final function. + */ + unsigned int flag_allow_md : 1; - char mdname[OSSL_MAX_NAME_SIZE]; + char mdname[OSSL_MAX_NAME_SIZE]; /* The Algorithm Identifier of the combined signature algorithm */ unsigned char *aid; @@ -131,17 +131,15 @@ typedef struct int operation; } PROV_OQSSIG_CTX; - - static void *oqs_sig_newctx(void *provctx, const char *propq) { - PROV_OQSSIG_CTX *poqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx; OQS_SIG_PRINTF2("OQS SIG provider: newctx called with propq %s\n", propq); - poqs_sigctx = OPENSSL_zalloc(sizeof(PROV_OQSSIG_CTX)); - if (poqs_sigctx == NULL) - return NULL; + poqs_sigctx = OPENSSL_zalloc(sizeof(PROV_OQSSIG_CTX)); + if (poqs_sigctx == NULL) + return NULL; poqs_sigctx->libctx = ((PROV_OQS_CTX *)provctx)->libctx; if (propq != NULL && (poqs_sigctx->propq = OPENSSL_strdup(propq)) == NULL) { @@ -160,9 +158,8 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, if (mdprops == NULL) mdprops = ctx->propq; - if (mdname != NULL) - { - EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); + if (mdname != NULL) { + EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); if ((md == NULL) || (EVP_MD_nid(md) == NID_undef)) { if (md == NULL) @@ -177,10 +174,10 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, EVP_MD_free(ctx->md); ctx->md = NULL; - if (ctx->aid) - OPENSSL_free(ctx->aid); - ctx->aid = NULL; // ensure next function allocates memory - ctx->aid_len = get_aid(&(ctx->aid), ctx->sig->tls_name); + if (ctx->aid) + OPENSSL_free(ctx->aid); + ctx->aid = NULL; // ensure next function allocates memory + ctx->aid_len = get_aid(&(ctx->aid), ctx->sig->tls_name); ctx->md = md; OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname)); @@ -191,7 +188,7 @@ static int oqs_sig_setup_md(PROV_OQSSIG_CTX *ctx, const char *mdname, static int oqs_sig_signverify_init(void *vpoqs_sigctx, void *voqssig, int operation) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF("OQS SIG provider: signverify_init called\n"); if (poqs_sigctx == NULL || voqssig == NULL || !oqsx_key_up_ref(voqssig)) @@ -211,53 +208,53 @@ static int oqs_sig_signverify_init(void *vpoqs_sigctx, void *voqssig, static int oqs_sig_sign_init(void *vpoqs_sigctx, void *voqssig, const OSSL_PARAM params[]) { - OQS_SIG_PRINTF("OQS SIG provider: sign_init called\n"); - return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_SIGN); + OQS_SIG_PRINTF("OQS SIG provider: sign_init called\n"); + return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_SIGN); } static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, const OSSL_PARAM params[]) { - OQS_SIG_PRINTF("OQS SIG provider: verify_init called\n"); - return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); + OQS_SIG_PRINTF("OQS SIG provider: verify_init called\n"); + return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } static const char *composite_OID_prefix[] = { - "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", //dilithium3_rsa3072 - "69642D4D4C44534136352D45434453412D503235362D534841323536", //dilithium3_p256 - "69642D46616C6F6E3531322D45434453412D503235362D534841323536", //falcon512_p256 - "69642D4D4C44534138372D45434453412D503338342D534841333834", //dilithium5_p384 - "69642D4D4C44534136352D45434453412D627261696E706F6F6C5032353672312D534841323536", //dilithium3_bp256 - "69642D4D4C44534136352D456432353531392D534841353132", //dilithium3_ed25519 - "69642D4D4C44534138372D45434453412D627261696E706F6F6C5033383472312D534841333834", //dilithium5_bp384 - "69642D4D4C44534138372D45643434382D5348414B45323536", //dilithium5_ed448 - "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", //falcon512_bp256 - "69642D46616C636F6E3531322D456432353531392D534841353132", //falcon512_ed25519 - "69642D4D4C44534136352D525341333037322D5053532D534841323536", //dilithium3_pss3072 - "69642D4D4C44534134342D525341323034382D5053532D534841323536", //dilithium2_pss2048 - "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", //dilithium2_rsa2048 - "69642D4D4C44534134342D456432353531392D534841353132", //dilithium2_ed25519 - "69642D4D4C44534134342D45434453412D503235362D534841323536", //dilithium2_p256 - "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", //dilithium2_bp256 + "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", // dilithium3_rsa3072 + "69642D4D4C44534136352D45434453412D503235362D534841323536", // dilithium3_p256 + "69642D46616C6F6E3531322D45434453412D503235362D534841323536", // falcon512_p256 + "69642D4D4C44534138372D45434453412D503338342D534841333834", // dilithium5_p384 + "69642D4D4C44534136352D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium3_bp256 + "69642D4D4C44534136352D456432353531392D534841353132", // dilithium3_ed25519 + "69642D4D4C44534138372D45434453412D627261696E706F6F6C5033383472312D534841333834", // dilithium5_bp384 + "69642D4D4C44534138372D45643434382D5348414B45323536", // dilithium5_ed448 + "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", // falcon512_bp256 + "69642D46616C636F6E3531322D456432353531392D534841353132", // falcon512_ed25519 + "69642D4D4C44534136352D525341333037322D5053532D534841323536", // dilithium3_pss3072 + "69642D4D4C44534134342D525341323034382D5053532D534841323536", // dilithium2_pss2048 + "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", // dilithium2_rsa2048 + "69642D4D4C44534134342D456432353531392D534841353132", // dilithium2_ed25519 + "69642D4D4C44534134342D45434453412D503235362D534841323536", // dilithium2_p256 + "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium2_bp256 }; static const size_t composite_OID_prefix_len[] = { - 64, //dilithium3_rsa3072 - 56, //dilithium3_p256 - 58, //falcon512_p256 - 56, //dilithium5_p384 - 78, //dilithium3_bp256 - 50, //dilithium3_ed25519 - 78, //dilithium5_bp384 - 50, //dilithium5_ed448 - 82, //falcon512_bp256 - 54, //falcon512_ed25519 - 58, //dilithium3_pss3072 - 58, //dilithium2_pss2048 - 64, //dilithium2_rsa2048 - 50, //dilithium2_ed25519 - 56, //dilithium2_p256 - 78, //dilithium2_bp256 + 64, // dilithium3_rsa3072 + 56, // dilithium3_p256 + 58, // falcon512_p256 + 56, // dilithium5_p384 + 78, // dilithium3_bp256 + 50, // dilithium3_ed25519 + 78, // dilithium5_bp384 + 50, // dilithium5_ed448 + 82, // falcon512_bp256 + 54, // falcon512_ed25519 + 58, // dilithium3_pss3072 + 58, // dilithium2_pss2048 + 64, // dilithium2_rsa2048 + 50, // dilithium2_ed25519 + 56, // dilithium2_p256 + 78, // dilithium2_bp256 }; /* On entry to this function, data to be signed (tbs) might have been hashed @@ -267,45 +264,40 @@ static const size_t composite_OID_prefix_len[] = { static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; - EVP_PKEY *oqs_key_classic = NULL; - EVP_PKEY *cmp_key_classic = NULL; - EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, we're running hybrid - EVP_PKEY_CTX *classical_ctx_sign = NULL; - - OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - - int is_hybrid = evpkey != NULL; - int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); - size_t max_sig_len = 0; - size_t classical_sig_len = 0, oqs_sig_len = 0; - size_t actual_classical_sig_len = 0; - size_t index = 0; - int rv = 0; - - if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); - return rv; - } + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + OQSX_KEY *oqsxkey = poqs_sigctx->sig; + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; + EVP_PKEY *oqs_key_classic = NULL; + EVP_PKEY *cmp_key_classic = NULL; + EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, + // we're running hybrid + EVP_PKEY_CTX *classical_ctx_sign = NULL; + + OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - if (is_composite) - { - max_sig_len = oqsx_key_maxsize(oqsxkey); - }else - { - max_sig_len += oqs_key->length_signature; - } + int is_hybrid = evpkey != NULL; + int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); + size_t max_sig_len = 0; + size_t classical_sig_len = 0, oqs_sig_len = 0; + size_t actual_classical_sig_len = 0; + size_t index = 0; + int rv = 0; - if (is_hybrid) - { - actual_classical_sig_len = oqsxkey->evp_info->length_signature; - max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); - } + if (!oqsxkey || !(oqs_key || oqs_key_classic) || !oqsxkey->privkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_NO_PRIVATE_KEY); + return rv; + } - + if (is_composite) { + max_sig_len = oqsx_key_maxsize(oqsxkey); + } else { + max_sig_len += oqs_key->length_signature; + } + + if (is_hybrid) { + actual_classical_sig_len = oqsxkey->evp_info->length_signature; + max_sig_len += (SIZE_OF_UINT32 + actual_classical_sig_len); + } if (sig == NULL) { *siglen = max_sig_len; @@ -391,237 +383,265 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, index += classical_sig_len; } - if (is_composite) - { - unsigned char *buf; - CompositeSignature *compsig = CompositeSignature_new(); - int i; - int nid = OBJ_sn2nid(oqsxkey->tls_name); - const char *oid_prefix = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; - const size_t oid_prefix_len = composite_OID_prefix_len[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; - char *final_tbs; - size_t final_tbslen = oid_prefix_len; - - //prepare the pre hash - for (i = 0; i < oqsxkey->numkeys; i++){ - char *name; - if ((name = get_cmpname(nid, i)) == NULL){ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - unsigned char *tbs_hash; - if (!get_oqsname_fromtls(name)){ - if (name[0] == 'e'){//ed25519 or ed448 - if(name[2] == '2'){//ed25519 - tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); - SHA512(tbs, tbslen, tbs_hash); - final_tbslen += SHA512_DIGEST_LENGTH; - }else{//ed4448 - EVP_MD_CTX *shake = EVP_MD_CTX_new(); - unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; - tbs_hash = OPENSSL_malloc(tbs_hash_len); - - if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) - || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) - || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - final_tbslen += tbs_hash_len; - EVP_MD_CTX_free(shake); - } - }else if ((name[0] == 'p') - || (name[0] == 'b') - || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 - int aux; - if (name[0] == 'b') - aux = 2; - else - aux = 1; - switch(name[aux]){ - case 's'://pss or rsa - case '2'://p256 or bp256 - tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); - SHA256(tbs, tbslen, tbs_hash); - final_tbslen += SHA256_DIGEST_LENGTH; - break; - case '3'://p384 or bp384 - tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); - SHA384(tbs, tbslen, tbs_hash); - final_tbslen += SHA384_DIGEST_LENGTH; - break; - default: + if (is_composite) { + unsigned char *buf; + CompositeSignature *compsig = CompositeSignature_new(); + int i; + int nid = OBJ_sn2nid(oqsxkey->tls_name); + const char *oid_prefix + = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + const size_t oid_prefix_len + = composite_OID_prefix_len[get_oqsalg_idx(nid) + - COMPOSITE_IDX_ADJUST]; + char *final_tbs; + size_t final_tbslen = oid_prefix_len; + + // prepare the pre hash + for (i = 0; i < oqsxkey->numkeys; i++) { + char *name; + if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); goto endsign; } - }else{ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, oid_prefix_len); - memcpy(final_tbs + oid_prefix_len, tbs_hash, final_tbslen - oid_prefix_len); - OPENSSL_free(tbs_hash); - } - OPENSSL_free(name); - } - - for (i = 0; i < oqsxkey->numkeys; i++){ - char *name; - if((name = get_cmpname(nid, i)) == NULL){ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - - if (get_oqsname_fromtls(name)){ //PQC signing - oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; - buf = OPENSSL_malloc(oqs_sig_len); - if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs, final_tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; + unsigned char *tbs_hash; + if (!get_oqsname_fromtls(name)) { + if (name[0] == 'e') { // ed25519 or ed448 + if (name[2] == '2') { // ed25519 + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + } else { // ed4448 + EVP_MD_CTX *shake = EVP_MD_CTX_new(); + unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; + tbs_hash = OPENSSL_malloc(tbs_hash_len); + + if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) + <= 0) + || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) + || (EVP_DigestFinalXOF(shake, tbs_hash, + tbs_hash_len) + <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + goto endsign; + } + final_tbslen += tbs_hash_len; + EVP_MD_CTX_free(shake); + } + } else if ((name[0] == 'p') || (name[0] == 'b') + || (name[0] == 'r')) { // p256 or p384 or bp256 or + // bp384 or pss or rsa3072 + int aux; + if (name[0] == 'b') + aux = 2; + else + aux = 1; + switch (name[aux]) { + case 's': // pss or rsa + case '2': // p256 or bp256 + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case '3': // p384 or bp384 + tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); + SHA384(tbs, tbslen, tbs_hash); + final_tbslen += SHA384_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + goto endsign; + } + } else { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + goto endsign; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_prefix, oid_prefix_len); + memcpy(final_tbs + oid_prefix_len, tbs_hash, + final_tbslen - oid_prefix_len); + OPENSSL_free(tbs_hash); + } + OPENSSL_free(name); } - }else - { // sign non PQC key on oqs_key - oqs_key_classic = oqsxkey->cmp_classical_pkey[i]; - oqs_sig_len = oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; - buf = OPENSSL_malloc(oqs_sig_len); - const EVP_MD *classical_md; - EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); - int digest_len; - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - if (name[0] == 'e'){ //ed25519 or ed448 - if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0 ) - || (EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, final_tbs, final_tbslen) <= 0)){ - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } - }else { - if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) == NULL - || (EVP_PKEY_sign_init(classical_ctx_sign) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } - - if (!strncmp(name, "pss", 3)) - { - if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PSS_PADDING) <= 0) - || (EVP_PKEY_CTX_set_rsa_pss_saltlen(classical_ctx_sign, 64) <= 0) - || (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, EVP_sha256()) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } - } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) <= 0) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } - } - - if ((name[0] == 'p') - || (name[0] == 'b') - || (name[0] == 'r')) - { - int aux; - if(name[0] == 'b'){ - aux = 2; - }else { - aux = 1; - } - switch(name[aux]){ - case 's'://pss or rsa - case '2'://p256 or bp256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - case '3'://p384 or bp384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - case '5'://p512 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - default: + for (i = 0; i < oqsxkey->numkeys; i++) { + char *name; + if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); - OPENSSL_free(buf); goto endsign; } - } - if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, classical_md) <= 0) - || (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } + if (get_oqsname_fromtls(name)) { // PQC signing + oqs_sig_len = oqsxkey->oqsx_provider_ctx[i] + .oqsx_qs_ctx.sig->length_signature; + buf = OPENSSL_malloc(oqs_sig_len); + if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs, + final_tbslen, oqsxkey->comp_privkey[i]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } else { // sign non PQC key on oqs_key + oqs_key_classic = oqsxkey->cmp_classical_pkey[i]; + oqs_sig_len = oqsxkey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_signature; + buf = OPENSSL_malloc(oqs_sig_len); + const EVP_MD *classical_md; + EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); + int digest_len; + unsigned char + digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if (name[0] == 'e') { // ed25519 or ed448 + if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, + oqs_key_classic) + <= 0) + || (EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, + final_tbs, final_tbslen) + <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } else { + if ((classical_ctx_sign + = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) + == NULL + || (EVP_PKEY_sign_init(classical_ctx_sign) <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + + if (!strncmp(name, "pss", 3)) { + if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, + RSA_PKCS1_PSS_PADDING) + <= 0) + || (EVP_PKEY_CTX_set_rsa_pss_saltlen( + classical_ctx_sign, 64) + <= 0) + || (EVP_PKEY_CTX_set_rsa_mgf1_md(classical_ctx_sign, + EVP_sha256()) + <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } else if (oqsxkey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + == EVP_PKEY_RSA) { + if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, + RSA_PKCS1_PADDING) + <= 0) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } + + if ((name[0] == 'p') || (name[0] == 'b') + || (name[0] == 'r')) { + int aux; + if (name[0] == 'b') { + aux = 2; + } else { + aux = 1; + } + switch (name[aux]) { + case 's': // pss or rsa + case '2': // p256 or bp256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + case '3': // p384 or bp384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + case '5': // p512 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } + + if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, + classical_md) + <= 0) + || (EVP_PKEY_sign(classical_ctx_sign, buf, &oqs_sig_len, + digest, digest_len) + <= 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + + if (oqs_sig_len + > oqsxkey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_signature) { + /* sig is bigger than expected */ + ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + OPENSSL_free(name); + OPENSSL_free(buf); + goto endsign; + } + } + } + + if (i == 0) { + compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig1->length = oqs_sig_len; + compsig->sig1->flags + = 8; // set as 8 to not check for unused bits + } else { + compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); + compsig->sig2->length = oqs_sig_len; + compsig->sig2->flags + = 8; // set as 8 to not check for unused bits + } - if (oqs_sig_len > oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature) - { - /* sig is bigger than expected */ - ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); - OPENSSL_free(name); OPENSSL_free(buf); - goto endsign; - } + OPENSSL_free(name); } - } - - if (i == 0){ - compsig->sig1->data = OPENSSL_memdup(buf, oqs_sig_len); - compsig->sig1->length = oqs_sig_len; - compsig->sig1->flags = 8; //set as 8 to not check for unused bits - }else{ - compsig->sig2->data = OPENSSL_memdup(buf, oqs_sig_len); - compsig->sig2->length = oqs_sig_len; - compsig->sig2->flags = 8; //set as 8 to not check for unused bits - } - - OPENSSL_free(buf); - OPENSSL_free(name); + oqs_sig_len = i2d_CompositeSignature(compsig, &sig); + + OPENSSL_free(compsig->sig1->data); + OPENSSL_free(compsig->sig2->data); + OPENSSL_free(compsig); + OPENSSL_free(final_tbs); + } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, + oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + goto endsign; } - oqs_sig_len = i2d_CompositeSignature(compsig, &sig); - - OPENSSL_free(compsig->sig1->data); - OPENSSL_free(compsig->sig2->data); - OPENSSL_free(compsig); - OPENSSL_free(final_tbs); - } - else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); - goto endsign; - } - - *siglen = classical_sig_len + oqs_sig_len; - OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", *siglen); - rv = 1; /* success */ + + *siglen = classical_sig_len + oqs_sig_len; + OQS_SIG_PRINTF2("OQS SIG provider: signing completes with size %ld\n", + *siglen); + rv = 1; /* success */ endsign: if (classical_ctx_sign) { @@ -646,7 +666,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; int rv = 0; - ASN1_BIT_STRING *comp_sig; + ASN1_BIT_STRING *comp_sig; OQS_SIG_PRINTF3( "OQS SIG provider: verify called with siglen %ld bytes and tbslen %ld\n", @@ -724,216 +744,234 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, classical_sig_len = SIZE_OF_UINT32 + actual_classical_sig_len; index += classical_sig_len; } - if(is_composite){ - CompositeSignature* compsig; - int i; - int nid = OBJ_sn2nid(oqsxkey->tls_name); - unsigned char *buf; - size_t buf_len; - const char *oid_prefix = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; - const size_t oid_prefix_len = composite_OID_prefix_len[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; - char *final_tbs; - size_t final_tbslen = oid_prefix_len; - - if((compsig = d2i_CompositeSignature(NULL, &sig, siglen)) == NULL) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - - //prepare the pre-hash - for (i = 0; i < oqsxkey->numkeys; i++){ - char *name; - if ((name = get_cmpname(nid, i)) == NULL){ - OPENSSL_free(name); - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; + if (is_composite) { + CompositeSignature *compsig; + int i; + int nid = OBJ_sn2nid(oqsxkey->tls_name); + unsigned char *buf; + size_t buf_len; + const char *oid_prefix + = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + const size_t oid_prefix_len + = composite_OID_prefix_len[get_oqsalg_idx(nid) + - COMPOSITE_IDX_ADJUST]; + char *final_tbs; + size_t final_tbslen = oid_prefix_len; + + if ((compsig = d2i_CompositeSignature(NULL, &sig, siglen)) == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; } - unsigned char *tbs_hash; - if (!get_oqsname_fromtls(name)){ - if (name[0] == 'e'){//ed25519 or ed448 - if(name[2] == '2'){//ed25519 - tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); - SHA512(tbs, tbslen, tbs_hash); - final_tbslen += SHA512_DIGEST_LENGTH; - }else{//ed4448 - EVP_MD_CTX *shake = EVP_MD_CTX_new(); - unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; - tbs_hash = OPENSSL_malloc(tbs_hash_len); - - if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0) - || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) - || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len) <= 0 )){ + + // prepare the pre-hash + for (i = 0; i < oqsxkey->numkeys; i++) { + char *name; + if ((name = get_cmpname(nid, i)) == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - final_tbslen += tbs_hash_len; - EVP_MD_CTX_free(shake); + unsigned char *tbs_hash; + if (!get_oqsname_fromtls(name)) { + if (name[0] == 'e') { // ed25519 or ed448 + if (name[2] == '2') { // ed25519 + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + } else { // ed4448 + EVP_MD_CTX *shake = EVP_MD_CTX_new(); + unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; + tbs_hash = OPENSSL_malloc(tbs_hash_len); + + if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) + <= 0) + || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) + || (EVP_DigestFinalXOF(shake, tbs_hash, + tbs_hash_len) + <= 0)) { + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } + final_tbslen += tbs_hash_len; + EVP_MD_CTX_free(shake); + } + } else if ((name[0] == 'p') || (name[0] == 'b') + || (name[0] == 'r')) { // p256 or p384 or bp256 or + // bp384 or pss or rsa3072 + int aux; + if (name[0] == 'b') + aux = 2; + else + aux = 1; + switch (name[aux]) { + case 's': // pss or rsa + case '2': // p256 or bp256 + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case '3': // p384 or bp384 + tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); + SHA384(tbs, tbslen, tbs_hash); + final_tbslen += SHA384_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } else { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_prefix, oid_prefix_len); + memcpy(final_tbs + oid_prefix_len, tbs_hash, + final_tbslen - oid_prefix_len); + OPENSSL_free(tbs_hash); } - }else if ((name[0] == 'p') - || (name[0] == 'b') - || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072 - int aux; - if (name[0] == 'b') - aux = 2; - else - aux = 1; - switch(name[aux]){ - case 's'://pss or rsa - case '2'://p256 or bp256 - tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); - SHA256(tbs, tbslen, tbs_hash); - final_tbslen += SHA256_DIGEST_LENGTH; - break; - case '3'://p384 or bp384 - tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); - SHA384(tbs, tbslen, tbs_hash); - final_tbslen += SHA384_DIGEST_LENGTH; - break; - default: - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; - } - }else{ - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); - goto endverify; - } - final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, oid_prefix_len); - memcpy(final_tbs + oid_prefix_len, tbs_hash, final_tbslen - oid_prefix_len); - OPENSSL_free(tbs_hash); - } - OPENSSL_free(name); - } - - for(i = 0; i < oqsxkey->numkeys; i++){ - if (i == 0){ - buf = compsig->sig1->data; - buf_len = compsig->sig1->length; - }else{ - buf = compsig->sig2->data; - buf_len = compsig->sig2->length; - } - - char *name; - if((name = get_cmpname(nid, i)) == NULL){ - OPENSSL_free(name); - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; } - if (get_oqsname_fromtls(name)){ - if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf, buf_len, oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; - } - }else{ - const EVP_MD *classical_md; - int digest_len; - int aux; - EVP_MD_CTX* evp_ctx = EVP_MD_CTX_new(); - unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ - - if(name[0] == 'e'){ //ed25519 or ed448 - if((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, oqsxkey->cmp_classical_pkey[i]) <= 0) - || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, final_tbslen) <= 0)){ - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; - } - } else { - if (((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->cmp_classical_pkey[i], NULL)) == NULL) - || (EVP_PKEY_verify_init(ctx_verify) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; + for (i = 0; i < oqsxkey->numkeys; i++) { + if (i == 0) { + buf = compsig->sig1->data; + buf_len = compsig->sig1->length; + } else { + buf = compsig->sig2->data; + buf_len = compsig->sig2->length; } - if (!strncmp(name, "pss", 3)) - { - if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PSS_PADDING) <= 0) - || (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx_verify, 64) <= 0) - || (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, EVP_sha256()) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - OPENSSL_free(name); - goto endverify; - } - } else if (oqsxkey->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) - { - if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) <= 0) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - OPENSSL_free(name); - goto endverify; - } - } - if ((name[0] == 'p') - || (name[0] == 'b') - || (name[0] == 'r')) - { - int aux; - if(name[0] == 'b') - aux = 2; - else - aux = 1; - switch(name[aux]){ - case 's'://pss or rsa - case '2'://p256 or bp256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - case '3'://p384 or bp384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - case '5'://p512 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(final_tbs, final_tbslen, (unsigned char *)&digest); - break; - default: - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + + char *name; + if ((name = get_cmpname(nid, i)) == NULL) { OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - } - if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) - || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, digest_len) <= 0)) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + + if (get_oqsname_fromtls(name)) { + if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf, + buf_len, oqsxkey->comp_pubkey[i]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } else { + const EVP_MD *classical_md; + int digest_len; + int aux; + EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); + unsigned char + digest[SHA512_DIGEST_LENGTH]; /* init with max length */ + + if (name[0] == 'e') { // ed25519 or ed448 + if ((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, + oqsxkey->cmp_classical_pkey[i]) + <= 0) + || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, + final_tbslen) + <= 0)) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } else { + if (((ctx_verify = EVP_PKEY_CTX_new( + oqsxkey->cmp_classical_pkey[i], NULL)) + == NULL) + || (EVP_PKEY_verify_init(ctx_verify) <= 0)) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + if (!strncmp(name, "pss", 3)) { + if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify, + RSA_PKCS1_PSS_PADDING) + <= 0) + || (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx_verify, 64) + <= 0) + || (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx_verify, + EVP_sha256()) + <= 0)) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + OPENSSL_free(name); + goto endverify; + } + } else if (oqsxkey->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + == EVP_PKEY_RSA) { + if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, + RSA_PKCS1_PADDING) + <= 0) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + OPENSSL_free(name); + goto endverify; + } + } + if ((name[0] == 'p') || (name[0] == 'b') + || (name[0] == 'r')) { + int aux; + if (name[0] == 'b') + aux = 2; + else + aux = 1; + switch (name[aux]) { + case 's': // pss or rsa + case '2': // p256 or bp256 + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + case '3': // p384 or bp384 + classical_md = EVP_sha384(); + digest_len = SHA384_DIGEST_LENGTH; + SHA384(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + case '5': // p512 + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(final_tbs, final_tbslen, + (unsigned char *)&digest); + break; + default: + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) + <= 0) + || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, + digest_len) + <= 0)) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + OPENSSL_free(name); + goto endverify; + } + } + } + OPENSSL_free(name); + } + OPENSSL_free(compsig); + OPENSSL_free(final_tbs); + } else { + if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); goto endverify; - } - } - } - - OPENSSL_free(name); - } - OPENSSL_free(compsig); - OPENSSL_free(final_tbs); - }else - { - if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - goto endverify; - } - if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, - siglen - classical_sig_len, - oqsxkey->comp_pubkey[oqsxkey->numkeys-1]) - != OQS_SUCCESS) - { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } + } + if (OQS_SIG_verify(oqs_key, tbs, tbslen, sig + index, + siglen - classical_sig_len, + oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) + != OQS_SUCCESS) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + goto endverify; + } } rv = 1; @@ -949,7 +987,7 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, const char *mdname, void *voqssig, int operation) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF2( "OQS SIG provider: digest_signverify_init called for mdname %s\n", @@ -959,8 +997,8 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, if (!oqs_sig_signverify_init(vpoqs_sigctx, voqssig, operation)) return 0; - if (!oqs_sig_setup_md(poqs_sigctx, mdname, NULL)) - return 0; + if (!oqs_sig_setup_md(poqs_sigctx, mdname, NULL)) + return 0; if (mdname != NULL) { poqs_sigctx->mdctx = EVP_MD_CTX_new(); @@ -971,7 +1009,7 @@ static int oqs_sig_digest_signverify_init(void *vpoqs_sigctx, goto error; } - return 1; + return 1; error: EVP_MD_CTX_free(poqs_sigctx->mdctx); @@ -1001,9 +1039,9 @@ static int oqs_sig_digest_verify_init(void *vpoqs_sigctx, const char *mdname, int oqs_sig_digest_signverify_update(void *vpoqs_sigctx, const unsigned char *data, size_t datalen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: digest_signverify_update called\n"); + OQS_SIG_PRINTF("OQS SIG provider: digest_signverify_update called\n"); if (poqs_sigctx == NULL) return 0; @@ -1039,13 +1077,13 @@ int oqs_sig_digest_signverify_update(void *vpoqs_sigctx, int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, size_t sigsize) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - unsigned char digest[EVP_MAX_MD_SIZE]; - unsigned int dlen = 0; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + unsigned char digest[EVP_MAX_MD_SIZE]; + unsigned int dlen = 0; - OQS_SIG_PRINTF("OQS SIG provider: digest_sign_final called\n"); - if (poqs_sigctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: digest_sign_final called\n"); + if (poqs_sigctx == NULL) + return 0; /* * If sig is NULL then we're just finding out the sig size. Other fields @@ -1062,7 +1100,7 @@ int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, return 0; } - poqs_sigctx->flag_allow_md = 1; + poqs_sigctx->flag_allow_md = 1; if (poqs_sigctx->mdctx != NULL) return oqs_sig_sign(vpoqs_sigctx, sig, siglen, sigsize, digest, @@ -1075,13 +1113,13 @@ int oqs_sig_digest_sign_final(void *vpoqs_sigctx, unsigned char *sig, int oqs_sig_digest_verify_final(void *vpoqs_sigctx, const unsigned char *sig, size_t siglen) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - unsigned char digest[EVP_MAX_MD_SIZE]; - unsigned int dlen = 0; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + unsigned char digest[EVP_MAX_MD_SIZE]; + unsigned int dlen = 0; - OQS_SIG_PRINTF("OQS SIG provider: digest_verify_final called\n"); - if (poqs_sigctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: digest_verify_final called\n"); + if (poqs_sigctx == NULL) + return 0; // TBC for hybrids: if (poqs_sigctx->mdctx) { @@ -1098,7 +1136,7 @@ int oqs_sig_digest_verify_final(void *vpoqs_sigctx, const unsigned char *sig, static void oqs_sig_freectx(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *ctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *ctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQS_SIG_PRINTF("OQS SIG provider: freectx called\n"); OPENSSL_free(ctx->propq); @@ -1119,27 +1157,27 @@ static void oqs_sig_freectx(void *vpoqs_sigctx) static void *oqs_sig_dupctx(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *srcctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - PROV_OQSSIG_CTX *dstctx; + PROV_OQSSIG_CTX *srcctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *dstctx; - OQS_SIG_PRINTF("OQS SIG provider: dupctx called\n"); + OQS_SIG_PRINTF("OQS SIG provider: dupctx called\n"); - dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) - return NULL; + dstctx = OPENSSL_zalloc(sizeof(*srcctx)); + if (dstctx == NULL) + return NULL; - *dstctx = *srcctx; - dstctx->sig = NULL; - dstctx->md = NULL; - dstctx->mdctx = NULL; + *dstctx = *srcctx; + dstctx->sig = NULL; + dstctx->md = NULL; + dstctx->mdctx = NULL; - if (srcctx->sig != NULL && !oqsx_key_up_ref(srcctx->sig)) - goto err; - dstctx->sig = srcctx->sig; + if (srcctx->sig != NULL && !oqsx_key_up_ref(srcctx->sig)) + goto err; + dstctx->sig = srcctx->sig; - if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) - goto err; - dstctx->md = srcctx->md; + if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) + goto err; + dstctx->md = srcctx->md; if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); @@ -1176,14 +1214,14 @@ static void *oqs_sig_dupctx(void *vpoqs_sigctx) static int oqs_sig_get_ctx_params(void *vpoqs_sigctx, OSSL_PARAM *params) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OSSL_PARAM *p; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + OSSL_PARAM *p; - OQS_SIG_PRINTF("OQS SIG provider: get_ctx_params called\n"); - if (poqs_sigctx == NULL || params == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: get_ctx_params called\n"); + if (poqs_sigctx == NULL || params == NULL) + return 0; - p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); + p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); if (poqs_sigctx->aid == NULL) { poqs_sigctx->aid_len @@ -1195,11 +1233,11 @@ static int oqs_sig_get_ctx_params(void *vpoqs_sigctx, OSSL_PARAM *params) poqs_sigctx->aid_len)) return 0; - p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); - if (p != NULL && !OSSL_PARAM_set_utf8_string(p, poqs_sigctx->mdname)) - return 0; + p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); + if (p != NULL && !OSSL_PARAM_set_utf8_string(p, poqs_sigctx->mdname)) + return 0; - return 1; + return 1; } static const OSSL_PARAM known_gettable_ctx_params[] @@ -1211,17 +1249,17 @@ static const OSSL_PARAM * oqs_sig_gettable_ctx_params(ossl_unused void *vpoqs_sigctx, ossl_unused void *vctx) { - OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_params called\n"); - return known_gettable_ctx_params; + OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_params called\n"); + return known_gettable_ctx_params; } static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - const OSSL_PARAM *p; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + const OSSL_PARAM *p; - OQS_SIG_PRINTF("OQS SIG provider: set_ctx_params called\n"); - if (poqs_sigctx == NULL || params == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: set_ctx_params called\n"); + if (poqs_sigctx == NULL || params == NULL) + return 0; p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); /* Not allowed during certain operations */ @@ -1233,13 +1271,14 @@ static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_PROPERTIES); - if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) - return 0; - if (propsp != NULL && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) - return 0; - if (!oqs_sig_setup_md(poqs_sigctx, mdname, mdprops)) - return 0; - } + if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) + return 0; + if (propsp != NULL + && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) + return 0; + if (!oqs_sig_setup_md(poqs_sigctx, mdname, mdprops)) + return 0; + } // not passing in parameters we can act on is no error return 1; @@ -1253,65 +1292,65 @@ static const OSSL_PARAM known_settable_ctx_params[] static const OSSL_PARAM *oqs_sig_settable_ctx_params(ossl_unused void *vpsm2ctx, ossl_unused void *provctx) { - /* - * TODO(3.0): Should this function return a different set of settable ctx - * params if the ctx is being used for a DigestSign/DigestVerify? In that - * case it is not allowed to set the digest size/digest name because the - * digest is explicitly set as part of the init. - * NOTE: Ideally we would check poqs_sigctx->flag_allow_md, but this is - * problematic because there is no nice way of passing the - * PROV_OQSSIG_CTX down to this function... - * Because we have API's that dont know about their parent.. - * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig). - * We could pass NULL for that case (but then how useful is the check?). - */ - OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_params called\n"); - return known_settable_ctx_params; + /* + * TODO(3.0): Should this function return a different set of settable ctx + * params if the ctx is being used for a DigestSign/DigestVerify? In that + * case it is not allowed to set the digest size/digest name because the + * digest is explicitly set as part of the init. + * NOTE: Ideally we would check poqs_sigctx->flag_allow_md, but this is + * problematic because there is no nice way of passing the + * PROV_OQSSIG_CTX down to this function... + * Because we have API's that dont know about their parent.. + * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig). + * We could pass NULL for that case (but then how useful is the check?). + */ + OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_params called\n"); + return known_settable_ctx_params; } static int oqs_sig_get_ctx_md_params(void *vpoqs_sigctx, OSSL_PARAM *params) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: get_ctx_md_params called\n"); - if (poqs_sigctx->mdctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: get_ctx_md_params called\n"); + if (poqs_sigctx->mdctx == NULL) + return 0; - return EVP_MD_CTX_get_params(poqs_sigctx->mdctx, params); + return EVP_MD_CTX_get_params(poqs_sigctx->mdctx, params); } static const OSSL_PARAM *oqs_sig_gettable_ctx_md_params(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_md_params called\n"); - if (poqs_sigctx->md == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: gettable_ctx_md_params called\n"); + if (poqs_sigctx->md == NULL) + return 0; - return EVP_MD_gettable_ctx_params(poqs_sigctx->md); + return EVP_MD_gettable_ctx_params(poqs_sigctx->md); } static int oqs_sig_set_ctx_md_params(void *vpoqs_sigctx, const OSSL_PARAM params[]) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - OQS_SIG_PRINTF("OQS SIG provider: set_ctx_md_params called\n"); - if (poqs_sigctx->mdctx == NULL) - return 0; + OQS_SIG_PRINTF("OQS SIG provider: set_ctx_md_params called\n"); + if (poqs_sigctx->mdctx == NULL) + return 0; - return EVP_MD_CTX_set_params(poqs_sigctx->mdctx, params); + return EVP_MD_CTX_set_params(poqs_sigctx->mdctx, params); } static const OSSL_PARAM *oqs_sig_settable_ctx_md_params(void *vpoqs_sigctx) { - PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; + PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; - if (poqs_sigctx->md == NULL) - return 0; + if (poqs_sigctx->md == NULL) + return 0; - OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_md_params called\n"); - return EVP_MD_settable_ctx_params(poqs_sigctx->md); + OQS_SIG_PRINTF("OQS SIG provider: settable_ctx_md_params called\n"); + return EVP_MD_settable_ctx_params(poqs_sigctx->md); } const OSSL_DISPATCH oqs_signature_functions[] diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index e300a86c..17d73480 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -261,15 +261,15 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), dilithium3_p256), DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, dilithium3_bp256), - DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, dilithium3_bp256), - DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, + DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, dilithium3_ed25519), - DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), - DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, + DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, dilithium3_pss3072), - DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, dilithium3_pss3072), #endif @@ -280,17 +280,17 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), p521_dilithium5), DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5), - DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, + DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, dilithium5_p384), - DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, dilithium5_p384), - DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, + DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, dilithium5_bp384), - DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, dilithium5_bp384), - DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, + DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, dilithium5_ed448), - DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, + DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 @@ -305,17 +305,16 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_falcon512), DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256), - DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, - falcon512_p256), + DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256), - DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, + DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, falcon512_bp256), - DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, + DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, falcon512_bp256), - DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, + DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, falcon512_ed25519), - DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, + DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 @@ -378,4 +377,4 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), #endif -///// OQS_TEMPLATE_FRAGMENT_MAKE_END + ///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index e12e45cb..165fb62d 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -677,7 +677,7 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), + ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, @@ -691,43 +691,43 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_p256", dilithium3_p256), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), @@ -753,43 +753,43 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p521_dilithium5", p521_dilithium5), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium5_p384", dilithium5_p384), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), #endif @@ -825,10 +825,8 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, - PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, der, EncryptedPrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, @@ -838,30 +836,30 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("falcon512_p256", falcon512_p256), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, SubjectPublicKeyInfo), ENCODER_TEXT("falcon512_bp256", falcon512_bp256), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, SubjectPublicKeyInfo), ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), #endif @@ -1061,4 +1059,4 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_TEXT("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple), #endif -///// OQS_TEMPLATE_FRAGMENT_MAKE_END + ///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index bf7ad14e..24d02400 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -193,34 +193,34 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "2.16.840.1.114027.80.7.1.7", "dilithium3_rsa3072", "2.16.840.1.114027.80.7.1.8", - "dilithium3_p256", - "2.16.840.1.114027.80.7.1.9", - "dilithium3_bp256", - "2.16.840.1.114027.80.7.1.10", - "dilithium3_ed25519", - "2.16.840.1.114027.80.7.1.11", - "dilithium5_p384", - "2.16.840.1.114027.80.7.1.12", - "dilithium5_bp384", - "2.16.840.1.114027.80.7.1.13", - "dilithium5_ed448", - "2.16.840.1.114027.80.7.1.14", - "falcon512_p256", - "2.16.840.1.114027.80.7.1.15", - "falcon512_bp256", - "2.16.840.1.114027.80.7.1.16", - "falcon512_ed25519", - "2.16.840.1.114027.80.7.1.6", - "dilithium3_pss3072", - "2.16.840.1.114027.80.7.1.1", + "dilithium3_p256", + "2.16.840.1.114027.80.7.1.9", + "dilithium3_bp256", + "2.16.840.1.114027.80.7.1.10", + "dilithium3_ed25519", + "2.16.840.1.114027.80.7.1.11", + "dilithium5_p384", + "2.16.840.1.114027.80.7.1.12", + "dilithium5_bp384", + "2.16.840.1.114027.80.7.1.13", + "dilithium5_ed448", + "2.16.840.1.114027.80.7.1.14", + "falcon512_p256", + "2.16.840.1.114027.80.7.1.15", + "falcon512_bp256", + "2.16.840.1.114027.80.7.1.16", + "falcon512_ed25519", + "2.16.840.1.114027.80.7.1.6", + "dilithium3_pss3072", + "2.16.840.1.114027.80.7.1.1", "dilithium2_pss2048", - "2.16.840.1.114027.80.7.1.2", + "2.16.840.1.114027.80.7.1.2", "dilithium2_rsa2048", - "2.16.840.1.114027.80.7.1.3", + "2.16.840.1.114027.80.7.1.3", "dilithium2_ed25519", - "2.16.840.1.114027.80.7.1.4", + "2.16.840.1.114027.80.7.1.4", "dilithium2_p256", - "2.16.840.1.114027.80.7.1.5", + "2.16.840.1.114027.80.7.1.5", "dilithium2_bp256", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 36612370..76087dfc 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -17,7 +17,6 @@ #include #include - #ifdef NDEBUG # define OQS_KEY_PRINTF(a) # define OQS_KEY_PRINTF2(a, b) @@ -34,8 +33,7 @@ printf(a, b, c) #endif // NDEBUG -typedef enum -{ +typedef enum { KEY_OP_PUBLIC, KEY_OP_PRIVATE, KEY_OP_KEYGEN @@ -43,8 +41,7 @@ typedef enum /// NID/name table -typedef struct -{ +typedef struct { int nid; char *tlsname; char *oqsname; @@ -153,38 +150,22 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128}, - {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 128}, - {0, "falcon512_p256", OQS_SIG_alg_falcon_512, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, - KEY_TYPE_CMP_SIG, 192}, - {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 256}, - {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, - KEY_TYPE_CMP_SIG, 384}, - {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, - KEY_TYPE_CMP_SIG, 192}, - {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, - KEY_TYPE_CMP_SIG, 256}, - {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, - KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, - KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, - KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, - KEY_TYPE_CMP_SIG, 256}, + {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, + {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, + {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, + {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, + {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, + {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; @@ -220,19 +201,17 @@ static int get_keytype(int nid) return 0; } - -char *get_oqsname_fromtls(char *tlsname) +char *get_oqsname_fromtls(char *tlsname) { int i; - for (i = 0; i < NID_TABLE_LEN; i++) - { - if (nid_names[i].keytype == KEY_TYPE_SIG) - { - if (!strcmp(nid_names[i].oqsname, tlsname) || !strcmp(nid_names[i].tlsname, tlsname)) + for (i = 0; i < NID_TABLE_LEN; i++) { + if (nid_names[i].keytype == KEY_TYPE_SIG) { + if (!strcmp(nid_names[i].oqsname, tlsname) + || !strcmp(nid_names[i].tlsname, tlsname)) return nid_names[i].oqsname; } } - return 0; //classical + return 0; // classical } char *get_oqsname(int nid) @@ -245,49 +224,49 @@ char *get_oqsname(int nid) return 0; } -char* get_cmpname(int nid, int index) +char *get_cmpname(int nid, int index) { int i, j; - char* name; - char* first_token; - char* token; - char* s; + char *name; + char *first_token; + char *token; + char *s; if ((i = get_oqsalg_idx(nid)) == -1) return NULL; s = OPENSSL_strdup(nid_names[i].tlsname); first_token = strtok_r(s, "_", &s); - if (index == 0){ - name = OPENSSL_strdup(first_token); - }else{ - for (j = 0; j < index; j ++) - token = strtok_r(s, "_", &s); + if (index == 0) { + name = OPENSSL_strdup(first_token); + } else { + for (j = 0; j < index; j++) + token = strtok_r(s, "_", &s); name = OPENSSL_strdup(token); } OPENSSL_free(first_token); return name; } -//count the amount of keys in the structure +// count the amount of keys in the structure int get_qntcmp(int nid) { int i; int index = 1; if ((i = get_oqsalg_idx(nid)) == -1) return -1; - if (nid_names[i].keytype == KEY_TYPE_CMP_SIG){ - char* s = OPENSSL_strdup(nid_names[i].tlsname); - char* first_token = strtok_r(s, "_", &s); - char* token; + if (nid_names[i].keytype == KEY_TYPE_CMP_SIG) { + char *s = OPENSSL_strdup(nid_names[i].tlsname); + char *first_token = strtok_r(s, "_", &s); + char *token; index = 0; - while (token != NULL){ + while (token != NULL) { token = strtok_r(s, "_", &s); index++; } OPENSSL_free(first_token); - }else{ + } else { if ((nid_names[i].keytype == KEY_TYPE_HYB_SIG) - ||(nid_names[i].keytype == KEY_TYPE_ECP_HYB_KEM) - ||(nid_names[i].keytype == KEY_TYPE_ECX_HYB_KEM)){ + || (nid_names[i].keytype == KEY_TYPE_ECP_HYB_KEM) + || (nid_names[i].keytype == KEY_TYPE_ECX_HYB_KEM)) { index = 2; } } @@ -314,56 +293,47 @@ static int oqsx_key_set_composites(OQSX_KEY *key) if (key->numkeys == 1) { key->comp_privkey[0] = key->privkey; key->comp_pubkey[0] = key->pubkey; - } - else - { // TBD: extend for more than 1 classic key or first OQS for composite: - if (key->keytype == KEY_TYPE_CMP_SIG){ + } else { // TBD: extend for more than 1 classic key or first OQS for + // composite: + if (key->keytype == KEY_TYPE_CMP_SIG) { int i; int privlen = 0; int publen = 0; - for (i = 0; i < key->numkeys; i++){ - if (key->privkey) - { + for (i = 0; i < key->numkeys; i++) { + if (key->privkey) { key->comp_privkey[i] = (char *)key->privkey + privlen; privlen += key->privkeylen_cmp[i]; - } - else - { + } else { key->comp_privkey[i] = NULL; } - if (key->pubkey) - { + if (key->pubkey) { key->comp_pubkey[i] = (char *)key->pubkey + publen; publen += key->pubkeylen_cmp[i]; - } - else - { + } else { key->comp_pubkey[i] = NULL; } } - }else{ - int classic_pubkey_len, classic_privkey_len; - - if (key->privkey) { - key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_privkey_len, key->privkey); - key->comp_privkey[1] - = (char *)key->privkey + classic_privkey_len + SIZE_OF_UINT32; - } - else { - key->comp_privkey[0] = NULL; - key->comp_privkey[1] = NULL; - } - if (key->pubkey) { - key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; - DECODE_UINT32(classic_pubkey_len, key->pubkey); - key->comp_pubkey[1] - = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; - } - else { - key->comp_pubkey[0] = NULL; - key->comp_pubkey[1] = NULL; - } + } else { + int classic_pubkey_len, classic_privkey_len; + + if (key->privkey) { + key->comp_privkey[0] = (char *)key->privkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_privkey_len, key->privkey); + key->comp_privkey[1] = (char *)key->privkey + + classic_privkey_len + SIZE_OF_UINT32; + } else { + key->comp_privkey[0] = NULL; + key->comp_privkey[1] = NULL; + } + if (key->pubkey) { + key->comp_pubkey[0] = (char *)key->pubkey + SIZE_OF_UINT32; + DECODE_UINT32(classic_pubkey_len, key->pubkey); + key->comp_pubkey[1] + = (char *)key->pubkey + classic_pubkey_len + SIZE_OF_UINT32; + } else { + key->comp_pubkey[0] = NULL; + key->comp_pubkey[1] = NULL; + } } } err: @@ -423,13 +393,11 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}; const unsigned char p521params[] = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23}; - const char ed25519params[] - = {0x06, 0x03, 0x2b, 0x65, 0x70}; - const char ed448params[] - = {0x06, 0x03, 0x2b, 0x65, 0x71}; - const char bp256params[] + const char ed25519params[] = {0x06, 0x03, 0x2b, 0x65, 0x70}; + const char ed448params[] = {0x06, 0x03, 0x2b, 0x65, 0x71}; + const char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07}; - const char bp384params[] + const char bp384params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b}; const unsigned char *params; @@ -464,15 +432,15 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 72}, // 128 bit - {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 104}, // 192 bit {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 141}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP256r1, 0, 65, 122, 32, 72}, // 256 bit {EVP_PKEY_EC, NID_brainpoolP384r1, 0, 97, 171, 48, 104}, // 384 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit {EVP_PKEY_RSA, NID_rsaEncryption, 0, 270, 1193, 0, 256}, // 112 bit - {EVP_PKEY_ED25519, NID_ED25519, 1 , 32, 32, 32, 72}, // 128 bit - {EVP_PKEY_ED448, NID_ED448, 1 , 57, 57, 57, 122}, // 192 bit - + {EVP_PKEY_ED25519, NID_ED25519, 1, 32, 32, 32, 72}, // 128 bit + {EVP_PKEY_ED448, NID_ED448, 1, 57, 57, 57, 122}, // 192 bit + }; // These two array need to stay synced: static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; @@ -497,18 +465,15 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, int idx = (bit_security - 128) / 64; ON_ERR_GOTO(idx < 0 || idx > 5, err); - if (!strncmp(algname, "rsa", 3) || !strncmp(algname, "pss", 3)){ + if (!strncmp(algname, "rsa", 3) || !strncmp(algname, "pss", 3)) { idx += 5; if (bit_security == 112) idx += 1; - } else if (algname[0] != 'p' && algname[0] != 'e') - { - if (algname[0] == 'b'){ //bp - if (algname[2] == '2') //bp256 + } else if (algname[0] != 'p' && algname[0] != 'e') { + if (algname[0] == 'b') { // bp + if (algname[2] == '2') // bp256 idx += 1; - } - else - { + } else { OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); ret = 0; goto err; @@ -517,7 +482,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, ON_ERR_GOTO(idx < 0 || idx > 6, err); - if(algname[0] == 'e') //ED25519 or ED448 + if (algname[0] == 'e') // ED25519 or ED448 { evp_ctx->evp_info = &nids_sig[idx + 7]; @@ -534,18 +499,17 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); ON_ERR_GOTO(!evp_ctx->ctx, err); - - if (idx < 5) - { // EC - ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); - - ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, - evp_ctx->evp_info->nid); - ON_ERR_GOTO(ret <= 0, free_evp_ctx); - - ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); - ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); + + if (idx < 5) { // EC + ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); + ON_ERR_GOTO(ret <= 0, err); + + ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid( + evp_ctx->ctx, evp_ctx->evp_info->nid); + ON_ERR_GOTO(ret <= 0, free_evp_ctx); + + ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); + ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); } } // RSA bit length set only during keygen @@ -627,29 +591,25 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int ret = 0; OQS_KEY_PRINTF2("OQSX KEY: key_op called with data of len %d\n", plen); - if (palg != NULL) - { + if (palg != NULL) { int ptype; /* Algorithm parameters must be absent */ X509_ALGOR_get0(NULL, &ptype, NULL, palg); - if (ptype != V_ASN1_UNDEF || !palg || !palg->algorithm) - { + if (ptype != V_ASN1_UNDEF || !palg || !palg->algorithm) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } nid = OBJ_obj2nid(palg->algorithm); } - if (p == NULL || nid == EVP_PKEY_NONE || nid == NID_undef) - { + if (p == NULL || nid == EVP_PKEY_NONE || nid == NID_undef) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return 0; } key = oqsx_key_new_from_nid(libctx, propq, nid); - if (key == NULL) - { + if (key == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return 0; } @@ -697,182 +657,193 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, size_t actualprivkeylen = key->privkeylen; // for hybrid keys, we expect classic priv key||OQS priv key||OQS pub // key classic pub key must/can be re-created from classic private key - if (key->keytype == KEY_TYPE_CMP_SIG){ + if (key->keytype == KEY_TYPE_CMP_SIG) { size_t privlen = 0; size_t publen = 0; size_t previous_privlen = 0; size_t previous_publen = 0; int pqc_pub_enc = 0; int i; - - //check if key is the right size - for (i = 0; i < key->numkeys; i++){ + + // check if key is the right size + for (i = 0; i < key->numkeys; i++) { char *name; - if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } privlen = key->privkeylen_cmp[i]; - if (get_oqsname_fromtls(name) == 0){//classical key + if (get_oqsname_fromtls(name) == 0) { // classical key publen = 0; - }else{//PQC key - publen = key->pubkeylen_cmp[i]; //pubkey in PQC privkey is OPTIONAL + } else { // PQC key + publen = key->pubkeylen_cmp[i]; // pubkey in PQC privkey is + // OPTIONAL } previous_privlen += privlen; previous_publen += publen; OPENSSL_free(name); - } - if (previous_privlen != plen) - { - //is ok, PQC pubkey might be in privkey + } + if (previous_privlen != plen) { + // is ok, PQC pubkey might be in privkey pqc_pub_enc = 1; - if (previous_privlen + previous_publen != plen){ + if (previous_privlen + previous_publen != plen) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } - if (oqsx_key_allocate_keymaterial(key, 0)) - { + if (oqsx_key_allocate_keymaterial(key, 0)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); goto err; } } - if (oqsx_key_allocate_keymaterial(key, 1)) - { + if (oqsx_key_allocate_keymaterial(key, 1)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); goto err; } previous_privlen = 0; previous_publen = 0; - for (i = 0; i < key->numkeys; i++){ + for (i = 0; i < key->numkeys; i++) { size_t classic_publen = 0; char *name; - if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } - if (get_oqsname_fromtls(name) == 0){//classical key - publen = 0; //no pubkey encoded with privkey on classical keys. will recreate the pubkey later - if(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA){ //get the RSA real key size - unsigned char* enc_len = OPENSSL_strndup(p + previous_privlen + previous_publen, 4); + if (get_oqsname_fromtls(name) == 0) { // classical key + publen = 0; // no pubkey encoded with privkey on classical + // keys. will recreate the pubkey later + if (key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + == EVP_PKEY_RSA) { // get the RSA real key size + unsigned char *enc_len = OPENSSL_strndup( + p + previous_privlen + previous_publen, 4); OPENSSL_cleanse(enc_len, 2); DECODE_UINT32(privlen, enc_len); privlen += 4; OPENSSL_free(enc_len); - if (privlen > key->privkeylen_cmp[i]){ + if (privlen > key->privkeylen_cmp[i]) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } - }else - privlen = key->privkeylen_cmp[i]; - }else{//PQC key + } else + privlen = key->privkeylen_cmp[i]; + } else { // PQC key privlen = key->privkeylen_cmp[i]; if (pqc_pub_enc) publen = key->pubkeylen_cmp[i]; else publen = 0; - - } - memcpy(key->privkey + previous_privlen, p + previous_privlen + previous_publen, privlen); - memcpy(key->pubkey + previous_publen, p + privlen + previous_privlen + previous_publen, publen); - previous_privlen += privlen; - previous_publen += publen; - OPENSSL_free(name); + } + memcpy(key->privkey + previous_privlen, + p + previous_privlen + previous_publen, privlen); + memcpy(key->pubkey + previous_publen, + p + privlen + previous_privlen + previous_publen, + publen); + previous_privlen += privlen; + previous_publen += publen; + OPENSSL_free(name); } - }else{ - if (key->numkeys == 2) { - DECODE_UINT32(classical_privatekey_len, - p); // actual classic key len - // adjust expected size - if (classical_privatekey_len > key->evp_info->length_private_key) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + } else { + if (key->numkeys == 2) { + DECODE_UINT32(classical_privatekey_len, + p); // actual classic key len + // adjust expected size + if (classical_privatekey_len + > key->evp_info->length_private_key) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + actualprivkeylen -= (key->evp_info->length_private_key + - classical_privatekey_len); } - actualprivkeylen -= (key->evp_info->length_private_key - - classical_privatekey_len); - } #ifdef USE_ENCODING_LIB - if (key->oqsx_encoding_ctx.encoding_ctx - && key->oqsx_encoding_ctx.encoding_impl) { - const qsc_encoding_t *encoding_ctx - = key->oqsx_encoding_ctx.encoding_ctx; + if (key->oqsx_encoding_ctx.encoding_ctx + && key->oqsx_encoding_ctx.encoding_impl) { + const qsc_encoding_t *encoding_ctx + = key->oqsx_encoding_ctx.encoding_ctx; # ifdef NOPUBKEY_IN_PRIVKEY - // if the raw private key includes the public key, the optional part - // is needed, otherwise not. - int withoptional - = (encoding_ctx->raw_private_key_encodes_public_key ? 1 : 0); + // if the raw private key includes the public key, the optional + // part is needed, otherwise not. + int withoptional + = (encoding_ctx->raw_private_key_encodes_public_key ? 1 + : 0); # else - int withoptional = 1; + int withoptional = 1; # endif - int pubkey_available = withoptional; - if (oqsx_key_allocate_keymaterial(key, 1)) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; - } - if (pubkey_available) { - if (oqsx_key_allocate_keymaterial(key, 0)) { + int pubkey_available = withoptional; + if (oqsx_key_allocate_keymaterial(key, 1)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); goto err; } - } + if (pubkey_available) { + if (oqsx_key_allocate_keymaterial(key, 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err; + } + } - if (qsc_decode( - encoding_ctx, key->oqsx_encoding_ctx.encoding_impl, 0, - (pubkey_available ? (unsigned char **)&key->pubkey : 0), p, - (unsigned char **)&key->privkey, withoptional) - != QSC_ENC_OK) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } + if (qsc_decode( + encoding_ctx, key->oqsx_encoding_ctx.encoding_impl, 0, + (pubkey_available ? (unsigned char **)&key->pubkey : 0), + p, (unsigned char **)&key->privkey, withoptional) + != QSC_ENC_OK) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } - } else { + } else { #endif #ifdef NOPUBKEY_IN_PRIVKEY - if (actualprivkeylen != plen) { + if (actualprivkeylen != plen) { + OQS_KEY_PRINTF3( + "OQSX KEY: private key with unexpected length %d vs %d\n", + plen, (int)(actualprivkeylen)); +#else + if (actualprivkeylen + oqsx_key_get_oqs_public_key_len(key) + != plen) { OQS_KEY_PRINTF3( "OQSX KEY: private key with unexpected length %d vs %d\n", - plen, (int)(actualprivkeylen)); -#else - if (actualprivkeylen + oqsx_key_get_oqs_public_key_len(key) != plen) { - OQS_KEY_PRINTF3( - "OQSX KEY: private key with unexpected length %d vs %d\n", plen, - (int)(actualprivkeylen + oqsx_key_get_oqs_public_key_len(key))); + plen, + (int)(actualprivkeylen + + oqsx_key_get_oqs_public_key_len(key))); #endif - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - if (oqsx_key_allocate_keymaterial(key, 1) + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + if (oqsx_key_allocate_keymaterial(key, 1) #ifndef NOPUBKEY_IN_PRIVKEY - || oqsx_key_allocate_keymaterial(key, 0) + || oqsx_key_allocate_keymaterial(key, 0) #endif - ) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; - } - // first populate private key data - memcpy(key->privkey, p, actualprivkeylen); + ) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err; + } + // first populate private key data + memcpy(key->privkey, p, actualprivkeylen); #ifndef NOPUBKEY_IN_PRIVKEY - // only enough data to fill public OQS key component - if (oqsx_key_get_oqs_public_key_len(key) - != plen - actualprivkeylen) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; - } - // populate OQS public key structure - if (key->numkeys == 2) { - unsigned char *pubkey = (unsigned char *)key->pubkey; - ENCODE_UINT32(pubkey, key->evp_info->length_public_key); - memcpy(pubkey + SIZE_OF_UINT32 - + key->evp_info->length_public_key, - p + actualprivkeylen, plen - actualprivkeylen); - } else - memcpy(key->pubkey, p + key->privkeylen, - plen - key->privkeylen); + // only enough data to fill public OQS key component + if (oqsx_key_get_oqs_public_key_len(key) + != plen - actualprivkeylen) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err; + } + // populate OQS public key structure + if (key->numkeys == 2) { + unsigned char *pubkey = (unsigned char *)key->pubkey; + ENCODE_UINT32(pubkey, key->evp_info->length_public_key); + memcpy(pubkey + SIZE_OF_UINT32 + + key->evp_info->length_public_key, + p + actualprivkeylen, plen - actualprivkeylen); + } else + memcpy(key->pubkey, p + key->privkeylen, + plen - key->privkeylen); #endif } - } + } #ifdef USE_ENCODING_LIB } #endif @@ -891,8 +862,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { if (key->keytype == KEY_TYPE_HYB_SIG) { // hybrid key int classical_pubkey_len, classical_privkey_len; - if (!key->evp_info) - { + if (!key->evp_info) { ERR_raise(ERR_LIB_USER, OQSPROV_R_EVPINFO_MISSING); goto rec_err; } @@ -967,74 +937,98 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } } } - if (key->keytype == KEY_TYPE_CMP_SIG){ + if (key->keytype == KEY_TYPE_CMP_SIG) { int i; - if (op == KEY_OP_PUBLIC){ + if (op == KEY_OP_PUBLIC) { - for (i = 0; i < key->numkeys; i++){ + for (i = 0; i < key->numkeys; i++) { char *name; - if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } - if (get_oqsname_fromtls(name) == 0){ + if (get_oqsname_fromtls(name) == 0) { EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA ) - { - npk = setECParams(npk, key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->nid); + if (key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype + != EVP_PKEY_RSA) { + npk = setECParams(npk, + key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->nid); } const unsigned char *enc_pubkey = key->comp_pubkey[i]; - if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ - key->cmp_classical_pkey[i] = d2i_PublicKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); - }else - key->cmp_classical_pkey[i] = EVP_PKEY_new_raw_public_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, enc_pubkey, key->pubkeylen_cmp[i]); - if (!key->cmp_classical_pkey[i]) - { + if (!key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->raw_key_support) { + key->cmp_classical_pkey[i] = d2i_PublicKey( + key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype, + &npk, &enc_pubkey, key->pubkeylen_cmp[i]); + } else + key->cmp_classical_pkey[i] + = EVP_PKEY_new_raw_public_key( + key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype, + NULL, enc_pubkey, key->pubkeylen_cmp[i]); + if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; } } OPENSSL_free(name); - } } - if (op == KEY_OP_PRIVATE){ + if (op == KEY_OP_PRIVATE) { - for (i = 0; i < key->numkeys; i++){ + for (i = 0; i < key->numkeys; i++) { char *name; - if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } - if (get_oqsname_fromtls(name) == 0){ + if (get_oqsname_fromtls(name) == 0) { const unsigned char *enc_privkey = key->comp_privkey[i]; - if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support) - key->cmp_classical_pkey[i] = d2i_PrivateKey(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); + if (!key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->raw_key_support) + key->cmp_classical_pkey[i] = d2i_PrivateKey( + key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype, + NULL, &enc_privkey, key->privkeylen_cmp[i]); else - key->cmp_classical_pkey[i] = EVP_PKEY_new_raw_private_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->keytype, NULL, enc_privkey, key->privkeylen_cmp[i]); - if (!key->cmp_classical_pkey[i]) - { + key->cmp_classical_pkey[i] + = EVP_PKEY_new_raw_private_key( + key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->keytype, + NULL, enc_privkey, key->privkeylen_cmp[i]); + if (!key->cmp_classical_pkey[i]) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; } - if (!key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->raw_key_support){ - unsigned char* comp_pubkey = key->comp_pubkey[i]; - int pubkeylen = i2d_PublicKey(key->cmp_classical_pkey[i], &comp_pubkey); - if (pubkeylen != key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key){ + if (!key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->raw_key_support) { + unsigned char *comp_pubkey = key->comp_pubkey[i]; + int pubkeylen = i2d_PublicKey( + key->cmp_classical_pkey[i], &comp_pubkey); + if (pubkeylen + != key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_public_key) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; } - }else{ + } else { size_t pubkeylen = key->pubkeylen_cmp[i]; - int ret = EVP_PKEY_get_raw_public_key(key->cmp_classical_pkey[i], key->comp_pubkey[i], &pubkeylen); - if (ret <= 0){ + int ret = EVP_PKEY_get_raw_public_key( + key->cmp_classical_pkey[i], key->comp_pubkey[i], + &pubkeylen); + if (ret <= 0) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; @@ -1067,29 +1061,28 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, unsigned char *concat_key; int count, aux, i, buflen; - if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) - { + if (!xpk || (!X509_PUBKEY_get0_param(NULL, &p, &plen, &palg, xpk))) { return NULL; } - if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG){ + if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) { sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); - if (sk == NULL){ + if (sk == NULL) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; - }else{ + } else { count = sk_ASN1_TYPE_num(sk); concat_key = OPENSSL_secure_malloc(plen); aux = 0; - for (i = 0; i < count; i++){ - aType = sk_ASN1_TYPE_pop(sk); + for (i = 0; i < count; i++) { + aType = sk_ASN1_TYPE_pop(sk); buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; + buflen = aType->value.sequence->length; aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); } - p = OPENSSL_memdup (concat_key + plen - aux, aux); + p = OPENSSL_memdup(concat_key + plen - aux, aux); plen = aux; OPENSSL_free(concat_key); } @@ -1117,46 +1110,46 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return 0; - if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG){ + if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { oct = d2i_ASN1_OCTET_STRING(NULL, &p, plen); - if (oct == NULL) - { + if (oct == NULL) { p = NULL; plen = 0; - } - else - { + } else { p = ASN1_STRING_get0_data(oct); plen = ASN1_STRING_length(oct); } - }else{ + } else { sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); - if (sk == NULL){ + if (sk == NULL) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; - }else{ + } else { count = sk_ASN1_TYPE_num(sk); concat_key = OPENSSL_secure_malloc(plen); aux = 0; - for (i = 0; i < count; i++){ - aType = sk_ASN1_TYPE_pop(sk); + for (i = 0; i < count; i++) { + aType = sk_ASN1_TYPE_pop(sk); char *name; - if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) == NULL){ + if ((name + = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) + == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; } buf = aType->value.sequence->data; - buflen = aType->value.sequence->length; + buflen = aType->value.sequence->length; aux += buflen; memcpy(concat_key + plen - aux, buf, buflen); - //if is a RSA key the actual encoding size might be different from max size - //we calculate that difference for to facilitate the key reconstruction - if(!strncmp(name, "rsa", 3) || !strncmp(name, "pss", 3)) { - if (name[3] == '3') //3072 - rsa_diff = nids_sig[5].length_private_key - buflen; - else //2048 + // if is a RSA key the actual encoding size might be different + // from max size we calculate that difference for to facilitate + // the key reconstruction + if (!strncmp(name, "rsa", 3) || !strncmp(name, "pss", 3)) { + if (name[3] == '3') // 3072 + rsa_diff = nids_sig[5].length_private_key - buflen; + else // 2048 rsa_diff = nids_sig[6].length_private_key - buflen; } OPENSSL_free(name); @@ -1166,14 +1159,12 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, plen = aux; } } - if (rsa_diff > 4){//diff is too big, this means an decoding error + if (rsa_diff > 4) { // diff is too big, this means an decoding error ASN1_OCTET_STRING_free(oct); return NULL; } - - oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, - libctx, propq); + oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); ASN1_OCTET_STRING_free(oct); return oqsx; } @@ -1204,14 +1195,12 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } #endif - if (oqs_name == NULL) - { + if (oqs_name == NULL) { OQS_KEY_PRINTF("OQSX_KEY: Fatal error: No OQS key name provided:\n"); goto err; } - if (tls_name == NULL) - { + if (tls_name == NULL) { OQS_KEY_PRINTF("OQSX_KEY: Fatal error: No TLS key name provided:\n"); goto err; } @@ -1347,49 +1336,55 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); ret->privkeylen = 0; ret->pubkeylen = 0; - ret->oqsx_provider_ctx = OPENSSL_malloc(ret->numkeys * sizeof(OQSX_PROVIDER_CTX)); + ret->oqsx_provider_ctx + = OPENSSL_malloc(ret->numkeys * sizeof(OQSX_PROVIDER_CTX)); ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - for (i = 0; i < ret->numkeys; i++){ + for (i = 0; i < ret->numkeys; i++) { char *name; - if ((name = get_cmpname(OBJ_sn2nid(tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(tls_name), i)) == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } - if (get_oqsname_fromtls(name) != 0) - { - ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig = OQS_SIG_new(get_oqsname_fromtls(name)); - if (!ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig) - { - fprintf(stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", name); + if (get_oqsname_fromtls(name) != 0) { + ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig + = OQS_SIG_new(get_oqsname_fromtls(name)); + if (!ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig) { + fprintf( + stderr, + "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", + name); goto err; } - ret->privkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_public_key; - } - else - { + ret->privkeylen_cmp[i] + = ret->oqsx_provider_ctx[i] + .oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i] + .oqsx_qs_ctx.sig->length_public_key; + } else { evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); ON_ERR_GOTO(!evp_ctx, err); ret2 = oqsx_hybsig_init(bit_security, evp_ctx, name); ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); ret->oqsx_provider_ctx[i].oqsx_evp_ctx = evp_ctx; - ret->privkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_private_key; - ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_public_key; + ret->privkeylen_cmp[i] + = ret->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_private_key; + ret->pubkeylen_cmp[i] + = ret->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_public_key; } ret->privkeylen += ret->privkeylen_cmp[i]; - ret->pubkeylen += ret->pubkeylen_cmp[i]; + ret->pubkeylen += ret->pubkeylen_cmp[i]; OPENSSL_free(name); } ret->keytype = primitive; - - break; default: @@ -1403,8 +1398,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->tls_name = OPENSSL_strdup(tls_name); ret->bit_security = bit_security; - if (propq != NULL) - { + if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); if (ret->propq == NULL) @@ -1454,32 +1448,30 @@ void oqsx_key_free(OQSX_KEY *key) else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM) { OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); - } - else if(key->keytype == KEY_TYPE_CMP_SIG){ + } else if (key->keytype == KEY_TYPE_CMP_SIG) { int i; - for (i = 0; i < key->numkeys; i ++){ + for (i = 0; i < key->numkeys; i++) { char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name)) OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); - else{ + else { EVP_PKEY_free(key->classical_pkey); EVP_PKEY_CTX_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->ctx); EVP_PKEY_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->keyParam); OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); } OPENSSL_free(name); - } - }else{ + } + } else { OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); - } + } } OPENSSL_free(key->tls_name); - - + #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); #endif @@ -1515,8 +1507,7 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) if (key->keytype != KEY_TYPE_CMP_SIG) aux = SIZE_OF_UINT32; - if (!key->privkey && include_private) - { + if (!key->privkey && include_private) { key->privkey = OPENSSL_secure_zalloc(key->privkeylen + aux); ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); } @@ -1583,16 +1574,17 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], } // OQS key always the last of the numkeys comp keys -static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { - if (gen_kem) - return OQS_KEM_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem, - key->comp_pubkey[key->numkeys-1], - key->comp_privkey[key->numkeys-1]); - else { - return OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys-1], - key->comp_privkey[key->numkeys-1]); - } +static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) +{ + if (gen_kem) + return OQS_KEM_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem, + key->comp_pubkey[key->numkeys - 1], + key->comp_privkey[key->numkeys - 1]); + else { + return OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, + key->comp_pubkey[key->numkeys - 1], + key->comp_privkey[key->numkeys - 1]); + } } /* Generate classic keys, store length in leading SIZE_OF_UINT32 bytes of @@ -1621,8 +1613,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen_init(kgctx); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); - if (ctx->evp_info->keytype == EVP_PKEY_RSA) - { + if (ctx->evp_info->keytype == EVP_PKEY_RSA) { if (ctx->evp_info->length_public_key > 270) ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); else @@ -1632,23 +1623,25 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen(kgctx, &pkey); ON_ERR_SET_GOTO(ret2 <= 0, ret, -2, errhyb); - - if (ctx->evp_info->raw_key_support) - { + if (ctx->evp_info->raw_key_support) { // TODO: If available, use preallocated memory - if (ctx->evp_info->nid != NID_ED25519 && ctx->evp_info->nid != NID_ED448){ + if (ctx->evp_info->nid != NID_ED25519 + && ctx->evp_info->nid != NID_ED448) { pubkeylen = EVP_PKEY_get1_encoded_public_key(pkey, &pubkey_encoded); - ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key || !pubkey_encoded, ret, -3, errhyb); + ON_ERR_SET_GOTO(pubkeylen != ctx->evp_info->length_public_key + || !pubkey_encoded, + ret, -3, errhyb); memcpy(pubkey + aux, pubkey_encoded, pubkeylen); - }else{ + } else { pubkeylen = ctx->evp_info->length_public_key; ret2 = EVP_PKEY_get_raw_public_key(pkey, pubkey + aux, &pubkeylen); - ON_ERR_SET_GOTO(ret2 <= 0 || pubkeylen != ctx->evp_info->length_public_key, ret, -3, errhyb); + ON_ERR_SET_GOTO( + ret2 <= 0 || pubkeylen != ctx->evp_info->length_public_key, ret, + -3, errhyb); } privkeylen = ctx->evp_info->length_private_key; - ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + aux, - &privkeylen); + ret2 = EVP_PKEY_get_raw_private_key(pkey, privkey + aux, &privkeylen); ON_ERR_SET_GOTO(ret2 <= 0 || privkeylen != ctx->evp_info->length_private_key, ret, -4, errhyb); @@ -1656,7 +1649,9 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, unsigned char *pubkey_enc = pubkey + aux; const unsigned char *pubkey_enc2 = pubkey + aux; pubkeylen = i2d_PublicKey(pkey, &pubkey_enc); - ON_ERR_SET_GOTO(!pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, ret, -11, errhyb); + ON_ERR_SET_GOTO( + !pubkey_enc || pubkeylen > (int)ctx->evp_info->length_public_key, + ret, -11, errhyb); unsigned char *privkey_enc = privkey + aux; const unsigned char *privkey_enc2 = privkey + aux; privkeylen = i2d_PrivateKey(pkey, &privkey_enc); @@ -1669,11 +1664,13 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ON_ERR_SET_GOTO(!ck2, ret, -14, errhyb); EVP_PKEY_free(ck2); } - if (encode){ + if (encode) { ENCODE_UINT32(pubkey, pubkeylen); ENCODE_UINT32(privkey, privkeylen); } - OQS_KEY_PRINTF3("OQSKM: Storing classical privkeylen: %ld & pubkeylen: %ld\n", privkeylen, pubkeylen); + OQS_KEY_PRINTF3( + "OQSKM: Storing classical privkeylen: %ld & pubkeylen: %ld\n", + privkeylen, pubkeylen); EVP_PKEY_CTX_free(kgctx); OPENSSL_free(pubkey_encoded); @@ -1715,42 +1712,36 @@ int oqsx_key_gen(OQSX_KEY *key) key->classical_pkey = pkey; ret = oqsx_key_gen_oqs(key, key->keytype != KEY_TYPE_HYB_SIG); - } else if (key->keytype == KEY_TYPE_CMP_SIG) - { + } else if (key->keytype == KEY_TYPE_CMP_SIG) { int i; ret = oqsx_key_set_composites(key); - for (i = 0; i < key->numkeys; i++){ + for (i = 0; i < key->numkeys; i++) { char *name; - if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL){ + if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { OPENSSL_free(name); ON_ERR_GOTO(ret, err); } - if (get_oqsname_fromtls(name) == 0) - { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); + if (get_oqsname_fromtls(name) == 0) { + pkey = oqsx_key_gen_evp_key( + key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], + key->comp_privkey[i], 0); OPENSSL_free(name); ON_ERR_GOTO(pkey == NULL, err); key->cmp_classical_pkey[i] = pkey; - } - else - { - ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); + } else { + ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, + key->comp_pubkey[i], + key->comp_privkey[i]); OPENSSL_free(name); ON_ERR_GOTO(ret, err); - } + } } - - - } - else if (key->keytype == KEY_TYPE_SIG) - { - ret = !oqsx_key_set_composites(key); + } else if (key->keytype == KEY_TYPE_SIG) { + ret = !oqsx_key_set_composites(key); ON_ERR_GOTO(ret, err); - ret = oqsx_key_gen_oqs(key, 0); - } - else - { + ret = oqsx_key_gen_oqs(key, 0); + } else { ret = 1; } err: @@ -1773,27 +1764,31 @@ int oqsx_key_maxsize(OQSX_KEY *key) return key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: - return key->oqsx_provider_ctx[0].oqsx_evp_ctx->evp_info->kex_length_secret - + key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_shared_secret; + return key->oqsx_provider_ctx[0] + .oqsx_evp_ctx->evp_info->kex_length_secret + + key->oqsx_provider_ctx[0] + .oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_SIG: return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature; case KEY_TYPE_HYB_SIG: return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature - + key->oqsx_provider_ctx[0].oqsx_evp_ctx->evp_info->length_signature + + key->oqsx_provider_ctx[0] + .oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; - case KEY_TYPE_CMP_SIG: - { + case KEY_TYPE_CMP_SIG: { int aux = sizeof(CompositeSignature); int i; - for (i = 0; i < key->numkeys; i ++){ + for (i = 0; i < key->numkeys; i++) { char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); if (get_oqsname_fromtls(name) == 0) - aux += key->oqsx_provider_ctx[i].oqsx_evp_ctx->evp_info->length_signature; + aux += key->oqsx_provider_ctx[i] + .oqsx_evp_ctx->evp_info->length_signature; else - aux += key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig->length_signature; - OPENSSL_free(name); + aux += key->oqsx_provider_ctx[i] + .oqsx_qs_ctx.sig->length_signature; + OPENSSL_free(name); } - + return aux; } default: From f205f116a82ea981278313b7bf2d9032c0710821 Mon Sep 17 00:00:00 2001 From: thomas <108470890+thb-sb@users.noreply.github.com> Date: Tue, 12 Dec 2023 15:30:34 +0100 Subject: [PATCH 084/160] Use `build` directory instead of `_build`. (#314) --- .circleci/config.yml | 36 ++++++++++++------------- .github/workflows/linux.yml | 8 +++--- .github/workflows/macos.yml | 14 +++++----- .github/workflows/standalone.yml | 6 ++--- .github/workflows/windows.yml | 46 ++++++++++++++++---------------- .gitignore | 4 +-- ALGORITHMS.md | 2 +- NOTES-UNIX.md | 14 +++++----- NOTES-Windows.md | 12 ++++----- README.md | 10 +++---- scripts/common.py | 4 +-- scripts/fullbuild.sh | 14 +++++----- scripts/release-test.sh | 4 +-- scripts/runtests.sh | 4 +-- 14 files changed, 89 insertions(+), 89 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c900afdb..b14d8626 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -41,7 +41,7 @@ jobs: name: Clone and build liboqs (<< parameters.CMAKE_ARGS >>) command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && - cd liboqs && mkdir _build && cd _build && + cd liboqs && mkdir build && cd build && cmake -GNinja << parameters.CMAKE_ARGS >> -DCMAKE_INSTALL_PREFIX=$(pwd)/../../.local .. && ninja install && cd .. && cd .. && pwd - when: @@ -61,9 +61,9 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. + mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - when: condition: @@ -76,15 +76,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. + mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir _build/ + ctest --test-dir build/ else ./scripts/runtests.sh -V fi @@ -107,15 +107,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - rm -rf _build && mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja + rm -rf build && mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - run: name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON) command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir _build/ + ctest --test-dir build/ else ./scripts/runtests.sh -V fi @@ -159,7 +159,7 @@ jobs: name: Clone and build liboqs command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && - export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build && + export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir build && cd build && export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >> || echo "")" cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install && cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV" @@ -180,9 +180,9 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - export OPENSSL_INSTALL=$(pwd)/.local && mkdir _build && cd _build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" + export OPENSSL_INSTALL=$(pwd)/.local && mkdir build && cd build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - when: condition: @@ -196,15 +196,15 @@ jobs: oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >>)" - mkdir _build && cd _build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV" + mkdir build && cd build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV" if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir _build/ --output-on-failure + ctest --test-dir build/ --output-on-failure else ./scripts/runtests.sh -V fi @@ -215,15 +215,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - rm -rf _build && mkdir _build && cd _build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja + rm -rf build && mkdir build && cd build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file _build/lib/oqsprovider.a + file build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir _build/ --output-on-failure + ctest --test-dir build/ --output-on-failure else ./scripts/runtests.sh -V fi diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 2324be25..057845c4 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -24,7 +24,7 @@ jobs: - name: Full build run: OQSPROV_CMAKE_PARAMS=${{ matrix.cmake-params}} ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing - run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so + run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V @@ -52,7 +52,7 @@ jobs: - name: Full build run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing - run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so + run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V - name: Verify nothing changes on re-generate code @@ -68,12 +68,12 @@ jobs: ! git status | grep modified - name: Build .deb install package run: cpack - working-directory: _build + working-directory: build - name: Retain .deb installer uses: actions/upload-artifact@v3 with: name: oqsprovider-x64 - path: _build/*.deb + path: build/*.deb asan_linux_intel: name: "Security checks" diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7a6f95f4..6ecc434f 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -57,17 +57,17 @@ jobs: key: ${{ runner.os }}-openssl32 - name: build liboqs run: | - cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B _build - cmake --build _build - cmake --install _build + cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B build + cmake --build build + cmake --install build working-directory: liboqs - name: build oqs-provider - run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B _build && cmake --build _build + run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B build && cmake --build build - name: Check Openssl providers - run: OPENSSL_MODULES=_build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default + run: OPENSSL_MODULES=build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default - name: Run tests run: PATH=../.localopenssl32/bin:$PATH ctest -V - working-directory: _build + working-directory: build # Try brew install of head: If error message below appears, build and test passed successfully - name: brew install test run: brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" @@ -76,4 +76,4 @@ jobs: uses: actions/upload-artifact@v3 with: name: oqs-provider-${{matrix.os}}-x64 - path: _build/lib/oqsprovider.dylib + path: build/lib/oqsprovider.dylib diff --git a/.github/workflows/standalone.yml b/.github/workflows/standalone.yml index 6e27e626..3e949d94 100644 --- a/.github/workflows/standalone.yml +++ b/.github/workflows/standalone.yml @@ -5,7 +5,7 @@ on: branches: [ '*' ] pull_request: branches: [ "main" ] - + jobs: macos_intel: @@ -18,9 +18,9 @@ jobs: - name: Checkout oqsprovider code uses: actions/checkout@v2 - name: Build oqsprovider - run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build + run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B build && cmake --build build - name: Test oqsprovider - run: ctest --parallel 5 --test-dir _build + run: ctest --parallel 5 --test-dir build linux_intel: runs-on: ubuntu-latest diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index ca6bfaef..7e75aa91 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -58,8 +58,8 @@ jobs: which cmake cmake --version gcc --version - mkdir _build - cd _build + mkdir build + cd build cmake -GNinja -DOPENSSL_ROOT_DIR=/opt/openssl32 -DCMAKE_INSTALL_PREFIX="${{ env.IP }}" ${{ matrix.platform.oqsconfig }} -DCMAKE_C_COMPILER=gcc .. ninja ninja install @@ -79,17 +79,17 @@ jobs: c:\cygwin\opt\openssl32 key: ${{ runner.os }}-cygwinopenssl32 - name: build oqs-provider - run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B _build && cd _build && ninja && cd .." + run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B build && cd build && ninja && cd .." - name: Check Openssl providers - run: bash -c "OPENSSL_MODULES=_build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default" + run: bash -c "OPENSSL_MODULES=build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default" - name: Run tests run: bash -c "echo $PATH && PATH=/opt/openssl32/bin:/usr/bin ctest -V" - working-directory: _build + working-directory: build - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-cygwin - path: D:/a/oqs-provider/oqs-provider/_build/bin/oqsprovider.dll + path: D:/a/oqs-provider/oqs-provider/build/bin/oqsprovider.dll msvc: # Run a job for each of the specified target architectures: @@ -139,10 +139,10 @@ jobs: if: steps.cache-openssl32.outputs.cache-hit != 'true' # OQS_USE_OPENSSL=OFF by default on Win32 # if cmake --build fails, try explicit -# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release -# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B _build -# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd .. -# cmake --install _build +# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release +# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B build +# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd .. +# cmake --install build - name: build liboqs run: | cmake --version @@ -154,7 +154,7 @@ jobs: working-directory: liboqs - name: prepare the OpenSSL build directory if: steps.cache-openssl32.outputs.cache-hit != 'true' - run: mkdir _build + run: mkdir build working-directory: openssl - name: OpenSSL config if: steps.cache-openssl32.outputs.cache-hit != 'true' @@ -187,17 +187,17 @@ jobs: key: ${{ runner.os }}-msvcopenssl32 - name: build oqs-provider run: | - cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build - cd _build + cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build + cd build ninja - name: Run tests run: | - ctest -V --test-dir _build + ctest -V --test-dir build - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-msvc - path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll + path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll msvc_native: # Run a job for each of the specified target architectures: @@ -210,7 +210,7 @@ jobs: - arch: win64 oqsconfig: -DOQS_ALGS_ENABLED=STD osslconfig: no-shared no-fips VC-WIN64A - toolchain: + toolchain: - .CMake/toolchain_windows_amd64.cmake msarch: - x64 @@ -258,12 +258,12 @@ jobs: run: | cmake --version cmake -B build --toolchain ${{ matrix.toolchain }} . - cmake --build build + cmake --build build cmake --build build --target INSTALL working-directory: liboqs - name: prepare the OpenSSL build directory if: steps.cache-openssl32n.outputs.cache-hit != 'true' - run: mkdir _build + run: mkdir build working-directory: openssl - name: OpenSSL config if: steps.cache-openssl32n.outputs.cache-hit != 'true' @@ -292,14 +292,14 @@ jobs: key: ${{ runner.os }}-msvcopenssl32n - name: build oqs-provider run: | - cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build - cmake --build _build --config=${{ matrix.type }} + cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build + cmake --build build --config=${{ matrix.type }} - name: Run tests run: | - ctest --test-dir _build -C ${{ matrix.type }} + ctest --test-dir build -C ${{ matrix.type }} - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-msvc - path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll - + path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll + diff --git a/.gitignore b/.gitignore index 003421d7..137ff80b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,12 +1,12 @@ # checked out OSSL variants -openssl*/* +openssl*/* openssl # checked out liboqs liboqs # installed SW .local # build directory -_build +build # generated from openssl src: test/ssltestlib.c test/ssltestlib.h diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 9ec32f93..314ba3cb 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -107,7 +107,7 @@ can be used to successfully confirm interoperability between the oqs-provider and the Cloudflare infrastructure using this hybrid classic/quantum-safe algorithm: ``` -OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path _build/oqsprov -provider oqsprovider -provider default +OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path build/oqsprov -provider oqsprovider -provider default ``` # OIDs diff --git a/NOTES-UNIX.md b/NOTES-UNIX.md index af40c8fa..5b7a5b95 100644 --- a/NOTES-UNIX.md +++ b/NOTES-UNIX.md @@ -28,30 +28,30 @@ to be present to be build, e.g., via `apt install cmake build-essential git`. ## Build Standard `cmake` build sequence can be used (assuming prerequisites are installed) -to build in/install from directory `_build`: +to build in/install from directory `build`: - cmake -S . -B _build && cmake --build _build && cmake --install _build + cmake -S . -B build && cmake --build build && cmake --install build If `openssl` and/or `liboqs` have not been installed to system standard locations -use the `cmake` define "-DOPENSSL_ROOT_DIR" and/or the environment variable +use the `cmake` define "-DOPENSSL_ROOT_DIR" and/or the environment variable "liboqs_DIR" to utilize those, e.g., like this: - liboqs_DIR=../liboqs cmake -DOPENSSL_ROOT_DIR=/opt/openssl3 -S . -B _build && cmake --build _build && cmake --install _build + liboqs_DIR=../liboqs cmake -DOPENSSL_ROOT_DIR=/opt/openssl3 -S . -B build && cmake --build build && cmake --install build Further configuration options are documented [here](CONFIGURE.md#build-install-options). ## Test -Standard `ctest` can be used to validate correct operation in build directory `_build`, e.g.: +Standard `ctest` can be used to validate correct operation in build directory `build`, e.g.: - cd _build && ctest --parallel 5 --rerun-failed --output-on-failure -V + cd build && ctest --parallel 5 --rerun-failed --output-on-failure -V ## Packaging ### Debian A build target to create UNIX .deb packaging is available via the standard -`package` target, e.g., executing `make package` in the `_build` subdirectory. +`package` target, e.g., executing `make package` in the `build` subdirectory. The resultant file can be installed as usual via `dpkg -i ...`. ### MacOS diff --git a/NOTES-Windows.md b/NOTES-Windows.md index 80eeffd5..50942d79 100644 --- a/NOTES-Windows.md +++ b/NOTES-Windows.md @@ -17,7 +17,7 @@ A complete scripted setup is available in the [CI tooling for oqs-provider](http ### liboqs -Instructions for building `liboqs` from source is available +Instructions for building `liboqs` from source is available [here](https://github.com/open-quantum-safe/liboqs#windows). ## Build tooling @@ -28,9 +28,9 @@ a C compiler are present, e.g., as in MS Visual Studio 2022. ## Build A standard `cmake` build sequence can be used (assuming prerequisites are installed) -to build in/install from directory `_build`: +to build in/install from directory `build`: - cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -GNinja -S . -B _build && cd _build && ninja && ninja install + cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -GNinja -S . -B build && cd build && ninja && ninja install The specific `CMAKE_C_FLAGS` silence some overly strict warning messages and the specific reference to the build type ensures a shared library with @@ -41,15 +41,15 @@ If `openssl` and/or `liboqs` have not been installed to system standard location use the `cmake` defines "-DOPENSSL_ROOT_DIR" and/or "-Dliboqs_DIR" to utilize those, e.g., like this: - cmake -DOPENSSL_ROOT_DIR=c:\opt\openssl3 -Dliboqs_DIR=c:\liboqs -S . -B _build && cmake --build _build && cmake --install _build + cmake -DOPENSSL_ROOT_DIR=c:\opt\openssl3 -Dliboqs_DIR=c:\liboqs -S . -B build && cmake --build build && cmake --install build Further configuration options are documented [here](CONFIGURE.md#build-install-options). ## Test -Standard `ctest` can be used to validate correct operation in build directory `_build`, e.g.: +Standard `ctest` can be used to validate correct operation in build directory `build`, e.g.: - ctest -V --test-dir _build + ctest -V --test-dir build ## Packaging diff --git a/README.md b/README.md index 23d07b70..c30af18b 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ key establishment in TLS1.3 including management of such keys via the OpenSSL (3.0) provider interface and hybrid KEM schemes. Also, QSC signatures including CMS and CMP functionality are available via the OpenSSL EVP interface. Key persistence is provided via the encode/decode -mechanism and X.509 data structures. Starting with OpenSSL 3.2 support for +mechanism and X.509 data structures. Starting with OpenSSL 3.2 support for TLS1.3 signature functionality is available and final glitches for CMS have been resolved. @@ -62,7 +62,7 @@ In addition, algorithms not denoted with "\*" above are not enabled for TLS operations. This designation [can be changed by modifying the "enabled" flags in the main algorithm configuration file](CONFIGURE.md#pre-build-configuration). -In order to support parallel use of classic and quantum-safe cryptography +In order to support parallel use of classic and quantum-safe cryptography this provider also provides different hybrid algorithms, combining classic and quantum-safe methods: These are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". @@ -80,7 +80,7 @@ respectively (tested on Linux Ubuntu and Mint as well as MacOS). By default, these scripts always build and test against the current OpenSSL `master` branch. -These scripts can be [configured by setting various variables](CONFIGURE.md#convenience-build-script-options). Please note that these scripts do _not_ install `oqsprovider`. This can be facilitated by running `cmake --install _build` (and following the [activation instructions](USAGE.md#activation). +These scripts can be [configured by setting various variables](CONFIGURE.md#convenience-build-script-options). Please note that these scripts do _not_ install `oqsprovider`. This can be facilitated by running `cmake --install build` (and following the [activation instructions](USAGE.md#activation). Building and testing -------------------- @@ -104,8 +104,8 @@ for details. ## Basic steps - cmake -S . -B _build && cmake --build _build && ctest --test-dir _build && cmake --install _build - + cmake -S . -B build && cmake --build build && ctest --test-dir build && cmake --install build + Using ----- diff --git a/scripts/common.py b/scripts/common.py index 7b936214..d28b1267 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -28,7 +28,7 @@ def all_pq_groups(): ag = "" for kex in key_exchanges: if len(ag)==0: - ag = kex + ag = kex else: ag = ag + ":" + kex return ag @@ -158,7 +158,7 @@ def gen_keys(ossl, ossl_config, sig_alg, test_artifacts_dir, filename_prefix): # also create pubkeys from certs for dgst verify tests: env = os.environ #env["OPENSSL_CONF"]=os.path.join("scripts", "openssl.cnf") - #env["OPENSSL_MODULES"]=os.path.join("_build", "lib") + #env["OPENSSL_MODULES"]=os.path.join("build", "lib") run_subprocess([ossl, 'req', '-in', os.path.join(test_artifacts_dir, '{}_{}_srv.csr'.format(filename_prefix, sig_alg)), '-pubkey', '-out', os.path.join(test_artifacts_dir, '{}_{}_srv.pubk'.format(filename_prefix, sig_alg)) ], diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index a411d901..de6551aa 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -21,10 +21,10 @@ fi if [ $# -gt 0 ]; then if [ "$1" == "-f" ]; then - rm -rf _build + rm -rf build fi if [ "$1" == "-F" ]; then - rm -rf _build openssl liboqs .local + rm -rf build openssl liboqs .local fi fi @@ -107,7 +107,7 @@ if [ -z $liboqs_DIR ]; then # STD: only include NIST standardized algorithms # NIST_R4: only include algorithms in round 4 of the NIST competition # All: include all algorithms supported by liboqs (default) - cd liboqs && cmake -GNinja $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B _build && cd _build && ninja && ninja install && cd ../.. + cd liboqs && cmake -GNinja $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B build && cd build && ninja && ninja install && cd ../.. if [ $? -ne 0 ]; then echo "liboqs build failed. Exiting." exit -1 @@ -117,16 +117,16 @@ if [ -z $liboqs_DIR ]; then fi # Check whether provider is built: -if [ ! -f "_build/lib/oqsprovider.$SHLIBEXT" ]; then - echo "oqsprovider (_build/lib/oqsprovider.$SHLIBEXT) not built: Building..." +if [ ! -f "build/lib/oqsprovider.$SHLIBEXT" ]; then + echo "oqsprovider (build/lib/oqsprovider.$SHLIBEXT) not built: Building..." # for full debug build add: -DCMAKE_BUILD_TYPE=Debug #BUILD_TYPE="-DCMAKE_BUILD_TYPE=Debug" BUILD_TYPE="" # for omitting public key in private keys add -DNOPUBKEY_IN_PRIVKEY=ON if [ -z "$OPENSSL_INSTALL" ]; then - cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build + cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B build && cmake --build build else - cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build + cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B build && cmake --build build fi if [ $? -ne 0 ]; then echo "provider build failed. Exiting." diff --git a/scripts/release-test.sh b/scripts/release-test.sh index df3a60b2..b8e2b812 100755 --- a/scripts/release-test.sh +++ b/scripts/release-test.sh @@ -24,11 +24,11 @@ if [ -d oqs-template ]; then # Activate all algorithms sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml python3 oqs-template/generate.py - rm -rf _build + rm -rf build ./scripts/fullbuild.sh ./scripts/runtests.sh if [ -f .local/bin/openssl ]; then - OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py + OPENSSL_MODULES=`pwd`/build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py else echo "For full TLS PQ SIG/KEM matrix test, build (latest) openssl locally." fi diff --git a/scripts/runtests.sh b/scripts/runtests.sh index 79762205..7ad61cd2 100755 --- a/scripts/runtests.sh +++ b/scripts/runtests.sh @@ -90,7 +90,7 @@ if [ -z "${OPENSSL_APP}" ]; then fi if [ -z "${OPENSSL_MODULES}" ]; then - export OPENSSL_MODULES="$(pwd)/_build/lib" + export OPENSSL_MODULES="$(pwd)/build/lib" fi if [ -z "${LD_LIBRARY_PATH}" ]; then @@ -188,7 +188,7 @@ ${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-externalinterop.sh # Without removing OPENSSL_CONF ctest hangs... ??? unset OPENSSL_CONF rv=0 -if ! ( cd _build && ctest $@ ); then +if ! ( cd build && ctest $@ ); then rv=1 fi From b5365ae4dab1ca941a89920cec9579f364165619 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 12 Dec 2023 14:30:51 -0600 Subject: [PATCH 085/160] added composite to generate.yaml --- oqs-template/generate.yml | 80 +++ .../decoder_make.fragment | 4 + .../encoder_make.fragment | 9 + .../oqs_kmgmt.c/keymgmt_constructors.fragment | 13 + .../oqs_kmgmt.c/keymgmt_functions.fragment | 3 + .../oqsprov/oqs_prov.h/alg_functions.fragment | 3 + .../oqs_prov.h/endecoder_functions.fragment | 11 + .../oqsprov/oqsdecoders.inc/make.fragment | 4 + .../oqsprov/oqsencoders.inc/make.fragment | 9 + .../oqsprov.c/assign_sig_oids.fragment | 6 + .../oqsprov.c/encoding_patching.fragment | 5 + .../oqsprov.c/keymgmt_functions.fragment | 3 + .../oqsprov/oqsprov.c/sig_functions.fragment | 3 + .../oqsprov/oqsprov_keys.c/oqsnames.fragment | 6 + .../scripts/common.py/sig_algs.fragment | 8 +- oqsprov/oqs_decode_der2key.c | 87 ++- oqsprov/oqs_encode_key2any.c | 320 ++++----- oqsprov/oqs_kmgmt.c | 479 +++++++------- oqsprov/oqs_prov.h | 614 +++++++++--------- oqsprov/oqs_sig.c | 53 +- oqsprov/oqsdecoders.inc | 35 +- oqsprov/oqsencoders.inc | 27 +- oqsprov/oqsprov.c | 291 ++++++--- oqsprov/oqsprov_keys.c | 32 +- scripts/common.py | 3 +- 25 files changed, 1161 insertions(+), 947 deletions(-) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 099d36ed..a78a9843 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -382,7 +382,21 @@ sigs: # 'pretty_name': 'RSA3072', # 'oid': '1.3.9999.1.3', # 'code_point': '0xfe02'}] + # composite:[{'name': 'p256', + # 'pretty_name': 'ECDSA p256', + # 'security': '128', + # 'oid': '2.16.840.1.114027.80.1.8'}] - + # OID scheme for composite variants: + # (2) + # (16) + # (840) + # (1) + # (114027) + # (80) + # (7) + # (1) + # - # OID scheme for hybrid variants of Dilithium: # iso (1) # identified-organization (3) @@ -398,6 +412,8 @@ sigs: # IBM (2) # qsc (267) # Dilithium-r3 (7) + + family: 'CRYSTALS-Dilithium' variants: - @@ -416,6 +432,26 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.2.7.2', 'code_point': '0xfea2'}] + composite: [{'name': 'pss2048', + 'pretty_name': 'RSA PSS 2048', + 'security': '112', + 'oid': '2.16.840.1.114027.80.7.1.1'}, + {'name': 'rsa2048', + 'pretty_name': 'RSA2028', + 'security': '112', + 'oid': '2.16.840.1.114027.80.7.1.2'}, + {'name': 'ed25519', + 'pretty_name': 'ED25519', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.3'}, + {'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.4'}, + {'name': 'bp256', + 'pretty_name': 'ECDSA brainpoolP256r1', + 'security': '256', + 'oid': '2.16.840.1.114027.80.7.1.5'}] - name: 'dilithium3' pretty_name: 'Dilithium3' @@ -428,6 +464,26 @@ sigs: 'pretty_name': 'ECDSA p384', 'oid': '1.3.9999.2.7.3', 'code_point': '0xfea4'}] + composite: [{'name': 'pss3072', + 'pretty_name': 'RSA PSS 3072', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.6'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA 3072', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.7'}, + {'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.8'}, + {'name': 'bp256', + 'pretty_name': 'ECDSA brainpoolP256r1', + 'security': '256', + 'oid': '2.16.840.1.114027.80.7.1.9'}, + {'name': 'ed25519', + 'pretty_name': 'ED25519', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.10'}] - name: 'dilithium5' pretty_name: 'Dilithium5' @@ -440,6 +496,18 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.2.7.4', 'code_point': '0xfea6'}] + composite: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'security': '192', + 'oid': '2.16.840.1.114027.80.7.1.11'}, + {'name': 'bp384', + 'pretty_name': 'ECDSA brainpoolP384r1', + 'security': '384', + 'oid': '2.16.840.1.114027.80.7.1.12'}, + {'name': 'ed448', + 'pretty_name': 'ED448', + 'security': '192', + 'oid': '2.16.840.1.114027.80.7.1.13'}] - name: 'dilithium2_aes' pretty_name: 'Dilithium2_AES' @@ -512,6 +580,18 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.3.8', 'code_point': '0xfeb0'}] + composite: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.14'}, + {'name': 'bp256', + 'pretty_name': 'ECDSA brainpoolP256r1', + 'security': '256', + 'oid': '2.16.840.1.114027.80.7.1.15'}, + {'name': 'ed25519', + 'pretty_name': 'ED25519', + 'security': '128', + 'oid': '2.16.840.1.114027.80.7.1.16'}] extra_nids: old: - implementation_version: NIST Round 3 submission diff --git a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment index be39a93e..e99a82b2 100644 --- a/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment +++ b/oqs-template/oqsprov/oqs_decode_der2key.c/decoder_make.fragment @@ -19,6 +19,10 @@ MAKE_DECODER(, "{{ variant['name'] }}", {{ variant['name'] }}, oqsx, SubjectPubl MAKE_DECODER(, "{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, PrivateKeyInfo); MAKE_DECODER(, "{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo); {%- endfor -%} + {%- for composite_alg in variant['composite'] %} +MAKE_DECODER(, "{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, SubjectPublicKeyInfo); + {%- endfor -%} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment index edc87530..f05a36b9 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_make.fragment @@ -38,6 +38,15 @@ MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectP MAKE_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, {{ classical_alg['name'] }}_{{ variant['name'] }}); {%- endfor -%} + {%- for composite_alg in variant['composite'] %} +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, {{ variant['name'] }}_{{ composite_alg['name'] }}); + {%- endfor -%} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment index df892142..847eff8d 100644 --- a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment +++ b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_constructors.fragment @@ -24,6 +24,19 @@ static void *{{ classical_alg['name'] }}_{{variant['name']}}_gen_init(void *prov return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ classical_alg['name'] }}_{{variant['name']}}", KEY_TYPE_HYB_SIG, {{variant['security']}}, {{ count.val }}); } + {%- endfor -%} + {%- for composite_alg in variant['composite'] %} + {%- set count.val = count.val + 1 %} +static void *{{ variant['name'] }}_{{ composite_alg['name'] }}_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, NULL, {{composite_alg['security']}}, {{ count.val }}); +} + +static void *{{ variant['name'] }}_{{ composite_alg['name'] }}_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, {{variant['oqs_meth']}}, "{{ variant['name'] }}_{{ composite_alg['name'] }}", KEY_TYPE_CMP_SIG, {{composite_alg['security']}}, {{ count.val }}); +} + {%- endfor -%} {%- endfor %} {% endfor %} diff --git a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment index 93e6dbb8..8c0bc153 100644 --- a/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqs_kmgmt.c/keymgmt_functions.fragment @@ -4,6 +4,9 @@ MAKE_SIG_KEYMGMT_FUNCTIONS({{variant['name']}}) {%- for classical_alg in variant['mix_with'] %} MAKE_SIG_KEYMGMT_FUNCTIONS({{ classical_alg['name'] }}_{{variant['name']}}) {%- endfor -%} + {%- for composite_alg in variant['composite'] %} +MAKE_SIG_KEYMGMT_FUNCTIONS({{variant['name']}}_{{ composite_alg['name'] }}) + {%- endfor -%} {%- endfor %} {%- endfor %} {% for kem in config['kems'] %} diff --git a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment index e18eb388..acc8e86c 100644 --- a/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/alg_functions.fragment @@ -4,6 +4,9 @@ extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_keymgmt_functions[]; {%- for classical_alg in variant['mix_with'] -%} extern const OSSL_DISPATCH oqs_{{ classical_alg['name'] }}_{{ variant['name'] }}_keymgmt_functions[]; {%- endfor -%} + {%- for composite_alg in variant['composite'] -%} +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_keymgmt_functions[]; + {%- endfor -%} {%- endfor %} {%- endfor %} {% for kem in config['kems'] %} diff --git a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment index 43f1c3b0..85a71b8a 100644 --- a/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment +++ b/oqs-template/oqsprov/oqs_prov.h/endecoder_functions.fragment @@ -48,6 +48,17 @@ extern const OSSL_DISPATCH oqs_{{ classical_alg['name'] }}_{{ variant['name'] }} extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{ classical_alg['name'] }}_{{ variant['name'] }}_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{ classical_alg['name'] }}_{{ variant['name'] }}_decoder_functions[]; {%- endfor -%} + {%- for composite_alg in variant['composite'] -%} +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_{{ variant['name'] }}_{{ composite_alg['name'] }}_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_{{ variant['name'] }}_{{ composite_alg['name'] }}_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_{{ variant['name'] }}_{{ composite_alg['name'] }}_decoder_functions[]; + {%- endfor -%} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment index a2d28c45..8d1c26e7 100644 --- a/oqs-template/oqsprov/oqsdecoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsdecoders.inc/make.fragment @@ -22,6 +22,10 @@ DECODER_w_structure("{{ variant['name'] }}", der, SubjectPublicKeyInfo, {{ varia DECODER_w_structure("{{ classical_alg['name'] }}_{{ variant['name'] }}", der, PrivateKeyInfo, {{ classical_alg['name'] }}_{{ variant['name'] }}), DECODER_w_structure("{{ classical_alg['name'] }}_{{ variant['name'] }}", der, SubjectPublicKeyInfo, {{ classical_alg['name'] }}_{{ variant['name'] }}), {%- endfor %} + {%- for composite_alg in variant['composite'] -%} +DECODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", der, PrivateKeyInfo, {{ variant['name'] }}_{{ composite_alg['name'] }}), +DECODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", der, SubjectPublicKeyInfo, {{ variant['name'] }}_{{ composite_alg['name'] }}), + {%- endfor %} #endif {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsencoders.inc/make.fragment b/oqs-template/oqsprov/oqsencoders.inc/make.fragment index 90464d6d..06509616 100644 --- a/oqs-template/oqsprov/oqsencoders.inc/make.fragment +++ b/oqs-template/oqsprov/oqsencoders.inc/make.fragment @@ -43,6 +43,15 @@ ENCODER_w_structure("{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ clas ENCODER_w_structure("{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}, pem, SubjectPublicKeyInfo), ENCODER_TEXT("{{ classical_alg['name'] }}_{{ variant['name'] }}", {{ classical_alg['name'] }}_{{ variant['name'] }}), {% endfor -%} +{% for composite_alg in variant['composite'] -%} +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, der, PrivateKeyInfo), +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, pem, PrivateKeyInfo), +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, der, SubjectPublicKeyInfo), +ENCODER_w_structure("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("{{ variant['name'] }}_{{ composite_alg['name'] }}", {{ variant['name'] }}_{{ composite_alg['name'] }}), +{% endfor -%} #endif {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment index bb0c6e00..21af9c85 100644 --- a/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment +++ b/oqs-template/oqsprov/oqsprov.c/assign_sig_oids.fragment @@ -11,6 +11,9 @@ {%- for variant in sig['variants'] %} {%- set count.val = count.val + 1 -%} {%- for classical_alg in variant['mix_with'] %} +{%- set count.val = count.val + 1 -%} + {%- endfor %} + {%- for composite_alg in variant['composite'] %} {%- set count.val = count.val + 1 -%} {%- endfor %} {%- endfor %} @@ -40,6 +43,9 @@ const char* oqs_oid_alg_list[OQS_OID_CNT] = {%- for classical_alg in variant['mix_with'] %} "{{ classical_alg['oid'] }}" , "{{ classical_alg['name'] }}_{{ variant['name'] }}", {%- endfor %} + {%- for composite_alg in variant['composite'] %} +"{{ composite_alg['oid'] }}" , "{{ variant['name'] }}_{{ composite_alg['name'] }}", + {%- endfor %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/encoding_patching.fragment b/oqs-template/oqsprov/oqsprov.c/encoding_patching.fragment index 3531db2f..f629b840 100644 --- a/oqs-template/oqsprov/oqsprov.c/encoding_patching.fragment +++ b/oqs-template/oqsprov/oqsprov.c/encoding_patching.fragment @@ -9,6 +9,11 @@ if (getenv("OQS_ENCODING_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}")) oqs_alg_encoding_list[{{ cnt.val }}] = getenv("OQS_ENCODING_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}"); if (getenv("OQS_ENCODING_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}_ALGNAME")) oqs_alg_encoding_list[{{ cnt.val + 1 }}] = getenv("OQS_ENCODING_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}_ALGNAME"); {%- endfor %} + {%- for composite_alg in variant['composite'] %} + {%- set cnt.val = cnt.val + 2 %} + if (getenv("OQS_ENCODING_{{variant['name']|upper}}_{{ composite_alg['name']|upper }}")) oqs_alg_encoding_list[{{ cnt.val }}] = getenv("OQS_ENCODING_{{variant['name']|upper}}_{{ composite_alg['name']|upper }}"); + if (getenv("OQS_ENCODING_{{variant['name']|upper}}_{{ composite_alg['name']|upper }}_ALGNAME")) oqs_alg_encoding_list[{{ cnt.val + 1 }}] = getenv("OQS_ENCODING_{{variant['name']|upper}}_{{ composite_alg['name']|upper }}_ALGNAME"); + {%- endfor %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment index ad49db2a..f98a4341 100644 --- a/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/keymgmt_functions.fragment @@ -7,6 +7,9 @@ {%- for classical_alg in variant['mix_with'] %} SIGALG("{{ classical_alg['name'] }}_{{variant['name']}}", {{variant['security']}}, oqs_{{ classical_alg['name'] }}_{{ variant['name'] }}_keymgmt_functions), {%- endfor %} + {%- for composite_alg in variant['composite'] %} + SIGALG("{{variant['name']}}_{{ composite_alg['name'] }}", {{composite_alg['security']}}, oqs_{{variant['name']}}_{{ composite_alg['name'] }}_keymgmt_functions), + {%- endfor %} #endif {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov.c/sig_functions.fragment b/oqs-template/oqsprov/oqsprov.c/sig_functions.fragment index 1dbc8be9..92a5c0a4 100644 --- a/oqs-template/oqsprov/oqsprov.c/sig_functions.fragment +++ b/oqs-template/oqsprov/oqsprov.c/sig_functions.fragment @@ -5,6 +5,9 @@ {%- for classical_alg in variant['mix_with'] %} SIGALG("{{ classical_alg['name'] }}_{{variant['name']}}", {{variant['security']}}, oqs_signature_functions), {%- endfor %} + {%- for composite_alg in variant['composite'] %} + SIGALG("{{variant['name']}}_{{ composite_alg['name'] }}", {{composite_alg['security']}}, oqs_signature_functions), + {%- endfor %} #endif {%- endfor %} {%- endfor %} diff --git a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment index c452b649..142cb2aa 100644 --- a/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment +++ b/oqs-template/oqsprov/oqsprov_keys.c/oqsnames.fragment @@ -15,6 +15,9 @@ {%- for classical_alg in variant['mix_with'] %} {%- set count.val = count.val + 1 -%} {%- endfor -%} +{%- for composite_alg in variant['composite'] %} +{%- set count.val = count.val + 1 -%} +{%- endfor -%} {%- endfor -%} {%- endfor %} @@ -41,6 +44,9 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {%- for classical_alg in variant['mix_with'] %} { 0, "{{ classical_alg['name'] }}_{{variant['name']}}", {{variant['oqs_meth']}}, KEY_TYPE_HYB_SIG, {{variant['security']}} }, {%- endfor %} + {%- for composite_alg in variant['composite'] %} + { 0, "{{variant['name']}}_{{ composite_alg['name'] }}", {{variant['oqs_meth']}}, KEY_TYPE_CMP_SIG, {{composite_alg['security']}} }, + {%- endfor %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/scripts/common.py/sig_algs.fragment b/oqs-template/scripts/common.py/sig_algs.fragment index 2541638a..d3839008 100644 --- a/oqs-template/scripts/common.py/sig_algs.fragment +++ b/oqs-template/scripts/common.py/sig_algs.fragment @@ -9,4 +9,10 @@ '{{ classical_alg['name'] }}_{{ variant['name'] }}', {%- endfor -%} {%- endfor %} {%- endfor %} - + # post-quantum + classical signatures (COMPOSITE) + {% for sig in config['sigs'] -%} + {%- for variant in sig['variants'] -%} + {%- for composite_alg in variant['composite'] -%} + '{{ variant['name'] }}_{{ composite_alg['name'] }}', + {%- endfor -%} + {%- endfor %} {%- endfor %} diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 8a0629c8..180dc7f4 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -667,14 +667,50 @@ MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); @@ -682,6 +718,13 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); @@ -730,48 +773,4 @@ MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); - -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, - SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 6d424017..a54834eb 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -966,18 +966,57 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_dilithium2_evp_type 0 #define rsa3072_dilithium2_input_type "rsa3072_dilithium2" #define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" +#define dilithium2_pss2048_evp_type 0 +#define dilithium2_pss2048_input_type "dilithium2_pss2048" +#define dilithium2_pss2048_pem_type "dilithium2_pss2048" +#define dilithium2_rsa2048_evp_type 0 +#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" +#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" +#define dilithium2_ed25519_evp_type 0 +#define dilithium2_ed25519_input_type "dilithium2_ed25519" +#define dilithium2_ed25519_pem_type "dilithium2_ed25519" +#define dilithium2_p256_evp_type 0 +#define dilithium2_p256_input_type "dilithium2_p256" +#define dilithium2_p256_pem_type "dilithium2_p256" +#define dilithium2_bp256_evp_type 0 +#define dilithium2_bp256_input_type "dilithium2_bp256" +#define dilithium2_bp256_pem_type "dilithium2_bp256" #define dilithium3_evp_type 0 #define dilithium3_input_type "dilithium3" #define dilithium3_pem_type "dilithium3" #define p384_dilithium3_evp_type 0 #define p384_dilithium3_input_type "p384_dilithium3" #define p384_dilithium3_pem_type "p384_dilithium3" +#define dilithium3_pss3072_evp_type 0 +#define dilithium3_pss3072_input_type "dilithium3_pss3072" +#define dilithium3_pss3072_pem_type "dilithium3_pss3072" +#define dilithium3_rsa3072_evp_type 0 +#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" +#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" +#define dilithium3_p256_evp_type 0 +#define dilithium3_p256_input_type "dilithium3_p256" +#define dilithium3_p256_pem_type "dilithium3_p256" +#define dilithium3_bp256_evp_type 0 +#define dilithium3_bp256_input_type "dilithium3_bp256" +#define dilithium3_bp256_pem_type "dilithium3_bp256" +#define dilithium3_ed25519_evp_type 0 +#define dilithium3_ed25519_input_type "dilithium3_ed25519" +#define dilithium3_ed25519_pem_type "dilithium3_ed25519" #define dilithium5_evp_type 0 #define dilithium5_input_type "dilithium5" #define dilithium5_pem_type "dilithium5" #define p521_dilithium5_evp_type 0 #define p521_dilithium5_input_type "p521_dilithium5" #define p521_dilithium5_pem_type "p521_dilithium5" +#define dilithium5_p384_evp_type 0 +#define dilithium5_p384_input_type "dilithium5_p384" +#define dilithium5_p384_pem_type "dilithium5_p384" +#define dilithium5_bp384_evp_type 0 +#define dilithium5_bp384_input_type "dilithium5_bp384" +#define dilithium5_bp384_pem_type "dilithium5_bp384" +#define dilithium5_ed448_evp_type 0 +#define dilithium5_ed448_input_type "dilithium5_ed448" +#define dilithium5_ed448_pem_type "dilithium5_ed448" #define falcon512_evp_type 0 #define falcon512_input_type "falcon512" #define falcon512_pem_type "falcon512" @@ -987,6 +1026,15 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_falcon512_evp_type 0 #define rsa3072_falcon512_input_type "rsa3072_falcon512" #define rsa3072_falcon512_pem_type "rsa3072_falcon512" +#define falcon512_p256_evp_type 0 +#define falcon512_p256_input_type "falcon512_p256" +#define falcon512_p256_pem_type "falcon512_p256" +#define falcon512_bp256_evp_type 0 +#define falcon512_bp256_input_type "falcon512_bp256" +#define falcon512_bp256_pem_type "falcon512_bp256" +#define falcon512_ed25519_evp_type 0 +#define falcon512_ed25519_input_type "falcon512_ed25519" +#define falcon512_ed25519_pem_type "falcon512_ed25519" #define falcon1024_evp_type 0 #define falcon1024_input_type "falcon1024" #define falcon1024_pem_type "falcon1024" @@ -1027,54 +1075,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_sphincsshake128fsimple_input_type \ "rsa3072_sphincsshake128fsimple" #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" -#define dilithium2_pss2048_evp_type 0 -#define dilithium2_pss2048_input_type "dilithium2_pss2048" -#define dilithium2_pss2048_pem_type "dilithium2_pss2048" -#define dilithium2_rsa2048_evp_type 0 -#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" -#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" -#define dilithium2_ed25519_evp_type 0 -#define dilithium2_ed25519_input_type "dilithium2_ed25519" -#define dilithium2_ed25519_pem_type "dilithium2_ed25519" -#define dilithium2_p256_evp_type 0 -#define dilithium2_p256_input_type "dilithium2_p256" -#define dilithium2_p256_pem_type "dilithium2_p256" -#define dilithium2_bp256_evp_type 0 -#define dilithium2_bp256_input_type "dilithium2_bp256" -#define dilithium2_bp256_pem_type "dilithium2_bp256" -#define dilithium3_rsa2048_evp_type 0 -#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" -#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" -#define dilithium3_p256_evp_type 0 -#define dilithium3_p256_input_type "dilithium3_p256" -#define dilithium3_p256_pem_type "dilithium3_p256" -#define falcon512_p256_evp_type 0 -#define falcon512_p256_input_type "falcon512_p256" -#define falcon512_p256_pem_type "falcon512_p256" -#define dilithium5_p384_evp_type 0 -#define dilithium5_p384_input_type "dilithium5_p384" -#define dilithium5_p384_pem_type "dilithium5_p384" -#define dilithium3_bp256_evp_type 0 -#define dilithium3_bp256_input_type "dilithium3_bp256" -#define dilithium3_bp256_pem_type "dilithium3_bp256" -#define dilithium3_ed25519_evp_type 0 -#define dilithium3_ed25519_input_type "dilithium3_ed25519" -#define dilithium3_ed25519_pem_type "dilithium3_ed25519" -#define dilithium3_pss3072_evp_type 0 -#define dilithium3_pss3072_input_type "dilithium3_pss3072" -#define dilithium3_pss3072_pem_type "dilithium3_pss3072" -#define dilithium5_bp384_evp_type 0 -#define dilithium5_bp384_input_type "dilithium5_bp384" -#define dilithium5_bp384_pem_type "dilithium5_bp384" -#define dilithium5_ed448_evp_type 0 -#define dilithium5_ed448_input_type "dilithium5_ed448" -#define dilithium5_ed448_pem_type "dilithium5_ed448" -#define falcon512_bp256_evp_type 0 -#define falcon512_bp256_input_type "falcon512_bp256" -#define falcon512_bp256_pem_type "falcon512_bp256" -#define falcon512_ed25519_evp_type 0 -#define falcon512_ed25519_input_type "falcon512_ed25519" -#define falcon512_ed25519_pem_type "falcon512_ed25519" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -2055,6 +2055,41 @@ MAKE_ENCODER(, rsa3072_dilithium2, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_dilithium2); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_pss2048); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_rsa2048); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_ed25519); +MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_p256); +MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium2_bp256); MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3, oqsx, PrivateKeyInfo, der); @@ -2069,6 +2104,41 @@ MAKE_ENCODER(, p384_dilithium3, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p384_dilithium3); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_pss3072); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_rsa3072); +MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_p256); +MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_bp256); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium3_ed25519); MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5, oqsx, PrivateKeyInfo, der); @@ -2083,6 +2153,27 @@ MAKE_ENCODER(, p521_dilithium5, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_dilithium5); +MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_p384); +MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_bp384); +MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, dilithium5_ed448); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512, oqsx, PrivateKeyInfo, der); @@ -2104,6 +2195,27 @@ MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_falcon512); +MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_p256); +MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_bp256); +MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falcon512_ed25519); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, der); @@ -2201,116 +2313,4 @@ MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_sphincsshake128fsimple); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_rsa3072); -MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_p256); -MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_p256); -MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_p384); -MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_bp256); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_ed25519); -MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_bp384); -MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_ed448); -MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_bp256); -MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_ed25519); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_pss3072); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_pss2048); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_rsa2048); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_ed25519); -MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_p256); -MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_bp256); ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index dcde2dbc..09bb2b31 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -614,138 +614,314 @@ static void *rsa3072_dilithium2_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); } +static void *dilithium2_pss2048_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); +} + +static void *dilithium2_pss2048_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); +} +static void *dilithium2_rsa2048_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); +} + +static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); +} +static void *dilithium2_ed25519_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); +} + +static void *dilithium2_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); +} +static void *dilithium2_p256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); +} + +static void *dilithium2_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); +} +static void *dilithium2_bp256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); +} + +static void *dilithium2_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); +} static void *dilithium3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3", KEY_TYPE_SIG, NULL, 192, 3); + "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); } static void *dilithium3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3", 0, 192, 3); + "dilithium3", 0, 192, 8); } static void *p384_dilithium3_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 4); + "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); } static void *p384_dilithium3_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 4); + "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); +} +static void *dilithium3_pss3072_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); +} + +static void *dilithium3_pss3072_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); +} +static void *dilithium3_rsa3072_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); +} + +static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); +} +static void *dilithium3_p256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); +} + +static void *dilithium3_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); +} +static void *dilithium3_bp256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); +} + +static void *dilithium3_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); +} +static void *dilithium3_ed25519_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); +} + +static void *dilithium3_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); } static void *dilithium5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5", KEY_TYPE_SIG, NULL, 256, 5); + "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); } static void *dilithium5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5", 0, 256, 5); + "dilithium5", 0, 256, 15); } static void *p521_dilithium5_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 6); + "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); } static void *p521_dilithium5_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 6); + "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); +} +static void *dilithium5_p384_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); +} + +static void *dilithium5_p384_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); +} +static void *dilithium5_bp384_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); +} + +static void *dilithium5_bp384_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); +} +static void *dilithium5_ed448_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); +} + +static void *dilithium5_ed448_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); } static void *falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 7); + "falcon512", KEY_TYPE_SIG, NULL, 128, 20); } static void *falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 7); + "falcon512", 0, 128, 20); } static void *p256_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 8); + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 21); } static void *p256_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 8); + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 21); } static void *rsa3072_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 9); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 22); } static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 9); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 22); +} +static void *falcon512_p256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 23); +} + +static void *falcon512_p256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 23); +} +static void *falcon512_bp256_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 24); +} + +static void *falcon512_bp256_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 24); +} +static void *falcon512_ed25519_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 25); +} + +static void *falcon512_ed25519_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 25); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 10); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 26); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 10); + "falcon1024", 0, 256, 26); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 11); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 27); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 11); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 27); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 12); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 28); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 12); + "sphincssha2128fsimple", 0, 128, 28); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 13); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 13); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 29); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 14); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 30); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -753,39 +929,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 14); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 30); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 15); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 31); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 15); + "sphincssha2128ssimple", 0, 128, 31); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 16); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 32); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 16); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 32); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 17); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -793,66 +969,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 17); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 18); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 34); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 18); + "sphincssha2192fsimple", 0, 192, 34); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 19); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 35); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 19); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 35); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 20); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 36); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 20); + "sphincsshake128fsimple", 0, 128, 36); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 21); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 21); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 22); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -860,200 +1036,9 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 22); -} - -static void *dilithium3_rsa3072_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 23); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 38); } -static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 23); -} - -static void *dilithium3_p256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 24); -} - -static void *dilithium3_p256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 24); -} - -static void *falcon512_p256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 25); -} - -static void *falcon512_p256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 25); -} - -static void *dilithium5_p384_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 26); -} - -static void *dilithium5_p384_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 26); -} - -static void *dilithium3_bp256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 27); -} - -static void *dilithium3_bp256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 27); -} - -static void *dilithium3_ed25519_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 28); -} - -static void *dilithium3_ed25519_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 28); -} - -static void *dilithium5_bp384_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 29); -} - -static void *dilithium5_bp384_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 29); -} - -static void *dilithium5_ed448_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 30); -} - -static void *dilithium5_ed448_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 30); -} - -static void *falcon512_bp256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); -} - -static void *falcon512_bp256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); -} - -static void *falcon512_ed25519_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); -} - -static void *falcon512_ed25519_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); -} - -static void *dilithium3_pss3072_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 33); -} - -static void *dilithium3_pss3072_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 33); -} - -static void *dilithium2_pss2048_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 34); -} - -static void *dilithium2_pss2048_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 34); -} - -static void *dilithium2_rsa2048_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 35); -} - -static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 35); -} - -static void *dilithium2_ed25519_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 36); -} - -static void *dilithium2_ed25519_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 36); -} - -static void *dilithium2_p256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 37); -} - -static void *dilithium2_p256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 37); -} - -static void *dilithium2_bp256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 38); -} - -static void *dilithium2_bp256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 38); -} ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg) \ @@ -1206,13 +1191,29 @@ static void *dilithium2_bp256_gen_init(void *provctx, int selection) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_dilithium2) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_dilithium2) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_pss2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_rsa2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_ed25519) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_bp256) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3) MAKE_SIG_KEYMGMT_FUNCTIONS(p384_dilithium3) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_rsa3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_bp256) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_ed25519) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_dilithium5) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_p384) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) +MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) +MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincssha2128fsimple) @@ -1226,22 +1227,6 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p384_sphincssha2192fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincsshake128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_rsa3072) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_p384) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_bp256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_ed25519) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss3072) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_pss2048) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_rsa2048) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_ed25519) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_bp256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 79d5edaa..7192f60e 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -204,6 +204,7 @@ char *get_oqsname_fromtls(char *tlsname); char *get_oqsname(int nid); char *get_cmpname(int nid, int index); int get_oqsalg_idx(int nid); +int get_composite_idx(int idx); /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); @@ -1007,6 +1008,91 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1041,6 +1127,91 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1075,6 +1246,57 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1127,39 +1349,90 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_text_encoder_functions[]; + oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_text_encoder_functions[]; + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1404,292 +1677,35 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions []; - -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; @@ -1706,22 +1722,6 @@ extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 1dddeb4e..b4785056 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,12 +27,6 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ -#ifdef OQS_KEM_ENCODERS /*idx to the first composite in the composite idx \ - block*/ -# define COMPOSITE_IDX_ADJUST 65 -#else -# define COMPOSITE_IDX_ADJUST 23 -#endif #ifdef NDEBUG # define OQS_SIG_PRINTF(a) @@ -219,42 +213,45 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } +// this next two list need to be in order of the last number on the OID from the +// composite static const char *composite_OID_prefix[] = { + "69642D4D4C44534134342D525341323034382D5053532D534841323536", // dilithium2_pss2048 + "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", // dilithium2_rsa2048 + "69642D4D4C44534134342D456432353531392D534841353132", // dilithium2_ed25519 + "69642D4D4C44534134342D45434453412D503235362D534841323536", // dilithium2_p256 + "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium2_bp256 + "69642D4D4C44534136352D525341333037322D5053532D534841323536", // dilithium3_pss3072 "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", // dilithium3_rsa3072 "69642D4D4C44534136352D45434453412D503235362D534841323536", // dilithium3_p256 - "69642D46616C6F6E3531322D45434453412D503235362D534841323536", // falcon512_p256 - "69642D4D4C44534138372D45434453412D503338342D534841333834", // dilithium5_p384 "69642D4D4C44534136352D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium3_bp256 "69642D4D4C44534136352D456432353531392D534841353132", // dilithium3_ed25519 + "69642D4D4C44534138372D45434453412D503338342D534841333834", // dilithium5_p384 "69642D4D4C44534138372D45434453412D627261696E706F6F6C5033383472312D534841333834", // dilithium5_bp384 "69642D4D4C44534138372D45643434382D5348414B45323536", // dilithium5_ed448 + "69642D46616C6F6E3531322D45434453412D503235362D534841323536", // falcon512_p256 "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", // falcon512_bp256 "69642D46616C636F6E3531322D456432353531392D534841353132", // falcon512_ed25519 - "69642D4D4C44534136352D525341333037322D5053532D534841323536", // dilithium3_pss3072 - "69642D4D4C44534134342D525341323034382D5053532D534841323536", // dilithium2_pss2048 - "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", // dilithium2_rsa2048 - "69642D4D4C44534134342D456432353531392D534841353132", // dilithium2_ed25519 - "69642D4D4C44534134342D45434453412D503235362D534841323536", // dilithium2_p256 - "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium2_bp256 + }; static const size_t composite_OID_prefix_len[] = { + 58, // dilithium2_pss2048 + 64, // dilithium2_rsa2048 + 50, // dilithium2_ed25519 + 56, // dilithium2_p256 + 78, // dilithium2_bp256 + 58, // dilithium3_pss3072 64, // dilithium3_rsa3072 56, // dilithium3_p256 - 58, // falcon512_p256 - 56, // dilithium5_p384 78, // dilithium3_bp256 50, // dilithium3_ed25519 + 56, // dilithium5_p384 78, // dilithium5_bp384 50, // dilithium5_ed448 + 58, // falcon512_p256 82, // falcon512_bp256 54, // falcon512_ed25519 - 58, // dilithium3_pss3072 - 58, // dilithium2_pss2048 - 64, // dilithium2_rsa2048 - 50, // dilithium2_ed25519 - 56, // dilithium2_p256 - 78, // dilithium2_bp256 }; /* On entry to this function, data to be signed (tbs) might have been hashed @@ -389,10 +386,10 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); const char *oid_prefix - = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; const size_t oid_prefix_len - = composite_OID_prefix_len[get_oqsalg_idx(nid) - - COMPOSITE_IDX_ADJUST]; + = composite_OID_prefix_len[get_composite_idx(get_oqsalg_idx(nid)) + - 1]; char *final_tbs; size_t final_tbslen = oid_prefix_len; @@ -751,10 +748,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, unsigned char *buf; size_t buf_len; const char *oid_prefix - = composite_OID_prefix[get_oqsalg_idx(nid) - COMPOSITE_IDX_ADJUST]; + = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; const size_t oid_prefix_len - = composite_OID_prefix_len[get_oqsalg_idx(nid) - - COMPOSITE_IDX_ADJUST]; + = composite_OID_prefix_len[get_composite_idx(get_oqsalg_idx(nid)) + - 1]; char *final_tbs; size_t final_tbslen = oid_prefix_len; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 17d73480..3496d68d 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -203,22 +203,10 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), dilithium2_pss2048), DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, dilithium2_pss2048), - DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, - dilithium2_pss2048), - DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, - dilithium2_pss2048), DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, dilithium2_rsa2048), DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, dilithium2_rsa2048), - DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, - dilithium2_ed25519), - DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, - dilithium2_ed25519), DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, dilithium2_ed25519), DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, @@ -227,14 +215,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), dilithium2_p256), DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, dilithium2_p256), - DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, - dilithium2_bp256), - DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, - dilithium2_bp256), DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, dilithium2_bp256), DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, @@ -247,10 +227,10 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), p384_dilithium3), DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, p384_dilithium3), - DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, - dilithium3_rsa3072), - DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, - dilithium3_p256), + DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, + dilithium3_pss3072), + DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, + dilithium3_pss3072), DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, dilithium3_rsa3072), DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, @@ -267,11 +247,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), dilithium3_ed25519), DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), - DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, - dilithium3_pss3072), - DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, - dilithium3_pss3072), - #endif #ifdef OQS_ENABLE_SIG_dilithium_5 DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), @@ -303,8 +278,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_falcon512), DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512), - DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, - falcon512_p256), DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 165fb62d..88729583 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -665,6 +665,19 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p384_dilithium3", p384_dilithium3), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, @@ -717,20 +730,6 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), - #endif #ifdef OQS_ENABLE_SIG_dilithium_5 ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 24d02400..47f34c8a 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -150,20 +150,52 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_dilithium2", "1.3.9999.2.7.2", "rsa3072_dilithium2", + "2.16.840.1.114027.80.7.1.1", + "dilithium2_pss2048", + "2.16.840.1.114027.80.7.1.2", + "dilithium2_rsa2048", + "2.16.840.1.114027.80.7.1.3", + "dilithium2_ed25519", + "2.16.840.1.114027.80.7.1.4", + "dilithium2_p256", + "2.16.840.1.114027.80.7.1.5", + "dilithium2_bp256", "1.3.6.1.4.1.2.267.7.6.5", "dilithium3", "1.3.9999.2.7.3", "p384_dilithium3", + "2.16.840.1.114027.80.7.1.6", + "dilithium3_pss3072", + "2.16.840.1.114027.80.7.1.7", + "dilithium3_rsa3072", + "2.16.840.1.114027.80.7.1.8", + "dilithium3_p256", + "2.16.840.1.114027.80.7.1.9", + "dilithium3_bp256", + "2.16.840.1.114027.80.7.1.10", + "dilithium3_ed25519", "1.3.6.1.4.1.2.267.7.8.7", "dilithium5", "1.3.9999.2.7.4", "p521_dilithium5", + "2.16.840.1.114027.80.7.1.11", + "dilithium5_p384", + "2.16.840.1.114027.80.7.1.12", + "dilithium5_bp384", + "2.16.840.1.114027.80.7.1.13", + "dilithium5_ed448", "1.3.9999.3.6", "falcon512", "1.3.9999.3.7", "p256_falcon512", "1.3.9999.3.8", "rsa3072_falcon512", + "2.16.840.1.114027.80.7.1.14", + "falcon512_p256", + "2.16.840.1.114027.80.7.1.15", + "falcon512_bp256", + "2.16.840.1.114027.80.7.1.16", + "falcon512_ed25519", "1.3.9999.3.9", "falcon1024", "1.3.9999.3.10", @@ -190,38 +222,6 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_sphincsshake128fsimple", "1.3.9999.6.7.15", "rsa3072_sphincsshake128fsimple", - "2.16.840.1.114027.80.7.1.7", - "dilithium3_rsa3072", - "2.16.840.1.114027.80.7.1.8", - "dilithium3_p256", - "2.16.840.1.114027.80.7.1.9", - "dilithium3_bp256", - "2.16.840.1.114027.80.7.1.10", - "dilithium3_ed25519", - "2.16.840.1.114027.80.7.1.11", - "dilithium5_p384", - "2.16.840.1.114027.80.7.1.12", - "dilithium5_bp384", - "2.16.840.1.114027.80.7.1.13", - "dilithium5_ed448", - "2.16.840.1.114027.80.7.1.14", - "falcon512_p256", - "2.16.840.1.114027.80.7.1.15", - "falcon512_bp256", - "2.16.840.1.114027.80.7.1.16", - "falcon512_ed25519", - "2.16.840.1.114027.80.7.1.6", - "dilithium3_pss3072", - "2.16.840.1.114027.80.7.1.1", - "dilithium2_pss2048", - "2.16.840.1.114027.80.7.1.2", - "dilithium2_rsa2048", - "2.16.840.1.114027.80.7.1.3", - "dilithium2_ed25519", - "2.16.840.1.114027.80.7.1.4", - "dilithium2_p256", - "2.16.840.1.114027.80.7.1.5", - "dilithium2_bp256", ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; @@ -423,112 +423,192 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[5] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) + oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) + oqs_alg_encoding_list[7] + = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) + oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) + oqs_alg_encoding_list[9] + = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) + oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) + oqs_alg_encoding_list[11] + = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256")) + oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) + oqs_alg_encoding_list[13] + = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) + oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) + oqs_alg_encoding_list[15] + = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); if (getenv("OQS_ENCODING_DILITHIUM3")) - oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM3"); + oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[7] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); + oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); if (getenv("OQS_ENCODING_P384_DILITHIUM3")) - oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_P384_DILITHIUM3"); + oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[9] + oqs_alg_encoding_list[19] = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) + oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) + oqs_alg_encoding_list[21] + = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) + oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) + oqs_alg_encoding_list[23] + = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256")) + oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) + oqs_alg_encoding_list[25] + = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) + oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) + oqs_alg_encoding_list[27] + = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) + oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) + oqs_alg_encoding_list[29] + = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); if (getenv("OQS_ENCODING_DILITHIUM5")) - oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM5"); + oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[11] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); + oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); if (getenv("OQS_ENCODING_P521_DILITHIUM5")) - oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_P521_DILITHIUM5"); + oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[13] + oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384")) + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) + oqs_alg_encoding_list[35] + = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) + oqs_alg_encoding_list[37] + = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) + oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) + oqs_alg_encoding_list[39] + = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); if (getenv("OQS_ENCODING_FALCON512")) - oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_FALCON512"); + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON512"); if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) - oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); + oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_P256_FALCON512")) - oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_P256_FALCON512"); + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_FALCON512"); if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) - oqs_alg_encoding_list[17] + oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_FALCON512")) - oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_RSA3072_FALCON512"); + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_FALCON512"); if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) - oqs_alg_encoding_list[19] + oqs_alg_encoding_list[45] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_P256")) + oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_FALCON512_P256"); + if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) + oqs_alg_encoding_list[47] + = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_BP256")) + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_FALCON512_BP256"); + if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) + oqs_alg_encoding_list[49] + = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_ED25519")) + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_FALCON512_ED25519"); + if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) + oqs_alg_encoding_list[51] + = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[21] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[23] + oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[24] + oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[25] + oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[26] + oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[27] + oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[28] + oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[29] + oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[30] + oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[31] + oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[32] + oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[33] + oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[34] + oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[35] + oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[36] + oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[37] + oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[38] + oqs_alg_encoding_list[70] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[39] + oqs_alg_encoding_list[71] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[40] + oqs_alg_encoding_list[72] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[41] + oqs_alg_encoding_list[73] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[42] + oqs_alg_encoding_list[74] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[43] + oqs_alg_encoding_list[75] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[44] + oqs_alg_encoding_list[76] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[77] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; @@ -578,35 +658,34 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium2", 128, oqs_signature_functions), SIGALG("p256_dilithium2", 128, oqs_signature_functions), SIGALG("rsa3072_dilithium2", 128, oqs_signature_functions), - SIGALG("dilithium2_pss2048", 128, oqs_signature_functions), - SIGALG("dilithium2_rsa2048", 128, oqs_signature_functions), + SIGALG("dilithium2_pss2048", 112, oqs_signature_functions), + SIGALG("dilithium2_rsa2048", 112, oqs_signature_functions), SIGALG("dilithium2_ed25519", 128, oqs_signature_functions), SIGALG("dilithium2_p256", 128, oqs_signature_functions), - SIGALG("dilithium2_bp256", 128, oqs_signature_functions), + SIGALG("dilithium2_bp256", 256, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_signature_functions), SIGALG("p384_dilithium3", 192, oqs_signature_functions), - SIGALG("dilithium3_rsa3072", 192, oqs_signature_functions), - SIGALG("dilithium3_p256", 192, oqs_signature_functions), - SIGALG("dilithium3_bp256", 192, oqs_signature_functions), - SIGALG("dilithium3_ed25519", 192, oqs_signature_functions), - SIGALG("dilithium3_pss3072", 192, oqs_signature_functions), - + SIGALG("dilithium3_pss3072", 128, oqs_signature_functions), + SIGALG("dilithium3_rsa3072", 128, oqs_signature_functions), + SIGALG("dilithium3_p256", 128, oqs_signature_functions), + SIGALG("dilithium3_bp256", 256, oqs_signature_functions), + SIGALG("dilithium3_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_signature_functions), SIGALG("p521_dilithium5", 256, oqs_signature_functions), - SIGALG("dilithium5_p384", 256, oqs_signature_functions), - SIGALG("dilithium5_bp384", 256, oqs_signature_functions), - SIGALG("dilithium5_ed448", 256, oqs_signature_functions), + SIGALG("dilithium5_p384", 192, oqs_signature_functions), + SIGALG("dilithium5_bp384", 384, oqs_signature_functions), + SIGALG("dilithium5_ed448", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_signature_functions), SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), SIGALG("falcon512_p256", 128, oqs_signature_functions), - SIGALG("falcon512_bp256", 128, oqs_signature_functions), + SIGALG("falcon512_bp256", 256, oqs_signature_functions), SIGALG("falcon512_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 @@ -722,35 +801,34 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("dilithium2", 128, oqs_dilithium2_keymgmt_functions), SIGALG("p256_dilithium2", 128, oqs_p256_dilithium2_keymgmt_functions), SIGALG("rsa3072_dilithium2", 128, oqs_rsa3072_dilithium2_keymgmt_functions), - SIGALG("dilithium2_pss2048", 128, oqs_dilithium2_pss2048_keymgmt_functions), - SIGALG("dilithium2_rsa2048", 128, oqs_dilithium2_rsa2048_keymgmt_functions), + SIGALG("dilithium2_pss2048", 112, oqs_dilithium2_pss2048_keymgmt_functions), + SIGALG("dilithium2_rsa2048", 112, oqs_dilithium2_rsa2048_keymgmt_functions), SIGALG("dilithium2_ed25519", 128, oqs_dilithium2_ed25519_keymgmt_functions), SIGALG("dilithium2_p256", 128, oqs_dilithium2_p256_keymgmt_functions), - SIGALG("dilithium2_bp256", 128, oqs_dilithium2_bp256_keymgmt_functions), + SIGALG("dilithium2_bp256", 256, oqs_dilithium2_bp256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_dilithium3_keymgmt_functions), SIGALG("p384_dilithium3", 192, oqs_p384_dilithium3_keymgmt_functions), - SIGALG("dilithium3_rsa3072", 192, oqs_dilithium3_rsa3072_keymgmt_functions), - SIGALG("dilithium3_p256", 192, oqs_dilithium3_p256_keymgmt_functions), - SIGALG("dilithium3_bp256", 192, oqs_dilithium3_bp256_keymgmt_functions), - SIGALG("dilithium3_ed25519", 192, oqs_dilithium3_ed25519_keymgmt_functions), - SIGALG("dilithium3_pss3072", 192, oqs_dilithium3_pss3072_keymgmt_functions), - + SIGALG("dilithium3_pss3072", 128, oqs_dilithium3_pss3072_keymgmt_functions), + SIGALG("dilithium3_rsa3072", 128, oqs_dilithium3_rsa3072_keymgmt_functions), + SIGALG("dilithium3_p256", 128, oqs_dilithium3_p256_keymgmt_functions), + SIGALG("dilithium3_bp256", 256, oqs_dilithium3_bp256_keymgmt_functions), + SIGALG("dilithium3_ed25519", 128, oqs_dilithium3_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), SIGALG("p521_dilithium5", 256, oqs_p521_dilithium5_keymgmt_functions), - SIGALG("dilithium5_p384", 256, oqs_dilithium5_p384_keymgmt_functions), - SIGALG("dilithium5_bp384", 256, oqs_dilithium5_bp384_keymgmt_functions), - SIGALG("dilithium5_ed448", 256, oqs_dilithium5_ed448_keymgmt_functions), + SIGALG("dilithium5_p384", 192, oqs_dilithium5_p384_keymgmt_functions), + SIGALG("dilithium5_bp384", 384, oqs_dilithium5_bp384_keymgmt_functions), + SIGALG("dilithium5_ed448", 192, oqs_dilithium5_ed448_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), SIGALG("falcon512_p256", 128, oqs_falcon512_p256_keymgmt_functions), - SIGALG("falcon512_bp256", 128, oqs_falcon512_bp256_keymgmt_functions), + SIGALG("falcon512_bp256", 256, oqs_falcon512_bp256_keymgmt_functions), SIGALG("falcon512_ed25519", 128, oqs_falcon512_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 @@ -883,6 +961,23 @@ static const OSSL_ALGORITHM oqsprovider_decoder[] = { #undef DECODER_PROVIDER }; +// get the last number on the composite OID +int get_composite_idx(int idx) +{ + char *first_token; + char *token; + char *s; + int i; + s = OPENSSL_strdup(oqs_oid_alg_list[idx * 2]); + first_token = strtok_r(s, ".", &s); + for (i = 0; i <= 7; i++) { // 7 dots in composite OID + token = strtok_r(NULL, ".", &s); + } + i = atoi(token); + OPENSSL_free(first_token); + return i; +} + static const OSSL_PARAM *oqsprovider_gettable_params(void *provctx) { return oqsprovider_param_types; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 76087dfc..20fb3049 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -119,13 +119,29 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, {0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, + {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, {0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192}, {0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192}, + {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, + {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, {0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256}, {0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256}, + {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, + {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, + {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, + {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, + {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, @@ -150,22 +166,6 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128}, - {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, - {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, - {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, - {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, - {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, - {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; diff --git a/scripts/common.py b/scripts/common.py index 7b936214..88c609e5 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -19,7 +19,8 @@ 'dilithium2','dilithium3','dilithium5','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', # post-quantum + classical signatures 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', -##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END + # post-quantum + classical signatures (COMPOSITE) + 'dilithium2_pss2048','dilithium2_rsa2048','dilithium2_ed25519','dilithium2_p256','dilithium2_bp256','dilithium3_pss3072','dilithium3_rsa3072','dilithium3_p256','dilithium3_bp256','dilithium3_ed25519','dilithium5_p384','dilithium5_bp384','dilithium5_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519',##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] SERVER_START_ATTEMPTS = 10 From a65fb8320173cd2f2d04ade74eaea9d12dd15aae Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 12 Dec 2023 14:32:23 -0600 Subject: [PATCH 086/160] missed one file from last commit --- .../oqsprov/oqs_encode_key2any.c/encoder_defines.fragment | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment index e5caab63..9eb193c0 100644 --- a/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment +++ b/oqs-template/oqsprov/oqs_encode_key2any.c/encoder_defines.fragment @@ -19,6 +19,11 @@ # define {{ classical_alg['name'] }}_{{ variant['name'] }}_input_type "{{ classical_alg['name'] }}_{{ variant['name'] }}" # define {{ classical_alg['name'] }}_{{ variant['name'] }}_pem_type "{{ classical_alg['name'] }}_{{ variant['name'] }}" {%- endfor -%} + {%- for composite_alg in variant['composite'] %} +# define {{ variant['name'] }}_{{ composite_alg['name'] }}_evp_type 0 +# define {{ variant['name'] }}_{{ composite_alg['name'] }}_input_type "{{ variant['name'] }}_{{ composite_alg['name'] }}" +# define {{ variant['name'] }}_{{ composite_alg['name'] }}_pem_type "{{ variant['name'] }}_{{ composite_alg['name'] }}" + {%- endfor -%} {%- endfor %} {%- endfor %} From ba0562fb18fc077809aa48762c6201c5cbe9f8cd Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 12 Dec 2023 15:56:21 -0600 Subject: [PATCH 087/160] added composite OID scheme comment --- oqs-template/generate.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index a78a9843..cd8ca0fe 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -388,14 +388,14 @@ sigs: # 'oid': '2.16.840.1.114027.80.1.8'}] - # OID scheme for composite variants: - # (2) - # (16) - # (840) - # (1) - # (114027) - # (80) - # (7) - # (1) + # joint-iso-itu-t (2) + # country (16) + # us (840) + # organization (1) + # entrust (114027) + # algorithm (80) + # composite (7) + # signature (1) # - # OID scheme for hybrid variants of Dilithium: # iso (1) From e3112123de36c5014f6c0d4c91e595f96cccadbe Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Wed, 13 Dec 2023 15:28:15 -0600 Subject: [PATCH 088/160] bugfix changes --- oqsprov/oqs_prov.h | 2 +- oqsprov/oqsprov.c | 6 +++++- oqsprov/oqsprov_keys.c | 6 ++++-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 7192f60e..10119939 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -93,7 +93,7 @@ void oqsx_freeprovctx(PROV_OQS_CTX *ctx); #endif /* helper structure for classic key components in hybrid keys. - * Actual tables in oqsprov_keys.ce + * Actual tables in oqsprov_keys.c */ struct oqsx_evp_info_st { int keytype; diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 47f34c8a..30d09b60 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -973,7 +973,11 @@ int get_composite_idx(int idx) for (i = 0; i <= 7; i++) { // 7 dots in composite OID token = strtok_r(NULL, ".", &s); } - i = atoi(token); + if (token != NULL) { + i = atoi(token); + } else { + i = -1; + } OPENSSL_free(first_token); return i; } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 20fb3049..740702ef 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -419,10 +419,12 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(bp384params)); case NID_ED25519: params = ed25519params; - return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(ed25519params)); + return d2i_KeyParams(EVP_PKEY_ED25519, &eck, ¶ms, + sizeof(ed25519params)); case NID_ED448: params = ed448params; - return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(ed448params)); + return d2i_KeyParams(EVP_PKEY_ED448, &eck, ¶ms, + sizeof(ed448params)); default: return NULL; } From 16ff7715c2ab9db426ddd161267e0d56728a9358 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 19 Dec 2023 08:55:50 -0600 Subject: [PATCH 089/160] simplified the code and fix some memory leaks --- oqsprov/oqs_encode_key2any.c | 7 +- oqsprov/oqs_kem.c | 15 +- oqsprov/oqs_prov.h | 5 +- oqsprov/oqs_sig.c | 51 +++---- oqsprov/oqsprov_keys.c | 274 ++++++++++++----------------------- 5 files changed, 133 insertions(+), 219 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index a54834eb..b060754d 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -729,8 +729,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } if (get_oqsname_fromtls(name) == 0) { - if (oqsxkey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype + if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { // get the RSA real key size unsigned char *enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); @@ -1541,8 +1540,8 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) sprintf(label, "%s key material:", name); if (get_oqsname_fromtls(name) == 0 // classical key - && okey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype + && okey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype == EVP_PKEY_RSA) { // get the RSA real key size unsigned char *enc_len = OPENSSL_strndup(okey->comp_privkey[i], 4); diff --git a/oqsprov/oqs_kem.c b/oqsprov/oqs_kem.c index ce68ef39..76780a16 100644 --- a/oqsprov/oqs_kem.c +++ b/oqsprov/oqs_kem.c @@ -109,7 +109,7 @@ static int oqs_qs_kem_encaps_keyslot(void *vpkemctx, unsigned char *out, size_t *secretlen, int keyslot) { const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; + const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; OQS_KEM_PRINTF("OQS KEM provider called: encaps\n"); if (pkemctx->kem == NULL) { @@ -133,7 +133,7 @@ static int oqs_qs_kem_decaps_keyslot(void *vpkemctx, unsigned char *out, size_t inlen, int keyslot) { const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; + const OQS_KEM *kem_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; OQS_KEM_PRINTF("OQS KEM provider called: decaps\n"); if (pkemctx->kem == NULL) { @@ -171,8 +171,7 @@ static int oqs_evp_kem_encaps_keyslot(void *vpkemctx, unsigned char *ct, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx - = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; size_t pubkey_kexlen = 0; size_t kexDeriveLen = 0, pkeylen = 0; @@ -250,8 +249,7 @@ static int oqs_evp_kem_decaps_keyslot(void *vpkemctx, unsigned char *secret, int ret = OQS_SUCCESS, ret2 = 0; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx - = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; size_t pubkey_kexlen = evp_ctx->evp_info->length_public_key; size_t kexDeriveLen = evp_ctx->evp_info->kex_length_secret; @@ -353,9 +351,8 @@ static int oqs_hyb_kem_decaps(void *vpkemctx, unsigned char *secret, { int ret = OQS_SUCCESS; const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx - = pkemctx->kem->oqsx_provider_ctx[0].oqsx_evp_ctx; - const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx[0].oqsx_qs_ctx.kem; + const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; + const OQS_KEM *qs_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; size_t secretLen0 = 0, secretLen1 = 0; size_t ctLen0 = 0, ctLen1 = 0; diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 10119939..1bf1c02e 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -154,12 +154,11 @@ struct oqsx_key_st { #endif char *propq; OQSX_KEY_TYPE keytype; - OQSX_PROVIDER_CTX *oqsx_provider_ctx; + OQSX_PROVIDER_CTX oqsx_provider_ctx; #ifdef USE_ENCODING_LIB OQSX_ENCODING_CTX oqsx_encoding_ctx; #endif - EVP_PKEY **cmp_classical_pkey; - EVP_PKEY *classical_pkey; // for hybrid sigs + EVP_PKEY *classical_pkey; // for hybrid & composite sigs const OQSX_EVP_INFO *evp_info; size_t numkeys; diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index b4785056..3f6ee8a6 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -263,16 +263,15 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; EVP_PKEY *oqs_key_classic = NULL; EVP_PKEY *cmp_key_classic = NULL; - EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, - // we're running hybrid + EVP_PKEY *evpkey = oqsxkey->classical_pkey; EVP_PKEY_CTX *classical_ctx_sign = NULL; OQS_SIG_PRINTF2("OQS SIG provider: sign called for %ld bytes\n", tbslen); - int is_hybrid = evpkey != NULL; + int is_hybrid = (oqsxkey->keytype == KEY_TYPE_HYB_SIG); int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); size_t max_sig_len = 0; size_t classical_sig_len = 0, oqs_sig_len = 0; @@ -474,8 +473,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } if (get_oqsname_fromtls(name)) { // PQC signing - oqs_sig_len = oqsxkey->oqsx_provider_ctx[i] - .oqsx_qs_ctx.sig->length_signature; + oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig + ->length_signature; buf = OPENSSL_malloc(oqs_sig_len); if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs, final_tbslen, oqsxkey->comp_privkey[i]) @@ -486,17 +485,17 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } else { // sign non PQC key on oqs_key - oqs_key_classic = oqsxkey->cmp_classical_pkey[i]; - oqs_sig_len = oqsxkey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_signature; + oqs_key_classic = oqsxkey->classical_pkey; + oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->length_signature; buf = OPENSSL_malloc(oqs_sig_len); const EVP_MD *classical_md; - EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); int digest_len; unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ if (name[0] == 'e') { // ed25519 or ed448 + EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL, oqs_key_classic) <= 0) @@ -505,9 +504,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); + OPENSSL_free(evp_ctx); OPENSSL_free(buf); goto endsign; } + OPENSSL_free(evp_ctx); } else { if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) @@ -534,8 +535,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, OPENSSL_free(buf); goto endsign; } - } else if (oqsxkey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype + } else if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype == EVP_PKEY_RSA) { if (EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign, RSA_PKCS1_PADDING) @@ -595,9 +596,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } - if (oqs_sig_len - > oqsxkey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_signature) { + if (oqs_sig_len > oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx + ->evp_info->length_signature) { /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); OPENSSL_free(name); @@ -653,12 +653,11 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, { PROV_OQSSIG_CTX *poqs_sigctx = (PROV_OQSSIG_CTX *)vpoqs_sigctx; OQSX_KEY *oqsxkey = poqs_sigctx->sig; - OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx[0].oqsx_qs_ctx.sig; - EVP_PKEY *evpkey = oqsxkey->classical_pkey; // if this value is not NULL, - // we're running hybrid + OQS_SIG *oqs_key = poqs_sigctx->sig->oqsx_provider_ctx.oqsx_qs_ctx.sig; + EVP_PKEY *evpkey = oqsxkey->classical_pkey; EVP_PKEY_CTX *classical_ctx_sign = NULL; EVP_PKEY_CTX *ctx_verify = NULL; - int is_hybrid = evpkey != NULL; + int is_hybrid = (oqsxkey->keytype == KEY_TYPE_HYB_SIG); int is_composite = (oqsxkey->keytype == KEY_TYPE_CMP_SIG); size_t classical_sig_len = 0, oqs_sig_len = 0; size_t index = 0; @@ -860,24 +859,26 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, const EVP_MD *classical_md; int digest_len; int aux; - EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); unsigned char digest[SHA512_DIGEST_LENGTH]; /* init with max length */ if (name[0] == 'e') { // ed25519 or ed448 + EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new(); if ((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL, - oqsxkey->cmp_classical_pkey[i]) + oqsxkey->classical_pkey) <= 0) || (EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs, final_tbslen) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); + OPENSSL_free(evp_ctx); goto endverify; } + OPENSSL_free(evp_ctx); } else { - if (((ctx_verify = EVP_PKEY_CTX_new( - oqsxkey->cmp_classical_pkey[i], NULL)) + if (((ctx_verify + = EVP_PKEY_CTX_new(oqsxkey->classical_pkey, NULL)) == NULL) || (EVP_PKEY_verify_init(ctx_verify) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); @@ -897,8 +898,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, OPENSSL_free(name); goto endverify; } - } else if (oqsxkey->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype + } else if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype == EVP_PKEY_RSA) { if (EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 740702ef..3b28743a 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -246,33 +246,6 @@ char *get_cmpname(int nid, int index) return name; } -// count the amount of keys in the structure -int get_qntcmp(int nid) -{ - int i; - int index = 1; - if ((i = get_oqsalg_idx(nid)) == -1) - return -1; - if (nid_names[i].keytype == KEY_TYPE_CMP_SIG) { - char *s = OPENSSL_strdup(nid_names[i].tlsname); - char *first_token = strtok_r(s, "_", &s); - char *token; - index = 0; - while (token != NULL) { - token = strtok_r(s, "_", &s); - index++; - } - OPENSSL_free(first_token); - } else { - if ((nid_names[i].keytype == KEY_TYPE_HYB_SIG) - || (nid_names[i].keytype == KEY_TYPE_ECP_HYB_KEM) - || (nid_names[i].keytype == KEY_TYPE_ECX_HYB_KEM)) { - index = 2; - } - } - return index; -} - int get_oqsalg_idx(int nid) { int i; @@ -393,8 +366,6 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}; const unsigned char p521params[] = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23}; - const char ed25519params[] = {0x06, 0x03, 0x2b, 0x65, 0x70}; - const char ed448params[] = {0x06, 0x03, 0x2b, 0x65, 0x71}; const char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07}; const char bp384params[] @@ -417,14 +388,6 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) case NID_brainpoolP384r1: params = bp384params; return d2i_KeyParams(EVP_PKEY_EC, &eck, ¶ms, sizeof(bp384params)); - case NID_ED25519: - params = ed25519params; - return d2i_KeyParams(EVP_PKEY_ED25519, &eck, ¶ms, - sizeof(ed25519params)); - case NID_ED448: - params = ed448params; - return d2i_KeyParams(EVP_PKEY_ED448, &eck, ¶ms, - sizeof(ed448params)); default: return NULL; } @@ -717,8 +680,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, if (get_oqsname_fromtls(name) == 0) { // classical key publen = 0; // no pubkey encoded with privkey on classical // keys. will recreate the pubkey later - if (key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype + if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == EVP_PKEY_RSA) { // get the RSA real key size unsigned char *enc_len = OPENSSL_strndup( p + previous_privlen + previous_publen, 4); @@ -951,30 +913,29 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } - if (get_oqsname_fromtls(name) == 0) { - EVP_PKEY *npk = EVP_PKEY_new(); - if (key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype - != EVP_PKEY_RSA) { - npk = setECParams(npk, - key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->nid); - } + const unsigned char *enc_pubkey = key->comp_pubkey[i]; - const unsigned char *enc_pubkey = key->comp_pubkey[i]; - if (!key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->raw_key_support) { - key->cmp_classical_pkey[i] = d2i_PublicKey( - key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype, + if (get_oqsname_fromtls(name) == 0) { + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) { + EVP_PKEY *npk = EVP_PKEY_new(); + if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype + != EVP_PKEY_RSA) { + npk = setECParams(npk, + key->oqsx_provider_ctx + .oqsx_evp_ctx->evp_info->nid); + } + key->classical_pkey = d2i_PublicKey( + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype, &npk, &enc_pubkey, key->pubkeylen_cmp[i]); } else - key->cmp_classical_pkey[i] - = EVP_PKEY_new_raw_public_key( - key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype, - NULL, enc_pubkey, key->pubkeylen_cmp[i]); - if (!key->cmp_classical_pkey[i]) { + key->classical_pkey = EVP_PKEY_new_raw_public_key( + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype, + NULL, enc_pubkey, key->pubkeylen_cmp[i]); + if (!key->classical_pkey) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; @@ -996,31 +957,30 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } if (get_oqsname_fromtls(name) == 0) { const unsigned char *enc_privkey = key->comp_privkey[i]; - if (!key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->raw_key_support) - key->cmp_classical_pkey[i] = d2i_PrivateKey( - key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype, + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) + key->classical_pkey = d2i_PrivateKey( + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); else - key->cmp_classical_pkey[i] - = EVP_PKEY_new_raw_private_key( - key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->keytype, - NULL, enc_privkey, key->privkeylen_cmp[i]); - if (!key->cmp_classical_pkey[i]) { + key->classical_pkey = EVP_PKEY_new_raw_private_key( + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype, + NULL, enc_privkey, key->privkeylen_cmp[i]); + if (!key->classical_pkey) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; } - if (!key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->raw_key_support) { + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) { unsigned char *comp_pubkey = key->comp_pubkey[i]; - int pubkeylen = i2d_PublicKey( - key->cmp_classical_pkey[i], &comp_pubkey); + int pubkeylen + = i2d_PublicKey(key->classical_pkey, &comp_pubkey); if (pubkeylen - != key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_public_key) { + != key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->length_public_key) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); goto rec_err; @@ -1028,7 +988,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) } else { size_t pubkeylen = key->pubkeylen_cmp[i]; int ret = EVP_PKEY_get_raw_public_key( - key->cmp_classical_pkey[i], key->comp_pubkey[i], + key->classical_pkey, key->comp_pubkey[i], &pubkeylen); if (ret <= 0) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -1212,10 +1172,9 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); - ret->oqsx_provider_ctx[0].oqsx_evp_ctx = NULL; - ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { + ret->oqsx_provider_ctx.oqsx_evp_ctx = NULL; + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { fprintf( stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?\n", @@ -1243,19 +1202,18 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, } #endif ret->privkeylen - = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_secret_key; + = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; ret->pubkeylen - = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key; + = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; ret->keytype = KEY_TYPE_SIG; break; case KEY_TYPE_KEM: ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); - ret->oqsx_provider_ctx[0].oqsx_evp_ctx = NULL; - ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); - if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { + ret->oqsx_provider_ctx.oqsx_evp_ctx = NULL; + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { fprintf( stderr, "Could not create OQS KEM algorithm %s. Enabled in liboqs?\n", @@ -1263,16 +1221,15 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } ret->privkeylen - = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_secret_key; + = ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key; ret->pubkeylen - = ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key; + = ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key; ret->keytype = KEY_TYPE_KEM; break; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); - ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); - if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem) { + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { fprintf( stderr, "Could not create OQS KEM algorithm %s. Enabled in liboqs?\n", @@ -1291,20 +1248,19 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_secret_key + + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key + evp_ctx->evp_info->length_private_key; ret->pubkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key + + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key + evp_ctx->evp_info->length_public_key; - ret->oqsx_provider_ctx[0].oqsx_evp_ctx = evp_ctx; + ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; ret->evp_info = evp_ctx->evp_info; break; case KEY_TYPE_HYB_SIG: - ret->oqsx_provider_ctx = OPENSSL_malloc(sizeof(OQSX_PROVIDER_CTX)); - ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); - if (!ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig) { + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { fprintf( stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?\n", @@ -1322,29 +1278,24 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_secret_key + + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key + evp_ctx->evp_info->length_private_key; ret->pubkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 - + ret->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key + + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + evp_ctx->evp_info->length_public_key; - ret->oqsx_provider_ctx[0].oqsx_evp_ctx = evp_ctx; + ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; ret->keytype = primitive; ret->evp_info = evp_ctx->evp_info; - - ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); break; case KEY_TYPE_CMP_SIG: - ret->numkeys = get_qntcmp(OBJ_sn2nid(tls_name)); + ret->numkeys = 2; ret->privkeylen = 0; ret->pubkeylen = 0; - ret->oqsx_provider_ctx - = OPENSSL_malloc(ret->numkeys * sizeof(OQSX_PROVIDER_CTX)); ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->cmp_classical_pkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); for (i = 0; i < ret->numkeys; i++) { char *name; @@ -1354,9 +1305,9 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } if (get_oqsname_fromtls(name) != 0) { - ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(get_oqsname_fromtls(name)); - if (!ret->oqsx_provider_ctx[i].oqsx_qs_ctx.sig) { + if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { fprintf( stderr, "Could not create OQS signature algorithm %s. Enabled in liboqs?A\n", @@ -1364,23 +1315,20 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, goto err; } ret->privkeylen_cmp[i] - = ret->oqsx_provider_ctx[i] - .oqsx_qs_ctx.sig->length_secret_key; - ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx[i] - .oqsx_qs_ctx.sig->length_public_key; + = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key; + ret->pubkeylen_cmp[i] + = ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; } else { evp_ctx = OPENSSL_zalloc(sizeof(OQSX_EVP_CTX)); ON_ERR_GOTO(!evp_ctx, err); ret2 = oqsx_hybsig_init(bit_security, evp_ctx, name); ON_ERR_GOTO(ret2 <= 0 || !evp_ctx->ctx, err); - ret->oqsx_provider_ctx[i].oqsx_evp_ctx = evp_ctx; - ret->privkeylen_cmp[i] - = ret->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_private_key; - ret->pubkeylen_cmp[i] - = ret->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_public_key; + ret->oqsx_provider_ctx.oqsx_evp_ctx = evp_ctx; + ret->privkeylen_cmp[i] = ret->oqsx_provider_ctx.oqsx_evp_ctx + ->evp_info->length_private_key; + ret->pubkeylen_cmp[i] = ret->oqsx_provider_ctx.oqsx_evp_ctx + ->evp_info->length_public_key; } ret->privkeylen += ret->privkeylen_cmp[i]; ret->pubkeylen += ret->pubkeylen_cmp[i]; @@ -1446,30 +1394,16 @@ void oqsx_key_free(OQSX_KEY *key) OPENSSL_free(key->comp_pubkey); OPENSSL_free(key->comp_privkey); if (key->keytype == KEY_TYPE_KEM) - OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); + OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM) { - OQS_KEM_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem); - } else if (key->keytype == KEY_TYPE_CMP_SIG) { - int i; - for (i = 0; i < key->numkeys; i++) { - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); - if (get_oqsname_fromtls(name)) - OQS_SIG_free(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig); - else { - EVP_PKEY_free(key->classical_pkey); - EVP_PKEY_CTX_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->ctx); - EVP_PKEY_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx->keyParam); - OPENSSL_free(key->oqsx_provider_ctx[i].oqsx_evp_ctx); - } - OPENSSL_free(name); - } + OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); } else { - OQS_SIG_free(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig); - if (key->oqsx_provider_ctx[0].oqsx_evp_ctx) { - EVP_PKEY_CTX_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->ctx); - EVP_PKEY_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx->keyParam); - OPENSSL_free(key->oqsx_provider_ctx[0].oqsx_evp_ctx); + OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); + if (key->oqsx_provider_ctx.oqsx_evp_ctx) { + EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx); + EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam); + OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); } } OPENSSL_free(key->tls_name); @@ -1477,9 +1411,7 @@ void oqsx_key_free(OQSX_KEY *key) #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); #endif - OPENSSL_free(key->oqsx_provider_ctx); OPENSSL_free(key->classical_pkey); - OPENSSL_free(key->cmp_classical_pkey); OPENSSL_free(key); } @@ -1579,11 +1511,11 @@ int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[], static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { if (gen_kem) - return OQS_KEM_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem, + return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1]); else { - return OQS_SIG_keypair(key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig, + return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->comp_pubkey[key->numkeys - 1], key->comp_privkey[key->numkeys - 1]); } @@ -1704,7 +1636,7 @@ int oqsx_key_gen(OQSX_KEY *key) } else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM || key->keytype == KEY_TYPE_HYB_SIG) { - pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx[0].oqsx_evp_ctx, + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey, 1); ON_ERR_GOTO(pkey == NULL, err); ret = !oqsx_key_set_composites(key); @@ -1724,14 +1656,14 @@ int oqsx_key_gen(OQSX_KEY *key) ON_ERR_GOTO(ret, err); } if (get_oqsname_fromtls(name) == 0) { - pkey = oqsx_key_gen_evp_key( - key->oqsx_provider_ctx[i].oqsx_evp_ctx, key->comp_pubkey[i], - key->comp_privkey[i], 0); + pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, + key->comp_pubkey[i], + key->comp_privkey[i], 0); OPENSSL_free(name); ON_ERR_GOTO(pkey == NULL, err); - key->cmp_classical_pkey[i] = pkey; + key->classical_pkey = pkey; } else { - ret = OQS_SIG_keypair(key->oqsx_provider_ctx[i].oqsx_qs_ctx.sig, + ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); OPENSSL_free(name); @@ -1763,36 +1695,22 @@ int oqsx_key_maxsize(OQSX_KEY *key) { switch (key->keytype) { case KEY_TYPE_KEM: - return key->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_shared_secret; + return key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: - return key->oqsx_provider_ctx[0] - .oqsx_evp_ctx->evp_info->kex_length_secret - + key->oqsx_provider_ctx[0] - .oqsx_qs_ctx.kem->length_shared_secret; + return key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->kex_length_secret + + key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret; case KEY_TYPE_SIG: - return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature; + return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; case KEY_TYPE_HYB_SIG: - return key->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_signature - + key->oqsx_provider_ctx[0] - .oqsx_evp_ctx->evp_info->length_signature + return key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + SIZE_OF_UINT32; - case KEY_TYPE_CMP_SIG: { - int aux = sizeof(CompositeSignature); - int i; - for (i = 0; i < key->numkeys; i++) { - char *name = get_cmpname(OBJ_sn2nid(key->tls_name), i); - if (get_oqsname_fromtls(name) == 0) - aux += key->oqsx_provider_ctx[i] - .oqsx_evp_ctx->evp_info->length_signature; - else - aux += key->oqsx_provider_ctx[i] - .oqsx_qs_ctx.sig->length_signature; - OPENSSL_free(name); - } + case KEY_TYPE_CMP_SIG: + return sizeof(CompositeSignature) + + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + + key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature; - return aux; - } default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; @@ -1806,10 +1724,10 @@ int oqsx_key_get_oqs_public_key_len(OQSX_KEY *k) case KEY_TYPE_KEM: return k->pubkeylen; case KEY_TYPE_HYB_SIG: - return k->oqsx_provider_ctx[0].oqsx_qs_ctx.sig->length_public_key; + return k->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - return k->oqsx_provider_ctx[0].oqsx_qs_ctx.kem->length_public_key; + return k->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key; default: OQS_KEY_PRINTF2("OQSX_KEY: Unknown key type encountered: %d\n", k->keytype); From 56f91242281aa9caa3a777790221542b16a213ec Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 19 Dec 2023 12:27:12 -0600 Subject: [PATCH 090/160] adaptations to draft v11 --- oqs-template/generate.yml | 34 ++--- oqsprov/oqs_sig.c | 273 +++++++++++++++----------------------- 2 files changed, 122 insertions(+), 185 deletions(-) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index cd8ca0fe..78782bdb 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -394,7 +394,7 @@ sigs: # organization (1) # entrust (114027) # algorithm (80) - # composite (7) + # composite (8) # signature (1) # - # OID scheme for hybrid variants of Dilithium: @@ -435,23 +435,23 @@ sigs: composite: [{'name': 'pss2048', 'pretty_name': 'RSA PSS 2048', 'security': '112', - 'oid': '2.16.840.1.114027.80.7.1.1'}, + 'oid': '2.16.840.1.114027.80.8.1.1'}, {'name': 'rsa2048', 'pretty_name': 'RSA2028', 'security': '112', - 'oid': '2.16.840.1.114027.80.7.1.2'}, + 'oid': '2.16.840.1.114027.80.8.1.2'}, {'name': 'ed25519', 'pretty_name': 'ED25519', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.3'}, + 'oid': '2.16.840.1.114027.80.8.1.3'}, {'name': 'p256', 'pretty_name': 'ECDSA p256', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.4'}, + 'oid': '2.16.840.1.114027.80.8.1.4'}, {'name': 'bp256', 'pretty_name': 'ECDSA brainpoolP256r1', 'security': '256', - 'oid': '2.16.840.1.114027.80.7.1.5'}] + 'oid': '2.16.840.1.114027.80.8.1.5'}] - name: 'dilithium3' pretty_name: 'Dilithium3' @@ -467,23 +467,23 @@ sigs: composite: [{'name': 'pss3072', 'pretty_name': 'RSA PSS 3072', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.6'}, + 'oid': '2.16.840.1.114027.80.8.1.6'}, {'name': 'rsa3072', 'pretty_name': 'RSA 3072', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.7'}, + 'oid': '2.16.840.1.114027.80.8.1.7'}, {'name': 'p256', 'pretty_name': 'ECDSA p256', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.8'}, + 'oid': '2.16.840.1.114027.80.8.1.8'}, {'name': 'bp256', 'pretty_name': 'ECDSA brainpoolP256r1', 'security': '256', - 'oid': '2.16.840.1.114027.80.7.1.9'}, + 'oid': '2.16.840.1.114027.80.8.1.9'}, {'name': 'ed25519', 'pretty_name': 'ED25519', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.10'}] + 'oid': '2.16.840.1.114027.80.8.1.10'}] - name: 'dilithium5' pretty_name: 'Dilithium5' @@ -499,15 +499,15 @@ sigs: composite: [{'name': 'p384', 'pretty_name': 'ECDSA p384', 'security': '192', - 'oid': '2.16.840.1.114027.80.7.1.11'}, + 'oid': '2.16.840.1.114027.80.8.1.11'}, {'name': 'bp384', 'pretty_name': 'ECDSA brainpoolP384r1', 'security': '384', - 'oid': '2.16.840.1.114027.80.7.1.12'}, + 'oid': '2.16.840.1.114027.80.8.1.12'}, {'name': 'ed448', 'pretty_name': 'ED448', 'security': '192', - 'oid': '2.16.840.1.114027.80.7.1.13'}] + 'oid': '2.16.840.1.114027.80.8.1.13'}] - name: 'dilithium2_aes' pretty_name: 'Dilithium2_AES' @@ -583,15 +583,15 @@ sigs: composite: [{'name': 'p256', 'pretty_name': 'ECDSA p256', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.14'}, + 'oid': '2.16.840.1.114027.80.8.1.14'}, {'name': 'bp256', 'pretty_name': 'ECDSA brainpoolP256r1', 'security': '256', - 'oid': '2.16.840.1.114027.80.7.1.15'}, + 'oid': '2.16.840.1.114027.80.8.1.15'}, {'name': 'ed25519', 'pretty_name': 'ED25519', 'security': '128', - 'oid': '2.16.840.1.114027.80.7.1.16'}] + 'oid': '2.16.840.1.114027.80.8.1.16'}] extra_nids: old: - implementation_version: NIST Round 3 submission diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 3f6ee8a6..17117459 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -25,8 +25,9 @@ #include // TBD: Review what we really need/want: For now go with OSSL settings: -#define OSSL_MAX_NAME_SIZE 50 -#define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ +#define OSSL_MAX_NAME_SIZE 50 +#define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ +#define COMPOSITE_OID_PREFIRX_LEN 26 #ifdef NDEBUG # define OQS_SIG_PRINTF(a) @@ -213,47 +214,43 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, return oqs_sig_signverify_init(vpoqs_sigctx, voqssig, EVP_PKEY_OP_VERIFY); } -// this next two list need to be in order of the last number on the OID from the +// this list need to be in order of the last number on the OID from the // composite static const char *composite_OID_prefix[] = { - "69642D4D4C44534134342D525341323034382D5053532D534841323536", // dilithium2_pss2048 - "69642D4D4C44534134342D525341323034382D504B435331352D534841323536", // dilithium2_rsa2048 - "69642D4D4C44534134342D456432353531392D534841353132", // dilithium2_ed25519 - "69642D4D4C44534134342D45434453412D503235362D534841323536", // dilithium2_p256 - "69642D4D4C44534134342D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium2_bp256 - "69642D4D4C44534136352D525341333037322D5053532D534841323536", // dilithium3_pss3072 - "69642D4D4C44534136352D525341333037322D504B435331352D534841323536", // dilithium3_rsa3072 - "69642D4D4C44534136352D45434453412D503235362D534841323536", // dilithium3_p256 - "69642D4D4C44534136352D45434453412D627261696E706F6F6C5032353672312D534841323536", // dilithium3_bp256 - "69642D4D4C44534136352D456432353531392D534841353132", // dilithium3_ed25519 - "69642D4D4C44534138372D45434453412D503338342D534841333834", // dilithium5_p384 - "69642D4D4C44534138372D45434453412D627261696E706F6F6C5033383472312D534841333834", // dilithium5_bp384 - "69642D4D4C44534138372D45643434382D5348414B45323536", // dilithium5_ed448 - "69642D46616C6F6E3531322D45434453412D503235362D534841323536", // falcon512_p256 - "69642D46616C636F6E3531322D45434453412D627261696E706F6F6C5032353672312D534841323536", // falcon512_bp256 - "69642D46616C636F6E3531322D456432353531392D534841353132", // falcon512_ed25519 + "060B6086480186FA6B50080101", // dilithium2_pss2048 + // id-MLDSA44-RSA2048-PSS-SHA256 + "060B6086480186FA6B50080102", // dilithium2_rsa2048 + // id-MLDSA44-RSA2048-PKCS15-SHA256 + "060B6086480186FA6B50080103", // dilithium2_ed25519 + // id-MLDSA44-Ed25519-SHA512 + "060B6086480186FA6B50080104", // dilithium2_p256 + // id-MLDSA44-ECDSA-P256-SHA256 + "060B6086480186FA6B50080105", // dilithium2_bp256 + // id-MLDSA44-ECDSA-brainpoolP256r1-SHA256 + "060B6086480186FA6B50080106", // dilithium3_pss3072 + // id-MLDSA65-RSA3072-PSS-SHA512 + "060B6086480186FA6B50080107", // dilithium3_rsa3072 + // id-MLDSA65-RSA3072-PKCS15-SHA512 + "060B6086480186FA6B50080108", // dilithium3_p256 + // id-MLDSA65-ECDSA-P256-SHA512 + "060B6086480186FA6B50080109", // dilithium3_bp256 + // id-MLDSA65-ECDSA-brainpoolP256r1-SHA512 + "060B6086480186FA6B5008010A", // dilithium3_ed25519 + // id-MLDSA65-Ed25519-SHA512 + "060B6086480186FA6B5008010B", // dilithium5_p384 + // id-MLDSA87-ECDSA-P384-SHA512 + "060B6086480186FA6B5008010C", // dilithium5_bp384 + // id-MLDSA87-ECDSA-brainpoolP384r1-SHA512 + "060B6086480186FA6B5008010D", // dilithium5_ed448 id-MLDSA87-Ed448-SHA512 + "060B6086480186FA6B5008010E", // falcon512_p256 + // id-Falon512-ECDSA-P256-SHA256 + "060B6086480186FA6B5008010F", // falcon512_bp256 + // id-Falcon512-ECDSA-brainpoolP256r1-SHA256 + "060B6086480186FA6B50080110", // falcon512_ed25519 + // id-Falcon512-Ed25519-SHA512 }; -static const size_t composite_OID_prefix_len[] = { - 58, // dilithium2_pss2048 - 64, // dilithium2_rsa2048 - 50, // dilithium2_ed25519 - 56, // dilithium2_p256 - 78, // dilithium2_bp256 - 58, // dilithium3_pss3072 - 64, // dilithium3_rsa3072 - 56, // dilithium3_p256 - 78, // dilithium3_bp256 - 50, // dilithium3_ed25519 - 56, // dilithium5_p384 - 78, // dilithium5_bp384 - 50, // dilithium5_ed448 - 58, // falcon512_p256 - 82, // falcon512_bp256 - 54, // falcon512_ed25519 -}; - /* On entry to this function, data to be signed (tbs) might have been hashed * already: this would be the case if poqs_sigctx->mdctx != NULL; if that is * NULL, we have to hash in case of hybrid signatures @@ -386,84 +383,54 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, int nid = OBJ_sn2nid(oqsxkey->tls_name); const char *oid_prefix = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; - const size_t oid_prefix_len - = composite_OID_prefix_len[get_composite_idx(get_oqsalg_idx(nid)) - - 1]; char *final_tbs; - size_t final_tbslen = oid_prefix_len; + size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN; + int aux = 0; + unsigned char *tbs_hash; // prepare the pre hash for (i = 0; i < oqsxkey->numkeys; i++) { char *name; + char *upcase_name; if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); goto endsign; } - unsigned char *tbs_hash; - if (!get_oqsname_fromtls(name)) { - if (name[0] == 'e') { // ed25519 or ed448 - if (name[2] == '2') { // ed25519 - tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); - SHA512(tbs, tbslen, tbs_hash); - final_tbslen += SHA512_DIGEST_LENGTH; - } else { // ed4448 - EVP_MD_CTX *shake = EVP_MD_CTX_new(); - unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; - tbs_hash = OPENSSL_malloc(tbs_hash_len); - - if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) - <= 0) - || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) - || (EVP_DigestFinalXOF(shake, tbs_hash, - tbs_hash_len) - <= 0)) { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - final_tbslen += tbs_hash_len; - EVP_MD_CTX_free(shake); - } - } else if ((name[0] == 'p') || (name[0] == 'b') - || (name[0] == 'r')) { // p256 or p384 or bp256 or - // bp384 or pss or rsa3072 - int aux; - if (name[0] == 'b') - aux = 2; - else - aux = 1; - switch (name[aux]) { - case 's': // pss or rsa - case '2': // p256 or bp256 - tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); - SHA256(tbs, tbslen, tbs_hash); - final_tbslen += SHA256_DIGEST_LENGTH; - break; - case '3': // p384 or bp384 - tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); - SHA384(tbs, tbslen, tbs_hash); - final_tbslen += SHA384_DIGEST_LENGTH; - break; - default: - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - } else { - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - goto endsign; - } - final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, oid_prefix_len); - memcpy(final_tbs + oid_prefix_len, tbs_hash, - final_tbslen - oid_prefix_len); - OPENSSL_free(tbs_hash); + upcase_name = get_oqsname_fromtls(name); + + if ((upcase_name != 0) + && ((!strcmp(upcase_name, OQS_SIG_alg_dilithium_3)) + || (!strcmp(upcase_name, OQS_SIG_alg_dilithium_5))) + || (name[0] == 'e')) { + aux = 1; + OPENSSL_free(name); + break; } OPENSSL_free(name); } + switch (aux) { + case 0: + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case 1: + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endsign; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); + memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, + final_tbslen - COMPOSITE_OID_PREFIRX_LEN); + OPENSSL_free(tbs_hash); + // sign for (i = 0; i < oqsxkey->numkeys; i++) { char *name; if ((name = get_cmpname(nid, i)) == NULL) { @@ -748,89 +715,59 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, size_t buf_len; const char *oid_prefix = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; - const size_t oid_prefix_len - = composite_OID_prefix_len[get_composite_idx(get_oqsalg_idx(nid)) - - 1]; char *final_tbs; - size_t final_tbslen = oid_prefix_len; + size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN; + int aux = 0; + unsigned char *tbs_hash; if ((compsig = d2i_CompositeSignature(NULL, &sig, siglen)) == NULL) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - // prepare the pre-hash + // prepare the pre hash for (i = 0; i < oqsxkey->numkeys; i++) { char *name; + char *upcase_name; if ((name = get_cmpname(nid, i)) == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); goto endverify; } - unsigned char *tbs_hash; - if (!get_oqsname_fromtls(name)) { - if (name[0] == 'e') { // ed25519 or ed448 - if (name[2] == '2') { // ed25519 - tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); - SHA512(tbs, tbslen, tbs_hash); - final_tbslen += SHA512_DIGEST_LENGTH; - } else { // ed4448 - EVP_MD_CTX *shake = EVP_MD_CTX_new(); - unsigned int tbs_hash_len = EVP_MAX_MD_SIZE; - tbs_hash = OPENSSL_malloc(tbs_hash_len); - - if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) - <= 0) - || (EVP_DigestUpdate(shake, tbs, tbslen) <= 0) - || (EVP_DigestFinalXOF(shake, tbs_hash, - tbs_hash_len) - <= 0)) { - OPENSSL_free(name); - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - goto endverify; - } - final_tbslen += tbs_hash_len; - EVP_MD_CTX_free(shake); - } - } else if ((name[0] == 'p') || (name[0] == 'b') - || (name[0] == 'r')) { // p256 or p384 or bp256 or - // bp384 or pss or rsa3072 - int aux; - if (name[0] == 'b') - aux = 2; - else - aux = 1; - switch (name[aux]) { - case 's': // pss or rsa - case '2': // p256 or bp256 - tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); - SHA256(tbs, tbslen, tbs_hash); - final_tbslen += SHA256_DIGEST_LENGTH; - break; - case '3': // p384 or bp384 - tbs_hash = OPENSSL_malloc(SHA384_DIGEST_LENGTH); - SHA384(tbs, tbslen, tbs_hash); - final_tbslen += SHA384_DIGEST_LENGTH; - break; - default: - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; - } - } else { - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - goto endverify; - } - final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, oid_prefix_len); - memcpy(final_tbs + oid_prefix_len, tbs_hash, - final_tbslen - oid_prefix_len); - OPENSSL_free(tbs_hash); + upcase_name = get_oqsname_fromtls(name); + + if ((upcase_name != 0) + && ((!strcmp(upcase_name, OQS_SIG_alg_dilithium_3)) + || (!strcmp(upcase_name, OQS_SIG_alg_dilithium_5))) + || (name[0] == 'e')) { + aux = 1; + OPENSSL_free(name); + break; } OPENSSL_free(name); } + switch (aux) { + case 0: + tbs_hash = OPENSSL_malloc(SHA256_DIGEST_LENGTH); + SHA256(tbs, tbslen, tbs_hash); + final_tbslen += SHA256_DIGEST_LENGTH; + break; + case 1: + tbs_hash = OPENSSL_malloc(SHA512_DIGEST_LENGTH); + SHA512(tbs, tbslen, tbs_hash); + final_tbslen += SHA512_DIGEST_LENGTH; + break; + default: + ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + goto endverify; + } + final_tbs = OPENSSL_malloc(final_tbslen); + memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); + memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, + final_tbslen - COMPOSITE_OID_PREFIRX_LEN); + OPENSSL_free(tbs_hash); + // verify for (i = 0; i < oqsxkey->numkeys; i++) { if (i == 0) { buf = compsig->sig1->data; From 2f5b55f5833d28b3ddb08a72013e609cad64566d Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 19 Dec 2023 13:22:40 -0600 Subject: [PATCH 091/160] updated internal OIDs to v11 --- oqsprov/oqs_decode_der2key.c | 167 +-- oqsprov/oqs_encode_key2any.c | 539 +++++---- oqsprov/oqs_kmgmt.c | 296 ++--- oqsprov/oqs_prov.h | 1965 ++++++++++---------------------- oqsprov/oqsdecoders.inc | 444 +++----- oqsprov/oqsencoders.inc | 1555 ++++++++++--------------- oqsprov/oqsprov.c | 798 +++++-------- oqsprov/oqsprov_capabilities.c | 494 +++----- oqsprov/oqsprov_keys.c | 193 ++-- 9 files changed, 2289 insertions(+), 4162 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 180dc7f4..f9361950 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -539,69 +539,52 @@ static void oqsx_key_adjust(void *key, struct der2key_ctx_st *ctx) ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_START #ifdef OQS_KEM_ENCODERS + MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, - PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "kyber512", kyber512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber512", kyber512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "kyber768", kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber768", kyber768, oqsx, SubjectPublicKeyInfo); @@ -610,16 +593,14 @@ MAKE_DECODER(_ecp, "p384_kyber768", p384_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "kyber1024", kyber1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber1024", kyber1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, PrivateKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, SubjectPublicKeyInfo); @@ -660,45 +641,37 @@ MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, SubjectPublicKeyInfo); #endif /* OQS_KEM_ENCODERS */ + MAKE_DECODER(, "dilithium2", dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium2", dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); @@ -706,71 +679,45 @@ MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, - SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, - oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, - PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, - oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, - oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index b060754d..bd648cc9 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -814,266 +814,266 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) // OQS provider uses NIDs generated at load time as EVP_type identifiers // so initially this must be 0 and set to a real value by OBJ_sn2nid later ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_START -#define frodo640aes_evp_type 0 -#define frodo640aes_input_type "frodo640aes" -#define frodo640aes_pem_type "frodo640aes" - -#define p256_frodo640aes_evp_type 0 -#define p256_frodo640aes_input_type "p256_frodo640aes" -#define p256_frodo640aes_pem_type "p256_frodo640aes" -#define x25519_frodo640aes_evp_type 0 -#define x25519_frodo640aes_input_type "x25519_frodo640aes" -#define x25519_frodo640aes_pem_type "x25519_frodo640aes" -#define frodo640shake_evp_type 0 -#define frodo640shake_input_type "frodo640shake" -#define frodo640shake_pem_type "frodo640shake" - -#define p256_frodo640shake_evp_type 0 -#define p256_frodo640shake_input_type "p256_frodo640shake" -#define p256_frodo640shake_pem_type "p256_frodo640shake" -#define x25519_frodo640shake_evp_type 0 -#define x25519_frodo640shake_input_type "x25519_frodo640shake" -#define x25519_frodo640shake_pem_type "x25519_frodo640shake" -#define frodo976aes_evp_type 0 -#define frodo976aes_input_type "frodo976aes" -#define frodo976aes_pem_type "frodo976aes" - -#define p384_frodo976aes_evp_type 0 -#define p384_frodo976aes_input_type "p384_frodo976aes" -#define p384_frodo976aes_pem_type "p384_frodo976aes" -#define x448_frodo976aes_evp_type 0 -#define x448_frodo976aes_input_type "x448_frodo976aes" -#define x448_frodo976aes_pem_type "x448_frodo976aes" -#define frodo976shake_evp_type 0 -#define frodo976shake_input_type "frodo976shake" -#define frodo976shake_pem_type "frodo976shake" - -#define p384_frodo976shake_evp_type 0 -#define p384_frodo976shake_input_type "p384_frodo976shake" -#define p384_frodo976shake_pem_type "p384_frodo976shake" -#define x448_frodo976shake_evp_type 0 -#define x448_frodo976shake_input_type "x448_frodo976shake" -#define x448_frodo976shake_pem_type "x448_frodo976shake" -#define frodo1344aes_evp_type 0 -#define frodo1344aes_input_type "frodo1344aes" -#define frodo1344aes_pem_type "frodo1344aes" - -#define p521_frodo1344aes_evp_type 0 -#define p521_frodo1344aes_input_type "p521_frodo1344aes" -#define p521_frodo1344aes_pem_type "p521_frodo1344aes" -#define frodo1344shake_evp_type 0 -#define frodo1344shake_input_type "frodo1344shake" -#define frodo1344shake_pem_type "frodo1344shake" - -#define p521_frodo1344shake_evp_type 0 -#define p521_frodo1344shake_input_type "p521_frodo1344shake" -#define p521_frodo1344shake_pem_type "p521_frodo1344shake" -#define kyber512_evp_type 0 -#define kyber512_input_type "kyber512" -#define kyber512_pem_type "kyber512" - -#define p256_kyber512_evp_type 0 -#define p256_kyber512_input_type "p256_kyber512" -#define p256_kyber512_pem_type "p256_kyber512" -#define x25519_kyber512_evp_type 0 -#define x25519_kyber512_input_type "x25519_kyber512" -#define x25519_kyber512_pem_type "x25519_kyber512" -#define kyber768_evp_type 0 -#define kyber768_input_type "kyber768" -#define kyber768_pem_type "kyber768" - -#define p384_kyber768_evp_type 0 -#define p384_kyber768_input_type "p384_kyber768" -#define p384_kyber768_pem_type "p384_kyber768" -#define x448_kyber768_evp_type 0 -#define x448_kyber768_input_type "x448_kyber768" -#define x448_kyber768_pem_type "x448_kyber768" -#define x25519_kyber768_evp_type 0 -#define x25519_kyber768_input_type "x25519_kyber768" -#define x25519_kyber768_pem_type "x25519_kyber768" -#define p256_kyber768_evp_type 0 -#define p256_kyber768_input_type "p256_kyber768" -#define p256_kyber768_pem_type "p256_kyber768" -#define kyber1024_evp_type 0 -#define kyber1024_input_type "kyber1024" -#define kyber1024_pem_type "kyber1024" - -#define p521_kyber1024_evp_type 0 -#define p521_kyber1024_input_type "p521_kyber1024" -#define p521_kyber1024_pem_type "p521_kyber1024" -#define bikel1_evp_type 0 -#define bikel1_input_type "bikel1" -#define bikel1_pem_type "bikel1" - -#define p256_bikel1_evp_type 0 -#define p256_bikel1_input_type "p256_bikel1" -#define p256_bikel1_pem_type "p256_bikel1" -#define x25519_bikel1_evp_type 0 -#define x25519_bikel1_input_type "x25519_bikel1" -#define x25519_bikel1_pem_type "x25519_bikel1" -#define bikel3_evp_type 0 -#define bikel3_input_type "bikel3" -#define bikel3_pem_type "bikel3" - -#define p384_bikel3_evp_type 0 -#define p384_bikel3_input_type "p384_bikel3" -#define p384_bikel3_pem_type "p384_bikel3" -#define x448_bikel3_evp_type 0 -#define x448_bikel3_input_type "x448_bikel3" -#define x448_bikel3_pem_type "x448_bikel3" -#define bikel5_evp_type 0 -#define bikel5_input_type "bikel5" -#define bikel5_pem_type "bikel5" - -#define p521_bikel5_evp_type 0 -#define p521_bikel5_input_type "p521_bikel5" -#define p521_bikel5_pem_type "p521_bikel5" -#define hqc128_evp_type 0 -#define hqc128_input_type "hqc128" -#define hqc128_pem_type "hqc128" - -#define p256_hqc128_evp_type 0 -#define p256_hqc128_input_type "p256_hqc128" -#define p256_hqc128_pem_type "p256_hqc128" -#define x25519_hqc128_evp_type 0 -#define x25519_hqc128_input_type "x25519_hqc128" -#define x25519_hqc128_pem_type "x25519_hqc128" -#define hqc192_evp_type 0 -#define hqc192_input_type "hqc192" -#define hqc192_pem_type "hqc192" - -#define p384_hqc192_evp_type 0 -#define p384_hqc192_input_type "p384_hqc192" -#define p384_hqc192_pem_type "p384_hqc192" -#define x448_hqc192_evp_type 0 -#define x448_hqc192_input_type "x448_hqc192" -#define x448_hqc192_pem_type "x448_hqc192" -#define hqc256_evp_type 0 -#define hqc256_input_type "hqc256" -#define hqc256_pem_type "hqc256" - -#define p521_hqc256_evp_type 0 -#define p521_hqc256_input_type "p521_hqc256" -#define p521_hqc256_pem_type "p521_hqc256" - -#define dilithium2_evp_type 0 -#define dilithium2_input_type "dilithium2" -#define dilithium2_pem_type "dilithium2" -#define p256_dilithium2_evp_type 0 -#define p256_dilithium2_input_type "p256_dilithium2" -#define p256_dilithium2_pem_type "p256_dilithium2" -#define rsa3072_dilithium2_evp_type 0 -#define rsa3072_dilithium2_input_type "rsa3072_dilithium2" -#define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" -#define dilithium2_pss2048_evp_type 0 -#define dilithium2_pss2048_input_type "dilithium2_pss2048" -#define dilithium2_pss2048_pem_type "dilithium2_pss2048" -#define dilithium2_rsa2048_evp_type 0 -#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" -#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" -#define dilithium2_ed25519_evp_type 0 -#define dilithium2_ed25519_input_type "dilithium2_ed25519" -#define dilithium2_ed25519_pem_type "dilithium2_ed25519" -#define dilithium2_p256_evp_type 0 -#define dilithium2_p256_input_type "dilithium2_p256" -#define dilithium2_p256_pem_type "dilithium2_p256" -#define dilithium2_bp256_evp_type 0 -#define dilithium2_bp256_input_type "dilithium2_bp256" -#define dilithium2_bp256_pem_type "dilithium2_bp256" -#define dilithium3_evp_type 0 -#define dilithium3_input_type "dilithium3" -#define dilithium3_pem_type "dilithium3" -#define p384_dilithium3_evp_type 0 -#define p384_dilithium3_input_type "p384_dilithium3" -#define p384_dilithium3_pem_type "p384_dilithium3" -#define dilithium3_pss3072_evp_type 0 -#define dilithium3_pss3072_input_type "dilithium3_pss3072" -#define dilithium3_pss3072_pem_type "dilithium3_pss3072" -#define dilithium3_rsa3072_evp_type 0 -#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" -#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" -#define dilithium3_p256_evp_type 0 -#define dilithium3_p256_input_type "dilithium3_p256" -#define dilithium3_p256_pem_type "dilithium3_p256" -#define dilithium3_bp256_evp_type 0 -#define dilithium3_bp256_input_type "dilithium3_bp256" -#define dilithium3_bp256_pem_type "dilithium3_bp256" -#define dilithium3_ed25519_evp_type 0 -#define dilithium3_ed25519_input_type "dilithium3_ed25519" -#define dilithium3_ed25519_pem_type "dilithium3_ed25519" -#define dilithium5_evp_type 0 -#define dilithium5_input_type "dilithium5" -#define dilithium5_pem_type "dilithium5" -#define p521_dilithium5_evp_type 0 -#define p521_dilithium5_input_type "p521_dilithium5" -#define p521_dilithium5_pem_type "p521_dilithium5" -#define dilithium5_p384_evp_type 0 -#define dilithium5_p384_input_type "dilithium5_p384" -#define dilithium5_p384_pem_type "dilithium5_p384" -#define dilithium5_bp384_evp_type 0 -#define dilithium5_bp384_input_type "dilithium5_bp384" -#define dilithium5_bp384_pem_type "dilithium5_bp384" -#define dilithium5_ed448_evp_type 0 -#define dilithium5_ed448_input_type "dilithium5_ed448" -#define dilithium5_ed448_pem_type "dilithium5_ed448" -#define falcon512_evp_type 0 -#define falcon512_input_type "falcon512" -#define falcon512_pem_type "falcon512" -#define p256_falcon512_evp_type 0 -#define p256_falcon512_input_type "p256_falcon512" -#define p256_falcon512_pem_type "p256_falcon512" -#define rsa3072_falcon512_evp_type 0 -#define rsa3072_falcon512_input_type "rsa3072_falcon512" -#define rsa3072_falcon512_pem_type "rsa3072_falcon512" -#define falcon512_p256_evp_type 0 -#define falcon512_p256_input_type "falcon512_p256" -#define falcon512_p256_pem_type "falcon512_p256" -#define falcon512_bp256_evp_type 0 -#define falcon512_bp256_input_type "falcon512_bp256" -#define falcon512_bp256_pem_type "falcon512_bp256" -#define falcon512_ed25519_evp_type 0 -#define falcon512_ed25519_input_type "falcon512_ed25519" -#define falcon512_ed25519_pem_type "falcon512_ed25519" -#define falcon1024_evp_type 0 -#define falcon1024_input_type "falcon1024" -#define falcon1024_pem_type "falcon1024" -#define p521_falcon1024_evp_type 0 -#define p521_falcon1024_input_type "p521_falcon1024" -#define p521_falcon1024_pem_type "p521_falcon1024" -#define sphincssha2128fsimple_evp_type 0 -#define sphincssha2128fsimple_input_type "sphincssha2128fsimple" -#define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" -#define p256_sphincssha2128fsimple_evp_type 0 -#define p256_sphincssha2128fsimple_input_type "p256_sphincssha2128fsimple" -#define p256_sphincssha2128fsimple_pem_type "p256_sphincssha2128fsimple" -#define rsa3072_sphincssha2128fsimple_evp_type 0 -#define rsa3072_sphincssha2128fsimple_input_type "rsa3072_sphincssha2128fsimple" -#define rsa3072_sphincssha2128fsimple_pem_type "rsa3072_sphincssha2128fsimple" -#define sphincssha2128ssimple_evp_type 0 -#define sphincssha2128ssimple_input_type "sphincssha2128ssimple" -#define sphincssha2128ssimple_pem_type "sphincssha2128ssimple" -#define p256_sphincssha2128ssimple_evp_type 0 -#define p256_sphincssha2128ssimple_input_type "p256_sphincssha2128ssimple" -#define p256_sphincssha2128ssimple_pem_type "p256_sphincssha2128ssimple" -#define rsa3072_sphincssha2128ssimple_evp_type 0 -#define rsa3072_sphincssha2128ssimple_input_type "rsa3072_sphincssha2128ssimple" -#define rsa3072_sphincssha2128ssimple_pem_type "rsa3072_sphincssha2128ssimple" -#define sphincssha2192fsimple_evp_type 0 -#define sphincssha2192fsimple_input_type "sphincssha2192fsimple" -#define sphincssha2192fsimple_pem_type "sphincssha2192fsimple" -#define p384_sphincssha2192fsimple_evp_type 0 -#define p384_sphincssha2192fsimple_input_type "p384_sphincssha2192fsimple" -#define p384_sphincssha2192fsimple_pem_type "p384_sphincssha2192fsimple" -#define sphincsshake128fsimple_evp_type 0 -#define sphincsshake128fsimple_input_type "sphincsshake128fsimple" -#define sphincsshake128fsimple_pem_type "sphincsshake128fsimple" -#define p256_sphincsshake128fsimple_evp_type 0 -#define p256_sphincsshake128fsimple_input_type "p256_sphincsshake128fsimple" -#define p256_sphincsshake128fsimple_pem_type "p256_sphincsshake128fsimple" -#define rsa3072_sphincsshake128fsimple_evp_type 0 -#define rsa3072_sphincsshake128fsimple_input_type \ - "rsa3072_sphincsshake128fsimple" -#define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" +# define frodo640aes_evp_type 0 +# define frodo640aes_input_type "frodo640aes" +# define frodo640aes_pem_type "frodo640aes" + +# define p256_frodo640aes_evp_type 0 +# define p256_frodo640aes_input_type "p256_frodo640aes" +# define p256_frodo640aes_pem_type "p256_frodo640aes" +# define x25519_frodo640aes_evp_type 0 +# define x25519_frodo640aes_input_type "x25519_frodo640aes" +# define x25519_frodo640aes_pem_type "x25519_frodo640aes" +# define frodo640shake_evp_type 0 +# define frodo640shake_input_type "frodo640shake" +# define frodo640shake_pem_type "frodo640shake" + +# define p256_frodo640shake_evp_type 0 +# define p256_frodo640shake_input_type "p256_frodo640shake" +# define p256_frodo640shake_pem_type "p256_frodo640shake" +# define x25519_frodo640shake_evp_type 0 +# define x25519_frodo640shake_input_type "x25519_frodo640shake" +# define x25519_frodo640shake_pem_type "x25519_frodo640shake" +# define frodo976aes_evp_type 0 +# define frodo976aes_input_type "frodo976aes" +# define frodo976aes_pem_type "frodo976aes" + +# define p384_frodo976aes_evp_type 0 +# define p384_frodo976aes_input_type "p384_frodo976aes" +# define p384_frodo976aes_pem_type "p384_frodo976aes" +# define x448_frodo976aes_evp_type 0 +# define x448_frodo976aes_input_type "x448_frodo976aes" +# define x448_frodo976aes_pem_type "x448_frodo976aes" +# define frodo976shake_evp_type 0 +# define frodo976shake_input_type "frodo976shake" +# define frodo976shake_pem_type "frodo976shake" + +# define p384_frodo976shake_evp_type 0 +# define p384_frodo976shake_input_type "p384_frodo976shake" +# define p384_frodo976shake_pem_type "p384_frodo976shake" +# define x448_frodo976shake_evp_type 0 +# define x448_frodo976shake_input_type "x448_frodo976shake" +# define x448_frodo976shake_pem_type "x448_frodo976shake" +# define frodo1344aes_evp_type 0 +# define frodo1344aes_input_type "frodo1344aes" +# define frodo1344aes_pem_type "frodo1344aes" + +# define p521_frodo1344aes_evp_type 0 +# define p521_frodo1344aes_input_type "p521_frodo1344aes" +# define p521_frodo1344aes_pem_type "p521_frodo1344aes" +# define frodo1344shake_evp_type 0 +# define frodo1344shake_input_type "frodo1344shake" +# define frodo1344shake_pem_type "frodo1344shake" + +# define p521_frodo1344shake_evp_type 0 +# define p521_frodo1344shake_input_type "p521_frodo1344shake" +# define p521_frodo1344shake_pem_type "p521_frodo1344shake" +# define kyber512_evp_type 0 +# define kyber512_input_type "kyber512" +# define kyber512_pem_type "kyber512" + +# define p256_kyber512_evp_type 0 +# define p256_kyber512_input_type "p256_kyber512" +# define p256_kyber512_pem_type "p256_kyber512" +# define x25519_kyber512_evp_type 0 +# define x25519_kyber512_input_type "x25519_kyber512" +# define x25519_kyber512_pem_type "x25519_kyber512" +# define kyber768_evp_type 0 +# define kyber768_input_type "kyber768" +# define kyber768_pem_type "kyber768" + +# define p384_kyber768_evp_type 0 +# define p384_kyber768_input_type "p384_kyber768" +# define p384_kyber768_pem_type "p384_kyber768" +# define x448_kyber768_evp_type 0 +# define x448_kyber768_input_type "x448_kyber768" +# define x448_kyber768_pem_type "x448_kyber768" +# define x25519_kyber768_evp_type 0 +# define x25519_kyber768_input_type "x25519_kyber768" +# define x25519_kyber768_pem_type "x25519_kyber768" +# define p256_kyber768_evp_type 0 +# define p256_kyber768_input_type "p256_kyber768" +# define p256_kyber768_pem_type "p256_kyber768" +# define kyber1024_evp_type 0 +# define kyber1024_input_type "kyber1024" +# define kyber1024_pem_type "kyber1024" + +# define p521_kyber1024_evp_type 0 +# define p521_kyber1024_input_type "p521_kyber1024" +# define p521_kyber1024_pem_type "p521_kyber1024" +# define bikel1_evp_type 0 +# define bikel1_input_type "bikel1" +# define bikel1_pem_type "bikel1" + +# define p256_bikel1_evp_type 0 +# define p256_bikel1_input_type "p256_bikel1" +# define p256_bikel1_pem_type "p256_bikel1" +# define x25519_bikel1_evp_type 0 +# define x25519_bikel1_input_type "x25519_bikel1" +# define x25519_bikel1_pem_type "x25519_bikel1" +# define bikel3_evp_type 0 +# define bikel3_input_type "bikel3" +# define bikel3_pem_type "bikel3" + +# define p384_bikel3_evp_type 0 +# define p384_bikel3_input_type "p384_bikel3" +# define p384_bikel3_pem_type "p384_bikel3" +# define x448_bikel3_evp_type 0 +# define x448_bikel3_input_type "x448_bikel3" +# define x448_bikel3_pem_type "x448_bikel3" +# define bikel5_evp_type 0 +# define bikel5_input_type "bikel5" +# define bikel5_pem_type "bikel5" + +# define p521_bikel5_evp_type 0 +# define p521_bikel5_input_type "p521_bikel5" +# define p521_bikel5_pem_type "p521_bikel5" +# define hqc128_evp_type 0 +# define hqc128_input_type "hqc128" +# define hqc128_pem_type "hqc128" + +# define p256_hqc128_evp_type 0 +# define p256_hqc128_input_type "p256_hqc128" +# define p256_hqc128_pem_type "p256_hqc128" +# define x25519_hqc128_evp_type 0 +# define x25519_hqc128_input_type "x25519_hqc128" +# define x25519_hqc128_pem_type "x25519_hqc128" +# define hqc192_evp_type 0 +# define hqc192_input_type "hqc192" +# define hqc192_pem_type "hqc192" + +# define p384_hqc192_evp_type 0 +# define p384_hqc192_input_type "p384_hqc192" +# define p384_hqc192_pem_type "p384_hqc192" +# define x448_hqc192_evp_type 0 +# define x448_hqc192_input_type "x448_hqc192" +# define x448_hqc192_pem_type "x448_hqc192" +# define hqc256_evp_type 0 +# define hqc256_input_type "hqc256" +# define hqc256_pem_type "hqc256" + +# define p521_hqc256_evp_type 0 +# define p521_hqc256_input_type "p521_hqc256" +# define p521_hqc256_pem_type "p521_hqc256" + + +# define dilithium2_evp_type 0 +# define dilithium2_input_type "dilithium2" +# define dilithium2_pem_type "dilithium2" +# define p256_dilithium2_evp_type 0 +# define p256_dilithium2_input_type "p256_dilithium2" +# define p256_dilithium2_pem_type "p256_dilithium2" +# define rsa3072_dilithium2_evp_type 0 +# define rsa3072_dilithium2_input_type "rsa3072_dilithium2" +# define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" +# define dilithium2_pss2048_evp_type 0 +# define dilithium2_pss2048_input_type "dilithium2_pss2048" +# define dilithium2_pss2048_pem_type "dilithium2_pss2048" +# define dilithium2_rsa2048_evp_type 0 +# define dilithium2_rsa2048_input_type "dilithium2_rsa2048" +# define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" +# define dilithium2_ed25519_evp_type 0 +# define dilithium2_ed25519_input_type "dilithium2_ed25519" +# define dilithium2_ed25519_pem_type "dilithium2_ed25519" +# define dilithium2_p256_evp_type 0 +# define dilithium2_p256_input_type "dilithium2_p256" +# define dilithium2_p256_pem_type "dilithium2_p256" +# define dilithium2_bp256_evp_type 0 +# define dilithium2_bp256_input_type "dilithium2_bp256" +# define dilithium2_bp256_pem_type "dilithium2_bp256" +# define dilithium3_evp_type 0 +# define dilithium3_input_type "dilithium3" +# define dilithium3_pem_type "dilithium3" +# define p384_dilithium3_evp_type 0 +# define p384_dilithium3_input_type "p384_dilithium3" +# define p384_dilithium3_pem_type "p384_dilithium3" +# define dilithium3_pss3072_evp_type 0 +# define dilithium3_pss3072_input_type "dilithium3_pss3072" +# define dilithium3_pss3072_pem_type "dilithium3_pss3072" +# define dilithium3_rsa3072_evp_type 0 +# define dilithium3_rsa3072_input_type "dilithium3_rsa3072" +# define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" +# define dilithium3_p256_evp_type 0 +# define dilithium3_p256_input_type "dilithium3_p256" +# define dilithium3_p256_pem_type "dilithium3_p256" +# define dilithium3_bp256_evp_type 0 +# define dilithium3_bp256_input_type "dilithium3_bp256" +# define dilithium3_bp256_pem_type "dilithium3_bp256" +# define dilithium3_ed25519_evp_type 0 +# define dilithium3_ed25519_input_type "dilithium3_ed25519" +# define dilithium3_ed25519_pem_type "dilithium3_ed25519" +# define dilithium5_evp_type 0 +# define dilithium5_input_type "dilithium5" +# define dilithium5_pem_type "dilithium5" +# define p521_dilithium5_evp_type 0 +# define p521_dilithium5_input_type "p521_dilithium5" +# define p521_dilithium5_pem_type "p521_dilithium5" +# define dilithium5_p384_evp_type 0 +# define dilithium5_p384_input_type "dilithium5_p384" +# define dilithium5_p384_pem_type "dilithium5_p384" +# define dilithium5_bp384_evp_type 0 +# define dilithium5_bp384_input_type "dilithium5_bp384" +# define dilithium5_bp384_pem_type "dilithium5_bp384" +# define dilithium5_ed448_evp_type 0 +# define dilithium5_ed448_input_type "dilithium5_ed448" +# define dilithium5_ed448_pem_type "dilithium5_ed448" +# define falcon512_evp_type 0 +# define falcon512_input_type "falcon512" +# define falcon512_pem_type "falcon512" +# define p256_falcon512_evp_type 0 +# define p256_falcon512_input_type "p256_falcon512" +# define p256_falcon512_pem_type "p256_falcon512" +# define rsa3072_falcon512_evp_type 0 +# define rsa3072_falcon512_input_type "rsa3072_falcon512" +# define rsa3072_falcon512_pem_type "rsa3072_falcon512" +# define falcon512_p256_evp_type 0 +# define falcon512_p256_input_type "falcon512_p256" +# define falcon512_p256_pem_type "falcon512_p256" +# define falcon512_bp256_evp_type 0 +# define falcon512_bp256_input_type "falcon512_bp256" +# define falcon512_bp256_pem_type "falcon512_bp256" +# define falcon512_ed25519_evp_type 0 +# define falcon512_ed25519_input_type "falcon512_ed25519" +# define falcon512_ed25519_pem_type "falcon512_ed25519" +# define falcon1024_evp_type 0 +# define falcon1024_input_type "falcon1024" +# define falcon1024_pem_type "falcon1024" +# define p521_falcon1024_evp_type 0 +# define p521_falcon1024_input_type "p521_falcon1024" +# define p521_falcon1024_pem_type "p521_falcon1024" +# define sphincssha2128fsimple_evp_type 0 +# define sphincssha2128fsimple_input_type "sphincssha2128fsimple" +# define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" +# define p256_sphincssha2128fsimple_evp_type 0 +# define p256_sphincssha2128fsimple_input_type "p256_sphincssha2128fsimple" +# define p256_sphincssha2128fsimple_pem_type "p256_sphincssha2128fsimple" +# define rsa3072_sphincssha2128fsimple_evp_type 0 +# define rsa3072_sphincssha2128fsimple_input_type "rsa3072_sphincssha2128fsimple" +# define rsa3072_sphincssha2128fsimple_pem_type "rsa3072_sphincssha2128fsimple" +# define sphincssha2128ssimple_evp_type 0 +# define sphincssha2128ssimple_input_type "sphincssha2128ssimple" +# define sphincssha2128ssimple_pem_type "sphincssha2128ssimple" +# define p256_sphincssha2128ssimple_evp_type 0 +# define p256_sphincssha2128ssimple_input_type "p256_sphincssha2128ssimple" +# define p256_sphincssha2128ssimple_pem_type "p256_sphincssha2128ssimple" +# define rsa3072_sphincssha2128ssimple_evp_type 0 +# define rsa3072_sphincssha2128ssimple_input_type "rsa3072_sphincssha2128ssimple" +# define rsa3072_sphincssha2128ssimple_pem_type "rsa3072_sphincssha2128ssimple" +# define sphincssha2192fsimple_evp_type 0 +# define sphincssha2192fsimple_input_type "sphincssha2192fsimple" +# define sphincssha2192fsimple_pem_type "sphincssha2192fsimple" +# define p384_sphincssha2192fsimple_evp_type 0 +# define p384_sphincssha2192fsimple_input_type "p384_sphincssha2192fsimple" +# define p384_sphincssha2192fsimple_pem_type "p384_sphincssha2192fsimple" +# define sphincsshake128fsimple_evp_type 0 +# define sphincsshake128fsimple_input_type "sphincsshake128fsimple" +# define sphincsshake128fsimple_pem_type "sphincsshake128fsimple" +# define p256_sphincsshake128fsimple_evp_type 0 +# define p256_sphincsshake128fsimple_input_type "p256_sphincsshake128fsimple" +# define p256_sphincsshake128fsimple_pem_type "p256_sphincsshake128fsimple" +# define rsa3072_sphincsshake128fsimple_evp_type 0 +# define rsa3072_sphincsshake128fsimple_input_type "rsa3072_sphincsshake128fsimple" +# define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -1722,6 +1722,7 @@ key2text_encode(void *vctx, const void *key, int selection, OSSL_CORE_BIO *cout, ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_START #ifdef OQS_KEM_ENCODERS + MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, frodo640aes, oqsx, PrivateKeyInfo, der); @@ -2243,10 +2244,8 @@ MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincssha2128fsimple); -MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, - der); -MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, - pem); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); @@ -2266,10 +2265,8 @@ MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincssha2128ssimple); -MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, - der); -MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, - pem); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); @@ -2303,10 +2300,8 @@ MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincsshake128fsimple); -MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, - der); -MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, - pem); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 09bb2b31..bb56299c 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -583,460 +583,358 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[]) ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_START static void *dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2", KEY_TYPE_SIG, NULL, 128, 0); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2", KEY_TYPE_SIG, NULL, 128, 0); } static void *dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2", 0, 128, 0); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2", 0, 128, 0); } static void *p256_dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1); } static void *p256_dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1); } static void *rsa3072_dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2); } static void *rsa3072_dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); } static void *dilithium2_pss2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); } static void *dilithium2_pss2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); } static void *dilithium2_rsa2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); } static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); } static void *dilithium2_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); } static void *dilithium2_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); } static void *dilithium2_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); } static void *dilithium2_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); } static void *dilithium2_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); } static void *dilithium2_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); } static void *dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); } static void *dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3", 0, 192, 8); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3", 0, 192, 8); } static void *p384_dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); } static void *p384_dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); } static void *dilithium3_pss3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); } static void *dilithium3_pss3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); } static void *dilithium3_rsa3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); } static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); } static void *dilithium3_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); } static void *dilithium3_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); } static void *dilithium3_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); } static void *dilithium3_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); } static void *dilithium3_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); } static void *dilithium3_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); } static void *dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); } static void *dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5", 0, 256, 15); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5", 0, 256, 15); } static void *p521_dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); } static void *p521_dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); } static void *dilithium5_p384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); } static void *dilithium5_p384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); } static void *dilithium5_bp384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); } static void *dilithium5_bp384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); } static void *dilithium5_ed448_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); } static void *dilithium5_ed448_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); } static void *falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 20); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512", KEY_TYPE_SIG, NULL, 128, 20); } static void *falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 20); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512", 0, 128, 20); } static void *p256_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 21); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 21); } static void *p256_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 21); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 21); } static void *rsa3072_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 22); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 22); } static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 22); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 22); } static void *falcon512_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 23); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 23); } static void *falcon512_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 23); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 23); } static void *falcon512_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 24); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 24); } static void *falcon512_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 24); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 24); } static void *falcon512_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 25); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 25); } static void *falcon512_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 25); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 25); } static void *falcon1024_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 26); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, "falcon1024", KEY_TYPE_SIG, NULL, 256, 26); } static void *falcon1024_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 26); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, "falcon1024", 0, 256, 26); } static void *p521_falcon1024_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 27); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 27); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 27); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 27); } + static void *sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 28); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 28); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, - OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 28); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "sphincssha2128fsimple", 0, 128, 28); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 29); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 29); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 30); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 30); } -static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, - int selection) +static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 30); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 30); } static void *sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 31); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 31); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, - OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 31); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "sphincssha2128ssimple", 0, 128, 31); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 32); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 32); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 32); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 32); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } -static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, - int selection) +static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 33); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *sphincssha2192fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 34); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 34); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, - OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 34); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, "sphincssha2192fsimple", 0, 192, 34); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 35); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 35); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 35); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 35); } static void *sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 36); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 36); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, - OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 36); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "sphincsshake128fsimple", 0, 128, 36); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 37); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); } -static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, - int selection) +static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init( - provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 38); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 38); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1230,40 +1128,30 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, - 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, - 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, - OQS_KEM_alg_frodokem_640_shake, 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, - OQS_KEM_alg_frodokem_640_shake, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, - 192) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, - 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, - OQS_KEM_alg_frodokem_976_shake, 192) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, - OQS_KEM_alg_frodokem_976_shake, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, - 256) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344shake, - OQS_KEM_alg_frodokem_1344_shake, 256) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber512, OQS_KEM_alg_kyber_512, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber512, OQS_KEM_alg_kyber_512, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1bf1c02e..1ec8608a 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -257,1470 +257,695 @@ extern const OSSL_DISPATCH oqs_signature_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_START #ifdef OQS_KEM_ENCODERS -extern const OSSL_DISPATCH - oqs_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; + +extern const OSSL_DISPATCH oqs_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo640aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_frodo640aes_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo640shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_frodo640shake_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo976aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_frodo976aes_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo976shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_frodo976shake_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo1344aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo1344aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo1344shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo1344shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber512_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_kyber512_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x448_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x448_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_kyber1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_kyber1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber1024_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_kyber1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel1_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_bikel1_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_bikel1_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_bikel1_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_bikel1_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel3_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_bikel3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_bikel3_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_bikel3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x448_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_bikel3_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_bikel5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel5_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_bikel5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_bikel5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_bikel5_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc128_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_hqc128_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x25519_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_hqc128_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_hqc128_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x25519_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_hqc128_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc192_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_hqc192_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_x448_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_hqc192_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_hqc192_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_x448_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_hqc192_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_hqc256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc256_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_hqc256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_hqc256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_hqc256_decoder_functions[]; #endif /* OQS_KEM_ENCODERS */ -extern const OSSL_DISPATCH - oqs_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; + +extern const OSSL_DISPATCH oqs_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_dilithium3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_dilithium5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincssha2192fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p384_sphincssha2192fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_p256_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions - []; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions - []; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions - []; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START -extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_keymgmt_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincssha2128ssimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH - oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 3496d68d..9bdc5e3f 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -36,318 +36,176 @@ ///// OQS_TEMPLATE_FRAGMENT_MAKE_START #ifdef OQS_KEM_ENCODERS -# ifdef OQS_ENABLE_KEM_frodokem_640_aes +#ifdef OQS_ENABLE_KEM_frodokem_640_aes DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), - DECODER_w_structure("frodo640aes", der, SubjectPublicKeyInfo, frodo640aes), - DECODER_w_structure("p256_frodo640aes", der, PrivateKeyInfo, - p256_frodo640aes), - DECODER_w_structure("p256_frodo640aes", der, SubjectPublicKeyInfo, - p256_frodo640aes), - DECODER_w_structure("x25519_frodo640aes", der, PrivateKeyInfo, - x25519_frodo640aes), - DECODER_w_structure("x25519_frodo640aes", der, SubjectPublicKeyInfo, - x25519_frodo640aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_640_shake - DECODER_w_structure("frodo640shake", der, PrivateKeyInfo, frodo640shake), - DECODER_w_structure("frodo640shake", der, SubjectPublicKeyInfo, - frodo640shake), - DECODER_w_structure("p256_frodo640shake", der, PrivateKeyInfo, - p256_frodo640shake), - DECODER_w_structure("p256_frodo640shake", der, SubjectPublicKeyInfo, - p256_frodo640shake), - DECODER_w_structure("x25519_frodo640shake", der, PrivateKeyInfo, - x25519_frodo640shake), - DECODER_w_structure("x25519_frodo640shake", der, SubjectPublicKeyInfo, - x25519_frodo640shake), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_976_aes - DECODER_w_structure("frodo976aes", der, PrivateKeyInfo, frodo976aes), - DECODER_w_structure("frodo976aes", der, SubjectPublicKeyInfo, frodo976aes), - DECODER_w_structure("p384_frodo976aes", der, PrivateKeyInfo, - p384_frodo976aes), - DECODER_w_structure("p384_frodo976aes", der, SubjectPublicKeyInfo, - p384_frodo976aes), - DECODER_w_structure("x448_frodo976aes", der, PrivateKeyInfo, - x448_frodo976aes), - DECODER_w_structure("x448_frodo976aes", der, SubjectPublicKeyInfo, - x448_frodo976aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_976_shake - DECODER_w_structure("frodo976shake", der, PrivateKeyInfo, frodo976shake), - DECODER_w_structure("frodo976shake", der, SubjectPublicKeyInfo, - frodo976shake), - DECODER_w_structure("p384_frodo976shake", der, PrivateKeyInfo, - p384_frodo976shake), - DECODER_w_structure("p384_frodo976shake", der, SubjectPublicKeyInfo, - p384_frodo976shake), - DECODER_w_structure("x448_frodo976shake", der, PrivateKeyInfo, - x448_frodo976shake), - DECODER_w_structure("x448_frodo976shake", der, SubjectPublicKeyInfo, - x448_frodo976shake), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_1344_aes - DECODER_w_structure("frodo1344aes", der, PrivateKeyInfo, frodo1344aes), - DECODER_w_structure("frodo1344aes", der, SubjectPublicKeyInfo, - frodo1344aes), - DECODER_w_structure("p521_frodo1344aes", der, PrivateKeyInfo, - p521_frodo1344aes), - DECODER_w_structure("p521_frodo1344aes", der, SubjectPublicKeyInfo, - p521_frodo1344aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_1344_shake - DECODER_w_structure("frodo1344shake", der, PrivateKeyInfo, frodo1344shake), - DECODER_w_structure("frodo1344shake", der, SubjectPublicKeyInfo, - frodo1344shake), - DECODER_w_structure("p521_frodo1344shake", der, PrivateKeyInfo, - p521_frodo1344shake), - DECODER_w_structure("p521_frodo1344shake", der, SubjectPublicKeyInfo, - p521_frodo1344shake), -# endif -# ifdef OQS_ENABLE_KEM_kyber_512 - DECODER_w_structure("kyber512", der, PrivateKeyInfo, kyber512), - DECODER_w_structure("kyber512", der, SubjectPublicKeyInfo, kyber512), - DECODER_w_structure("p256_kyber512", der, PrivateKeyInfo, p256_kyber512), - DECODER_w_structure("p256_kyber512", der, SubjectPublicKeyInfo, - p256_kyber512), - DECODER_w_structure("x25519_kyber512", der, PrivateKeyInfo, - x25519_kyber512), - DECODER_w_structure("x25519_kyber512", der, SubjectPublicKeyInfo, - x25519_kyber512), -# endif -# ifdef OQS_ENABLE_KEM_kyber_768 - DECODER_w_structure("kyber768", der, PrivateKeyInfo, kyber768), - DECODER_w_structure("kyber768", der, SubjectPublicKeyInfo, kyber768), - DECODER_w_structure("p384_kyber768", der, PrivateKeyInfo, p384_kyber768), - DECODER_w_structure("p384_kyber768", der, SubjectPublicKeyInfo, - p384_kyber768), - DECODER_w_structure("x448_kyber768", der, PrivateKeyInfo, x448_kyber768), - DECODER_w_structure("x448_kyber768", der, SubjectPublicKeyInfo, - x448_kyber768), - DECODER_w_structure("x25519_kyber768", der, PrivateKeyInfo, - x25519_kyber768), - DECODER_w_structure("x25519_kyber768", der, SubjectPublicKeyInfo, - x25519_kyber768), - DECODER_w_structure("p256_kyber768", der, PrivateKeyInfo, p256_kyber768), - DECODER_w_structure("p256_kyber768", der, SubjectPublicKeyInfo, - p256_kyber768), -# endif -# ifdef OQS_ENABLE_KEM_kyber_1024 - DECODER_w_structure("kyber1024", der, PrivateKeyInfo, kyber1024), - DECODER_w_structure("kyber1024", der, SubjectPublicKeyInfo, kyber1024), - DECODER_w_structure("p521_kyber1024", der, PrivateKeyInfo, p521_kyber1024), - DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, - p521_kyber1024), -# endif -# ifdef OQS_ENABLE_KEM_bike_l1 - DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), - DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), - DECODER_w_structure("p256_bikel1", der, PrivateKeyInfo, p256_bikel1), - DECODER_w_structure("p256_bikel1", der, SubjectPublicKeyInfo, p256_bikel1), - DECODER_w_structure("x25519_bikel1", der, PrivateKeyInfo, x25519_bikel1), - DECODER_w_structure("x25519_bikel1", der, SubjectPublicKeyInfo, - x25519_bikel1), -# endif -# ifdef OQS_ENABLE_KEM_bike_l3 - DECODER_w_structure("bikel3", der, PrivateKeyInfo, bikel3), - DECODER_w_structure("bikel3", der, SubjectPublicKeyInfo, bikel3), - DECODER_w_structure("p384_bikel3", der, PrivateKeyInfo, p384_bikel3), - DECODER_w_structure("p384_bikel3", der, SubjectPublicKeyInfo, p384_bikel3), - DECODER_w_structure("x448_bikel3", der, PrivateKeyInfo, x448_bikel3), - DECODER_w_structure("x448_bikel3", der, SubjectPublicKeyInfo, x448_bikel3), -# endif -# ifdef OQS_ENABLE_KEM_bike_l5 - DECODER_w_structure("bikel5", der, PrivateKeyInfo, bikel5), - DECODER_w_structure("bikel5", der, SubjectPublicKeyInfo, bikel5), - DECODER_w_structure("p521_bikel5", der, PrivateKeyInfo, p521_bikel5), - DECODER_w_structure("p521_bikel5", der, SubjectPublicKeyInfo, p521_bikel5), -# endif -# ifdef OQS_ENABLE_KEM_hqc_128 - DECODER_w_structure("hqc128", der, PrivateKeyInfo, hqc128), - DECODER_w_structure("hqc128", der, SubjectPublicKeyInfo, hqc128), - DECODER_w_structure("p256_hqc128", der, PrivateKeyInfo, p256_hqc128), - DECODER_w_structure("p256_hqc128", der, SubjectPublicKeyInfo, p256_hqc128), - DECODER_w_structure("x25519_hqc128", der, PrivateKeyInfo, x25519_hqc128), - DECODER_w_structure("x25519_hqc128", der, SubjectPublicKeyInfo, - x25519_hqc128), -# endif -# ifdef OQS_ENABLE_KEM_hqc_192 - DECODER_w_structure("hqc192", der, PrivateKeyInfo, hqc192), - DECODER_w_structure("hqc192", der, SubjectPublicKeyInfo, hqc192), - DECODER_w_structure("p384_hqc192", der, PrivateKeyInfo, p384_hqc192), - DECODER_w_structure("p384_hqc192", der, SubjectPublicKeyInfo, p384_hqc192), - DECODER_w_structure("x448_hqc192", der, PrivateKeyInfo, x448_hqc192), - DECODER_w_structure("x448_hqc192", der, SubjectPublicKeyInfo, x448_hqc192), -# endif -# ifdef OQS_ENABLE_KEM_hqc_256 - DECODER_w_structure("hqc256", der, PrivateKeyInfo, hqc256), - DECODER_w_structure("hqc256", der, SubjectPublicKeyInfo, hqc256), - DECODER_w_structure("p521_hqc256", der, PrivateKeyInfo, p521_hqc256), - DECODER_w_structure("p521_hqc256", der, SubjectPublicKeyInfo, p521_hqc256), -# endif +DECODER_w_structure("frodo640aes", der, SubjectPublicKeyInfo, frodo640aes), +DECODER_w_structure("p256_frodo640aes", der, PrivateKeyInfo, p256_frodo640aes), +DECODER_w_structure("p256_frodo640aes", der, SubjectPublicKeyInfo, p256_frodo640aes),DECODER_w_structure("x25519_frodo640aes", der, PrivateKeyInfo, x25519_frodo640aes), +DECODER_w_structure("x25519_frodo640aes", der, SubjectPublicKeyInfo, x25519_frodo640aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_640_shake +DECODER_w_structure("frodo640shake", der, PrivateKeyInfo, frodo640shake), +DECODER_w_structure("frodo640shake", der, SubjectPublicKeyInfo, frodo640shake), +DECODER_w_structure("p256_frodo640shake", der, PrivateKeyInfo, p256_frodo640shake), +DECODER_w_structure("p256_frodo640shake", der, SubjectPublicKeyInfo, p256_frodo640shake),DECODER_w_structure("x25519_frodo640shake", der, PrivateKeyInfo, x25519_frodo640shake), +DECODER_w_structure("x25519_frodo640shake", der, SubjectPublicKeyInfo, x25519_frodo640shake), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_976_aes +DECODER_w_structure("frodo976aes", der, PrivateKeyInfo, frodo976aes), +DECODER_w_structure("frodo976aes", der, SubjectPublicKeyInfo, frodo976aes), +DECODER_w_structure("p384_frodo976aes", der, PrivateKeyInfo, p384_frodo976aes), +DECODER_w_structure("p384_frodo976aes", der, SubjectPublicKeyInfo, p384_frodo976aes),DECODER_w_structure("x448_frodo976aes", der, PrivateKeyInfo, x448_frodo976aes), +DECODER_w_structure("x448_frodo976aes", der, SubjectPublicKeyInfo, x448_frodo976aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_976_shake +DECODER_w_structure("frodo976shake", der, PrivateKeyInfo, frodo976shake), +DECODER_w_structure("frodo976shake", der, SubjectPublicKeyInfo, frodo976shake), +DECODER_w_structure("p384_frodo976shake", der, PrivateKeyInfo, p384_frodo976shake), +DECODER_w_structure("p384_frodo976shake", der, SubjectPublicKeyInfo, p384_frodo976shake),DECODER_w_structure("x448_frodo976shake", der, PrivateKeyInfo, x448_frodo976shake), +DECODER_w_structure("x448_frodo976shake", der, SubjectPublicKeyInfo, x448_frodo976shake), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_1344_aes +DECODER_w_structure("frodo1344aes", der, PrivateKeyInfo, frodo1344aes), +DECODER_w_structure("frodo1344aes", der, SubjectPublicKeyInfo, frodo1344aes), +DECODER_w_structure("p521_frodo1344aes", der, PrivateKeyInfo, p521_frodo1344aes), +DECODER_w_structure("p521_frodo1344aes", der, SubjectPublicKeyInfo, p521_frodo1344aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_1344_shake +DECODER_w_structure("frodo1344shake", der, PrivateKeyInfo, frodo1344shake), +DECODER_w_structure("frodo1344shake", der, SubjectPublicKeyInfo, frodo1344shake), +DECODER_w_structure("p521_frodo1344shake", der, PrivateKeyInfo, p521_frodo1344shake), +DECODER_w_structure("p521_frodo1344shake", der, SubjectPublicKeyInfo, p521_frodo1344shake), +#endif +#ifdef OQS_ENABLE_KEM_kyber_512 +DECODER_w_structure("kyber512", der, PrivateKeyInfo, kyber512), +DECODER_w_structure("kyber512", der, SubjectPublicKeyInfo, kyber512), +DECODER_w_structure("p256_kyber512", der, PrivateKeyInfo, p256_kyber512), +DECODER_w_structure("p256_kyber512", der, SubjectPublicKeyInfo, p256_kyber512),DECODER_w_structure("x25519_kyber512", der, PrivateKeyInfo, x25519_kyber512), +DECODER_w_structure("x25519_kyber512", der, SubjectPublicKeyInfo, x25519_kyber512), +#endif +#ifdef OQS_ENABLE_KEM_kyber_768 +DECODER_w_structure("kyber768", der, PrivateKeyInfo, kyber768), +DECODER_w_structure("kyber768", der, SubjectPublicKeyInfo, kyber768), +DECODER_w_structure("p384_kyber768", der, PrivateKeyInfo, p384_kyber768), +DECODER_w_structure("p384_kyber768", der, SubjectPublicKeyInfo, p384_kyber768),DECODER_w_structure("x448_kyber768", der, PrivateKeyInfo, x448_kyber768), +DECODER_w_structure("x448_kyber768", der, SubjectPublicKeyInfo, x448_kyber768),DECODER_w_structure("x25519_kyber768", der, PrivateKeyInfo, x25519_kyber768), +DECODER_w_structure("x25519_kyber768", der, SubjectPublicKeyInfo, x25519_kyber768),DECODER_w_structure("p256_kyber768", der, PrivateKeyInfo, p256_kyber768), +DECODER_w_structure("p256_kyber768", der, SubjectPublicKeyInfo, p256_kyber768), +#endif +#ifdef OQS_ENABLE_KEM_kyber_1024 +DECODER_w_structure("kyber1024", der, PrivateKeyInfo, kyber1024), +DECODER_w_structure("kyber1024", der, SubjectPublicKeyInfo, kyber1024), +DECODER_w_structure("p521_kyber1024", der, PrivateKeyInfo, p521_kyber1024), +DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, p521_kyber1024), +#endif +#ifdef OQS_ENABLE_KEM_bike_l1 +DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), +DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), +DECODER_w_structure("p256_bikel1", der, PrivateKeyInfo, p256_bikel1), +DECODER_w_structure("p256_bikel1", der, SubjectPublicKeyInfo, p256_bikel1),DECODER_w_structure("x25519_bikel1", der, PrivateKeyInfo, x25519_bikel1), +DECODER_w_structure("x25519_bikel1", der, SubjectPublicKeyInfo, x25519_bikel1), +#endif +#ifdef OQS_ENABLE_KEM_bike_l3 +DECODER_w_structure("bikel3", der, PrivateKeyInfo, bikel3), +DECODER_w_structure("bikel3", der, SubjectPublicKeyInfo, bikel3), +DECODER_w_structure("p384_bikel3", der, PrivateKeyInfo, p384_bikel3), +DECODER_w_structure("p384_bikel3", der, SubjectPublicKeyInfo, p384_bikel3),DECODER_w_structure("x448_bikel3", der, PrivateKeyInfo, x448_bikel3), +DECODER_w_structure("x448_bikel3", der, SubjectPublicKeyInfo, x448_bikel3), +#endif +#ifdef OQS_ENABLE_KEM_bike_l5 +DECODER_w_structure("bikel5", der, PrivateKeyInfo, bikel5), +DECODER_w_structure("bikel5", der, SubjectPublicKeyInfo, bikel5), +DECODER_w_structure("p521_bikel5", der, PrivateKeyInfo, p521_bikel5), +DECODER_w_structure("p521_bikel5", der, SubjectPublicKeyInfo, p521_bikel5), +#endif +#ifdef OQS_ENABLE_KEM_hqc_128 +DECODER_w_structure("hqc128", der, PrivateKeyInfo, hqc128), +DECODER_w_structure("hqc128", der, SubjectPublicKeyInfo, hqc128), +DECODER_w_structure("p256_hqc128", der, PrivateKeyInfo, p256_hqc128), +DECODER_w_structure("p256_hqc128", der, SubjectPublicKeyInfo, p256_hqc128),DECODER_w_structure("x25519_hqc128", der, PrivateKeyInfo, x25519_hqc128), +DECODER_w_structure("x25519_hqc128", der, SubjectPublicKeyInfo, x25519_hqc128), +#endif +#ifdef OQS_ENABLE_KEM_hqc_192 +DECODER_w_structure("hqc192", der, PrivateKeyInfo, hqc192), +DECODER_w_structure("hqc192", der, SubjectPublicKeyInfo, hqc192), +DECODER_w_structure("p384_hqc192", der, PrivateKeyInfo, p384_hqc192), +DECODER_w_structure("p384_hqc192", der, SubjectPublicKeyInfo, p384_hqc192),DECODER_w_structure("x448_hqc192", der, PrivateKeyInfo, x448_hqc192), +DECODER_w_structure("x448_hqc192", der, SubjectPublicKeyInfo, x448_hqc192), +#endif +#ifdef OQS_ENABLE_KEM_hqc_256 +DECODER_w_structure("hqc256", der, PrivateKeyInfo, hqc256), +DECODER_w_structure("hqc256", der, SubjectPublicKeyInfo, hqc256), +DECODER_w_structure("p521_hqc256", der, PrivateKeyInfo, p521_hqc256), +DECODER_w_structure("p521_hqc256", der, SubjectPublicKeyInfo, p521_hqc256), +#endif #endif /* OQS_KEM_ENCODERS */ + #ifdef OQS_ENABLE_SIG_dilithium_2 - DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), - DECODER_w_structure("dilithium2", der, SubjectPublicKeyInfo, dilithium2), - DECODER_w_structure("p256_dilithium2", der, PrivateKeyInfo, - p256_dilithium2), - DECODER_w_structure("p256_dilithium2", der, SubjectPublicKeyInfo, - p256_dilithium2), - DECODER_w_structure("rsa3072_dilithium2", der, PrivateKeyInfo, - rsa3072_dilithium2), - DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, - rsa3072_dilithium2), - DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, - dilithium2_pss2048), - DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, - dilithium2_pss2048), - DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, - dilithium2_ed25519), - DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, - dilithium2_ed25519), - DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, - dilithium2_bp256), - DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, - dilithium2_bp256), +DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), +DECODER_w_structure("dilithium2", der, SubjectPublicKeyInfo, dilithium2),DECODER_w_structure("p256_dilithium2", der, PrivateKeyInfo, p256_dilithium2), +DECODER_w_structure("p256_dilithium2", der, SubjectPublicKeyInfo, p256_dilithium2),DECODER_w_structure("rsa3072_dilithium2", der, PrivateKeyInfo, rsa3072_dilithium2), +DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, rsa3072_dilithium2),DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, dilithium2_pss2048), +DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, dilithium2_pss2048),DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, dilithium2_rsa2048), +DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, dilithium2_rsa2048),DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, dilithium2_ed25519), +DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, dilithium2_ed25519),DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, dilithium2_p256), +DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, dilithium2_p256),DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, dilithium2_bp256), +DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 - DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), - DECODER_w_structure("dilithium3", der, SubjectPublicKeyInfo, dilithium3), - DECODER_w_structure("p384_dilithium3", der, PrivateKeyInfo, - p384_dilithium3), - DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, - p384_dilithium3), - DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, - dilithium3_pss3072), - DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, - dilithium3_pss3072), - DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, - dilithium3_rsa3072), - DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, - dilithium3_rsa3072), - DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, - dilithium3_p256), - DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, - dilithium3_p256), - DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, - dilithium3_bp256), - DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, - dilithium3_bp256), - DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, - dilithium3_ed25519), - DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, - dilithium3_ed25519), +DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), +DECODER_w_structure("dilithium3", der, SubjectPublicKeyInfo, dilithium3),DECODER_w_structure("p384_dilithium3", der, PrivateKeyInfo, p384_dilithium3), +DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, p384_dilithium3),DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, dilithium3_pss3072), +DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, dilithium3_pss3072),DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, dilithium3_rsa3072), +DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, dilithium3_rsa3072),DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, dilithium3_p256), +DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, dilithium3_p256),DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, dilithium3_bp256), +DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, dilithium3_bp256),DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, dilithium3_ed25519), +DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 - DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), - DECODER_w_structure("dilithium5", der, SubjectPublicKeyInfo, dilithium5), - DECODER_w_structure("p521_dilithium5", der, PrivateKeyInfo, - p521_dilithium5), - DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, - p521_dilithium5), - DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, - dilithium5_p384), - DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, - dilithium5_p384), - DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, - dilithium5_bp384), - DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, - dilithium5_bp384), - DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, - dilithium5_ed448), - DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, - dilithium5_ed448), +DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), +DECODER_w_structure("dilithium5", der, SubjectPublicKeyInfo, dilithium5),DECODER_w_structure("p521_dilithium5", der, PrivateKeyInfo, p521_dilithium5), +DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5),DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, dilithium5_p384), +DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, dilithium5_p384),DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, dilithium5_bp384), +DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, dilithium5_bp384),DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, dilithium5_ed448), +DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 - DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), - DECODER_w_structure("falcon512", der, SubjectPublicKeyInfo, falcon512), - DECODER_w_structure("p256_falcon512", der, PrivateKeyInfo, p256_falcon512), - DECODER_w_structure("p256_falcon512", der, SubjectPublicKeyInfo, - p256_falcon512), - DECODER_w_structure("rsa3072_falcon512", der, PrivateKeyInfo, - rsa3072_falcon512), - DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, - rsa3072_falcon512), - DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), - DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, - falcon512_p256), - DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, - falcon512_bp256), - DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, - falcon512_bp256), - DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, - falcon512_ed25519), - DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, - falcon512_ed25519), +DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), +DECODER_w_structure("falcon512", der, SubjectPublicKeyInfo, falcon512),DECODER_w_structure("p256_falcon512", der, PrivateKeyInfo, p256_falcon512), +DECODER_w_structure("p256_falcon512", der, SubjectPublicKeyInfo, p256_falcon512),DECODER_w_structure("rsa3072_falcon512", der, PrivateKeyInfo, rsa3072_falcon512), +DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512),DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), +DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256),DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, falcon512_bp256), +DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, falcon512_bp256),DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, falcon512_ed25519), +DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 - DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), - DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024), - DECODER_w_structure("p521_falcon1024", der, PrivateKeyInfo, - p521_falcon1024), - DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, - p521_falcon1024), +DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), +DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024),DECODER_w_structure("p521_falcon1024", der, PrivateKeyInfo, p521_falcon1024), +DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, p521_falcon1024), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple - DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, - sphincssha2128fsimple), - DECODER_w_structure("sphincssha2128fsimple", der, SubjectPublicKeyInfo, - sphincssha2128fsimple), - DECODER_w_structure("p256_sphincssha2128fsimple", der, PrivateKeyInfo, - p256_sphincssha2128fsimple), - DECODER_w_structure("p256_sphincssha2128fsimple", der, SubjectPublicKeyInfo, - p256_sphincssha2128fsimple), - DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, PrivateKeyInfo, - rsa3072_sphincssha2128fsimple), - DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, - SubjectPublicKeyInfo, rsa3072_sphincssha2128fsimple), +DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, sphincssha2128fsimple), +DECODER_w_structure("sphincssha2128fsimple", der, SubjectPublicKeyInfo, sphincssha2128fsimple),DECODER_w_structure("p256_sphincssha2128fsimple", der, PrivateKeyInfo, p256_sphincssha2128fsimple), +DECODER_w_structure("p256_sphincssha2128fsimple", der, SubjectPublicKeyInfo, p256_sphincssha2128fsimple),DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, PrivateKeyInfo, rsa3072_sphincssha2128fsimple), +DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincssha2128fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple - DECODER_w_structure("sphincssha2128ssimple", der, PrivateKeyInfo, - sphincssha2128ssimple), - DECODER_w_structure("sphincssha2128ssimple", der, SubjectPublicKeyInfo, - sphincssha2128ssimple), - DECODER_w_structure("p256_sphincssha2128ssimple", der, PrivateKeyInfo, - p256_sphincssha2128ssimple), - DECODER_w_structure("p256_sphincssha2128ssimple", der, SubjectPublicKeyInfo, - p256_sphincssha2128ssimple), - DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, PrivateKeyInfo, - rsa3072_sphincssha2128ssimple), - DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, - SubjectPublicKeyInfo, rsa3072_sphincssha2128ssimple), +DECODER_w_structure("sphincssha2128ssimple", der, PrivateKeyInfo, sphincssha2128ssimple), +DECODER_w_structure("sphincssha2128ssimple", der, SubjectPublicKeyInfo, sphincssha2128ssimple),DECODER_w_structure("p256_sphincssha2128ssimple", der, PrivateKeyInfo, p256_sphincssha2128ssimple), +DECODER_w_structure("p256_sphincssha2128ssimple", der, SubjectPublicKeyInfo, p256_sphincssha2128ssimple),DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, PrivateKeyInfo, rsa3072_sphincssha2128ssimple), +DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, SubjectPublicKeyInfo, rsa3072_sphincssha2128ssimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple - DECODER_w_structure("sphincssha2192fsimple", der, PrivateKeyInfo, - sphincssha2192fsimple), - DECODER_w_structure("sphincssha2192fsimple", der, SubjectPublicKeyInfo, - sphincssha2192fsimple), - DECODER_w_structure("p384_sphincssha2192fsimple", der, PrivateKeyInfo, - p384_sphincssha2192fsimple), - DECODER_w_structure("p384_sphincssha2192fsimple", der, SubjectPublicKeyInfo, - p384_sphincssha2192fsimple), +DECODER_w_structure("sphincssha2192fsimple", der, PrivateKeyInfo, sphincssha2192fsimple), +DECODER_w_structure("sphincssha2192fsimple", der, SubjectPublicKeyInfo, sphincssha2192fsimple),DECODER_w_structure("p384_sphincssha2192fsimple", der, PrivateKeyInfo, p384_sphincssha2192fsimple), +DECODER_w_structure("p384_sphincssha2192fsimple", der, SubjectPublicKeyInfo, p384_sphincssha2192fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple - DECODER_w_structure("sphincsshake128fsimple", der, PrivateKeyInfo, - sphincsshake128fsimple), - DECODER_w_structure("sphincsshake128fsimple", der, SubjectPublicKeyInfo, - sphincsshake128fsimple), - DECODER_w_structure("p256_sphincsshake128fsimple", der, PrivateKeyInfo, - p256_sphincsshake128fsimple), - DECODER_w_structure("p256_sphincsshake128fsimple", der, - SubjectPublicKeyInfo, p256_sphincsshake128fsimple), - DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, PrivateKeyInfo, - rsa3072_sphincsshake128fsimple), - DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, - SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), +DECODER_w_structure("sphincsshake128fsimple", der, PrivateKeyInfo, sphincsshake128fsimple), +DECODER_w_structure("sphincsshake128fsimple", der, SubjectPublicKeyInfo, sphincsshake128fsimple),DECODER_w_structure("p256_sphincsshake128fsimple", der, PrivateKeyInfo, p256_sphincsshake128fsimple), +DECODER_w_structure("p256_sphincsshake128fsimple", der, SubjectPublicKeyInfo, p256_sphincsshake128fsimple),DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, PrivateKeyInfo, rsa3072_sphincsshake128fsimple), +DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), #endif - ///// OQS_TEMPLATE_FRAGMENT_MAKE_END +///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 88729583..97e06f08 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -81,981 +81,624 @@ ///// OQS_TEMPLATE_FRAGMENT_MAKE_START #ifdef OQS_KEM_ENCODERS -# ifdef OQS_ENABLE_KEM_frodokem_640_aes + +#ifdef OQS_ENABLE_KEM_frodokem_640_aes ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), - ENCODER_w_structure("frodo640aes", frodo640aes, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo640aes", frodo640aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo640aes", frodo640aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo640aes", frodo640aes, der, SubjectPublicKeyInfo), - ENCODER_w_structure("frodo640aes", frodo640aes, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("frodo640aes", frodo640aes), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, - PrivateKeyInfo), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, - PrivateKeyInfo), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_frodo640aes", p256_frodo640aes), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, - PrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, - PrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_frodo640aes", x25519_frodo640aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_640_shake - ENCODER_w_structure("frodo640shake", frodo640shake, der, PrivateKeyInfo), - ENCODER_w_structure("frodo640shake", frodo640shake, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo640shake", frodo640shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo640shake", frodo640shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo640shake", frodo640shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("frodo640shake", frodo640shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("frodo640shake", frodo640shake), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, - PrivateKeyInfo), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, - PrivateKeyInfo), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_frodo640shake", p256_frodo640shake), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, - PrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, - PrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_frodo640shake", x25519_frodo640shake), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_976_aes - ENCODER_w_structure("frodo976aes", frodo976aes, der, PrivateKeyInfo), - ENCODER_w_structure("frodo976aes", frodo976aes, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo976aes", frodo976aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo976aes", frodo976aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo976aes", frodo976aes, der, SubjectPublicKeyInfo), - ENCODER_w_structure("frodo976aes", frodo976aes, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("frodo976aes", frodo976aes), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, - PrivateKeyInfo), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, - PrivateKeyInfo), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p384_frodo976aes", p384_frodo976aes), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, - PrivateKeyInfo), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, - PrivateKeyInfo), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x448_frodo976aes", x448_frodo976aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_976_shake - ENCODER_w_structure("frodo976shake", frodo976shake, der, PrivateKeyInfo), - ENCODER_w_structure("frodo976shake", frodo976shake, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo976shake", frodo976shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo976shake", frodo976shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo976shake", frodo976shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("frodo976shake", frodo976shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("frodo976shake", frodo976shake), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, - PrivateKeyInfo), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, - PrivateKeyInfo), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p384_frodo976shake", p384_frodo976shake), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, - PrivateKeyInfo), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, - PrivateKeyInfo), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x448_frodo976shake", x448_frodo976shake), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_1344_aes - ENCODER_w_structure("frodo1344aes", frodo1344aes, der, PrivateKeyInfo), - ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo1344aes", frodo1344aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo1344aes", frodo1344aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("frodo1344aes", frodo1344aes), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, - PrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, - PrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p521_frodo1344aes", p521_frodo1344aes), -# endif -# ifdef OQS_ENABLE_KEM_frodokem_1344_shake - ENCODER_w_structure("frodo1344shake", frodo1344shake, der, PrivateKeyInfo), - ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, PrivateKeyInfo), - ENCODER_w_structure("frodo1344shake", frodo1344shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("frodo1344shake", frodo1344shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("frodo1344shake", frodo1344shake), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, - PrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, - PrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p521_frodo1344shake", p521_frodo1344shake), -# endif -# ifdef OQS_ENABLE_KEM_kyber_512 - ENCODER_w_structure("kyber512", kyber512, der, PrivateKeyInfo), - ENCODER_w_structure("kyber512", kyber512, pem, PrivateKeyInfo), - ENCODER_w_structure("kyber512", kyber512, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber512", kyber512, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber512", kyber512, der, SubjectPublicKeyInfo), - ENCODER_w_structure("kyber512", kyber512, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("kyber512", kyber512), - ENCODER_w_structure("p256_kyber512", p256_kyber512, der, PrivateKeyInfo), - ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_kyber512", p256_kyber512, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_kyber512", p256_kyber512, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_kyber512", p256_kyber512), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, - PrivateKeyInfo), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, - PrivateKeyInfo), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_kyber512", x25519_kyber512), -# endif -# ifdef OQS_ENABLE_KEM_kyber_768 - ENCODER_w_structure("kyber768", kyber768, der, PrivateKeyInfo), - ENCODER_w_structure("kyber768", kyber768, pem, PrivateKeyInfo), - ENCODER_w_structure("kyber768", kyber768, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber768", kyber768, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber768", kyber768, der, SubjectPublicKeyInfo), - ENCODER_w_structure("kyber768", kyber768, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("kyber768", kyber768), - ENCODER_w_structure("p384_kyber768", p384_kyber768, der, PrivateKeyInfo), - ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, PrivateKeyInfo), - ENCODER_w_structure("p384_kyber768", p384_kyber768, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_kyber768", p384_kyber768, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p384_kyber768", p384_kyber768), - ENCODER_w_structure("x448_kyber768", x448_kyber768, der, PrivateKeyInfo), - ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, PrivateKeyInfo), - ENCODER_w_structure("x448_kyber768", x448_kyber768, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_kyber768", x448_kyber768, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x448_kyber768", x448_kyber768), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, - PrivateKeyInfo), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, - PrivateKeyInfo), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_kyber768", x25519_kyber768), - ENCODER_w_structure("p256_kyber768", p256_kyber768, der, PrivateKeyInfo), - ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_kyber768", p256_kyber768, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_kyber768", p256_kyber768, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_kyber768", p256_kyber768), -# endif -# ifdef OQS_ENABLE_KEM_kyber_1024 - ENCODER_w_structure("kyber1024", kyber1024, der, PrivateKeyInfo), - ENCODER_w_structure("kyber1024", kyber1024, pem, PrivateKeyInfo), - ENCODER_w_structure("kyber1024", kyber1024, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber1024", kyber1024, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("kyber1024", kyber1024, der, SubjectPublicKeyInfo), - ENCODER_w_structure("kyber1024", kyber1024, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("kyber1024", kyber1024), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, PrivateKeyInfo), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, PrivateKeyInfo), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p521_kyber1024", p521_kyber1024), -# endif -# ifdef OQS_ENABLE_KEM_bike_l1 - ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), - ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), - ENCODER_w_structure("bikel1", bikel1, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel1", bikel1, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel1", bikel1, der, SubjectPublicKeyInfo), - ENCODER_w_structure("bikel1", bikel1, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("bikel1", bikel1), - ENCODER_w_structure("p256_bikel1", p256_bikel1, der, PrivateKeyInfo), - ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_bikel1", p256_bikel1, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_bikel1", p256_bikel1, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_bikel1", p256_bikel1), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, PrivateKeyInfo), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, PrivateKeyInfo), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_bikel1", x25519_bikel1), -# endif -# ifdef OQS_ENABLE_KEM_bike_l3 - ENCODER_w_structure("bikel3", bikel3, der, PrivateKeyInfo), - ENCODER_w_structure("bikel3", bikel3, pem, PrivateKeyInfo), - ENCODER_w_structure("bikel3", bikel3, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel3", bikel3, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel3", bikel3, der, SubjectPublicKeyInfo), - ENCODER_w_structure("bikel3", bikel3, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("bikel3", bikel3), - ENCODER_w_structure("p384_bikel3", p384_bikel3, der, PrivateKeyInfo), - ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, PrivateKeyInfo), - ENCODER_w_structure("p384_bikel3", p384_bikel3, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_bikel3", p384_bikel3, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p384_bikel3", p384_bikel3), - ENCODER_w_structure("x448_bikel3", x448_bikel3, der, PrivateKeyInfo), - ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, PrivateKeyInfo), - ENCODER_w_structure("x448_bikel3", x448_bikel3, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_bikel3", x448_bikel3, der, SubjectPublicKeyInfo), - ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("x448_bikel3", x448_bikel3), -# endif -# ifdef OQS_ENABLE_KEM_bike_l5 - ENCODER_w_structure("bikel5", bikel5, der, PrivateKeyInfo), - ENCODER_w_structure("bikel5", bikel5, pem, PrivateKeyInfo), - ENCODER_w_structure("bikel5", bikel5, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel5", bikel5, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("bikel5", bikel5, der, SubjectPublicKeyInfo), - ENCODER_w_structure("bikel5", bikel5, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("bikel5", bikel5), - ENCODER_w_structure("p521_bikel5", p521_bikel5, der, PrivateKeyInfo), - ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, PrivateKeyInfo), - ENCODER_w_structure("p521_bikel5", p521_bikel5, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_bikel5", p521_bikel5, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p521_bikel5", p521_bikel5), -# endif -# ifdef OQS_ENABLE_KEM_hqc_128 - ENCODER_w_structure("hqc128", hqc128, der, PrivateKeyInfo), - ENCODER_w_structure("hqc128", hqc128, pem, PrivateKeyInfo), - ENCODER_w_structure("hqc128", hqc128, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc128", hqc128, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc128", hqc128, der, SubjectPublicKeyInfo), - ENCODER_w_structure("hqc128", hqc128, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("hqc128", hqc128), - ENCODER_w_structure("p256_hqc128", p256_hqc128, der, PrivateKeyInfo), - ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_hqc128", p256_hqc128, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_hqc128", p256_hqc128, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_hqc128", p256_hqc128), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, PrivateKeyInfo), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, PrivateKeyInfo), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("x25519_hqc128", x25519_hqc128), -# endif -# ifdef OQS_ENABLE_KEM_hqc_192 - ENCODER_w_structure("hqc192", hqc192, der, PrivateKeyInfo), - ENCODER_w_structure("hqc192", hqc192, pem, PrivateKeyInfo), - ENCODER_w_structure("hqc192", hqc192, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc192", hqc192, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc192", hqc192, der, SubjectPublicKeyInfo), - ENCODER_w_structure("hqc192", hqc192, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("hqc192", hqc192), - ENCODER_w_structure("p384_hqc192", p384_hqc192, der, PrivateKeyInfo), - ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, PrivateKeyInfo), - ENCODER_w_structure("p384_hqc192", p384_hqc192, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_hqc192", p384_hqc192, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p384_hqc192", p384_hqc192), - ENCODER_w_structure("x448_hqc192", x448_hqc192, der, PrivateKeyInfo), - ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, PrivateKeyInfo), - ENCODER_w_structure("x448_hqc192", x448_hqc192, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("x448_hqc192", x448_hqc192, der, SubjectPublicKeyInfo), - ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("x448_hqc192", x448_hqc192), -# endif -# ifdef OQS_ENABLE_KEM_hqc_256 - ENCODER_w_structure("hqc256", hqc256, der, PrivateKeyInfo), - ENCODER_w_structure("hqc256", hqc256, pem, PrivateKeyInfo), - ENCODER_w_structure("hqc256", hqc256, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc256", hqc256, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("hqc256", hqc256, der, SubjectPublicKeyInfo), - ENCODER_w_structure("hqc256", hqc256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("hqc256", hqc256), - ENCODER_w_structure("p521_hqc256", p521_hqc256, der, PrivateKeyInfo), - ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, PrivateKeyInfo), - ENCODER_w_structure("p521_hqc256", p521_hqc256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_hqc256", p521_hqc256, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p521_hqc256", p521_hqc256), -# endif +ENCODER_w_structure("frodo640aes", frodo640aes, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo640aes", frodo640aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo640aes", frodo640aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo640aes", frodo640aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo640aes", frodo640aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo640aes", frodo640aes), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, PrivateKeyInfo), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_frodo640aes", p256_frodo640aes), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_frodo640aes", x25519_frodo640aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_640_shake +ENCODER_w_structure("frodo640shake", frodo640shake, der, PrivateKeyInfo), +ENCODER_w_structure("frodo640shake", frodo640shake, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo640shake", frodo640shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo640shake", frodo640shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo640shake", frodo640shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo640shake", frodo640shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo640shake", frodo640shake), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, PrivateKeyInfo), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_frodo640shake", p256_frodo640shake), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_frodo640shake", x25519_frodo640shake), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_976_aes +ENCODER_w_structure("frodo976aes", frodo976aes, der, PrivateKeyInfo), +ENCODER_w_structure("frodo976aes", frodo976aes, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo976aes", frodo976aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo976aes", frodo976aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo976aes", frodo976aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo976aes", frodo976aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo976aes", frodo976aes), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, PrivateKeyInfo), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_frodo976aes", p384_frodo976aes), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, PrivateKeyInfo), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, PrivateKeyInfo), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x448_frodo976aes", x448_frodo976aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_976_shake +ENCODER_w_structure("frodo976shake", frodo976shake, der, PrivateKeyInfo), +ENCODER_w_structure("frodo976shake", frodo976shake, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo976shake", frodo976shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo976shake", frodo976shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo976shake", frodo976shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo976shake", frodo976shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo976shake", frodo976shake), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, PrivateKeyInfo), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_frodo976shake", p384_frodo976shake), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, PrivateKeyInfo), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, PrivateKeyInfo), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x448_frodo976shake", x448_frodo976shake), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_1344_aes +ENCODER_w_structure("frodo1344aes", frodo1344aes, der, PrivateKeyInfo), +ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo1344aes", frodo1344aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo1344aes", frodo1344aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo1344aes", frodo1344aes), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, PrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_frodo1344aes", p521_frodo1344aes), +#endif +#ifdef OQS_ENABLE_KEM_frodokem_1344_shake +ENCODER_w_structure("frodo1344shake", frodo1344shake, der, PrivateKeyInfo), +ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, PrivateKeyInfo), +ENCODER_w_structure("frodo1344shake", frodo1344shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("frodo1344shake", frodo1344shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("frodo1344shake", frodo1344shake), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, PrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_frodo1344shake", p521_frodo1344shake), +#endif +#ifdef OQS_ENABLE_KEM_kyber_512 +ENCODER_w_structure("kyber512", kyber512, der, PrivateKeyInfo), +ENCODER_w_structure("kyber512", kyber512, pem, PrivateKeyInfo), +ENCODER_w_structure("kyber512", kyber512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber512", kyber512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber512", kyber512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("kyber512", kyber512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("kyber512", kyber512), +ENCODER_w_structure("p256_kyber512", p256_kyber512, der, PrivateKeyInfo), +ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_kyber512", p256_kyber512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_kyber512", p256_kyber512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_kyber512", p256_kyber512), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_kyber512", x25519_kyber512), +#endif +#ifdef OQS_ENABLE_KEM_kyber_768 +ENCODER_w_structure("kyber768", kyber768, der, PrivateKeyInfo), +ENCODER_w_structure("kyber768", kyber768, pem, PrivateKeyInfo), +ENCODER_w_structure("kyber768", kyber768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber768", kyber768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber768", kyber768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("kyber768", kyber768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("kyber768", kyber768), +ENCODER_w_structure("p384_kyber768", p384_kyber768, der, PrivateKeyInfo), +ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_kyber768", p384_kyber768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_kyber768", p384_kyber768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_kyber768", p384_kyber768), +ENCODER_w_structure("x448_kyber768", x448_kyber768, der, PrivateKeyInfo), +ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, PrivateKeyInfo), +ENCODER_w_structure("x448_kyber768", x448_kyber768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_kyber768", x448_kyber768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x448_kyber768", x448_kyber768), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_kyber768", x25519_kyber768), +ENCODER_w_structure("p256_kyber768", p256_kyber768, der, PrivateKeyInfo), +ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_kyber768", p256_kyber768, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_kyber768", p256_kyber768, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_kyber768", p256_kyber768), +#endif +#ifdef OQS_ENABLE_KEM_kyber_1024 +ENCODER_w_structure("kyber1024", kyber1024, der, PrivateKeyInfo), +ENCODER_w_structure("kyber1024", kyber1024, pem, PrivateKeyInfo), +ENCODER_w_structure("kyber1024", kyber1024, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber1024", kyber1024, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("kyber1024", kyber1024, der, SubjectPublicKeyInfo), +ENCODER_w_structure("kyber1024", kyber1024, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("kyber1024", kyber1024), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, PrivateKeyInfo), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_kyber1024", p521_kyber1024), +#endif +#ifdef OQS_ENABLE_KEM_bike_l1 +ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), +ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), +ENCODER_w_structure("bikel1", bikel1, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel1", bikel1, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel1", bikel1, der, SubjectPublicKeyInfo), +ENCODER_w_structure("bikel1", bikel1, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("bikel1", bikel1), +ENCODER_w_structure("p256_bikel1", p256_bikel1, der, PrivateKeyInfo), +ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_bikel1", p256_bikel1, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_bikel1", p256_bikel1, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_bikel1", p256_bikel1), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_bikel1", x25519_bikel1), +#endif +#ifdef OQS_ENABLE_KEM_bike_l3 +ENCODER_w_structure("bikel3", bikel3, der, PrivateKeyInfo), +ENCODER_w_structure("bikel3", bikel3, pem, PrivateKeyInfo), +ENCODER_w_structure("bikel3", bikel3, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel3", bikel3, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel3", bikel3, der, SubjectPublicKeyInfo), +ENCODER_w_structure("bikel3", bikel3, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("bikel3", bikel3), +ENCODER_w_structure("p384_bikel3", p384_bikel3, der, PrivateKeyInfo), +ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_bikel3", p384_bikel3, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_bikel3", p384_bikel3, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_bikel3", p384_bikel3), +ENCODER_w_structure("x448_bikel3", x448_bikel3, der, PrivateKeyInfo), +ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, PrivateKeyInfo), +ENCODER_w_structure("x448_bikel3", x448_bikel3, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_bikel3", x448_bikel3, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x448_bikel3", x448_bikel3), +#endif +#ifdef OQS_ENABLE_KEM_bike_l5 +ENCODER_w_structure("bikel5", bikel5, der, PrivateKeyInfo), +ENCODER_w_structure("bikel5", bikel5, pem, PrivateKeyInfo), +ENCODER_w_structure("bikel5", bikel5, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel5", bikel5, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("bikel5", bikel5, der, SubjectPublicKeyInfo), +ENCODER_w_structure("bikel5", bikel5, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("bikel5", bikel5), +ENCODER_w_structure("p521_bikel5", p521_bikel5, der, PrivateKeyInfo), +ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_bikel5", p521_bikel5, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_bikel5", p521_bikel5, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_bikel5", p521_bikel5), +#endif +#ifdef OQS_ENABLE_KEM_hqc_128 +ENCODER_w_structure("hqc128", hqc128, der, PrivateKeyInfo), +ENCODER_w_structure("hqc128", hqc128, pem, PrivateKeyInfo), +ENCODER_w_structure("hqc128", hqc128, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc128", hqc128, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc128", hqc128, der, SubjectPublicKeyInfo), +ENCODER_w_structure("hqc128", hqc128, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("hqc128", hqc128), +ENCODER_w_structure("p256_hqc128", p256_hqc128, der, PrivateKeyInfo), +ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_hqc128", p256_hqc128, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_hqc128", p256_hqc128, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_hqc128", p256_hqc128), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, PrivateKeyInfo), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, PrivateKeyInfo), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x25519_hqc128", x25519_hqc128), +#endif +#ifdef OQS_ENABLE_KEM_hqc_192 +ENCODER_w_structure("hqc192", hqc192, der, PrivateKeyInfo), +ENCODER_w_structure("hqc192", hqc192, pem, PrivateKeyInfo), +ENCODER_w_structure("hqc192", hqc192, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc192", hqc192, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc192", hqc192, der, SubjectPublicKeyInfo), +ENCODER_w_structure("hqc192", hqc192, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("hqc192", hqc192), +ENCODER_w_structure("p384_hqc192", p384_hqc192, der, PrivateKeyInfo), +ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_hqc192", p384_hqc192, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_hqc192", p384_hqc192, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_hqc192", p384_hqc192), +ENCODER_w_structure("x448_hqc192", x448_hqc192, der, PrivateKeyInfo), +ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, PrivateKeyInfo), +ENCODER_w_structure("x448_hqc192", x448_hqc192, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("x448_hqc192", x448_hqc192, der, SubjectPublicKeyInfo), +ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("x448_hqc192", x448_hqc192), +#endif +#ifdef OQS_ENABLE_KEM_hqc_256 +ENCODER_w_structure("hqc256", hqc256, der, PrivateKeyInfo), +ENCODER_w_structure("hqc256", hqc256, pem, PrivateKeyInfo), +ENCODER_w_structure("hqc256", hqc256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc256", hqc256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("hqc256", hqc256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("hqc256", hqc256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("hqc256", hqc256), +ENCODER_w_structure("p521_hqc256", p521_hqc256, der, PrivateKeyInfo), +ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_hqc256", p521_hqc256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_hqc256", p521_hqc256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_hqc256", p521_hqc256), +#endif #endif /* OQS_KEM_ENCODERS */ + #ifdef OQS_ENABLE_SIG_dilithium_2 - ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium2", dilithium2, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium2", dilithium2, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2", dilithium2, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2", dilithium2, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2", dilithium2, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2", dilithium2), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, - PrivateKeyInfo), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, - PrivateKeyInfo), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_dilithium2", p256_dilithium2), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, - PrivateKeyInfo), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, - PrivateKeyInfo), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_p256", dilithium2_p256), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), +ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2", dilithium2, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2", dilithium2, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2", dilithium2, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2", dilithium2, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2", dilithium2, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2", dilithium2), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, PrivateKeyInfo), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_dilithium2", p256_dilithium2), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, SubjectPublicKeyInfo), +ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2_p256", dilithium2_p256), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 - ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium3", dilithium3, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium3", dilithium3, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3", dilithium3, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3", dilithium3, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3", dilithium3, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3", dilithium3), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, - PrivateKeyInfo), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, - PrivateKeyInfo), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p384_dilithium3", p384_dilithium3), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_p256", dilithium3_p256), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), +ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3", dilithium3, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3", dilithium3, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3", dilithium3, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3", dilithium3, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3", dilithium3, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3", dilithium3), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, PrivateKeyInfo), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_dilithium3", p384_dilithium3), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3_p256", dilithium3_p256), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 - ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), - ENCODER_w_structure("dilithium5", dilithium5, pem, PrivateKeyInfo), - ENCODER_w_structure("dilithium5", dilithium5, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5", dilithium5, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5", dilithium5, der, SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5", dilithium5, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5", dilithium5), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, - PrivateKeyInfo), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, - PrivateKeyInfo), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p521_dilithium5", p521_dilithium5), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_p384", dilithium5_p384), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), +ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium5", dilithium5, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium5", dilithium5, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5", dilithium5, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5", dilithium5, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium5", dilithium5, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium5", dilithium5), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, PrivateKeyInfo), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_dilithium5", p521_dilithium5), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium5_p384", dilithium5_p384), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, PrivateKeyInfo), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, SubjectPublicKeyInfo), +ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 - ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), - ENCODER_w_structure("falcon512", falcon512, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon512", falcon512, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512", falcon512, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512", falcon512, der, SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512", falcon512, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512", falcon512), - ENCODER_w_structure("p256_falcon512", p256_falcon512, der, PrivateKeyInfo), - ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_falcon512", p256_falcon512, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_falcon512", p256_falcon512, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p256_falcon512", p256_falcon512), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, - PrivateKeyInfo), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, - PrivateKeyInfo), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_p256", falcon512_p256), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_bp256", falcon512_bp256), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), +ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), +ENCODER_w_structure("falcon512", falcon512, pem, PrivateKeyInfo), +ENCODER_w_structure("falcon512", falcon512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512", falcon512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512", falcon512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("falcon512", falcon512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("falcon512", falcon512), +ENCODER_w_structure("p256_falcon512", p256_falcon512, der, PrivateKeyInfo), +ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_falcon512", p256_falcon512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_falcon512", p256_falcon512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_falcon512", p256_falcon512), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, SubjectPublicKeyInfo), +ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), +ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), +ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), +ENCODER_w_structure("falcon512_p256", falcon512_p256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_p256", falcon512_p256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("falcon512_p256", falcon512_p256), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, PrivateKeyInfo), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, PrivateKeyInfo), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, SubjectPublicKeyInfo), +ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("falcon512_bp256", falcon512_bp256), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, PrivateKeyInfo), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, PrivateKeyInfo), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, SubjectPublicKeyInfo), +ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 - ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), - ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon1024", falcon1024, der, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon1024", falcon1024, pem, EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon1024", falcon1024, der, SubjectPublicKeyInfo), - ENCODER_w_structure("falcon1024", falcon1024, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("falcon1024", falcon1024), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, - PrivateKeyInfo), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, - PrivateKeyInfo), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("p521_falcon1024", p521_falcon1024), +ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), +ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), +ENCODER_w_structure("falcon1024", falcon1024, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon1024", falcon1024, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("falcon1024", falcon1024, der, SubjectPublicKeyInfo), +ENCODER_w_structure("falcon1024", falcon1024, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("falcon1024", falcon1024), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, PrivateKeyInfo), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, PrivateKeyInfo), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p521_falcon1024", p521_falcon1024), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("sphincssha2128fsimple", sphincssha2128fsimple), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, der, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p256_sphincssha2128fsimple", - p256_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, der, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, pem, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_sphincssha2128fsimple", - rsa3072_sphincssha2128fsimple), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("sphincssha2128fsimple", sphincssha2128fsimple), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("sphincssha2128ssimple", sphincssha2128ssimple), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, der, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p256_sphincssha2128ssimple", - p256_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, der, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, pem, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_sphincssha2128ssimple", - rsa3072_sphincssha2128ssimple), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("sphincssha2128ssimple", sphincssha2128ssimple), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, - PrivateKeyInfo), - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("sphincssha2192fsimple", sphincssha2192fsimple), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, der, PrivateKeyInfo), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, pem, PrivateKeyInfo), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p384_sphincssha2192fsimple", - p384_sphincssha2192fsimple, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("sphincssha2192fsimple", sphincssha2192fsimple), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, - PrivateKeyInfo), - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, - PrivateKeyInfo), - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("sphincsshake128fsimple", sphincsshake128fsimple), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, der, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, pem, PrivateKeyInfo), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, der, SubjectPublicKeyInfo), - ENCODER_w_structure("p256_sphincsshake128fsimple", - p256_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), - ENCODER_TEXT("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, der, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, pem, PrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("rsa3072_sphincsshake128fsimple", - rsa3072_sphincsshake128fsimple), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("sphincsshake128fsimple", sphincsshake128fsimple), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, PrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, SubjectPublicKeyInfo), +ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), +ENCODER_TEXT("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple), #endif - ///// OQS_TEMPLATE_FRAGMENT_MAKE_END +///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 30d09b60..f1e9d6de 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -48,181 +48,103 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START + #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 162 +#define OQS_OID_CNT 162 #else -# define OQS_OID_CNT 78 +#define OQS_OID_CNT 78 #endif -const char *oqs_oid_alg_list[OQS_OID_CNT] = { +const char* oqs_oid_alg_list[OQS_OID_CNT] = +{ #ifdef OQS_KEM_ENCODERS - "1.3.9999.99.13", - "frodo640aes", - "1.3.9999.99.12", - "p256_frodo640aes", - "1.3.9999.99.1", - "x25519_frodo640aes", - "1.3.9999.99.15", - "frodo640shake", - "1.3.9999.99.14", - "p256_frodo640shake", - "1.3.9999.99.2", - "x25519_frodo640shake", - "1.3.9999.99.17", - "frodo976aes", - "1.3.9999.99.16", - "p384_frodo976aes", - "1.3.9999.99.3", - "x448_frodo976aes", - "1.3.9999.99.19", - "frodo976shake", - "1.3.9999.99.18", - "p384_frodo976shake", - "1.3.9999.99.4", - "x448_frodo976shake", - "1.3.9999.99.21", - "frodo1344aes", - "1.3.9999.99.20", - "p521_frodo1344aes", - "1.3.9999.99.23", - "frodo1344shake", - "1.3.9999.99.22", - "p521_frodo1344shake", - "1.3.6.1.4.1.22554.5.6.1", - "kyber512", - "1.3.6.1.4.1.22554.5.7.1", - "p256_kyber512", - "1.3.6.1.4.1.22554.5.8.1", - "x25519_kyber512", - "1.3.6.1.4.1.22554.5.6.2", - "kyber768", - "1.3.9999.99.24", - "p384_kyber768", - "1.3.9999.99.5", - "x448_kyber768", - "1.3.9999.99.6", - "x25519_kyber768", - "1.3.9999.99.7", - "p256_kyber768", - "1.3.6.1.4.1.22554.5.6.3", - "kyber1024", - "1.3.9999.99.25", - "p521_kyber1024", - "1.3.9999.99.27", - "bikel1", - "1.3.9999.99.26", - "p256_bikel1", - "1.3.9999.99.8", - "x25519_bikel1", - "1.3.9999.99.29", - "bikel3", - "1.3.9999.99.28", - "p384_bikel3", - "1.3.9999.99.9", - "x448_bikel3", - "1.3.9999.99.31", - "bikel5", - "1.3.9999.99.30", - "p521_bikel5", - "1.3.9999.99.33", - "hqc128", - "1.3.9999.99.32", - "p256_hqc128", - "1.3.9999.99.10", - "x25519_hqc128", - "1.3.9999.99.35", - "hqc192", - "1.3.9999.99.34", - "p384_hqc192", - "1.3.9999.99.11", - "x448_hqc192", - "1.3.9999.99.37", - "hqc256", - "1.3.9999.99.36", - "p521_hqc256", +"1.3.9999.99.13", "frodo640aes", +"1.3.9999.99.12", "p256_frodo640aes", +"1.3.9999.99.1", "x25519_frodo640aes", +"1.3.9999.99.15", "frodo640shake", +"1.3.9999.99.14", "p256_frodo640shake", +"1.3.9999.99.2", "x25519_frodo640shake", +"1.3.9999.99.17", "frodo976aes", +"1.3.9999.99.16", "p384_frodo976aes", +"1.3.9999.99.3", "x448_frodo976aes", +"1.3.9999.99.19", "frodo976shake", +"1.3.9999.99.18", "p384_frodo976shake", +"1.3.9999.99.4", "x448_frodo976shake", +"1.3.9999.99.21", "frodo1344aes", +"1.3.9999.99.20", "p521_frodo1344aes", +"1.3.9999.99.23", "frodo1344shake", +"1.3.9999.99.22", "p521_frodo1344shake", +"1.3.6.1.4.1.22554.5.6.1", "kyber512", +"1.3.6.1.4.1.22554.5.7.1", "p256_kyber512", +"1.3.6.1.4.1.22554.5.8.1", "x25519_kyber512", +"1.3.6.1.4.1.22554.5.6.2", "kyber768", +"1.3.9999.99.24", "p384_kyber768", +"1.3.9999.99.5", "x448_kyber768", +"1.3.9999.99.6", "x25519_kyber768", +"1.3.9999.99.7", "p256_kyber768", +"1.3.6.1.4.1.22554.5.6.3", "kyber1024", +"1.3.9999.99.25", "p521_kyber1024", +"1.3.9999.99.27", "bikel1", +"1.3.9999.99.26", "p256_bikel1", +"1.3.9999.99.8", "x25519_bikel1", +"1.3.9999.99.29", "bikel3", +"1.3.9999.99.28", "p384_bikel3", +"1.3.9999.99.9", "x448_bikel3", +"1.3.9999.99.31", "bikel5", +"1.3.9999.99.30", "p521_bikel5", +"1.3.9999.99.33", "hqc128", +"1.3.9999.99.32", "p256_hqc128", +"1.3.9999.99.10", "x25519_hqc128", +"1.3.9999.99.35", "hqc192", +"1.3.9999.99.34", "p384_hqc192", +"1.3.9999.99.11", "x448_hqc192", +"1.3.9999.99.37", "hqc256", +"1.3.9999.99.36", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ - "1.3.6.1.4.1.2.267.7.4.4", - "dilithium2", - "1.3.9999.2.7.1", - "p256_dilithium2", - "1.3.9999.2.7.2", - "rsa3072_dilithium2", - "2.16.840.1.114027.80.7.1.1", - "dilithium2_pss2048", - "2.16.840.1.114027.80.7.1.2", - "dilithium2_rsa2048", - "2.16.840.1.114027.80.7.1.3", - "dilithium2_ed25519", - "2.16.840.1.114027.80.7.1.4", - "dilithium2_p256", - "2.16.840.1.114027.80.7.1.5", - "dilithium2_bp256", - "1.3.6.1.4.1.2.267.7.6.5", - "dilithium3", - "1.3.9999.2.7.3", - "p384_dilithium3", - "2.16.840.1.114027.80.7.1.6", - "dilithium3_pss3072", - "2.16.840.1.114027.80.7.1.7", - "dilithium3_rsa3072", - "2.16.840.1.114027.80.7.1.8", - "dilithium3_p256", - "2.16.840.1.114027.80.7.1.9", - "dilithium3_bp256", - "2.16.840.1.114027.80.7.1.10", - "dilithium3_ed25519", - "1.3.6.1.4.1.2.267.7.8.7", - "dilithium5", - "1.3.9999.2.7.4", - "p521_dilithium5", - "2.16.840.1.114027.80.7.1.11", - "dilithium5_p384", - "2.16.840.1.114027.80.7.1.12", - "dilithium5_bp384", - "2.16.840.1.114027.80.7.1.13", - "dilithium5_ed448", - "1.3.9999.3.6", - "falcon512", - "1.3.9999.3.7", - "p256_falcon512", - "1.3.9999.3.8", - "rsa3072_falcon512", - "2.16.840.1.114027.80.7.1.14", - "falcon512_p256", - "2.16.840.1.114027.80.7.1.15", - "falcon512_bp256", - "2.16.840.1.114027.80.7.1.16", - "falcon512_ed25519", - "1.3.9999.3.9", - "falcon1024", - "1.3.9999.3.10", - "p521_falcon1024", - "1.3.9999.6.4.13", - "sphincssha2128fsimple", - "1.3.9999.6.4.14", - "p256_sphincssha2128fsimple", - "1.3.9999.6.4.15", - "rsa3072_sphincssha2128fsimple", - "1.3.9999.6.4.16", - "sphincssha2128ssimple", - "1.3.9999.6.4.17", - "p256_sphincssha2128ssimple", - "1.3.9999.6.4.18", - "rsa3072_sphincssha2128ssimple", - "1.3.9999.6.5.10", - "sphincssha2192fsimple", - "1.3.9999.6.5.11", - "p384_sphincssha2192fsimple", - "1.3.9999.6.7.13", - "sphincsshake128fsimple", - "1.3.9999.6.7.14", - "p256_sphincsshake128fsimple", - "1.3.9999.6.7.15", - "rsa3072_sphincsshake128fsimple", - ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END + +"1.3.6.1.4.1.2.267.7.4.4", "dilithium2", +"1.3.9999.2.7.1" , "p256_dilithium2", +"1.3.9999.2.7.2" , "rsa3072_dilithium2", +"2.16.840.1.114027.80.8.1.1" , "dilithium2_pss2048", +"2.16.840.1.114027.80.8.1.2" , "dilithium2_rsa2048", +"2.16.840.1.114027.80.8.1.3" , "dilithium2_ed25519", +"2.16.840.1.114027.80.8.1.4" , "dilithium2_p256", +"2.16.840.1.114027.80.8.1.5" , "dilithium2_bp256", +"1.3.6.1.4.1.2.267.7.6.5", "dilithium3", +"1.3.9999.2.7.3" , "p384_dilithium3", +"2.16.840.1.114027.80.8.1.6" , "dilithium3_pss3072", +"2.16.840.1.114027.80.8.1.7" , "dilithium3_rsa3072", +"2.16.840.1.114027.80.8.1.8" , "dilithium3_p256", +"2.16.840.1.114027.80.8.1.9" , "dilithium3_bp256", +"2.16.840.1.114027.80.8.1.10" , "dilithium3_ed25519", +"1.3.6.1.4.1.2.267.7.8.7", "dilithium5", +"1.3.9999.2.7.4" , "p521_dilithium5", +"2.16.840.1.114027.80.8.1.11" , "dilithium5_p384", +"2.16.840.1.114027.80.8.1.12" , "dilithium5_bp384", +"2.16.840.1.114027.80.8.1.13" , "dilithium5_ed448", +"1.3.9999.3.6", "falcon512", +"1.3.9999.3.7" , "p256_falcon512", +"1.3.9999.3.8" , "rsa3072_falcon512", +"2.16.840.1.114027.80.8.1.14" , "falcon512_p256", +"2.16.840.1.114027.80.8.1.15" , "falcon512_bp256", +"2.16.840.1.114027.80.8.1.16" , "falcon512_ed25519", +"1.3.9999.3.9", "falcon1024", +"1.3.9999.3.10" , "p521_falcon1024", +"1.3.9999.6.4.13", "sphincssha2128fsimple", +"1.3.9999.6.4.14" , "p256_sphincssha2128fsimple", +"1.3.9999.6.4.15" , "rsa3072_sphincssha2128fsimple", +"1.3.9999.6.4.16", "sphincssha2128ssimple", +"1.3.9999.6.4.17" , "p256_sphincssha2128ssimple", +"1.3.9999.6.4.18" , "rsa3072_sphincssha2128ssimple", +"1.3.9999.6.5.10", "sphincssha2192fsimple", +"1.3.9999.6.5.11" , "p384_sphincssha2192fsimple", +"1.3.9999.6.7.13", "sphincsshake128fsimple", +"1.3.9999.6.7.14" , "p256_sphincsshake128fsimple", +"1.3.9999.6.7.15" , "rsa3072_sphincsshake128fsimple", +///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; int oqs_patch_oids(void) @@ -231,175 +153,94 @@ int oqs_patch_oids(void) #ifdef OQS_KEM_ENCODERS - if (getenv("OQS_OID_FRODO640AES")) - oqs_oid_alg_list[0] = getenv("OQS_OID_FRODO640AES"); - - if (getenv("OQS_OID_P256_FRODO640AES")) - oqs_oid_alg_list[2] = getenv("OQS_OID_P256_FRODO640AES"); - if (getenv("OQS_OID_X25519_FRODO640AES")) - oqs_oid_alg_list[4] = getenv("OQS_OID_X25519_FRODO640AES"); - if (getenv("OQS_OID_FRODO640SHAKE")) - oqs_oid_alg_list[6] = getenv("OQS_OID_FRODO640SHAKE"); - - if (getenv("OQS_OID_P256_FRODO640SHAKE")) - oqs_oid_alg_list[8] = getenv("OQS_OID_P256_FRODO640SHAKE"); - if (getenv("OQS_OID_X25519_FRODO640SHAKE")) - oqs_oid_alg_list[10] = getenv("OQS_OID_X25519_FRODO640SHAKE"); - if (getenv("OQS_OID_FRODO976AES")) - oqs_oid_alg_list[12] = getenv("OQS_OID_FRODO976AES"); - - if (getenv("OQS_OID_P384_FRODO976AES")) - oqs_oid_alg_list[14] = getenv("OQS_OID_P384_FRODO976AES"); - if (getenv("OQS_OID_X448_FRODO976AES")) - oqs_oid_alg_list[16] = getenv("OQS_OID_X448_FRODO976AES"); - if (getenv("OQS_OID_FRODO976SHAKE")) - oqs_oid_alg_list[18] = getenv("OQS_OID_FRODO976SHAKE"); - - if (getenv("OQS_OID_P384_FRODO976SHAKE")) - oqs_oid_alg_list[20] = getenv("OQS_OID_P384_FRODO976SHAKE"); - if (getenv("OQS_OID_X448_FRODO976SHAKE")) - oqs_oid_alg_list[22] = getenv("OQS_OID_X448_FRODO976SHAKE"); - if (getenv("OQS_OID_FRODO1344AES")) - oqs_oid_alg_list[24] = getenv("OQS_OID_FRODO1344AES"); - - if (getenv("OQS_OID_P521_FRODO1344AES")) - oqs_oid_alg_list[26] = getenv("OQS_OID_P521_FRODO1344AES"); - if (getenv("OQS_OID_FRODO1344SHAKE")) - oqs_oid_alg_list[28] = getenv("OQS_OID_FRODO1344SHAKE"); - - if (getenv("OQS_OID_P521_FRODO1344SHAKE")) - oqs_oid_alg_list[30] = getenv("OQS_OID_P521_FRODO1344SHAKE"); - if (getenv("OQS_OID_KYBER512")) - oqs_oid_alg_list[32] = getenv("OQS_OID_KYBER512"); - - if (getenv("OQS_OID_P256_KYBER512")) - oqs_oid_alg_list[34] = getenv("OQS_OID_P256_KYBER512"); - if (getenv("OQS_OID_X25519_KYBER512")) - oqs_oid_alg_list[36] = getenv("OQS_OID_X25519_KYBER512"); - if (getenv("OQS_OID_KYBER768")) - oqs_oid_alg_list[38] = getenv("OQS_OID_KYBER768"); - - if (getenv("OQS_OID_P384_KYBER768")) - oqs_oid_alg_list[40] = getenv("OQS_OID_P384_KYBER768"); - if (getenv("OQS_OID_X448_KYBER768")) - oqs_oid_alg_list[42] = getenv("OQS_OID_X448_KYBER768"); - if (getenv("OQS_OID_X25519_KYBER768")) - oqs_oid_alg_list[44] = getenv("OQS_OID_X25519_KYBER768"); - if (getenv("OQS_OID_P256_KYBER768")) - oqs_oid_alg_list[46] = getenv("OQS_OID_P256_KYBER768"); - if (getenv("OQS_OID_KYBER1024")) - oqs_oid_alg_list[48] = getenv("OQS_OID_KYBER1024"); - - if (getenv("OQS_OID_P521_KYBER1024")) - oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); - if (getenv("OQS_OID_BIKEL1")) - oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); - - if (getenv("OQS_OID_P256_BIKEL1")) - oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); - if (getenv("OQS_OID_X25519_BIKEL1")) - oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); - if (getenv("OQS_OID_BIKEL3")) - oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); - - if (getenv("OQS_OID_P384_BIKEL3")) - oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); - if (getenv("OQS_OID_X448_BIKEL3")) - oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); - if (getenv("OQS_OID_BIKEL5")) - oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); - - if (getenv("OQS_OID_P521_BIKEL5")) - oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); - if (getenv("OQS_OID_HQC128")) - oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); - - if (getenv("OQS_OID_P256_HQC128")) - oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); - if (getenv("OQS_OID_X25519_HQC128")) - oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); - if (getenv("OQS_OID_HQC192")) - oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); - - if (getenv("OQS_OID_P384_HQC192")) - oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); - if (getenv("OQS_OID_X448_HQC192")) - oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); - if (getenv("OQS_OID_HQC256")) - oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); - - if (getenv("OQS_OID_P521_HQC256")) - oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); - -# define OQS_KEMOID_CNT 82 + 2 + + +if (getenv("OQS_OID_FRODO640AES")) oqs_oid_alg_list[0] = getenv("OQS_OID_FRODO640AES"); + +if (getenv("OQS_OID_P256_FRODO640AES")) oqs_oid_alg_list[2] = getenv("OQS_OID_P256_FRODO640AES"); +if (getenv("OQS_OID_X25519_FRODO640AES")) oqs_oid_alg_list[4] = getenv("OQS_OID_X25519_FRODO640AES"); +if (getenv("OQS_OID_FRODO640SHAKE")) oqs_oid_alg_list[6] = getenv("OQS_OID_FRODO640SHAKE"); + +if (getenv("OQS_OID_P256_FRODO640SHAKE")) oqs_oid_alg_list[8] = getenv("OQS_OID_P256_FRODO640SHAKE"); +if (getenv("OQS_OID_X25519_FRODO640SHAKE")) oqs_oid_alg_list[10] = getenv("OQS_OID_X25519_FRODO640SHAKE"); +if (getenv("OQS_OID_FRODO976AES")) oqs_oid_alg_list[12] = getenv("OQS_OID_FRODO976AES"); + +if (getenv("OQS_OID_P384_FRODO976AES")) oqs_oid_alg_list[14] = getenv("OQS_OID_P384_FRODO976AES"); +if (getenv("OQS_OID_X448_FRODO976AES")) oqs_oid_alg_list[16] = getenv("OQS_OID_X448_FRODO976AES"); +if (getenv("OQS_OID_FRODO976SHAKE")) oqs_oid_alg_list[18] = getenv("OQS_OID_FRODO976SHAKE"); + +if (getenv("OQS_OID_P384_FRODO976SHAKE")) oqs_oid_alg_list[20] = getenv("OQS_OID_P384_FRODO976SHAKE"); +if (getenv("OQS_OID_X448_FRODO976SHAKE")) oqs_oid_alg_list[22] = getenv("OQS_OID_X448_FRODO976SHAKE"); +if (getenv("OQS_OID_FRODO1344AES")) oqs_oid_alg_list[24] = getenv("OQS_OID_FRODO1344AES"); + +if (getenv("OQS_OID_P521_FRODO1344AES")) oqs_oid_alg_list[26] = getenv("OQS_OID_P521_FRODO1344AES"); +if (getenv("OQS_OID_FRODO1344SHAKE")) oqs_oid_alg_list[28] = getenv("OQS_OID_FRODO1344SHAKE"); + +if (getenv("OQS_OID_P521_FRODO1344SHAKE")) oqs_oid_alg_list[30] = getenv("OQS_OID_P521_FRODO1344SHAKE"); +if (getenv("OQS_OID_KYBER512")) oqs_oid_alg_list[32] = getenv("OQS_OID_KYBER512"); + +if (getenv("OQS_OID_P256_KYBER512")) oqs_oid_alg_list[34] = getenv("OQS_OID_P256_KYBER512"); +if (getenv("OQS_OID_X25519_KYBER512")) oqs_oid_alg_list[36] = getenv("OQS_OID_X25519_KYBER512"); +if (getenv("OQS_OID_KYBER768")) oqs_oid_alg_list[38] = getenv("OQS_OID_KYBER768"); + +if (getenv("OQS_OID_P384_KYBER768")) oqs_oid_alg_list[40] = getenv("OQS_OID_P384_KYBER768"); +if (getenv("OQS_OID_X448_KYBER768")) oqs_oid_alg_list[42] = getenv("OQS_OID_X448_KYBER768"); +if (getenv("OQS_OID_X25519_KYBER768")) oqs_oid_alg_list[44] = getenv("OQS_OID_X25519_KYBER768"); +if (getenv("OQS_OID_P256_KYBER768")) oqs_oid_alg_list[46] = getenv("OQS_OID_P256_KYBER768"); +if (getenv("OQS_OID_KYBER1024")) oqs_oid_alg_list[48] = getenv("OQS_OID_KYBER1024"); + +if (getenv("OQS_OID_P521_KYBER1024")) oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); +if (getenv("OQS_OID_BIKEL1")) oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); + +if (getenv("OQS_OID_P256_BIKEL1")) oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); +if (getenv("OQS_OID_X25519_BIKEL1")) oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); +if (getenv("OQS_OID_BIKEL3")) oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); + +if (getenv("OQS_OID_P384_BIKEL3")) oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); +if (getenv("OQS_OID_X448_BIKEL3")) oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); +if (getenv("OQS_OID_BIKEL5")) oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); + +if (getenv("OQS_OID_P521_BIKEL5")) oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); +if (getenv("OQS_OID_HQC128")) oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); + +if (getenv("OQS_OID_P256_HQC128")) oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); +if (getenv("OQS_OID_X25519_HQC128")) oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); +if (getenv("OQS_OID_HQC192")) oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); + +if (getenv("OQS_OID_P384_HQC192")) oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); +if (getenv("OQS_OID_X448_HQC192")) oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); +if (getenv("OQS_OID_HQC256")) oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); + +if (getenv("OQS_OID_P521_HQC256")) oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); + +#define OQS_KEMOID_CNT 82+2 #else -# define OQS_KEMOID_CNT 0 +#define OQS_KEMOID_CNT 0 #endif /* OQS_KEM_ENCODERS */ - if (getenv("OQS_OID_DILITHIUM2")) - oqs_oid_alg_list[0 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM2"); - if (getenv("OQS_OID_P256_DILITHIUM2")) - oqs_oid_alg_list[2 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P256_DILITHIUM2"); - if (getenv("OQS_OID_RSA3072_DILITHIUM2")) - oqs_oid_alg_list[4 + OQS_KEMOID_CNT] - = getenv("OQS_OID_RSA3072_DILITHIUM2"); - if (getenv("OQS_OID_DILITHIUM3")) - oqs_oid_alg_list[6 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM3"); - if (getenv("OQS_OID_P384_DILITHIUM3")) - oqs_oid_alg_list[8 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P384_DILITHIUM3"); - if (getenv("OQS_OID_DILITHIUM5")) - oqs_oid_alg_list[10 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM5"); - if (getenv("OQS_OID_P521_DILITHIUM5")) - oqs_oid_alg_list[12 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P521_DILITHIUM5"); - if (getenv("OQS_OID_FALCON512")) - oqs_oid_alg_list[14 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); - if (getenv("OQS_OID_P256_FALCON512")) - oqs_oid_alg_list[16 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P256_FALCON512"); - if (getenv("OQS_OID_RSA3072_FALCON512")) - oqs_oid_alg_list[18 + OQS_KEMOID_CNT] - = getenv("OQS_OID_RSA3072_FALCON512"); - if (getenv("OQS_OID_FALCON1024")) - oqs_oid_alg_list[20 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); - if (getenv("OQS_OID_P521_FALCON1024")) - oqs_oid_alg_list[22 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P521_FALCON1024"); - if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[24 + OQS_KEMOID_CNT] - = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[26 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[28 + OQS_KEMOID_CNT] - = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[30 + OQS_KEMOID_CNT] - = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[32 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[34 + OQS_KEMOID_CNT] - = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[36 + OQS_KEMOID_CNT] - = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[38 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[40 + OQS_KEMOID_CNT] - = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[42 + OQS_KEMOID_CNT] - = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[44 + OQS_KEMOID_CNT] - = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); - ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END + if (getenv("OQS_OID_DILITHIUM2")) oqs_oid_alg_list[0+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM2"); + if (getenv("OQS_OID_P256_DILITHIUM2")) oqs_oid_alg_list[2+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_DILITHIUM2"); + if (getenv("OQS_OID_RSA3072_DILITHIUM2")) oqs_oid_alg_list[4+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_DILITHIUM2"); + if (getenv("OQS_OID_DILITHIUM3")) oqs_oid_alg_list[6+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM3"); + if (getenv("OQS_OID_P384_DILITHIUM3")) oqs_oid_alg_list[8+OQS_KEMOID_CNT] = getenv("OQS_OID_P384_DILITHIUM3"); + if (getenv("OQS_OID_DILITHIUM5")) oqs_oid_alg_list[10+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM5"); + if (getenv("OQS_OID_P521_DILITHIUM5")) oqs_oid_alg_list[12+OQS_KEMOID_CNT] = getenv("OQS_OID_P521_DILITHIUM5"); + if (getenv("OQS_OID_FALCON512")) oqs_oid_alg_list[14+OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); + if (getenv("OQS_OID_P256_FALCON512")) oqs_oid_alg_list[16+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_FALCON512"); + if (getenv("OQS_OID_RSA3072_FALCON512")) oqs_oid_alg_list[18+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_FALCON512"); + if (getenv("OQS_OID_FALCON1024")) oqs_oid_alg_list[20+OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); + if (getenv("OQS_OID_P521_FALCON1024")) oqs_oid_alg_list[22+OQS_KEMOID_CNT] = getenv("OQS_OID_P521_FALCON1024"); + if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[24+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[26+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[28+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[30+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[32+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[34+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) oqs_oid_alg_list[36+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) oqs_oid_alg_list[38+OQS_KEMOID_CNT] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[40+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[42+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[44+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); +///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; } @@ -409,208 +250,85 @@ const char *oqs_alg_encoding_list[OQS_OID_CNT] = {0}; int oqs_patch_encodings(void) { ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_START - if (getenv("OQS_ENCODING_DILITHIUM2")) - oqs_alg_encoding_list[0] = getenv("OQS_ENCODING_DILITHIUM2"); - if (getenv("OQS_ENCODING_DILITHIUM2_ALGNAME")) - oqs_alg_encoding_list[1] = getenv("OQS_ENCODING_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_P256_DILITHIUM2")) - oqs_alg_encoding_list[2] = getenv("OQS_ENCODING_P256_DILITHIUM2"); - if (getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME")) - oqs_alg_encoding_list[3] - = getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2")) - oqs_alg_encoding_list[4] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2"); - if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) - oqs_alg_encoding_list[5] - = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) - oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) - oqs_alg_encoding_list[7] - = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) - oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) - oqs_alg_encoding_list[9] - = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) - oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) - oqs_alg_encoding_list[11] - = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256")) - oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) - oqs_alg_encoding_list[13] - = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) - oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) - oqs_alg_encoding_list[15] - = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3")) - oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); - if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); - if (getenv("OQS_ENCODING_P384_DILITHIUM3")) - oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); - if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[19] - = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) - oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) - oqs_alg_encoding_list[21] - = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) - oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) - oqs_alg_encoding_list[23] - = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256")) - oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) - oqs_alg_encoding_list[25] - = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) - oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) - oqs_alg_encoding_list[27] - = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) - oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) - oqs_alg_encoding_list[29] - = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5")) - oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); - if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); - if (getenv("OQS_ENCODING_P521_DILITHIUM5")) - oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); - if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[33] - = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384")) - oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) - oqs_alg_encoding_list[35] - = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) - oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) - oqs_alg_encoding_list[37] - = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) - oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) - oqs_alg_encoding_list[39] - = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512")) - oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON512"); - if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) - oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_P256_FALCON512")) - oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_FALCON512"); - if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) - oqs_alg_encoding_list[43] - = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_FALCON512")) - oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_FALCON512"); - if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) - oqs_alg_encoding_list[45] - = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_P256")) - oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_FALCON512_P256"); - if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) - oqs_alg_encoding_list[47] - = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_BP256")) - oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_FALCON512_BP256"); - if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) - oqs_alg_encoding_list[49] - = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_ED25519")) - oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_FALCON512_ED25519"); - if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) - oqs_alg_encoding_list[51] - = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_FALCON1024"); - if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); - if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_P521_FALCON1024"); - if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[55] - = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[56] - = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[57] - = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[58] - = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[59] - = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[60] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[61] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[62] - = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[63] - = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[64] - = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[65] - = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[66] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[67] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[68] - = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[69] - = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[70] - = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[71] - = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[72] - = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[73] - = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[74] - = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[75] - = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[76] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[77] - = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); - ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END + if (getenv("OQS_ENCODING_DILITHIUM2")) oqs_alg_encoding_list[0] = getenv("OQS_ENCODING_DILITHIUM2"); + if (getenv("OQS_ENCODING_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[1] = getenv("OQS_ENCODING_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_P256_DILITHIUM2")) oqs_alg_encoding_list[2] = getenv("OQS_ENCODING_P256_DILITHIUM2"); + if (getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[3] = getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2")) oqs_alg_encoding_list[4] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2"); + if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[5] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) oqs_alg_encoding_list[7] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) oqs_alg_encoding_list[9] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) oqs_alg_encoding_list[11] = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256")) oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) oqs_alg_encoding_list[13] = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3")) oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); + if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); + if (getenv("OQS_ENCODING_P384_DILITHIUM3")) oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); + if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) oqs_alg_encoding_list[19] = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) oqs_alg_encoding_list[21] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) oqs_alg_encoding_list[23] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256")) oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) oqs_alg_encoding_list[25] = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) oqs_alg_encoding_list[27] = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) oqs_alg_encoding_list[29] = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5")) oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); + if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_P521_DILITHIUM5")) oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); + if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384")) oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) oqs_alg_encoding_list[35] = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) oqs_alg_encoding_list[37] = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) oqs_alg_encoding_list[39] = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512")) oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON512"); + if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_P256_FALCON512")) oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_FALCON512"); + if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_FALCON512")) oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_FALCON512"); + if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) oqs_alg_encoding_list[45] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_P256")) oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_FALCON512_P256"); + if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) oqs_alg_encoding_list[47] = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_BP256")) oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_FALCON512_BP256"); + if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_ED25519")) oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_FALCON512_ED25519"); + if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON1024")) oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_FALCON1024"); + if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_P521_FALCON1024")) oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_P521_FALCON1024"); + if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) oqs_alg_encoding_list[70] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) oqs_alg_encoding_list[71] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[72] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[73] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[74] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[75] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[76] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[77] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); +///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; } #endif @@ -711,7 +429,7 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("p256_sphincsshake128fsimple", 128, oqs_signature_functions), SIGALG("rsa3072_sphincsshake128fsimple", 128, oqs_signature_functions), #endif - ///// OQS_TEMPLATE_FRAGMENT_SIG_FUNCTIONS_END +///// OQS_TEMPLATE_FRAGMENT_SIG_FUNCTIONS_END {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { @@ -789,8 +507,8 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { KEMBASEALG(hqc256, 256) KEMHYBALG(p521_hqc256, 256) #endif - // clang-format on - ///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END +// clang-format on +///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { @@ -942,8 +660,8 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { KEMKMHYBALG(p521_hqc256, 256, ecp) #endif - // clang-format on - ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END +// clang-format on +///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), {NULL, NULL, NULL}}; diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 6255b041..1911e1a4 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -35,64 +35,64 @@ typedef struct oqs_group_constants_st { static OQS_GROUP_CONSTANTS oqs_group_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_START - {0x0200, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x0200, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F00, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0201, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F00, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0201, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F01, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0202, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F01, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0202, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F02, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0203, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F02, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0203, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F03, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0204, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F03, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0204, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F04, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F04, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0242, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0242, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F42, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F42, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + { 0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + { 0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - {0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END + { 0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, +///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END }; // Adds entries for tlsname, `ecx`_tlsname and `ecp`_tlsname @@ -128,16 +128,13 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(frodo640aes, frodo640aes, frodo640aes, 0), OQS_GROUP_ENTRY(p256_frodo640aes, p256_frodo640aes, p256_frodo640aes, 1), - OQS_GROUP_ENTRY(x25519_frodo640aes, x25519_frodo640aes, x25519_frodo640aes, - 2), + OQS_GROUP_ENTRY(x25519_frodo640aes, x25519_frodo640aes, x25519_frodo640aes, 2), #endif #ifdef OQS_ENABLE_KEM_frodokem_640_shake OQS_GROUP_ENTRY(frodo640shake, frodo640shake, frodo640shake, 3), - OQS_GROUP_ENTRY(p256_frodo640shake, p256_frodo640shake, p256_frodo640shake, - 4), - OQS_GROUP_ENTRY(x25519_frodo640shake, x25519_frodo640shake, - x25519_frodo640shake, 5), + OQS_GROUP_ENTRY(p256_frodo640shake, p256_frodo640shake, p256_frodo640shake, 4), + OQS_GROUP_ENTRY(x25519_frodo640shake, x25519_frodo640shake, x25519_frodo640shake, 5), #endif #ifdef OQS_ENABLE_KEM_frodokem_976_aes OQS_GROUP_ENTRY(frodo976aes, frodo976aes, frodo976aes, 6), @@ -148,22 +145,18 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { #ifdef OQS_ENABLE_KEM_frodokem_976_shake OQS_GROUP_ENTRY(frodo976shake, frodo976shake, frodo976shake, 9), - OQS_GROUP_ENTRY(p384_frodo976shake, p384_frodo976shake, p384_frodo976shake, - 10), - OQS_GROUP_ENTRY(x448_frodo976shake, x448_frodo976shake, x448_frodo976shake, - 11), + OQS_GROUP_ENTRY(p384_frodo976shake, p384_frodo976shake, p384_frodo976shake, 10), + OQS_GROUP_ENTRY(x448_frodo976shake, x448_frodo976shake, x448_frodo976shake, 11), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_aes OQS_GROUP_ENTRY(frodo1344aes, frodo1344aes, frodo1344aes, 12), - OQS_GROUP_ENTRY(p521_frodo1344aes, p521_frodo1344aes, p521_frodo1344aes, - 13), + OQS_GROUP_ENTRY(p521_frodo1344aes, p521_frodo1344aes, p521_frodo1344aes, 13), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_shake OQS_GROUP_ENTRY(frodo1344shake, frodo1344shake, frodo1344shake, 14), - OQS_GROUP_ENTRY(p521_frodo1344shake, p521_frodo1344shake, - p521_frodo1344shake, 15), + OQS_GROUP_ENTRY(p521_frodo1344shake, p521_frodo1344shake, p521_frodo1344shake, 15), #endif #ifdef OQS_ENABLE_KEM_kyber_512 OQS_GROUP_ENTRY(kyber512, kyber512, kyber512, 16), @@ -218,7 +211,7 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 41), #endif - ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END +///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END }; typedef struct oqs_sigalg_constants_st { @@ -231,202 +224,103 @@ typedef struct oqs_sigalg_constants_st { static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_START - {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0}, - {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0}, - {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0}, - {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0}, - {0xfeaf, 128, TLS1_3_VERSION, 0}, {0xfeb0, 128, TLS1_3_VERSION, 0}, - {0xfeb1, 256, TLS1_3_VERSION, 0}, {0xfeb2, 256, TLS1_3_VERSION, 0}, - {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, - {0xfeb5, 128, TLS1_3_VERSION, 0}, {0xfeb6, 128, TLS1_3_VERSION, 0}, - {0xfeb7, 128, TLS1_3_VERSION, 0}, {0xfeb8, 128, TLS1_3_VERSION, 0}, - {0xfeb9, 192, TLS1_3_VERSION, 0}, {0xfeba, 192, TLS1_3_VERSION, 0}, - {0xfec2, 128, TLS1_3_VERSION, 0}, {0xfec3, 128, TLS1_3_VERSION, 0}, - {0xfec4, 128, TLS1_3_VERSION, 0}, - ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END + { 0xfea0, 128, TLS1_3_VERSION, 0 }, + { 0xfea1, 128, TLS1_3_VERSION, 0 }, + { 0xfea2, 128, TLS1_3_VERSION, 0 }, + { 0xfea3, 192, TLS1_3_VERSION, 0 }, + { 0xfea4, 192, TLS1_3_VERSION, 0 }, + { 0xfea5, 256, TLS1_3_VERSION, 0 }, + { 0xfea6, 256, TLS1_3_VERSION, 0 }, + { 0xfeae, 128, TLS1_3_VERSION, 0 }, + { 0xfeaf, 128, TLS1_3_VERSION, 0 }, + { 0xfeb0, 128, TLS1_3_VERSION, 0 }, + { 0xfeb1, 256, TLS1_3_VERSION, 0 }, + { 0xfeb2, 256, TLS1_3_VERSION, 0 }, + { 0xfeb3, 128, TLS1_3_VERSION, 0 }, + { 0xfeb4, 128, TLS1_3_VERSION, 0 }, + { 0xfeb5, 128, TLS1_3_VERSION, 0 }, + { 0xfeb6, 128, TLS1_3_VERSION, 0 }, + { 0xfeb7, 128, TLS1_3_VERSION, 0 }, + { 0xfeb8, 128, TLS1_3_VERSION, 0 }, + { 0xfeb9, 192, TLS1_3_VERSION, 0 }, + { 0xfeba, 192, TLS1_3_VERSION, 0 }, + { 0xfec2, 128, TLS1_3_VERSION, 0 }, + { 0xfec3, 128, TLS1_3_VERSION, 0 }, + { 0xfec4, 128, TLS1_3_VERSION, 0 }, +///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END }; int oqs_patch_codepoints() { ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_START - if (getenv("OQS_CODEPOINT_FRODO640AES")) - oqs_group_list[0].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640AES")); - if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) - oqs_group_list[1].group_id - = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) - oqs_group_list[2].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); - if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) - oqs_group_list[3].group_id - = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) - oqs_group_list[4].group_id - = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) - oqs_group_list[5].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO976AES")) - oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); - if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) - oqs_group_list[7].group_id - = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); - if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) - oqs_group_list[8].group_id - = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); - if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) - oqs_group_list[9].group_id - = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) - oqs_group_list[10].group_id - = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) - oqs_group_list[11].group_id - = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO1344AES")) - oqs_group_list[12].group_id - = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) - oqs_group_list[13].group_id - = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) - oqs_group_list[14].group_id - = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) - oqs_group_list[15].group_id - = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_KYBER512")) - oqs_group_list[16].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); - if (getenv("OQS_CODEPOINT_P256_KYBER512")) - oqs_group_list[17].group_id - = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); - if (getenv("OQS_CODEPOINT_X25519_KYBER512")) - oqs_group_list[18].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); - if (getenv("OQS_CODEPOINT_KYBER768")) - oqs_group_list[19].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); - if (getenv("OQS_CODEPOINT_P384_KYBER768")) - oqs_group_list[20].group_id - = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); - if (getenv("OQS_CODEPOINT_X448_KYBER768")) - oqs_group_list[21].group_id - = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); - if (getenv("OQS_CODEPOINT_X25519_KYBER768")) - oqs_group_list[22].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_KYBER768")); - if (getenv("OQS_CODEPOINT_P256_KYBER768")) - oqs_group_list[23].group_id - = atoi(getenv("OQS_CODEPOINT_P256_KYBER768")); - if (getenv("OQS_CODEPOINT_KYBER1024")) - oqs_group_list[24].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); - if (getenv("OQS_CODEPOINT_P521_KYBER1024")) - oqs_group_list[25].group_id - = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); - if (getenv("OQS_CODEPOINT_BIKEL1")) - oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); - if (getenv("OQS_CODEPOINT_P256_BIKEL1")) - oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); - if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) - oqs_group_list[28].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); - if (getenv("OQS_CODEPOINT_BIKEL3")) - oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); - if (getenv("OQS_CODEPOINT_P384_BIKEL3")) - oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); - if (getenv("OQS_CODEPOINT_X448_BIKEL3")) - oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); - if (getenv("OQS_CODEPOINT_BIKEL5")) - oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); - if (getenv("OQS_CODEPOINT_P521_BIKEL5")) - oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); - if (getenv("OQS_CODEPOINT_HQC128")) - oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); - if (getenv("OQS_CODEPOINT_P256_HQC128")) - oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); - if (getenv("OQS_CODEPOINT_X25519_HQC128")) - oqs_group_list[36].group_id - = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); - if (getenv("OQS_CODEPOINT_HQC192")) - oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); - if (getenv("OQS_CODEPOINT_P384_HQC192")) - oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); - if (getenv("OQS_CODEPOINT_X448_HQC192")) - oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); - if (getenv("OQS_CODEPOINT_HQC256")) - oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); - if (getenv("OQS_CODEPOINT_P521_HQC256")) - oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); - - if (getenv("OQS_CODEPOINT_DILITHIUM2")) - oqs_sigalg_list[0].code_point - = atoi(getenv("OQS_CODEPOINT_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_P256_DILITHIUM2")) - oqs_sigalg_list[1].code_point - = atoi(getenv("OQS_CODEPOINT_P256_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")) - oqs_sigalg_list[2].code_point - = atoi(getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_DILITHIUM3")) - oqs_sigalg_list[3].code_point - = atoi(getenv("OQS_CODEPOINT_DILITHIUM3")); - if (getenv("OQS_CODEPOINT_P384_DILITHIUM3")) - oqs_sigalg_list[4].code_point - = atoi(getenv("OQS_CODEPOINT_P384_DILITHIUM3")); - if (getenv("OQS_CODEPOINT_DILITHIUM5")) - oqs_sigalg_list[5].code_point - = atoi(getenv("OQS_CODEPOINT_DILITHIUM5")); - if (getenv("OQS_CODEPOINT_P521_DILITHIUM5")) - oqs_sigalg_list[6].code_point - = atoi(getenv("OQS_CODEPOINT_P521_DILITHIUM5")); - if (getenv("OQS_CODEPOINT_FALCON512")) - oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_FALCON512")); - if (getenv("OQS_CODEPOINT_P256_FALCON512")) - oqs_sigalg_list[8].code_point - = atoi(getenv("OQS_CODEPOINT_P256_FALCON512")); - if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) - oqs_sigalg_list[9].code_point - = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); - if (getenv("OQS_CODEPOINT_FALCON1024")) - oqs_sigalg_list[10].code_point - = atoi(getenv("OQS_CODEPOINT_FALCON1024")); - if (getenv("OQS_CODEPOINT_P521_FALCON1024")) - oqs_sigalg_list[11].code_point - = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[12].code_point - = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[13].code_point - = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[14].code_point - = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[15].code_point - = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[16].code_point - = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[17].code_point - = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[18].code_point - = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); - if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[19].code_point - = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[20].code_point - = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[21].code_point - = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[22].code_point - = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); - ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END + if (getenv("OQS_CODEPOINT_FRODO640AES")) oqs_group_list[0].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640AES")); + if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) oqs_group_list[1].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) oqs_group_list[2].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); + if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) oqs_group_list[3].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) oqs_group_list[4].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) oqs_group_list[5].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO976AES")) oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); + if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) oqs_group_list[7].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); + if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) oqs_group_list[8].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); + if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) oqs_group_list[9].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) oqs_group_list[10].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) oqs_group_list[11].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO1344AES")) oqs_group_list[12].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) oqs_group_list[13].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) oqs_group_list[14].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) oqs_group_list[15].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_KYBER512")) oqs_group_list[16].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); + if (getenv("OQS_CODEPOINT_P256_KYBER512")) oqs_group_list[17].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); + if (getenv("OQS_CODEPOINT_X25519_KYBER512")) oqs_group_list[18].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); + if (getenv("OQS_CODEPOINT_KYBER768")) oqs_group_list[19].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); + if (getenv("OQS_CODEPOINT_P384_KYBER768")) oqs_group_list[20].group_id = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); + if (getenv("OQS_CODEPOINT_X448_KYBER768")) oqs_group_list[21].group_id = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); + if (getenv("OQS_CODEPOINT_X25519_KYBER768")) oqs_group_list[22].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER768")); + if (getenv("OQS_CODEPOINT_P256_KYBER768")) oqs_group_list[23].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER768")); + if (getenv("OQS_CODEPOINT_KYBER1024")) oqs_group_list[24].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); + if (getenv("OQS_CODEPOINT_P521_KYBER1024")) oqs_group_list[25].group_id = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); + if (getenv("OQS_CODEPOINT_BIKEL1")) oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); + if (getenv("OQS_CODEPOINT_P256_BIKEL1")) oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); + if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) oqs_group_list[28].group_id = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); + if (getenv("OQS_CODEPOINT_BIKEL3")) oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); + if (getenv("OQS_CODEPOINT_P384_BIKEL3")) oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); + if (getenv("OQS_CODEPOINT_X448_BIKEL3")) oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); + if (getenv("OQS_CODEPOINT_BIKEL5")) oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); + if (getenv("OQS_CODEPOINT_P521_BIKEL5")) oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); + if (getenv("OQS_CODEPOINT_HQC128")) oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); + if (getenv("OQS_CODEPOINT_P256_HQC128")) oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); + if (getenv("OQS_CODEPOINT_X25519_HQC128")) oqs_group_list[36].group_id = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); + if (getenv("OQS_CODEPOINT_HQC192")) oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); + if (getenv("OQS_CODEPOINT_P384_HQC192")) oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); + if (getenv("OQS_CODEPOINT_X448_HQC192")) oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); + if (getenv("OQS_CODEPOINT_HQC256")) oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); + if (getenv("OQS_CODEPOINT_P521_HQC256")) oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); + + if (getenv("OQS_CODEPOINT_DILITHIUM2")) oqs_sigalg_list[0].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_P256_DILITHIUM2")) oqs_sigalg_list[1].code_point = atoi(getenv("OQS_CODEPOINT_P256_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")) oqs_sigalg_list[2].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_DILITHIUM3")) oqs_sigalg_list[3].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM3")); + if (getenv("OQS_CODEPOINT_P384_DILITHIUM3")) oqs_sigalg_list[4].code_point = atoi(getenv("OQS_CODEPOINT_P384_DILITHIUM3")); + if (getenv("OQS_CODEPOINT_DILITHIUM5")) oqs_sigalg_list[5].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM5")); + if (getenv("OQS_CODEPOINT_P521_DILITHIUM5")) oqs_sigalg_list[6].code_point = atoi(getenv("OQS_CODEPOINT_P521_DILITHIUM5")); + if (getenv("OQS_CODEPOINT_FALCON512")) oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_FALCON512")); + if (getenv("OQS_CODEPOINT_P256_FALCON512")) oqs_sigalg_list[8].code_point = atoi(getenv("OQS_CODEPOINT_P256_FALCON512")); + if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) oqs_sigalg_list[9].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); + if (getenv("OQS_CODEPOINT_FALCON1024")) oqs_sigalg_list[10].code_point = atoi(getenv("OQS_CODEPOINT_FALCON1024")); + if (getenv("OQS_CODEPOINT_P521_FALCON1024")) oqs_sigalg_list[11].code_point = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[12].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[13].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[14].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[15].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[16].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[17].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) oqs_sigalg_list[18].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); + if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) oqs_sigalg_list[19].code_point = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[20].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[21].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[22].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); +///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END return 1; } @@ -466,72 +360,48 @@ static int oqs_group_capability(OSSL_CALLBACK *cb, void *arg) static const OSSL_PARAM oqs_param_sigalg_list[][12] = { ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_START -# ifdef OQS_ENABLE_SIG_dilithium_2 - OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2, - "1.3.6.1.4.1.2.267.7.4.4", 0), - OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2, - "1.3.9999.2.7.1", 1), - OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2, - "1.3.9999.2.7.2", 2), -# endif -# ifdef OQS_ENABLE_SIG_dilithium_3 - OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3, - "1.3.6.1.4.1.2.267.7.6.5", 3), - OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3, - "1.3.9999.2.7.3", 4), -# endif -# ifdef OQS_ENABLE_SIG_dilithium_5 - OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5, - "1.3.6.1.4.1.2.267.7.8.7", 5), - OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, - "1.3.9999.2.7.4", 6), -# endif -# ifdef OQS_ENABLE_SIG_falcon_512 +#ifdef OQS_ENABLE_SIG_dilithium_2 + OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2, "1.3.6.1.4.1.2.267.7.4.4", 0), + OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2, "1.3.9999.2.7.1", 1), + OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2, "1.3.9999.2.7.2", 2), +#endif +#ifdef OQS_ENABLE_SIG_dilithium_3 + OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3, "1.3.6.1.4.1.2.267.7.6.5", 3), + OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3, "1.3.9999.2.7.3", 4), +#endif +#ifdef OQS_ENABLE_SIG_dilithium_5 + OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5, "1.3.6.1.4.1.2.267.7.8.7", 5), + OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, "1.3.9999.2.7.4", 6), +#endif +#ifdef OQS_ENABLE_SIG_falcon_512 OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 7), - OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, - "1.3.9999.3.7", 8), - OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, - "1.3.9999.3.8", 9), -# endif -# ifdef OQS_ENABLE_SIG_falcon_1024 + OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, "1.3.9999.3.7", 8), + OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, "1.3.9999.3.8", 9), +#endif +#ifdef OQS_ENABLE_SIG_falcon_1024 OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 10), - OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, - "1.3.9999.3.10", 11), -# endif -# ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple - OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, - sphincssha2128fsimple, "1.3.9999.6.4.13", 12), - OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, - p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 13), - OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, - rsa3072_sphincssha2128fsimple, - rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 14), -# endif -# ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple - OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, - sphincssha2128ssimple, "1.3.9999.6.4.16", 15), - OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, - p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 16), - OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, - rsa3072_sphincssha2128ssimple, - rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 17), -# endif -# ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple - OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, - sphincssha2192fsimple, "1.3.9999.6.5.10", 18), - OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, - p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 19), -# endif -# ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple - OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, - sphincsshake128fsimple, "1.3.9999.6.7.13", 20), - OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, - p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 21), - OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, - rsa3072_sphincsshake128fsimple, - rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 22), -# endif - ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END + OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, "1.3.9999.3.10", 11), +#endif +#ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple + OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, sphincssha2128fsimple, "1.3.9999.6.4.13", 12), + OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 13), + OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 14), +#endif +#ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple + OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, sphincssha2128ssimple, "1.3.9999.6.4.16", 15), + OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 16), + OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 17), +#endif +#ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple + OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, sphincssha2192fsimple, "1.3.9999.6.5.10", 18), + OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 19), +#endif +#ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple + OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, sphincsshake128fsimple, "1.3.9999.6.7.13", 20), + OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 21), + OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 22), +#endif +///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END }; static int oqs_sigalg_capability(OSSL_CALLBACK *cb, void *arg) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 3b28743a..30d6835d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -53,120 +53,103 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START + + + + #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 81 +#define NID_TABLE_LEN 81 #else -# define NID_TABLE_LEN 39 +#define NID_TABLE_LEN 39 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { #ifdef OQS_KEM_ENCODERS - {0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128}, - {0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM, - 128}, - {0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, - KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128}, - {0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, - KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, - KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192}, - {0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM, - 192}, - {0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM, - 192}, - {0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192}, - {0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, - KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, - KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256}, - {0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, - KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256}, - {0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, - KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128}, - {0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192}, - {0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256}, - {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, - {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192}, - {0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256}, - {0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM, 256}, - {0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128}, - {0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM, 128}, - {0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM, 128}, - {0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192}, - {0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM, 192}, - {0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM, 192}, - {0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256}, - {0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM, 256}, + { 0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128 }, + { 0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM , 128 }, + { 0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECX_HYB_KEM , 128 }, + { 0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128 }, + { 0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_ECP_HYB_KEM , 128 }, + { 0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_ECX_HYB_KEM , 128 }, + { 0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192 }, + { 0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192 }, + { 0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256 }, + { 0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_ECP_HYB_KEM , 256 }, + { 0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256 }, + { 0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_ECP_HYB_KEM , 256 }, + { 0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128 }, + { 0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM , 128 }, + { 0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM , 128 }, + { 0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192 }, + { 0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256 }, + { 0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM , 256 }, + { 0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128 }, + { 0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM , 128 }, + { 0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM , 128 }, + { 0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192 }, + { 0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256 }, + { 0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM , 256 }, + { 0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128 }, + { 0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM , 128 }, + { 0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM , 128 }, + { 0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192 }, + { 0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM , 192 }, + { 0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM , 192 }, + { 0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256 }, + { 0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM , 256 }, #endif /* OQS_KEM_ENCODERS */ - {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, - {0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, - {0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, - {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, - {0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192}, - {0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192}, - {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, - {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256}, - {0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256}, - {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, - {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, - {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, - {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, - {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, - {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, - {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, - {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, - {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, - {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, - KEY_TYPE_SIG, 128}, - {0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, - KEY_TYPE_HYB_SIG, 128}, - {0, "rsa3072_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, - KEY_TYPE_HYB_SIG, 128}, - {0, "sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, - KEY_TYPE_SIG, 128}, - {0, "p256_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, - KEY_TYPE_HYB_SIG, 128}, - {0, "rsa3072_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, - KEY_TYPE_HYB_SIG, 128}, - {0, "sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, - KEY_TYPE_SIG, 192}, - {0, "p384_sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, - KEY_TYPE_HYB_SIG, 192}, - {0, "sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, - KEY_TYPE_SIG, 128}, - {0, "p256_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, - KEY_TYPE_HYB_SIG, 128}, - {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, - KEY_TYPE_HYB_SIG, 128}, - ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END + { 0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128 }, + { 0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128 }, + { 0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128 }, + { 0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112 }, + { 0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112 }, + { 0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256 }, + { 0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192 }, + { 0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192 }, + { 0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256 }, + { 0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, + { 0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256 }, + { 0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256 }, + { 0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192 }, + { 0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384 }, + { 0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192 }, + { 0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128 }, + { 0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128 }, + { 0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128 }, + { 0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128 }, + { 0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256 }, + { 0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128 }, + { 0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256 }, + { 0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256 }, + { 0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_SIG, 128 }, + { 0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_HYB_SIG, 128 }, + { 0, "rsa3072_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_HYB_SIG, 128 }, + { 0, "sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_SIG, 128 }, + { 0, "p256_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_HYB_SIG, 128 }, + { 0, "rsa3072_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_HYB_SIG, 128 }, + { 0, "sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, KEY_TYPE_SIG, 192 }, + { 0, "p384_sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, KEY_TYPE_HYB_SIG, 192 }, + { 0, "sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_SIG, 128 }, + { 0, "p256_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128 }, + { 0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128 }, +///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; int oqs_set_nid(char *tlsname, int nid) From c67fec07ea3d5bd94b7046b9cc38ce6789983db1 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 19 Dec 2023 13:49:38 -0600 Subject: [PATCH 092/160] using OpenSSL coding style --- oqsprov/oqs_decode_der2key.c | 167 ++- oqsprov/oqs_encode_key2any.c | 539 ++++----- oqsprov/oqs_kmgmt.c | 296 +++-- oqsprov/oqs_prov.h | 1965 ++++++++++++++++++++++---------- oqsprov/oqsdecoders.inc | 444 +++++--- oqsprov/oqsencoders.inc | 1555 +++++++++++++++---------- oqsprov/oqsprov.c | 798 ++++++++----- oqsprov/oqsprov_capabilities.c | 494 +++++--- oqsprov/oqsprov_keys.c | 193 ++-- 9 files changed, 4162 insertions(+), 2289 deletions(-) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index f9361950..180dc7f4 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -539,52 +539,69 @@ static void oqsx_key_adjust(void *key, struct der2key_ctx_st *ctx) ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_START #ifdef OQS_KEM_ENCODERS - MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo640aes", frodo640aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640aes", p256_frodo640aes, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640aes", x25519_frodo640aes, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo640shake", frodo640shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_frodo640shake", p256_frodo640shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_frodo640shake", x25519_frodo640shake, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo976aes", frodo976aes, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976aes", p384_frodo976aes, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976aes", x448_frodo976aes, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo976shake", frodo976shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_frodo976shake", p384_frodo976shake, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_frodo976shake", x448_frodo976shake, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo1344aes", frodo1344aes, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344aes", p521_frodo1344aes, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, PrivateKeyInfo); MAKE_DECODER(, "frodo1344shake", frodo1344shake, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, + PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_frodo1344shake", p521_frodo1344shake, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "kyber512", kyber512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber512", kyber512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p256_kyber512", p256_kyber512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber512", x25519_kyber512, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "kyber768", kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber768", kyber768, oqsx, SubjectPublicKeyInfo); @@ -593,14 +610,16 @@ MAKE_DECODER(_ecp, "p384_kyber768", p384_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecx, "x448_kyber768", x448_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_kyber768", x25519_kyber768, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p256_kyber768", p256_kyber768, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "kyber1024", kyber1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "kyber1024", kyber1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, PrivateKeyInfo); -MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, PrivateKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, SubjectPublicKeyInfo); @@ -641,37 +660,45 @@ MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p521_hqc256", p521_hqc256, oqsx, SubjectPublicKeyInfo); #endif /* OQS_KEM_ENCODERS */ - MAKE_DECODER(, "dilithium2", dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium2", dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); @@ -679,45 +706,71 @@ MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2128ssimple", sphincssha2128ssimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, + oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "sphincssha2192fsimple", sphincssha2192fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "sphincsshake128fsimple", sphincsshake128fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, + oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, + oqsx, SubjectPublicKeyInfo); ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index bd648cc9..b060754d 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -814,266 +814,266 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) // OQS provider uses NIDs generated at load time as EVP_type identifiers // so initially this must be 0 and set to a real value by OBJ_sn2nid later ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_START -# define frodo640aes_evp_type 0 -# define frodo640aes_input_type "frodo640aes" -# define frodo640aes_pem_type "frodo640aes" - -# define p256_frodo640aes_evp_type 0 -# define p256_frodo640aes_input_type "p256_frodo640aes" -# define p256_frodo640aes_pem_type "p256_frodo640aes" -# define x25519_frodo640aes_evp_type 0 -# define x25519_frodo640aes_input_type "x25519_frodo640aes" -# define x25519_frodo640aes_pem_type "x25519_frodo640aes" -# define frodo640shake_evp_type 0 -# define frodo640shake_input_type "frodo640shake" -# define frodo640shake_pem_type "frodo640shake" - -# define p256_frodo640shake_evp_type 0 -# define p256_frodo640shake_input_type "p256_frodo640shake" -# define p256_frodo640shake_pem_type "p256_frodo640shake" -# define x25519_frodo640shake_evp_type 0 -# define x25519_frodo640shake_input_type "x25519_frodo640shake" -# define x25519_frodo640shake_pem_type "x25519_frodo640shake" -# define frodo976aes_evp_type 0 -# define frodo976aes_input_type "frodo976aes" -# define frodo976aes_pem_type "frodo976aes" - -# define p384_frodo976aes_evp_type 0 -# define p384_frodo976aes_input_type "p384_frodo976aes" -# define p384_frodo976aes_pem_type "p384_frodo976aes" -# define x448_frodo976aes_evp_type 0 -# define x448_frodo976aes_input_type "x448_frodo976aes" -# define x448_frodo976aes_pem_type "x448_frodo976aes" -# define frodo976shake_evp_type 0 -# define frodo976shake_input_type "frodo976shake" -# define frodo976shake_pem_type "frodo976shake" - -# define p384_frodo976shake_evp_type 0 -# define p384_frodo976shake_input_type "p384_frodo976shake" -# define p384_frodo976shake_pem_type "p384_frodo976shake" -# define x448_frodo976shake_evp_type 0 -# define x448_frodo976shake_input_type "x448_frodo976shake" -# define x448_frodo976shake_pem_type "x448_frodo976shake" -# define frodo1344aes_evp_type 0 -# define frodo1344aes_input_type "frodo1344aes" -# define frodo1344aes_pem_type "frodo1344aes" - -# define p521_frodo1344aes_evp_type 0 -# define p521_frodo1344aes_input_type "p521_frodo1344aes" -# define p521_frodo1344aes_pem_type "p521_frodo1344aes" -# define frodo1344shake_evp_type 0 -# define frodo1344shake_input_type "frodo1344shake" -# define frodo1344shake_pem_type "frodo1344shake" - -# define p521_frodo1344shake_evp_type 0 -# define p521_frodo1344shake_input_type "p521_frodo1344shake" -# define p521_frodo1344shake_pem_type "p521_frodo1344shake" -# define kyber512_evp_type 0 -# define kyber512_input_type "kyber512" -# define kyber512_pem_type "kyber512" - -# define p256_kyber512_evp_type 0 -# define p256_kyber512_input_type "p256_kyber512" -# define p256_kyber512_pem_type "p256_kyber512" -# define x25519_kyber512_evp_type 0 -# define x25519_kyber512_input_type "x25519_kyber512" -# define x25519_kyber512_pem_type "x25519_kyber512" -# define kyber768_evp_type 0 -# define kyber768_input_type "kyber768" -# define kyber768_pem_type "kyber768" - -# define p384_kyber768_evp_type 0 -# define p384_kyber768_input_type "p384_kyber768" -# define p384_kyber768_pem_type "p384_kyber768" -# define x448_kyber768_evp_type 0 -# define x448_kyber768_input_type "x448_kyber768" -# define x448_kyber768_pem_type "x448_kyber768" -# define x25519_kyber768_evp_type 0 -# define x25519_kyber768_input_type "x25519_kyber768" -# define x25519_kyber768_pem_type "x25519_kyber768" -# define p256_kyber768_evp_type 0 -# define p256_kyber768_input_type "p256_kyber768" -# define p256_kyber768_pem_type "p256_kyber768" -# define kyber1024_evp_type 0 -# define kyber1024_input_type "kyber1024" -# define kyber1024_pem_type "kyber1024" - -# define p521_kyber1024_evp_type 0 -# define p521_kyber1024_input_type "p521_kyber1024" -# define p521_kyber1024_pem_type "p521_kyber1024" -# define bikel1_evp_type 0 -# define bikel1_input_type "bikel1" -# define bikel1_pem_type "bikel1" - -# define p256_bikel1_evp_type 0 -# define p256_bikel1_input_type "p256_bikel1" -# define p256_bikel1_pem_type "p256_bikel1" -# define x25519_bikel1_evp_type 0 -# define x25519_bikel1_input_type "x25519_bikel1" -# define x25519_bikel1_pem_type "x25519_bikel1" -# define bikel3_evp_type 0 -# define bikel3_input_type "bikel3" -# define bikel3_pem_type "bikel3" - -# define p384_bikel3_evp_type 0 -# define p384_bikel3_input_type "p384_bikel3" -# define p384_bikel3_pem_type "p384_bikel3" -# define x448_bikel3_evp_type 0 -# define x448_bikel3_input_type "x448_bikel3" -# define x448_bikel3_pem_type "x448_bikel3" -# define bikel5_evp_type 0 -# define bikel5_input_type "bikel5" -# define bikel5_pem_type "bikel5" - -# define p521_bikel5_evp_type 0 -# define p521_bikel5_input_type "p521_bikel5" -# define p521_bikel5_pem_type "p521_bikel5" -# define hqc128_evp_type 0 -# define hqc128_input_type "hqc128" -# define hqc128_pem_type "hqc128" - -# define p256_hqc128_evp_type 0 -# define p256_hqc128_input_type "p256_hqc128" -# define p256_hqc128_pem_type "p256_hqc128" -# define x25519_hqc128_evp_type 0 -# define x25519_hqc128_input_type "x25519_hqc128" -# define x25519_hqc128_pem_type "x25519_hqc128" -# define hqc192_evp_type 0 -# define hqc192_input_type "hqc192" -# define hqc192_pem_type "hqc192" - -# define p384_hqc192_evp_type 0 -# define p384_hqc192_input_type "p384_hqc192" -# define p384_hqc192_pem_type "p384_hqc192" -# define x448_hqc192_evp_type 0 -# define x448_hqc192_input_type "x448_hqc192" -# define x448_hqc192_pem_type "x448_hqc192" -# define hqc256_evp_type 0 -# define hqc256_input_type "hqc256" -# define hqc256_pem_type "hqc256" - -# define p521_hqc256_evp_type 0 -# define p521_hqc256_input_type "p521_hqc256" -# define p521_hqc256_pem_type "p521_hqc256" - - -# define dilithium2_evp_type 0 -# define dilithium2_input_type "dilithium2" -# define dilithium2_pem_type "dilithium2" -# define p256_dilithium2_evp_type 0 -# define p256_dilithium2_input_type "p256_dilithium2" -# define p256_dilithium2_pem_type "p256_dilithium2" -# define rsa3072_dilithium2_evp_type 0 -# define rsa3072_dilithium2_input_type "rsa3072_dilithium2" -# define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" -# define dilithium2_pss2048_evp_type 0 -# define dilithium2_pss2048_input_type "dilithium2_pss2048" -# define dilithium2_pss2048_pem_type "dilithium2_pss2048" -# define dilithium2_rsa2048_evp_type 0 -# define dilithium2_rsa2048_input_type "dilithium2_rsa2048" -# define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" -# define dilithium2_ed25519_evp_type 0 -# define dilithium2_ed25519_input_type "dilithium2_ed25519" -# define dilithium2_ed25519_pem_type "dilithium2_ed25519" -# define dilithium2_p256_evp_type 0 -# define dilithium2_p256_input_type "dilithium2_p256" -# define dilithium2_p256_pem_type "dilithium2_p256" -# define dilithium2_bp256_evp_type 0 -# define dilithium2_bp256_input_type "dilithium2_bp256" -# define dilithium2_bp256_pem_type "dilithium2_bp256" -# define dilithium3_evp_type 0 -# define dilithium3_input_type "dilithium3" -# define dilithium3_pem_type "dilithium3" -# define p384_dilithium3_evp_type 0 -# define p384_dilithium3_input_type "p384_dilithium3" -# define p384_dilithium3_pem_type "p384_dilithium3" -# define dilithium3_pss3072_evp_type 0 -# define dilithium3_pss3072_input_type "dilithium3_pss3072" -# define dilithium3_pss3072_pem_type "dilithium3_pss3072" -# define dilithium3_rsa3072_evp_type 0 -# define dilithium3_rsa3072_input_type "dilithium3_rsa3072" -# define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" -# define dilithium3_p256_evp_type 0 -# define dilithium3_p256_input_type "dilithium3_p256" -# define dilithium3_p256_pem_type "dilithium3_p256" -# define dilithium3_bp256_evp_type 0 -# define dilithium3_bp256_input_type "dilithium3_bp256" -# define dilithium3_bp256_pem_type "dilithium3_bp256" -# define dilithium3_ed25519_evp_type 0 -# define dilithium3_ed25519_input_type "dilithium3_ed25519" -# define dilithium3_ed25519_pem_type "dilithium3_ed25519" -# define dilithium5_evp_type 0 -# define dilithium5_input_type "dilithium5" -# define dilithium5_pem_type "dilithium5" -# define p521_dilithium5_evp_type 0 -# define p521_dilithium5_input_type "p521_dilithium5" -# define p521_dilithium5_pem_type "p521_dilithium5" -# define dilithium5_p384_evp_type 0 -# define dilithium5_p384_input_type "dilithium5_p384" -# define dilithium5_p384_pem_type "dilithium5_p384" -# define dilithium5_bp384_evp_type 0 -# define dilithium5_bp384_input_type "dilithium5_bp384" -# define dilithium5_bp384_pem_type "dilithium5_bp384" -# define dilithium5_ed448_evp_type 0 -# define dilithium5_ed448_input_type "dilithium5_ed448" -# define dilithium5_ed448_pem_type "dilithium5_ed448" -# define falcon512_evp_type 0 -# define falcon512_input_type "falcon512" -# define falcon512_pem_type "falcon512" -# define p256_falcon512_evp_type 0 -# define p256_falcon512_input_type "p256_falcon512" -# define p256_falcon512_pem_type "p256_falcon512" -# define rsa3072_falcon512_evp_type 0 -# define rsa3072_falcon512_input_type "rsa3072_falcon512" -# define rsa3072_falcon512_pem_type "rsa3072_falcon512" -# define falcon512_p256_evp_type 0 -# define falcon512_p256_input_type "falcon512_p256" -# define falcon512_p256_pem_type "falcon512_p256" -# define falcon512_bp256_evp_type 0 -# define falcon512_bp256_input_type "falcon512_bp256" -# define falcon512_bp256_pem_type "falcon512_bp256" -# define falcon512_ed25519_evp_type 0 -# define falcon512_ed25519_input_type "falcon512_ed25519" -# define falcon512_ed25519_pem_type "falcon512_ed25519" -# define falcon1024_evp_type 0 -# define falcon1024_input_type "falcon1024" -# define falcon1024_pem_type "falcon1024" -# define p521_falcon1024_evp_type 0 -# define p521_falcon1024_input_type "p521_falcon1024" -# define p521_falcon1024_pem_type "p521_falcon1024" -# define sphincssha2128fsimple_evp_type 0 -# define sphincssha2128fsimple_input_type "sphincssha2128fsimple" -# define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" -# define p256_sphincssha2128fsimple_evp_type 0 -# define p256_sphincssha2128fsimple_input_type "p256_sphincssha2128fsimple" -# define p256_sphincssha2128fsimple_pem_type "p256_sphincssha2128fsimple" -# define rsa3072_sphincssha2128fsimple_evp_type 0 -# define rsa3072_sphincssha2128fsimple_input_type "rsa3072_sphincssha2128fsimple" -# define rsa3072_sphincssha2128fsimple_pem_type "rsa3072_sphincssha2128fsimple" -# define sphincssha2128ssimple_evp_type 0 -# define sphincssha2128ssimple_input_type "sphincssha2128ssimple" -# define sphincssha2128ssimple_pem_type "sphincssha2128ssimple" -# define p256_sphincssha2128ssimple_evp_type 0 -# define p256_sphincssha2128ssimple_input_type "p256_sphincssha2128ssimple" -# define p256_sphincssha2128ssimple_pem_type "p256_sphincssha2128ssimple" -# define rsa3072_sphincssha2128ssimple_evp_type 0 -# define rsa3072_sphincssha2128ssimple_input_type "rsa3072_sphincssha2128ssimple" -# define rsa3072_sphincssha2128ssimple_pem_type "rsa3072_sphincssha2128ssimple" -# define sphincssha2192fsimple_evp_type 0 -# define sphincssha2192fsimple_input_type "sphincssha2192fsimple" -# define sphincssha2192fsimple_pem_type "sphincssha2192fsimple" -# define p384_sphincssha2192fsimple_evp_type 0 -# define p384_sphincssha2192fsimple_input_type "p384_sphincssha2192fsimple" -# define p384_sphincssha2192fsimple_pem_type "p384_sphincssha2192fsimple" -# define sphincsshake128fsimple_evp_type 0 -# define sphincsshake128fsimple_input_type "sphincsshake128fsimple" -# define sphincsshake128fsimple_pem_type "sphincsshake128fsimple" -# define p256_sphincsshake128fsimple_evp_type 0 -# define p256_sphincsshake128fsimple_input_type "p256_sphincsshake128fsimple" -# define p256_sphincsshake128fsimple_pem_type "p256_sphincsshake128fsimple" -# define rsa3072_sphincsshake128fsimple_evp_type 0 -# define rsa3072_sphincsshake128fsimple_input_type "rsa3072_sphincsshake128fsimple" -# define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" +#define frodo640aes_evp_type 0 +#define frodo640aes_input_type "frodo640aes" +#define frodo640aes_pem_type "frodo640aes" + +#define p256_frodo640aes_evp_type 0 +#define p256_frodo640aes_input_type "p256_frodo640aes" +#define p256_frodo640aes_pem_type "p256_frodo640aes" +#define x25519_frodo640aes_evp_type 0 +#define x25519_frodo640aes_input_type "x25519_frodo640aes" +#define x25519_frodo640aes_pem_type "x25519_frodo640aes" +#define frodo640shake_evp_type 0 +#define frodo640shake_input_type "frodo640shake" +#define frodo640shake_pem_type "frodo640shake" + +#define p256_frodo640shake_evp_type 0 +#define p256_frodo640shake_input_type "p256_frodo640shake" +#define p256_frodo640shake_pem_type "p256_frodo640shake" +#define x25519_frodo640shake_evp_type 0 +#define x25519_frodo640shake_input_type "x25519_frodo640shake" +#define x25519_frodo640shake_pem_type "x25519_frodo640shake" +#define frodo976aes_evp_type 0 +#define frodo976aes_input_type "frodo976aes" +#define frodo976aes_pem_type "frodo976aes" + +#define p384_frodo976aes_evp_type 0 +#define p384_frodo976aes_input_type "p384_frodo976aes" +#define p384_frodo976aes_pem_type "p384_frodo976aes" +#define x448_frodo976aes_evp_type 0 +#define x448_frodo976aes_input_type "x448_frodo976aes" +#define x448_frodo976aes_pem_type "x448_frodo976aes" +#define frodo976shake_evp_type 0 +#define frodo976shake_input_type "frodo976shake" +#define frodo976shake_pem_type "frodo976shake" + +#define p384_frodo976shake_evp_type 0 +#define p384_frodo976shake_input_type "p384_frodo976shake" +#define p384_frodo976shake_pem_type "p384_frodo976shake" +#define x448_frodo976shake_evp_type 0 +#define x448_frodo976shake_input_type "x448_frodo976shake" +#define x448_frodo976shake_pem_type "x448_frodo976shake" +#define frodo1344aes_evp_type 0 +#define frodo1344aes_input_type "frodo1344aes" +#define frodo1344aes_pem_type "frodo1344aes" + +#define p521_frodo1344aes_evp_type 0 +#define p521_frodo1344aes_input_type "p521_frodo1344aes" +#define p521_frodo1344aes_pem_type "p521_frodo1344aes" +#define frodo1344shake_evp_type 0 +#define frodo1344shake_input_type "frodo1344shake" +#define frodo1344shake_pem_type "frodo1344shake" + +#define p521_frodo1344shake_evp_type 0 +#define p521_frodo1344shake_input_type "p521_frodo1344shake" +#define p521_frodo1344shake_pem_type "p521_frodo1344shake" +#define kyber512_evp_type 0 +#define kyber512_input_type "kyber512" +#define kyber512_pem_type "kyber512" + +#define p256_kyber512_evp_type 0 +#define p256_kyber512_input_type "p256_kyber512" +#define p256_kyber512_pem_type "p256_kyber512" +#define x25519_kyber512_evp_type 0 +#define x25519_kyber512_input_type "x25519_kyber512" +#define x25519_kyber512_pem_type "x25519_kyber512" +#define kyber768_evp_type 0 +#define kyber768_input_type "kyber768" +#define kyber768_pem_type "kyber768" + +#define p384_kyber768_evp_type 0 +#define p384_kyber768_input_type "p384_kyber768" +#define p384_kyber768_pem_type "p384_kyber768" +#define x448_kyber768_evp_type 0 +#define x448_kyber768_input_type "x448_kyber768" +#define x448_kyber768_pem_type "x448_kyber768" +#define x25519_kyber768_evp_type 0 +#define x25519_kyber768_input_type "x25519_kyber768" +#define x25519_kyber768_pem_type "x25519_kyber768" +#define p256_kyber768_evp_type 0 +#define p256_kyber768_input_type "p256_kyber768" +#define p256_kyber768_pem_type "p256_kyber768" +#define kyber1024_evp_type 0 +#define kyber1024_input_type "kyber1024" +#define kyber1024_pem_type "kyber1024" + +#define p521_kyber1024_evp_type 0 +#define p521_kyber1024_input_type "p521_kyber1024" +#define p521_kyber1024_pem_type "p521_kyber1024" +#define bikel1_evp_type 0 +#define bikel1_input_type "bikel1" +#define bikel1_pem_type "bikel1" + +#define p256_bikel1_evp_type 0 +#define p256_bikel1_input_type "p256_bikel1" +#define p256_bikel1_pem_type "p256_bikel1" +#define x25519_bikel1_evp_type 0 +#define x25519_bikel1_input_type "x25519_bikel1" +#define x25519_bikel1_pem_type "x25519_bikel1" +#define bikel3_evp_type 0 +#define bikel3_input_type "bikel3" +#define bikel3_pem_type "bikel3" + +#define p384_bikel3_evp_type 0 +#define p384_bikel3_input_type "p384_bikel3" +#define p384_bikel3_pem_type "p384_bikel3" +#define x448_bikel3_evp_type 0 +#define x448_bikel3_input_type "x448_bikel3" +#define x448_bikel3_pem_type "x448_bikel3" +#define bikel5_evp_type 0 +#define bikel5_input_type "bikel5" +#define bikel5_pem_type "bikel5" + +#define p521_bikel5_evp_type 0 +#define p521_bikel5_input_type "p521_bikel5" +#define p521_bikel5_pem_type "p521_bikel5" +#define hqc128_evp_type 0 +#define hqc128_input_type "hqc128" +#define hqc128_pem_type "hqc128" + +#define p256_hqc128_evp_type 0 +#define p256_hqc128_input_type "p256_hqc128" +#define p256_hqc128_pem_type "p256_hqc128" +#define x25519_hqc128_evp_type 0 +#define x25519_hqc128_input_type "x25519_hqc128" +#define x25519_hqc128_pem_type "x25519_hqc128" +#define hqc192_evp_type 0 +#define hqc192_input_type "hqc192" +#define hqc192_pem_type "hqc192" + +#define p384_hqc192_evp_type 0 +#define p384_hqc192_input_type "p384_hqc192" +#define p384_hqc192_pem_type "p384_hqc192" +#define x448_hqc192_evp_type 0 +#define x448_hqc192_input_type "x448_hqc192" +#define x448_hqc192_pem_type "x448_hqc192" +#define hqc256_evp_type 0 +#define hqc256_input_type "hqc256" +#define hqc256_pem_type "hqc256" + +#define p521_hqc256_evp_type 0 +#define p521_hqc256_input_type "p521_hqc256" +#define p521_hqc256_pem_type "p521_hqc256" + +#define dilithium2_evp_type 0 +#define dilithium2_input_type "dilithium2" +#define dilithium2_pem_type "dilithium2" +#define p256_dilithium2_evp_type 0 +#define p256_dilithium2_input_type "p256_dilithium2" +#define p256_dilithium2_pem_type "p256_dilithium2" +#define rsa3072_dilithium2_evp_type 0 +#define rsa3072_dilithium2_input_type "rsa3072_dilithium2" +#define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" +#define dilithium2_pss2048_evp_type 0 +#define dilithium2_pss2048_input_type "dilithium2_pss2048" +#define dilithium2_pss2048_pem_type "dilithium2_pss2048" +#define dilithium2_rsa2048_evp_type 0 +#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" +#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" +#define dilithium2_ed25519_evp_type 0 +#define dilithium2_ed25519_input_type "dilithium2_ed25519" +#define dilithium2_ed25519_pem_type "dilithium2_ed25519" +#define dilithium2_p256_evp_type 0 +#define dilithium2_p256_input_type "dilithium2_p256" +#define dilithium2_p256_pem_type "dilithium2_p256" +#define dilithium2_bp256_evp_type 0 +#define dilithium2_bp256_input_type "dilithium2_bp256" +#define dilithium2_bp256_pem_type "dilithium2_bp256" +#define dilithium3_evp_type 0 +#define dilithium3_input_type "dilithium3" +#define dilithium3_pem_type "dilithium3" +#define p384_dilithium3_evp_type 0 +#define p384_dilithium3_input_type "p384_dilithium3" +#define p384_dilithium3_pem_type "p384_dilithium3" +#define dilithium3_pss3072_evp_type 0 +#define dilithium3_pss3072_input_type "dilithium3_pss3072" +#define dilithium3_pss3072_pem_type "dilithium3_pss3072" +#define dilithium3_rsa3072_evp_type 0 +#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" +#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" +#define dilithium3_p256_evp_type 0 +#define dilithium3_p256_input_type "dilithium3_p256" +#define dilithium3_p256_pem_type "dilithium3_p256" +#define dilithium3_bp256_evp_type 0 +#define dilithium3_bp256_input_type "dilithium3_bp256" +#define dilithium3_bp256_pem_type "dilithium3_bp256" +#define dilithium3_ed25519_evp_type 0 +#define dilithium3_ed25519_input_type "dilithium3_ed25519" +#define dilithium3_ed25519_pem_type "dilithium3_ed25519" +#define dilithium5_evp_type 0 +#define dilithium5_input_type "dilithium5" +#define dilithium5_pem_type "dilithium5" +#define p521_dilithium5_evp_type 0 +#define p521_dilithium5_input_type "p521_dilithium5" +#define p521_dilithium5_pem_type "p521_dilithium5" +#define dilithium5_p384_evp_type 0 +#define dilithium5_p384_input_type "dilithium5_p384" +#define dilithium5_p384_pem_type "dilithium5_p384" +#define dilithium5_bp384_evp_type 0 +#define dilithium5_bp384_input_type "dilithium5_bp384" +#define dilithium5_bp384_pem_type "dilithium5_bp384" +#define dilithium5_ed448_evp_type 0 +#define dilithium5_ed448_input_type "dilithium5_ed448" +#define dilithium5_ed448_pem_type "dilithium5_ed448" +#define falcon512_evp_type 0 +#define falcon512_input_type "falcon512" +#define falcon512_pem_type "falcon512" +#define p256_falcon512_evp_type 0 +#define p256_falcon512_input_type "p256_falcon512" +#define p256_falcon512_pem_type "p256_falcon512" +#define rsa3072_falcon512_evp_type 0 +#define rsa3072_falcon512_input_type "rsa3072_falcon512" +#define rsa3072_falcon512_pem_type "rsa3072_falcon512" +#define falcon512_p256_evp_type 0 +#define falcon512_p256_input_type "falcon512_p256" +#define falcon512_p256_pem_type "falcon512_p256" +#define falcon512_bp256_evp_type 0 +#define falcon512_bp256_input_type "falcon512_bp256" +#define falcon512_bp256_pem_type "falcon512_bp256" +#define falcon512_ed25519_evp_type 0 +#define falcon512_ed25519_input_type "falcon512_ed25519" +#define falcon512_ed25519_pem_type "falcon512_ed25519" +#define falcon1024_evp_type 0 +#define falcon1024_input_type "falcon1024" +#define falcon1024_pem_type "falcon1024" +#define p521_falcon1024_evp_type 0 +#define p521_falcon1024_input_type "p521_falcon1024" +#define p521_falcon1024_pem_type "p521_falcon1024" +#define sphincssha2128fsimple_evp_type 0 +#define sphincssha2128fsimple_input_type "sphincssha2128fsimple" +#define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" +#define p256_sphincssha2128fsimple_evp_type 0 +#define p256_sphincssha2128fsimple_input_type "p256_sphincssha2128fsimple" +#define p256_sphincssha2128fsimple_pem_type "p256_sphincssha2128fsimple" +#define rsa3072_sphincssha2128fsimple_evp_type 0 +#define rsa3072_sphincssha2128fsimple_input_type "rsa3072_sphincssha2128fsimple" +#define rsa3072_sphincssha2128fsimple_pem_type "rsa3072_sphincssha2128fsimple" +#define sphincssha2128ssimple_evp_type 0 +#define sphincssha2128ssimple_input_type "sphincssha2128ssimple" +#define sphincssha2128ssimple_pem_type "sphincssha2128ssimple" +#define p256_sphincssha2128ssimple_evp_type 0 +#define p256_sphincssha2128ssimple_input_type "p256_sphincssha2128ssimple" +#define p256_sphincssha2128ssimple_pem_type "p256_sphincssha2128ssimple" +#define rsa3072_sphincssha2128ssimple_evp_type 0 +#define rsa3072_sphincssha2128ssimple_input_type "rsa3072_sphincssha2128ssimple" +#define rsa3072_sphincssha2128ssimple_pem_type "rsa3072_sphincssha2128ssimple" +#define sphincssha2192fsimple_evp_type 0 +#define sphincssha2192fsimple_input_type "sphincssha2192fsimple" +#define sphincssha2192fsimple_pem_type "sphincssha2192fsimple" +#define p384_sphincssha2192fsimple_evp_type 0 +#define p384_sphincssha2192fsimple_input_type "p384_sphincssha2192fsimple" +#define p384_sphincssha2192fsimple_pem_type "p384_sphincssha2192fsimple" +#define sphincsshake128fsimple_evp_type 0 +#define sphincsshake128fsimple_input_type "sphincsshake128fsimple" +#define sphincsshake128fsimple_pem_type "sphincsshake128fsimple" +#define p256_sphincsshake128fsimple_evp_type 0 +#define p256_sphincsshake128fsimple_input_type "p256_sphincsshake128fsimple" +#define p256_sphincsshake128fsimple_pem_type "p256_sphincsshake128fsimple" +#define rsa3072_sphincsshake128fsimple_evp_type 0 +#define rsa3072_sphincsshake128fsimple_input_type \ + "rsa3072_sphincsshake128fsimple" +#define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple" ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END /* ---------------------------------------------------------------------- */ @@ -1722,7 +1722,6 @@ key2text_encode(void *vctx, const void *key, int selection, OSSL_CORE_BIO *cout, ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_START #ifdef OQS_KEM_ENCODERS - MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, frodo640aes, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, frodo640aes, oqsx, PrivateKeyInfo, der); @@ -2244,8 +2243,10 @@ MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincssha2128fsimple); -MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, + der); +MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, + pem); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128fsimple, oqsx, SubjectPublicKeyInfo, der); @@ -2265,8 +2266,10 @@ MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincssha2128ssimple); -MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, + der); +MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, EncryptedPrivateKeyInfo, + pem); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincssha2128ssimple, oqsx, SubjectPublicKeyInfo, der); @@ -2300,8 +2303,10 @@ MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p256_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p256_sphincsshake128fsimple); -MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, + der); +MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, EncryptedPrivateKeyInfo, + pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, der); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index bb56299c..09bb2b31 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -583,358 +583,460 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[]) ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_START static void *dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2", KEY_TYPE_SIG, NULL, 128, 0); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2", KEY_TYPE_SIG, NULL, 128, 0); } static void *dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2", 0, 128, 0); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2", 0, 128, 0); } static void *p256_dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "p256_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 1); } static void *p256_dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "p256_dilithium2", KEY_TYPE_HYB_SIG, 128, 1); } static void *rsa3072_dilithium2_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, NULL, 128, 2); } static void *rsa3072_dilithium2_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); } static void *dilithium2_pss2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); } static void *dilithium2_pss2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); } static void *dilithium2_rsa2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); } static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); } static void *dilithium2_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); } static void *dilithium2_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); } static void *dilithium2_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); } static void *dilithium2_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); } static void *dilithium2_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); } static void *dilithium2_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, + "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); } static void *dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); } static void *dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3", 0, 192, 8); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3", 0, 192, 8); } static void *p384_dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); } static void *p384_dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); } static void *dilithium3_pss3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); } static void *dilithium3_pss3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); } static void *dilithium3_rsa3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); } static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); } static void *dilithium3_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); } static void *dilithium3_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); } static void *dilithium3_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); } static void *dilithium3_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); } static void *dilithium3_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); } static void *dilithium3_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); } static void *dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); } static void *dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5", 0, 256, 15); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5", 0, 256, 15); } static void *p521_dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); } static void *p521_dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); } static void *dilithium5_p384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); } static void *dilithium5_p384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); } static void *dilithium5_bp384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); } static void *dilithium5_bp384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); } static void *dilithium5_ed448_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); } static void *dilithium5_ed448_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); } static void *falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512", KEY_TYPE_SIG, NULL, 128, 20); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512", KEY_TYPE_SIG, NULL, 128, 20); } static void *falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512", 0, 128, 20); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512", 0, 128, 20); } static void *p256_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 21); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 21); } static void *p256_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 21); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 21); } static void *rsa3072_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 22); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 22); } static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 22); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 22); } static void *falcon512_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 23); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 23); } static void *falcon512_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 23); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 23); } static void *falcon512_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 24); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 24); } static void *falcon512_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 24); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 24); } static void *falcon512_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 25); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 25); } static void *falcon512_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 25); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 25); } static void *falcon1024_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, "falcon1024", KEY_TYPE_SIG, NULL, 256, 26); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, + "falcon1024", KEY_TYPE_SIG, NULL, 256, 26); } static void *falcon1024_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, "falcon1024", 0, 256, 26); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, + "falcon1024", 0, 256, 26); } static void *p521_falcon1024_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 27); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 27); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 27); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 27); } - static void *sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 28); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_sphincs_sha2_128f_simple, + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 28); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "sphincssha2128fsimple", 0, 128, 28); + return oqsx_gen_init(provctx, selection, + OQS_SIG_alg_sphincs_sha2_128f_simple, + "sphincssha2128fsimple", 0, 128, 28); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 29); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 29); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 30); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 30); } -static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, int selection) +static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, + int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 30); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 30); } static void *sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 31); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_sphincs_sha2_128s_simple, + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 31); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "sphincssha2128ssimple", 0, 128, 31); + return oqsx_gen_init(provctx, selection, + OQS_SIG_alg_sphincs_sha2_128s_simple, + "sphincssha2128ssimple", 0, 128, 31); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 32); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 32); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 32); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 32); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } -static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, int selection) +static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, + int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 33); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *sphincssha2192fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 34); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_sphincs_sha2_192f_simple, + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 34); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, "sphincssha2192fsimple", 0, 192, 34); + return oqsx_gen_init(provctx, selection, + OQS_SIG_alg_sphincs_sha2_192f_simple, + "sphincssha2192fsimple", 0, 192, 34); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 35); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 35); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 35); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 35); } static void *sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 36); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_sphincs_shake_128f_simple, + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 36); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "sphincsshake128fsimple", 0, 128, 36); + return oqsx_gen_init(provctx, selection, + OQS_SIG_alg_sphincs_shake_128f_simple, + "sphincsshake128fsimple", 0, 128, 36); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 37); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); } -static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, int selection) +static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, + int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 38); + return oqsx_gen_init( + provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 38); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1128,30 +1230,40 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640aes, OQS_KEM_alg_frodokem_640_aes, + 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640aes, OQS_KEM_alg_frodokem_640_aes, + 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_frodo640shake, + OQS_KEM_alg_frodokem_640_shake, 128) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, OQS_KEM_alg_frodokem_640_shake, 128) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_frodo640shake, + OQS_KEM_alg_frodokem_640_shake, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976aes, OQS_KEM_alg_frodokem_976_aes, + 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976aes, OQS_KEM_alg_frodokem_976_aes, + 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_frodo976shake, + OQS_KEM_alg_frodokem_976_shake, 192) -MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, OQS_KEM_alg_frodokem_976_shake, 192) +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_frodo976shake, + OQS_KEM_alg_frodokem_976_shake, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, 256) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344aes, OQS_KEM_alg_frodokem_1344_aes, + 256) MAKE_KEM_KEYMGMT_FUNCTIONS(frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) -MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344shake, OQS_KEM_alg_frodokem_1344_shake, 256) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_frodo1344shake, + OQS_KEM_alg_frodokem_1344_shake, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber512, OQS_KEM_alg_kyber_512, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber512, OQS_KEM_alg_kyber_512, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1ec8608a..1bf1c02e 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -257,695 +257,1470 @@ extern const OSSL_DISPATCH oqs_signature_functions[]; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_START #ifdef OQS_KEM_ENCODERS - -extern const OSSL_DISPATCH oqs_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo640aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_frodo640aes_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_frodo640aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo640shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_frodo640shake_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_frodo640shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_frodo640shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_frodo640shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo976aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_frodo976aes_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_frodo976aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_frodo976aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo976shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_frodo976shake_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_frodo976shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_frodo976shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_frodo976shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo1344aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo1344aes_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344aes_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_frodo1344aes_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344aes_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_frodo1344shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_frodo1344shake_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_frodo1344shake_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_frodo1344shake_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_frodo1344shake_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber512_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_kyber512_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_kyber512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_kyber512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_kyber512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_kyber768_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_kyber768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_kyber768_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_kyber768_decoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_kyber768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_kyber1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_kyber1024_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_kyber1024_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_kyber1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_kyber1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel1_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_bikel1_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_bikel1_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_bikel1_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_bikel1_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_bikel1_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_bikel1_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_bikel1_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel3_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel3_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_bikel3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_bikel3_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_bikel3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_bikel3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_bikel3_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_bikel3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_bikel3_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel5_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_bikel5_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_bikel5_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_bikel5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_bikel5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_bikel5_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_bikel5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_bikel5_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc128_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc128_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_hqc128_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_hqc128_decoder_functions[];extern const OSSL_DISPATCH oqs_x25519_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x25519_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_hqc128_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x25519_hqc128_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x25519_hqc128_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_hqc128_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_hqc128_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc192_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc192_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_hqc192_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_hqc192_decoder_functions[];extern const OSSL_DISPATCH oqs_x448_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_x448_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_hqc192_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_x448_hqc192_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_x448_hqc192_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_hqc192_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_hqc192_decoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_hqc256_to_text_encoder_functions[]; extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_hqc256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_hqc256_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_hqc256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_hqc256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_hqc256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_hqc256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_hqc256_decoder_functions[]; #endif /* OQS_KEM_ENCODERS */ - -extern const OSSL_DISPATCH oqs_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_dilithium2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p384_dilithium3_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_dilithium5_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[];extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falcon512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[];extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[];extern const OSSL_DISPATCH oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falcon1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_to_text_encoder_functions[]; -extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions[]; -extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128fsimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128fsimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_sphincssha2128ssimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincssha2128ssimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincssha2192fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p384_sphincssha2192fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_sphincssha2192fsimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p256_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_sphincsshake128fsimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_PrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_SubjectPublicKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions + []; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_sphincsshake128fsimple_decoder_functions + []; ///// OQS_TEMPLATE_FRAGMENT_ENDECODER_FUNCTIONS_END ///// OQS_TEMPLATE_FRAGMENT_ALG_FUNCTIONS_START -extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[];extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[];extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincssha2128ssimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[];extern const OSSL_DISPATCH oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2128ssimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincssha2128ssimple_keymgmt_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincssha2128ssimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincssha2192fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p384_sphincssha2192fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_sphincsshake128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_sphincsshake128fsimple_keymgmt_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_sphincsshake128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_frodo640aes_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 9bdc5e3f..3496d68d 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -36,176 +36,318 @@ ///// OQS_TEMPLATE_FRAGMENT_MAKE_START #ifdef OQS_KEM_ENCODERS -#ifdef OQS_ENABLE_KEM_frodokem_640_aes +# ifdef OQS_ENABLE_KEM_frodokem_640_aes DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), -DECODER_w_structure("frodo640aes", der, SubjectPublicKeyInfo, frodo640aes), -DECODER_w_structure("p256_frodo640aes", der, PrivateKeyInfo, p256_frodo640aes), -DECODER_w_structure("p256_frodo640aes", der, SubjectPublicKeyInfo, p256_frodo640aes),DECODER_w_structure("x25519_frodo640aes", der, PrivateKeyInfo, x25519_frodo640aes), -DECODER_w_structure("x25519_frodo640aes", der, SubjectPublicKeyInfo, x25519_frodo640aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_640_shake -DECODER_w_structure("frodo640shake", der, PrivateKeyInfo, frodo640shake), -DECODER_w_structure("frodo640shake", der, SubjectPublicKeyInfo, frodo640shake), -DECODER_w_structure("p256_frodo640shake", der, PrivateKeyInfo, p256_frodo640shake), -DECODER_w_structure("p256_frodo640shake", der, SubjectPublicKeyInfo, p256_frodo640shake),DECODER_w_structure("x25519_frodo640shake", der, PrivateKeyInfo, x25519_frodo640shake), -DECODER_w_structure("x25519_frodo640shake", der, SubjectPublicKeyInfo, x25519_frodo640shake), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_976_aes -DECODER_w_structure("frodo976aes", der, PrivateKeyInfo, frodo976aes), -DECODER_w_structure("frodo976aes", der, SubjectPublicKeyInfo, frodo976aes), -DECODER_w_structure("p384_frodo976aes", der, PrivateKeyInfo, p384_frodo976aes), -DECODER_w_structure("p384_frodo976aes", der, SubjectPublicKeyInfo, p384_frodo976aes),DECODER_w_structure("x448_frodo976aes", der, PrivateKeyInfo, x448_frodo976aes), -DECODER_w_structure("x448_frodo976aes", der, SubjectPublicKeyInfo, x448_frodo976aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_976_shake -DECODER_w_structure("frodo976shake", der, PrivateKeyInfo, frodo976shake), -DECODER_w_structure("frodo976shake", der, SubjectPublicKeyInfo, frodo976shake), -DECODER_w_structure("p384_frodo976shake", der, PrivateKeyInfo, p384_frodo976shake), -DECODER_w_structure("p384_frodo976shake", der, SubjectPublicKeyInfo, p384_frodo976shake),DECODER_w_structure("x448_frodo976shake", der, PrivateKeyInfo, x448_frodo976shake), -DECODER_w_structure("x448_frodo976shake", der, SubjectPublicKeyInfo, x448_frodo976shake), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_1344_aes -DECODER_w_structure("frodo1344aes", der, PrivateKeyInfo, frodo1344aes), -DECODER_w_structure("frodo1344aes", der, SubjectPublicKeyInfo, frodo1344aes), -DECODER_w_structure("p521_frodo1344aes", der, PrivateKeyInfo, p521_frodo1344aes), -DECODER_w_structure("p521_frodo1344aes", der, SubjectPublicKeyInfo, p521_frodo1344aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_1344_shake -DECODER_w_structure("frodo1344shake", der, PrivateKeyInfo, frodo1344shake), -DECODER_w_structure("frodo1344shake", der, SubjectPublicKeyInfo, frodo1344shake), -DECODER_w_structure("p521_frodo1344shake", der, PrivateKeyInfo, p521_frodo1344shake), -DECODER_w_structure("p521_frodo1344shake", der, SubjectPublicKeyInfo, p521_frodo1344shake), -#endif -#ifdef OQS_ENABLE_KEM_kyber_512 -DECODER_w_structure("kyber512", der, PrivateKeyInfo, kyber512), -DECODER_w_structure("kyber512", der, SubjectPublicKeyInfo, kyber512), -DECODER_w_structure("p256_kyber512", der, PrivateKeyInfo, p256_kyber512), -DECODER_w_structure("p256_kyber512", der, SubjectPublicKeyInfo, p256_kyber512),DECODER_w_structure("x25519_kyber512", der, PrivateKeyInfo, x25519_kyber512), -DECODER_w_structure("x25519_kyber512", der, SubjectPublicKeyInfo, x25519_kyber512), -#endif -#ifdef OQS_ENABLE_KEM_kyber_768 -DECODER_w_structure("kyber768", der, PrivateKeyInfo, kyber768), -DECODER_w_structure("kyber768", der, SubjectPublicKeyInfo, kyber768), -DECODER_w_structure("p384_kyber768", der, PrivateKeyInfo, p384_kyber768), -DECODER_w_structure("p384_kyber768", der, SubjectPublicKeyInfo, p384_kyber768),DECODER_w_structure("x448_kyber768", der, PrivateKeyInfo, x448_kyber768), -DECODER_w_structure("x448_kyber768", der, SubjectPublicKeyInfo, x448_kyber768),DECODER_w_structure("x25519_kyber768", der, PrivateKeyInfo, x25519_kyber768), -DECODER_w_structure("x25519_kyber768", der, SubjectPublicKeyInfo, x25519_kyber768),DECODER_w_structure("p256_kyber768", der, PrivateKeyInfo, p256_kyber768), -DECODER_w_structure("p256_kyber768", der, SubjectPublicKeyInfo, p256_kyber768), -#endif -#ifdef OQS_ENABLE_KEM_kyber_1024 -DECODER_w_structure("kyber1024", der, PrivateKeyInfo, kyber1024), -DECODER_w_structure("kyber1024", der, SubjectPublicKeyInfo, kyber1024), -DECODER_w_structure("p521_kyber1024", der, PrivateKeyInfo, p521_kyber1024), -DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, p521_kyber1024), -#endif -#ifdef OQS_ENABLE_KEM_bike_l1 -DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), -DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), -DECODER_w_structure("p256_bikel1", der, PrivateKeyInfo, p256_bikel1), -DECODER_w_structure("p256_bikel1", der, SubjectPublicKeyInfo, p256_bikel1),DECODER_w_structure("x25519_bikel1", der, PrivateKeyInfo, x25519_bikel1), -DECODER_w_structure("x25519_bikel1", der, SubjectPublicKeyInfo, x25519_bikel1), -#endif -#ifdef OQS_ENABLE_KEM_bike_l3 -DECODER_w_structure("bikel3", der, PrivateKeyInfo, bikel3), -DECODER_w_structure("bikel3", der, SubjectPublicKeyInfo, bikel3), -DECODER_w_structure("p384_bikel3", der, PrivateKeyInfo, p384_bikel3), -DECODER_w_structure("p384_bikel3", der, SubjectPublicKeyInfo, p384_bikel3),DECODER_w_structure("x448_bikel3", der, PrivateKeyInfo, x448_bikel3), -DECODER_w_structure("x448_bikel3", der, SubjectPublicKeyInfo, x448_bikel3), -#endif -#ifdef OQS_ENABLE_KEM_bike_l5 -DECODER_w_structure("bikel5", der, PrivateKeyInfo, bikel5), -DECODER_w_structure("bikel5", der, SubjectPublicKeyInfo, bikel5), -DECODER_w_structure("p521_bikel5", der, PrivateKeyInfo, p521_bikel5), -DECODER_w_structure("p521_bikel5", der, SubjectPublicKeyInfo, p521_bikel5), -#endif -#ifdef OQS_ENABLE_KEM_hqc_128 -DECODER_w_structure("hqc128", der, PrivateKeyInfo, hqc128), -DECODER_w_structure("hqc128", der, SubjectPublicKeyInfo, hqc128), -DECODER_w_structure("p256_hqc128", der, PrivateKeyInfo, p256_hqc128), -DECODER_w_structure("p256_hqc128", der, SubjectPublicKeyInfo, p256_hqc128),DECODER_w_structure("x25519_hqc128", der, PrivateKeyInfo, x25519_hqc128), -DECODER_w_structure("x25519_hqc128", der, SubjectPublicKeyInfo, x25519_hqc128), -#endif -#ifdef OQS_ENABLE_KEM_hqc_192 -DECODER_w_structure("hqc192", der, PrivateKeyInfo, hqc192), -DECODER_w_structure("hqc192", der, SubjectPublicKeyInfo, hqc192), -DECODER_w_structure("p384_hqc192", der, PrivateKeyInfo, p384_hqc192), -DECODER_w_structure("p384_hqc192", der, SubjectPublicKeyInfo, p384_hqc192),DECODER_w_structure("x448_hqc192", der, PrivateKeyInfo, x448_hqc192), -DECODER_w_structure("x448_hqc192", der, SubjectPublicKeyInfo, x448_hqc192), -#endif -#ifdef OQS_ENABLE_KEM_hqc_256 -DECODER_w_structure("hqc256", der, PrivateKeyInfo, hqc256), -DECODER_w_structure("hqc256", der, SubjectPublicKeyInfo, hqc256), -DECODER_w_structure("p521_hqc256", der, PrivateKeyInfo, p521_hqc256), -DECODER_w_structure("p521_hqc256", der, SubjectPublicKeyInfo, p521_hqc256), -#endif + DECODER_w_structure("frodo640aes", der, SubjectPublicKeyInfo, frodo640aes), + DECODER_w_structure("p256_frodo640aes", der, PrivateKeyInfo, + p256_frodo640aes), + DECODER_w_structure("p256_frodo640aes", der, SubjectPublicKeyInfo, + p256_frodo640aes), + DECODER_w_structure("x25519_frodo640aes", der, PrivateKeyInfo, + x25519_frodo640aes), + DECODER_w_structure("x25519_frodo640aes", der, SubjectPublicKeyInfo, + x25519_frodo640aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_640_shake + DECODER_w_structure("frodo640shake", der, PrivateKeyInfo, frodo640shake), + DECODER_w_structure("frodo640shake", der, SubjectPublicKeyInfo, + frodo640shake), + DECODER_w_structure("p256_frodo640shake", der, PrivateKeyInfo, + p256_frodo640shake), + DECODER_w_structure("p256_frodo640shake", der, SubjectPublicKeyInfo, + p256_frodo640shake), + DECODER_w_structure("x25519_frodo640shake", der, PrivateKeyInfo, + x25519_frodo640shake), + DECODER_w_structure("x25519_frodo640shake", der, SubjectPublicKeyInfo, + x25519_frodo640shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_aes + DECODER_w_structure("frodo976aes", der, PrivateKeyInfo, frodo976aes), + DECODER_w_structure("frodo976aes", der, SubjectPublicKeyInfo, frodo976aes), + DECODER_w_structure("p384_frodo976aes", der, PrivateKeyInfo, + p384_frodo976aes), + DECODER_w_structure("p384_frodo976aes", der, SubjectPublicKeyInfo, + p384_frodo976aes), + DECODER_w_structure("x448_frodo976aes", der, PrivateKeyInfo, + x448_frodo976aes), + DECODER_w_structure("x448_frodo976aes", der, SubjectPublicKeyInfo, + x448_frodo976aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_shake + DECODER_w_structure("frodo976shake", der, PrivateKeyInfo, frodo976shake), + DECODER_w_structure("frodo976shake", der, SubjectPublicKeyInfo, + frodo976shake), + DECODER_w_structure("p384_frodo976shake", der, PrivateKeyInfo, + p384_frodo976shake), + DECODER_w_structure("p384_frodo976shake", der, SubjectPublicKeyInfo, + p384_frodo976shake), + DECODER_w_structure("x448_frodo976shake", der, PrivateKeyInfo, + x448_frodo976shake), + DECODER_w_structure("x448_frodo976shake", der, SubjectPublicKeyInfo, + x448_frodo976shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_aes + DECODER_w_structure("frodo1344aes", der, PrivateKeyInfo, frodo1344aes), + DECODER_w_structure("frodo1344aes", der, SubjectPublicKeyInfo, + frodo1344aes), + DECODER_w_structure("p521_frodo1344aes", der, PrivateKeyInfo, + p521_frodo1344aes), + DECODER_w_structure("p521_frodo1344aes", der, SubjectPublicKeyInfo, + p521_frodo1344aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_shake + DECODER_w_structure("frodo1344shake", der, PrivateKeyInfo, frodo1344shake), + DECODER_w_structure("frodo1344shake", der, SubjectPublicKeyInfo, + frodo1344shake), + DECODER_w_structure("p521_frodo1344shake", der, PrivateKeyInfo, + p521_frodo1344shake), + DECODER_w_structure("p521_frodo1344shake", der, SubjectPublicKeyInfo, + p521_frodo1344shake), +# endif +# ifdef OQS_ENABLE_KEM_kyber_512 + DECODER_w_structure("kyber512", der, PrivateKeyInfo, kyber512), + DECODER_w_structure("kyber512", der, SubjectPublicKeyInfo, kyber512), + DECODER_w_structure("p256_kyber512", der, PrivateKeyInfo, p256_kyber512), + DECODER_w_structure("p256_kyber512", der, SubjectPublicKeyInfo, + p256_kyber512), + DECODER_w_structure("x25519_kyber512", der, PrivateKeyInfo, + x25519_kyber512), + DECODER_w_structure("x25519_kyber512", der, SubjectPublicKeyInfo, + x25519_kyber512), +# endif +# ifdef OQS_ENABLE_KEM_kyber_768 + DECODER_w_structure("kyber768", der, PrivateKeyInfo, kyber768), + DECODER_w_structure("kyber768", der, SubjectPublicKeyInfo, kyber768), + DECODER_w_structure("p384_kyber768", der, PrivateKeyInfo, p384_kyber768), + DECODER_w_structure("p384_kyber768", der, SubjectPublicKeyInfo, + p384_kyber768), + DECODER_w_structure("x448_kyber768", der, PrivateKeyInfo, x448_kyber768), + DECODER_w_structure("x448_kyber768", der, SubjectPublicKeyInfo, + x448_kyber768), + DECODER_w_structure("x25519_kyber768", der, PrivateKeyInfo, + x25519_kyber768), + DECODER_w_structure("x25519_kyber768", der, SubjectPublicKeyInfo, + x25519_kyber768), + DECODER_w_structure("p256_kyber768", der, PrivateKeyInfo, p256_kyber768), + DECODER_w_structure("p256_kyber768", der, SubjectPublicKeyInfo, + p256_kyber768), +# endif +# ifdef OQS_ENABLE_KEM_kyber_1024 + DECODER_w_structure("kyber1024", der, PrivateKeyInfo, kyber1024), + DECODER_w_structure("kyber1024", der, SubjectPublicKeyInfo, kyber1024), + DECODER_w_structure("p521_kyber1024", der, PrivateKeyInfo, p521_kyber1024), + DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, + p521_kyber1024), +# endif +# ifdef OQS_ENABLE_KEM_bike_l1 + DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), + DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), + DECODER_w_structure("p256_bikel1", der, PrivateKeyInfo, p256_bikel1), + DECODER_w_structure("p256_bikel1", der, SubjectPublicKeyInfo, p256_bikel1), + DECODER_w_structure("x25519_bikel1", der, PrivateKeyInfo, x25519_bikel1), + DECODER_w_structure("x25519_bikel1", der, SubjectPublicKeyInfo, + x25519_bikel1), +# endif +# ifdef OQS_ENABLE_KEM_bike_l3 + DECODER_w_structure("bikel3", der, PrivateKeyInfo, bikel3), + DECODER_w_structure("bikel3", der, SubjectPublicKeyInfo, bikel3), + DECODER_w_structure("p384_bikel3", der, PrivateKeyInfo, p384_bikel3), + DECODER_w_structure("p384_bikel3", der, SubjectPublicKeyInfo, p384_bikel3), + DECODER_w_structure("x448_bikel3", der, PrivateKeyInfo, x448_bikel3), + DECODER_w_structure("x448_bikel3", der, SubjectPublicKeyInfo, x448_bikel3), +# endif +# ifdef OQS_ENABLE_KEM_bike_l5 + DECODER_w_structure("bikel5", der, PrivateKeyInfo, bikel5), + DECODER_w_structure("bikel5", der, SubjectPublicKeyInfo, bikel5), + DECODER_w_structure("p521_bikel5", der, PrivateKeyInfo, p521_bikel5), + DECODER_w_structure("p521_bikel5", der, SubjectPublicKeyInfo, p521_bikel5), +# endif +# ifdef OQS_ENABLE_KEM_hqc_128 + DECODER_w_structure("hqc128", der, PrivateKeyInfo, hqc128), + DECODER_w_structure("hqc128", der, SubjectPublicKeyInfo, hqc128), + DECODER_w_structure("p256_hqc128", der, PrivateKeyInfo, p256_hqc128), + DECODER_w_structure("p256_hqc128", der, SubjectPublicKeyInfo, p256_hqc128), + DECODER_w_structure("x25519_hqc128", der, PrivateKeyInfo, x25519_hqc128), + DECODER_w_structure("x25519_hqc128", der, SubjectPublicKeyInfo, + x25519_hqc128), +# endif +# ifdef OQS_ENABLE_KEM_hqc_192 + DECODER_w_structure("hqc192", der, PrivateKeyInfo, hqc192), + DECODER_w_structure("hqc192", der, SubjectPublicKeyInfo, hqc192), + DECODER_w_structure("p384_hqc192", der, PrivateKeyInfo, p384_hqc192), + DECODER_w_structure("p384_hqc192", der, SubjectPublicKeyInfo, p384_hqc192), + DECODER_w_structure("x448_hqc192", der, PrivateKeyInfo, x448_hqc192), + DECODER_w_structure("x448_hqc192", der, SubjectPublicKeyInfo, x448_hqc192), +# endif +# ifdef OQS_ENABLE_KEM_hqc_256 + DECODER_w_structure("hqc256", der, PrivateKeyInfo, hqc256), + DECODER_w_structure("hqc256", der, SubjectPublicKeyInfo, hqc256), + DECODER_w_structure("p521_hqc256", der, PrivateKeyInfo, p521_hqc256), + DECODER_w_structure("p521_hqc256", der, SubjectPublicKeyInfo, p521_hqc256), +# endif #endif /* OQS_KEM_ENCODERS */ - #ifdef OQS_ENABLE_SIG_dilithium_2 -DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), -DECODER_w_structure("dilithium2", der, SubjectPublicKeyInfo, dilithium2),DECODER_w_structure("p256_dilithium2", der, PrivateKeyInfo, p256_dilithium2), -DECODER_w_structure("p256_dilithium2", der, SubjectPublicKeyInfo, p256_dilithium2),DECODER_w_structure("rsa3072_dilithium2", der, PrivateKeyInfo, rsa3072_dilithium2), -DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, rsa3072_dilithium2),DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, dilithium2_pss2048), -DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, dilithium2_pss2048),DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, dilithium2_rsa2048), -DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, dilithium2_rsa2048),DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, dilithium2_ed25519), -DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, dilithium2_ed25519),DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, dilithium2_p256), -DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, dilithium2_p256),DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, dilithium2_bp256), -DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, dilithium2_bp256), + DECODER_w_structure("dilithium2", der, PrivateKeyInfo, dilithium2), + DECODER_w_structure("dilithium2", der, SubjectPublicKeyInfo, dilithium2), + DECODER_w_structure("p256_dilithium2", der, PrivateKeyInfo, + p256_dilithium2), + DECODER_w_structure("p256_dilithium2", der, SubjectPublicKeyInfo, + p256_dilithium2), + DECODER_w_structure("rsa3072_dilithium2", der, PrivateKeyInfo, + rsa3072_dilithium2), + DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, + rsa3072_dilithium2), + DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, + dilithium2_pss2048), + DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, + dilithium2_rsa2048), + DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, + dilithium2_ed25519), + DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, + dilithium2_p256), + DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, + dilithium2_bp256), + DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, + dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 -DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), -DECODER_w_structure("dilithium3", der, SubjectPublicKeyInfo, dilithium3),DECODER_w_structure("p384_dilithium3", der, PrivateKeyInfo, p384_dilithium3), -DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, p384_dilithium3),DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, dilithium3_pss3072), -DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, dilithium3_pss3072),DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, dilithium3_rsa3072), -DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, dilithium3_rsa3072),DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, dilithium3_p256), -DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, dilithium3_p256),DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, dilithium3_bp256), -DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, dilithium3_bp256),DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, dilithium3_ed25519), -DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, dilithium3_ed25519), + DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), + DECODER_w_structure("dilithium3", der, SubjectPublicKeyInfo, dilithium3), + DECODER_w_structure("p384_dilithium3", der, PrivateKeyInfo, + p384_dilithium3), + DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, + p384_dilithium3), + DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, + dilithium3_pss3072), + DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, + dilithium3_pss3072), + DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, + dilithium3_rsa3072), + DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, + dilithium3_rsa3072), + DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, + dilithium3_p256), + DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, + dilithium3_p256), + DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, + dilithium3_bp256), + DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, + dilithium3_bp256), + DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, + dilithium3_ed25519), + DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, + dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 -DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), -DECODER_w_structure("dilithium5", der, SubjectPublicKeyInfo, dilithium5),DECODER_w_structure("p521_dilithium5", der, PrivateKeyInfo, p521_dilithium5), -DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5),DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, dilithium5_p384), -DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, dilithium5_p384),DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, dilithium5_bp384), -DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, dilithium5_bp384),DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, dilithium5_ed448), -DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, dilithium5_ed448), + DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), + DECODER_w_structure("dilithium5", der, SubjectPublicKeyInfo, dilithium5), + DECODER_w_structure("p521_dilithium5", der, PrivateKeyInfo, + p521_dilithium5), + DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, + p521_dilithium5), + DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, + dilithium5_p384), + DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, + dilithium5_p384), + DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, + dilithium5_bp384), + DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, + dilithium5_bp384), + DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, + dilithium5_ed448), + DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, + dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 -DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), -DECODER_w_structure("falcon512", der, SubjectPublicKeyInfo, falcon512),DECODER_w_structure("p256_falcon512", der, PrivateKeyInfo, p256_falcon512), -DECODER_w_structure("p256_falcon512", der, SubjectPublicKeyInfo, p256_falcon512),DECODER_w_structure("rsa3072_falcon512", der, PrivateKeyInfo, rsa3072_falcon512), -DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512),DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), -DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, falcon512_p256),DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, falcon512_bp256), -DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, falcon512_bp256),DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, falcon512_ed25519), -DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, falcon512_ed25519), + DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), + DECODER_w_structure("falcon512", der, SubjectPublicKeyInfo, falcon512), + DECODER_w_structure("p256_falcon512", der, PrivateKeyInfo, p256_falcon512), + DECODER_w_structure("p256_falcon512", der, SubjectPublicKeyInfo, + p256_falcon512), + DECODER_w_structure("rsa3072_falcon512", der, PrivateKeyInfo, + rsa3072_falcon512), + DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, + rsa3072_falcon512), + DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), + DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, + falcon512_p256), + DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, + falcon512_bp256), + DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, + falcon512_bp256), + DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, + falcon512_ed25519), + DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, + falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 -DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), -DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024),DECODER_w_structure("p521_falcon1024", der, PrivateKeyInfo, p521_falcon1024), -DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, p521_falcon1024), + DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), + DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024), + DECODER_w_structure("p521_falcon1024", der, PrivateKeyInfo, + p521_falcon1024), + DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, + p521_falcon1024), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple -DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, sphincssha2128fsimple), -DECODER_w_structure("sphincssha2128fsimple", der, SubjectPublicKeyInfo, sphincssha2128fsimple),DECODER_w_structure("p256_sphincssha2128fsimple", der, PrivateKeyInfo, p256_sphincssha2128fsimple), -DECODER_w_structure("p256_sphincssha2128fsimple", der, SubjectPublicKeyInfo, p256_sphincssha2128fsimple),DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, PrivateKeyInfo, rsa3072_sphincssha2128fsimple), -DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincssha2128fsimple), + DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, + sphincssha2128fsimple), + DECODER_w_structure("sphincssha2128fsimple", der, SubjectPublicKeyInfo, + sphincssha2128fsimple), + DECODER_w_structure("p256_sphincssha2128fsimple", der, PrivateKeyInfo, + p256_sphincssha2128fsimple), + DECODER_w_structure("p256_sphincssha2128fsimple", der, SubjectPublicKeyInfo, + p256_sphincssha2128fsimple), + DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, PrivateKeyInfo, + rsa3072_sphincssha2128fsimple), + DECODER_w_structure("rsa3072_sphincssha2128fsimple", der, + SubjectPublicKeyInfo, rsa3072_sphincssha2128fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple -DECODER_w_structure("sphincssha2128ssimple", der, PrivateKeyInfo, sphincssha2128ssimple), -DECODER_w_structure("sphincssha2128ssimple", der, SubjectPublicKeyInfo, sphincssha2128ssimple),DECODER_w_structure("p256_sphincssha2128ssimple", der, PrivateKeyInfo, p256_sphincssha2128ssimple), -DECODER_w_structure("p256_sphincssha2128ssimple", der, SubjectPublicKeyInfo, p256_sphincssha2128ssimple),DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, PrivateKeyInfo, rsa3072_sphincssha2128ssimple), -DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, SubjectPublicKeyInfo, rsa3072_sphincssha2128ssimple), + DECODER_w_structure("sphincssha2128ssimple", der, PrivateKeyInfo, + sphincssha2128ssimple), + DECODER_w_structure("sphincssha2128ssimple", der, SubjectPublicKeyInfo, + sphincssha2128ssimple), + DECODER_w_structure("p256_sphincssha2128ssimple", der, PrivateKeyInfo, + p256_sphincssha2128ssimple), + DECODER_w_structure("p256_sphincssha2128ssimple", der, SubjectPublicKeyInfo, + p256_sphincssha2128ssimple), + DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, PrivateKeyInfo, + rsa3072_sphincssha2128ssimple), + DECODER_w_structure("rsa3072_sphincssha2128ssimple", der, + SubjectPublicKeyInfo, rsa3072_sphincssha2128ssimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple -DECODER_w_structure("sphincssha2192fsimple", der, PrivateKeyInfo, sphincssha2192fsimple), -DECODER_w_structure("sphincssha2192fsimple", der, SubjectPublicKeyInfo, sphincssha2192fsimple),DECODER_w_structure("p384_sphincssha2192fsimple", der, PrivateKeyInfo, p384_sphincssha2192fsimple), -DECODER_w_structure("p384_sphincssha2192fsimple", der, SubjectPublicKeyInfo, p384_sphincssha2192fsimple), + DECODER_w_structure("sphincssha2192fsimple", der, PrivateKeyInfo, + sphincssha2192fsimple), + DECODER_w_structure("sphincssha2192fsimple", der, SubjectPublicKeyInfo, + sphincssha2192fsimple), + DECODER_w_structure("p384_sphincssha2192fsimple", der, PrivateKeyInfo, + p384_sphincssha2192fsimple), + DECODER_w_structure("p384_sphincssha2192fsimple", der, SubjectPublicKeyInfo, + p384_sphincssha2192fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple -DECODER_w_structure("sphincsshake128fsimple", der, PrivateKeyInfo, sphincsshake128fsimple), -DECODER_w_structure("sphincsshake128fsimple", der, SubjectPublicKeyInfo, sphincsshake128fsimple),DECODER_w_structure("p256_sphincsshake128fsimple", der, PrivateKeyInfo, p256_sphincsshake128fsimple), -DECODER_w_structure("p256_sphincsshake128fsimple", der, SubjectPublicKeyInfo, p256_sphincsshake128fsimple),DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, PrivateKeyInfo, rsa3072_sphincsshake128fsimple), -DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), + DECODER_w_structure("sphincsshake128fsimple", der, PrivateKeyInfo, + sphincsshake128fsimple), + DECODER_w_structure("sphincsshake128fsimple", der, SubjectPublicKeyInfo, + sphincsshake128fsimple), + DECODER_w_structure("p256_sphincsshake128fsimple", der, PrivateKeyInfo, + p256_sphincsshake128fsimple), + DECODER_w_structure("p256_sphincsshake128fsimple", der, + SubjectPublicKeyInfo, p256_sphincsshake128fsimple), + DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, PrivateKeyInfo, + rsa3072_sphincsshake128fsimple), + DECODER_w_structure("rsa3072_sphincsshake128fsimple", der, + SubjectPublicKeyInfo, rsa3072_sphincsshake128fsimple), #endif -///// OQS_TEMPLATE_FRAGMENT_MAKE_END + ///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 97e06f08..88729583 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -81,624 +81,981 @@ ///// OQS_TEMPLATE_FRAGMENT_MAKE_START #ifdef OQS_KEM_ENCODERS - -#ifdef OQS_ENABLE_KEM_frodokem_640_aes +# ifdef OQS_ENABLE_KEM_frodokem_640_aes ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), -ENCODER_w_structure("frodo640aes", frodo640aes, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo640aes", frodo640aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo640aes", frodo640aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo640aes", frodo640aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo640aes", frodo640aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo640aes", frodo640aes), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, PrivateKeyInfo), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_frodo640aes", p256_frodo640aes), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_frodo640aes", x25519_frodo640aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_640_shake -ENCODER_w_structure("frodo640shake", frodo640shake, der, PrivateKeyInfo), -ENCODER_w_structure("frodo640shake", frodo640shake, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo640shake", frodo640shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo640shake", frodo640shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo640shake", frodo640shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo640shake", frodo640shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo640shake", frodo640shake), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, PrivateKeyInfo), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_frodo640shake", p256_frodo640shake), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_frodo640shake", x25519_frodo640shake), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_976_aes -ENCODER_w_structure("frodo976aes", frodo976aes, der, PrivateKeyInfo), -ENCODER_w_structure("frodo976aes", frodo976aes, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo976aes", frodo976aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo976aes", frodo976aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo976aes", frodo976aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo976aes", frodo976aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo976aes", frodo976aes), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, PrivateKeyInfo), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_frodo976aes", p384_frodo976aes), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, PrivateKeyInfo), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, PrivateKeyInfo), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x448_frodo976aes", x448_frodo976aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_976_shake -ENCODER_w_structure("frodo976shake", frodo976shake, der, PrivateKeyInfo), -ENCODER_w_structure("frodo976shake", frodo976shake, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo976shake", frodo976shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo976shake", frodo976shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo976shake", frodo976shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo976shake", frodo976shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo976shake", frodo976shake), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, PrivateKeyInfo), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_frodo976shake", p384_frodo976shake), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, PrivateKeyInfo), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, PrivateKeyInfo), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x448_frodo976shake", x448_frodo976shake), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_1344_aes -ENCODER_w_structure("frodo1344aes", frodo1344aes, der, PrivateKeyInfo), -ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo1344aes", frodo1344aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo1344aes", frodo1344aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo1344aes", frodo1344aes), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, PrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_frodo1344aes", p521_frodo1344aes), -#endif -#ifdef OQS_ENABLE_KEM_frodokem_1344_shake -ENCODER_w_structure("frodo1344shake", frodo1344shake, der, PrivateKeyInfo), -ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, PrivateKeyInfo), -ENCODER_w_structure("frodo1344shake", frodo1344shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("frodo1344shake", frodo1344shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("frodo1344shake", frodo1344shake), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, PrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_frodo1344shake", p521_frodo1344shake), -#endif -#ifdef OQS_ENABLE_KEM_kyber_512 -ENCODER_w_structure("kyber512", kyber512, der, PrivateKeyInfo), -ENCODER_w_structure("kyber512", kyber512, pem, PrivateKeyInfo), -ENCODER_w_structure("kyber512", kyber512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber512", kyber512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber512", kyber512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("kyber512", kyber512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("kyber512", kyber512), -ENCODER_w_structure("p256_kyber512", p256_kyber512, der, PrivateKeyInfo), -ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_kyber512", p256_kyber512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_kyber512", p256_kyber512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_kyber512", p256_kyber512), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_kyber512", x25519_kyber512), -#endif -#ifdef OQS_ENABLE_KEM_kyber_768 -ENCODER_w_structure("kyber768", kyber768, der, PrivateKeyInfo), -ENCODER_w_structure("kyber768", kyber768, pem, PrivateKeyInfo), -ENCODER_w_structure("kyber768", kyber768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber768", kyber768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber768", kyber768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("kyber768", kyber768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("kyber768", kyber768), -ENCODER_w_structure("p384_kyber768", p384_kyber768, der, PrivateKeyInfo), -ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_kyber768", p384_kyber768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_kyber768", p384_kyber768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_kyber768", p384_kyber768), -ENCODER_w_structure("x448_kyber768", x448_kyber768, der, PrivateKeyInfo), -ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, PrivateKeyInfo), -ENCODER_w_structure("x448_kyber768", x448_kyber768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_kyber768", x448_kyber768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x448_kyber768", x448_kyber768), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_kyber768", x25519_kyber768), -ENCODER_w_structure("p256_kyber768", p256_kyber768, der, PrivateKeyInfo), -ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_kyber768", p256_kyber768, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_kyber768", p256_kyber768, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_kyber768", p256_kyber768), -#endif -#ifdef OQS_ENABLE_KEM_kyber_1024 -ENCODER_w_structure("kyber1024", kyber1024, der, PrivateKeyInfo), -ENCODER_w_structure("kyber1024", kyber1024, pem, PrivateKeyInfo), -ENCODER_w_structure("kyber1024", kyber1024, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber1024", kyber1024, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("kyber1024", kyber1024, der, SubjectPublicKeyInfo), -ENCODER_w_structure("kyber1024", kyber1024, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("kyber1024", kyber1024), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, PrivateKeyInfo), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_kyber1024", p521_kyber1024), -#endif -#ifdef OQS_ENABLE_KEM_bike_l1 -ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), -ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), -ENCODER_w_structure("bikel1", bikel1, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel1", bikel1, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel1", bikel1, der, SubjectPublicKeyInfo), -ENCODER_w_structure("bikel1", bikel1, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("bikel1", bikel1), -ENCODER_w_structure("p256_bikel1", p256_bikel1, der, PrivateKeyInfo), -ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_bikel1", p256_bikel1, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_bikel1", p256_bikel1, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_bikel1", p256_bikel1), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_bikel1", x25519_bikel1), -#endif -#ifdef OQS_ENABLE_KEM_bike_l3 -ENCODER_w_structure("bikel3", bikel3, der, PrivateKeyInfo), -ENCODER_w_structure("bikel3", bikel3, pem, PrivateKeyInfo), -ENCODER_w_structure("bikel3", bikel3, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel3", bikel3, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel3", bikel3, der, SubjectPublicKeyInfo), -ENCODER_w_structure("bikel3", bikel3, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("bikel3", bikel3), -ENCODER_w_structure("p384_bikel3", p384_bikel3, der, PrivateKeyInfo), -ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_bikel3", p384_bikel3, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_bikel3", p384_bikel3, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_bikel3", p384_bikel3), -ENCODER_w_structure("x448_bikel3", x448_bikel3, der, PrivateKeyInfo), -ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, PrivateKeyInfo), -ENCODER_w_structure("x448_bikel3", x448_bikel3, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_bikel3", x448_bikel3, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x448_bikel3", x448_bikel3), -#endif -#ifdef OQS_ENABLE_KEM_bike_l5 -ENCODER_w_structure("bikel5", bikel5, der, PrivateKeyInfo), -ENCODER_w_structure("bikel5", bikel5, pem, PrivateKeyInfo), -ENCODER_w_structure("bikel5", bikel5, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel5", bikel5, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("bikel5", bikel5, der, SubjectPublicKeyInfo), -ENCODER_w_structure("bikel5", bikel5, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("bikel5", bikel5), -ENCODER_w_structure("p521_bikel5", p521_bikel5, der, PrivateKeyInfo), -ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_bikel5", p521_bikel5, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_bikel5", p521_bikel5, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_bikel5", p521_bikel5), -#endif -#ifdef OQS_ENABLE_KEM_hqc_128 -ENCODER_w_structure("hqc128", hqc128, der, PrivateKeyInfo), -ENCODER_w_structure("hqc128", hqc128, pem, PrivateKeyInfo), -ENCODER_w_structure("hqc128", hqc128, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc128", hqc128, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc128", hqc128, der, SubjectPublicKeyInfo), -ENCODER_w_structure("hqc128", hqc128, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("hqc128", hqc128), -ENCODER_w_structure("p256_hqc128", p256_hqc128, der, PrivateKeyInfo), -ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_hqc128", p256_hqc128, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_hqc128", p256_hqc128, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_hqc128", p256_hqc128), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, PrivateKeyInfo), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, PrivateKeyInfo), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x25519_hqc128", x25519_hqc128), -#endif -#ifdef OQS_ENABLE_KEM_hqc_192 -ENCODER_w_structure("hqc192", hqc192, der, PrivateKeyInfo), -ENCODER_w_structure("hqc192", hqc192, pem, PrivateKeyInfo), -ENCODER_w_structure("hqc192", hqc192, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc192", hqc192, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc192", hqc192, der, SubjectPublicKeyInfo), -ENCODER_w_structure("hqc192", hqc192, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("hqc192", hqc192), -ENCODER_w_structure("p384_hqc192", p384_hqc192, der, PrivateKeyInfo), -ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_hqc192", p384_hqc192, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_hqc192", p384_hqc192, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_hqc192", p384_hqc192), -ENCODER_w_structure("x448_hqc192", x448_hqc192, der, PrivateKeyInfo), -ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, PrivateKeyInfo), -ENCODER_w_structure("x448_hqc192", x448_hqc192, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("x448_hqc192", x448_hqc192, der, SubjectPublicKeyInfo), -ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("x448_hqc192", x448_hqc192), -#endif -#ifdef OQS_ENABLE_KEM_hqc_256 -ENCODER_w_structure("hqc256", hqc256, der, PrivateKeyInfo), -ENCODER_w_structure("hqc256", hqc256, pem, PrivateKeyInfo), -ENCODER_w_structure("hqc256", hqc256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc256", hqc256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("hqc256", hqc256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("hqc256", hqc256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("hqc256", hqc256), -ENCODER_w_structure("p521_hqc256", p521_hqc256, der, PrivateKeyInfo), -ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_hqc256", p521_hqc256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_hqc256", p521_hqc256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_hqc256", p521_hqc256), -#endif + ENCODER_w_structure("frodo640aes", frodo640aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, der, SubjectPublicKeyInfo), + ENCODER_w_structure("frodo640aes", frodo640aes, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("frodo640aes", frodo640aes), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_frodo640aes", p256_frodo640aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_frodo640aes", p256_frodo640aes), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_frodo640aes", x25519_frodo640aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_frodo640aes", x25519_frodo640aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_640_shake + ENCODER_w_structure("frodo640shake", frodo640shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo640shake", frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo640shake", frodo640shake), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_frodo640shake", p256_frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_frodo640shake", p256_frodo640shake), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_frodo640shake", x25519_frodo640shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_frodo640shake", x25519_frodo640shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_aes + ENCODER_w_structure("frodo976aes", frodo976aes, der, PrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, der, SubjectPublicKeyInfo), + ENCODER_w_structure("frodo976aes", frodo976aes, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("frodo976aes", frodo976aes), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_frodo976aes", p384_frodo976aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_frodo976aes", p384_frodo976aes), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_frodo976aes", x448_frodo976aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_frodo976aes", x448_frodo976aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_976_shake + ENCODER_w_structure("frodo976shake", frodo976shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo976shake", frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo976shake", frodo976shake), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_frodo976shake", p384_frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_frodo976shake", p384_frodo976shake), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_frodo976shake", x448_frodo976shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_frodo976shake", x448_frodo976shake), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_aes + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, PrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo1344aes", frodo1344aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo1344aes", frodo1344aes), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_frodo1344aes", p521_frodo1344aes, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_frodo1344aes", p521_frodo1344aes), +# endif +# ifdef OQS_ENABLE_KEM_frodokem_1344_shake + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, PrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, PrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("frodo1344shake", frodo1344shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("frodo1344shake", frodo1344shake), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_frodo1344shake", p521_frodo1344shake, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_frodo1344shake", p521_frodo1344shake), +# endif +# ifdef OQS_ENABLE_KEM_kyber_512 + ENCODER_w_structure("kyber512", kyber512, der, PrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber512", kyber512, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber512", kyber512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber512", kyber512), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_kyber512", p256_kyber512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_kyber512", p256_kyber512), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_kyber512", x25519_kyber512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_kyber512", x25519_kyber512), +# endif +# ifdef OQS_ENABLE_KEM_kyber_768 + ENCODER_w_structure("kyber768", kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber768", kyber768, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber768", kyber768, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber768", kyber768), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_kyber768", p384_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_kyber768", p384_kyber768), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_kyber768", x448_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_kyber768", x448_kyber768), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_kyber768", x25519_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_kyber768", x25519_kyber768), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_kyber768", p256_kyber768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_kyber768", p256_kyber768), +# endif +# ifdef OQS_ENABLE_KEM_kyber_1024 + ENCODER_w_structure("kyber1024", kyber1024, der, PrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, PrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, der, SubjectPublicKeyInfo), + ENCODER_w_structure("kyber1024", kyber1024, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("kyber1024", kyber1024), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, PrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_kyber1024", p521_kyber1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_kyber1024", p521_kyber1024), +# endif +# ifdef OQS_ENABLE_KEM_bike_l1 + ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel1", bikel1, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel1", bikel1, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel1", bikel1), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_bikel1", p256_bikel1, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_bikel1", p256_bikel1), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, PrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, PrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_bikel1", x25519_bikel1, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_bikel1", x25519_bikel1), +# endif +# ifdef OQS_ENABLE_KEM_bike_l3 + ENCODER_w_structure("bikel3", bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel3", bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel3", bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel3", bikel3), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p384_bikel3", p384_bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p384_bikel3", p384_bikel3), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, PrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("x448_bikel3", x448_bikel3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("x448_bikel3", x448_bikel3), +# endif +# ifdef OQS_ENABLE_KEM_bike_l5 + ENCODER_w_structure("bikel5", bikel5, der, PrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, PrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("bikel5", bikel5, der, SubjectPublicKeyInfo), + ENCODER_w_structure("bikel5", bikel5, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("bikel5", bikel5), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, PrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p521_bikel5", p521_bikel5, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p521_bikel5", p521_bikel5), +# endif +# ifdef OQS_ENABLE_KEM_hqc_128 + ENCODER_w_structure("hqc128", hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc128", hqc128, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc128", hqc128, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc128", hqc128), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_hqc128", p256_hqc128, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_hqc128", p256_hqc128), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, PrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, PrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_hqc128", x25519_hqc128, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_hqc128", x25519_hqc128), +# endif +# ifdef OQS_ENABLE_KEM_hqc_192 + ENCODER_w_structure("hqc192", hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc192", hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc192", hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc192", hqc192), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p384_hqc192", p384_hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p384_hqc192", p384_hqc192), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, PrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, der, SubjectPublicKeyInfo), + ENCODER_w_structure("x448_hqc192", x448_hqc192, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("x448_hqc192", x448_hqc192), +# endif +# ifdef OQS_ENABLE_KEM_hqc_256 + ENCODER_w_structure("hqc256", hqc256, der, PrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, PrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("hqc256", hqc256, der, SubjectPublicKeyInfo), + ENCODER_w_structure("hqc256", hqc256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("hqc256", hqc256), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, PrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p521_hqc256", p521_hqc256, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p521_hqc256", p521_hqc256), +# endif #endif /* OQS_KEM_ENCODERS */ - #ifdef OQS_ENABLE_SIG_dilithium_2 -ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2", dilithium2, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2", dilithium2, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2", dilithium2, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2", dilithium2, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2", dilithium2, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2", dilithium2), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, PrivateKeyInfo), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_dilithium2", p256_dilithium2), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, SubjectPublicKeyInfo), -ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2_p256", dilithium2_p256), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), + ENCODER_w_structure("dilithium2", dilithium2, der, PrivateKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, pem, PrivateKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, der, SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2", dilithium2, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2", dilithium2), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_dilithium2", p256_dilithium2, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_dilithium2", p256_dilithium2), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_p256", dilithium2_p256), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 -ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3", dilithium3, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3", dilithium3, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3", dilithium3, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3", dilithium3, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3", dilithium3, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3", dilithium3), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, PrivateKeyInfo), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_dilithium3", p384_dilithium3), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3_p256", dilithium3_p256), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), + ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), + ENCODER_w_structure("dilithium3", dilithium3, pem, PrivateKeyInfo), + ENCODER_w_structure("dilithium3", dilithium3, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3", dilithium3, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3", dilithium3, der, SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3", dilithium3, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3", dilithium3), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, + PrivateKeyInfo), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, + PrivateKeyInfo), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_dilithium3", p384_dilithium3), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_p256", dilithium3_p256), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 -ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium5", dilithium5, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium5", dilithium5, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5", dilithium5, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5", dilithium5, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium5", dilithium5, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium5", dilithium5), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, PrivateKeyInfo), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_dilithium5", p521_dilithium5), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium5_p384", dilithium5_p384), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, PrivateKeyInfo), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, SubjectPublicKeyInfo), -ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), + ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), + ENCODER_w_structure("dilithium5", dilithium5, pem, PrivateKeyInfo), + ENCODER_w_structure("dilithium5", dilithium5, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5", dilithium5, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5", dilithium5, der, SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5", dilithium5, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5", dilithium5), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_dilithium5", p521_dilithium5), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_p384", dilithium5_p384), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + PrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 -ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), -ENCODER_w_structure("falcon512", falcon512, pem, PrivateKeyInfo), -ENCODER_w_structure("falcon512", falcon512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512", falcon512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512", falcon512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("falcon512", falcon512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("falcon512", falcon512), -ENCODER_w_structure("p256_falcon512", p256_falcon512, der, PrivateKeyInfo), -ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_falcon512", p256_falcon512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_falcon512", p256_falcon512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_falcon512", p256_falcon512), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, SubjectPublicKeyInfo), -ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), -ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), -ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), -ENCODER_w_structure("falcon512_p256", falcon512_p256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_p256", falcon512_p256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("falcon512_p256", falcon512_p256), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, PrivateKeyInfo), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, PrivateKeyInfo), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, SubjectPublicKeyInfo), -ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("falcon512_bp256", falcon512_bp256), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, PrivateKeyInfo), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, PrivateKeyInfo), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, SubjectPublicKeyInfo), -ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), + ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), + ENCODER_w_structure("falcon512", falcon512, pem, PrivateKeyInfo), + ENCODER_w_structure("falcon512", falcon512, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512", falcon512, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512", falcon512, der, SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512", falcon512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512", falcon512), + ENCODER_w_structure("p256_falcon512", p256_falcon512, der, PrivateKeyInfo), + ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_falcon512", p256_falcon512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falcon512", p256_falcon512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_falcon512", p256_falcon512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_falcon512", p256_falcon512), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_p256", falcon512_p256), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_bp256", falcon512_bp256), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 -ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), -ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), -ENCODER_w_structure("falcon1024", falcon1024, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon1024", falcon1024, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("falcon1024", falcon1024, der, SubjectPublicKeyInfo), -ENCODER_w_structure("falcon1024", falcon1024, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("falcon1024", falcon1024), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, PrivateKeyInfo), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, PrivateKeyInfo), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p521_falcon1024", p521_falcon1024), + ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), + ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), + ENCODER_w_structure("falcon1024", falcon1024, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon1024", falcon1024, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("falcon1024", falcon1024, der, SubjectPublicKeyInfo), + ENCODER_w_structure("falcon1024", falcon1024, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("falcon1024", falcon1024), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_falcon1024", p521_falcon1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_falcon1024", p521_falcon1024), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("sphincssha2128fsimple", sphincssha2128fsimple), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("rsa3072_sphincssha2128fsimple", rsa3072_sphincssha2128fsimple), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("sphincssha2128fsimple", sphincssha2128fsimple), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, der, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_sphincssha2128fsimple", + p256_sphincssha2128fsimple, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_sphincssha2128fsimple", p256_sphincssha2128fsimple), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, der, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, pem, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_sphincssha2128fsimple", + rsa3072_sphincssha2128fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("sphincssha2128ssimple", sphincssha2128ssimple), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("rsa3072_sphincssha2128ssimple", rsa3072_sphincssha2128ssimple), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("sphincssha2128ssimple", sphincssha2128ssimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("sphincssha2128ssimple", sphincssha2128ssimple), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, der, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_sphincssha2128ssimple", + p256_sphincssha2128ssimple, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_sphincssha2128ssimple", p256_sphincssha2128ssimple), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, der, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, pem, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_sphincssha2128ssimple", + rsa3072_sphincssha2128ssimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("sphincssha2192fsimple", sphincssha2192fsimple), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, + PrivateKeyInfo), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("sphincssha2192fsimple", sphincssha2192fsimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("sphincssha2192fsimple", sphincssha2192fsimple), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, der, PrivateKeyInfo), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p384_sphincssha2192fsimple", + p384_sphincssha2192fsimple, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p384_sphincssha2192fsimple", p384_sphincssha2192fsimple), #endif #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("sphincsshake128fsimple", sphincsshake128fsimple), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, PrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, EncryptedPrivateKeyInfo), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, der, SubjectPublicKeyInfo), -ENCODER_w_structure("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), -ENCODER_TEXT("rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, + PrivateKeyInfo), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, + PrivateKeyInfo), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("sphincsshake128fsimple", sphincsshake128fsimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("sphincsshake128fsimple", sphincsshake128fsimple), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, der, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, der, SubjectPublicKeyInfo), + ENCODER_w_structure("p256_sphincsshake128fsimple", + p256_sphincsshake128fsimple, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("p256_sphincsshake128fsimple", p256_sphincsshake128fsimple), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, der, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, pem, PrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_sphincsshake128fsimple", + rsa3072_sphincsshake128fsimple), #endif -///// OQS_TEMPLATE_FRAGMENT_MAKE_END + ///// OQS_TEMPLATE_FRAGMENT_MAKE_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index f1e9d6de..541a0ba9 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -48,103 +48,181 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; */ ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START - #ifdef OQS_KEM_ENCODERS -#define OQS_OID_CNT 162 +# define OQS_OID_CNT 162 #else -#define OQS_OID_CNT 78 +# define OQS_OID_CNT 78 #endif -const char* oqs_oid_alg_list[OQS_OID_CNT] = -{ +const char *oqs_oid_alg_list[OQS_OID_CNT] = { #ifdef OQS_KEM_ENCODERS -"1.3.9999.99.13", "frodo640aes", -"1.3.9999.99.12", "p256_frodo640aes", -"1.3.9999.99.1", "x25519_frodo640aes", -"1.3.9999.99.15", "frodo640shake", -"1.3.9999.99.14", "p256_frodo640shake", -"1.3.9999.99.2", "x25519_frodo640shake", -"1.3.9999.99.17", "frodo976aes", -"1.3.9999.99.16", "p384_frodo976aes", -"1.3.9999.99.3", "x448_frodo976aes", -"1.3.9999.99.19", "frodo976shake", -"1.3.9999.99.18", "p384_frodo976shake", -"1.3.9999.99.4", "x448_frodo976shake", -"1.3.9999.99.21", "frodo1344aes", -"1.3.9999.99.20", "p521_frodo1344aes", -"1.3.9999.99.23", "frodo1344shake", -"1.3.9999.99.22", "p521_frodo1344shake", -"1.3.6.1.4.1.22554.5.6.1", "kyber512", -"1.3.6.1.4.1.22554.5.7.1", "p256_kyber512", -"1.3.6.1.4.1.22554.5.8.1", "x25519_kyber512", -"1.3.6.1.4.1.22554.5.6.2", "kyber768", -"1.3.9999.99.24", "p384_kyber768", -"1.3.9999.99.5", "x448_kyber768", -"1.3.9999.99.6", "x25519_kyber768", -"1.3.9999.99.7", "p256_kyber768", -"1.3.6.1.4.1.22554.5.6.3", "kyber1024", -"1.3.9999.99.25", "p521_kyber1024", -"1.3.9999.99.27", "bikel1", -"1.3.9999.99.26", "p256_bikel1", -"1.3.9999.99.8", "x25519_bikel1", -"1.3.9999.99.29", "bikel3", -"1.3.9999.99.28", "p384_bikel3", -"1.3.9999.99.9", "x448_bikel3", -"1.3.9999.99.31", "bikel5", -"1.3.9999.99.30", "p521_bikel5", -"1.3.9999.99.33", "hqc128", -"1.3.9999.99.32", "p256_hqc128", -"1.3.9999.99.10", "x25519_hqc128", -"1.3.9999.99.35", "hqc192", -"1.3.9999.99.34", "p384_hqc192", -"1.3.9999.99.11", "x448_hqc192", -"1.3.9999.99.37", "hqc256", -"1.3.9999.99.36", "p521_hqc256", + "1.3.9999.99.13", + "frodo640aes", + "1.3.9999.99.12", + "p256_frodo640aes", + "1.3.9999.99.1", + "x25519_frodo640aes", + "1.3.9999.99.15", + "frodo640shake", + "1.3.9999.99.14", + "p256_frodo640shake", + "1.3.9999.99.2", + "x25519_frodo640shake", + "1.3.9999.99.17", + "frodo976aes", + "1.3.9999.99.16", + "p384_frodo976aes", + "1.3.9999.99.3", + "x448_frodo976aes", + "1.3.9999.99.19", + "frodo976shake", + "1.3.9999.99.18", + "p384_frodo976shake", + "1.3.9999.99.4", + "x448_frodo976shake", + "1.3.9999.99.21", + "frodo1344aes", + "1.3.9999.99.20", + "p521_frodo1344aes", + "1.3.9999.99.23", + "frodo1344shake", + "1.3.9999.99.22", + "p521_frodo1344shake", + "1.3.6.1.4.1.22554.5.6.1", + "kyber512", + "1.3.6.1.4.1.22554.5.7.1", + "p256_kyber512", + "1.3.6.1.4.1.22554.5.8.1", + "x25519_kyber512", + "1.3.6.1.4.1.22554.5.6.2", + "kyber768", + "1.3.9999.99.24", + "p384_kyber768", + "1.3.9999.99.5", + "x448_kyber768", + "1.3.9999.99.6", + "x25519_kyber768", + "1.3.9999.99.7", + "p256_kyber768", + "1.3.6.1.4.1.22554.5.6.3", + "kyber1024", + "1.3.9999.99.25", + "p521_kyber1024", + "1.3.9999.99.27", + "bikel1", + "1.3.9999.99.26", + "p256_bikel1", + "1.3.9999.99.8", + "x25519_bikel1", + "1.3.9999.99.29", + "bikel3", + "1.3.9999.99.28", + "p384_bikel3", + "1.3.9999.99.9", + "x448_bikel3", + "1.3.9999.99.31", + "bikel5", + "1.3.9999.99.30", + "p521_bikel5", + "1.3.9999.99.33", + "hqc128", + "1.3.9999.99.32", + "p256_hqc128", + "1.3.9999.99.10", + "x25519_hqc128", + "1.3.9999.99.35", + "hqc192", + "1.3.9999.99.34", + "p384_hqc192", + "1.3.9999.99.11", + "x448_hqc192", + "1.3.9999.99.37", + "hqc256", + "1.3.9999.99.36", + "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ - -"1.3.6.1.4.1.2.267.7.4.4", "dilithium2", -"1.3.9999.2.7.1" , "p256_dilithium2", -"1.3.9999.2.7.2" , "rsa3072_dilithium2", -"2.16.840.1.114027.80.8.1.1" , "dilithium2_pss2048", -"2.16.840.1.114027.80.8.1.2" , "dilithium2_rsa2048", -"2.16.840.1.114027.80.8.1.3" , "dilithium2_ed25519", -"2.16.840.1.114027.80.8.1.4" , "dilithium2_p256", -"2.16.840.1.114027.80.8.1.5" , "dilithium2_bp256", -"1.3.6.1.4.1.2.267.7.6.5", "dilithium3", -"1.3.9999.2.7.3" , "p384_dilithium3", -"2.16.840.1.114027.80.8.1.6" , "dilithium3_pss3072", -"2.16.840.1.114027.80.8.1.7" , "dilithium3_rsa3072", -"2.16.840.1.114027.80.8.1.8" , "dilithium3_p256", -"2.16.840.1.114027.80.8.1.9" , "dilithium3_bp256", -"2.16.840.1.114027.80.8.1.10" , "dilithium3_ed25519", -"1.3.6.1.4.1.2.267.7.8.7", "dilithium5", -"1.3.9999.2.7.4" , "p521_dilithium5", -"2.16.840.1.114027.80.8.1.11" , "dilithium5_p384", -"2.16.840.1.114027.80.8.1.12" , "dilithium5_bp384", -"2.16.840.1.114027.80.8.1.13" , "dilithium5_ed448", -"1.3.9999.3.6", "falcon512", -"1.3.9999.3.7" , "p256_falcon512", -"1.3.9999.3.8" , "rsa3072_falcon512", -"2.16.840.1.114027.80.8.1.14" , "falcon512_p256", -"2.16.840.1.114027.80.8.1.15" , "falcon512_bp256", -"2.16.840.1.114027.80.8.1.16" , "falcon512_ed25519", -"1.3.9999.3.9", "falcon1024", -"1.3.9999.3.10" , "p521_falcon1024", -"1.3.9999.6.4.13", "sphincssha2128fsimple", -"1.3.9999.6.4.14" , "p256_sphincssha2128fsimple", -"1.3.9999.6.4.15" , "rsa3072_sphincssha2128fsimple", -"1.3.9999.6.4.16", "sphincssha2128ssimple", -"1.3.9999.6.4.17" , "p256_sphincssha2128ssimple", -"1.3.9999.6.4.18" , "rsa3072_sphincssha2128ssimple", -"1.3.9999.6.5.10", "sphincssha2192fsimple", -"1.3.9999.6.5.11" , "p384_sphincssha2192fsimple", -"1.3.9999.6.7.13", "sphincsshake128fsimple", -"1.3.9999.6.7.14" , "p256_sphincsshake128fsimple", -"1.3.9999.6.7.15" , "rsa3072_sphincsshake128fsimple", -///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END + "1.3.6.1.4.1.2.267.7.4.4", + "dilithium2", + "1.3.9999.2.7.1", + "p256_dilithium2", + "1.3.9999.2.7.2", + "rsa3072_dilithium2", + "2.16.840.1.114027.80.8.1.1", + "dilithium2_pss2048", + "2.16.840.1.114027.80.8.1.2", + "dilithium2_rsa2048", + "2.16.840.1.114027.80.8.1.3", + "dilithium2_ed25519", + "2.16.840.1.114027.80.8.1.4", + "dilithium2_p256", + "2.16.840.1.114027.80.8.1.5", + "dilithium2_bp256", + "1.3.6.1.4.1.2.267.7.6.5", + "dilithium3", + "1.3.9999.2.7.3", + "p384_dilithium3", + "2.16.840.1.114027.80.8.1.6", + "dilithium3_pss3072", + "2.16.840.1.114027.80.8.1.7", + "dilithium3_rsa3072", + "2.16.840.1.114027.80.8.1.8", + "dilithium3_p256", + "2.16.840.1.114027.80.8.1.9", + "dilithium3_bp256", + "2.16.840.1.114027.80.8.1.10", + "dilithium3_ed25519", + "1.3.6.1.4.1.2.267.7.8.7", + "dilithium5", + "1.3.9999.2.7.4", + "p521_dilithium5", + "2.16.840.1.114027.80.8.1.11", + "dilithium5_p384", + "2.16.840.1.114027.80.8.1.12", + "dilithium5_bp384", + "2.16.840.1.114027.80.8.1.13", + "dilithium5_ed448", + "1.3.9999.3.6", + "falcon512", + "1.3.9999.3.7", + "p256_falcon512", + "1.3.9999.3.8", + "rsa3072_falcon512", + "2.16.840.1.114027.80.8.1.14", + "falcon512_p256", + "2.16.840.1.114027.80.8.1.15", + "falcon512_bp256", + "2.16.840.1.114027.80.8.1.16", + "falcon512_ed25519", + "1.3.9999.3.9", + "falcon1024", + "1.3.9999.3.10", + "p521_falcon1024", + "1.3.9999.6.4.13", + "sphincssha2128fsimple", + "1.3.9999.6.4.14", + "p256_sphincssha2128fsimple", + "1.3.9999.6.4.15", + "rsa3072_sphincssha2128fsimple", + "1.3.9999.6.4.16", + "sphincssha2128ssimple", + "1.3.9999.6.4.17", + "p256_sphincssha2128ssimple", + "1.3.9999.6.4.18", + "rsa3072_sphincssha2128ssimple", + "1.3.9999.6.5.10", + "sphincssha2192fsimple", + "1.3.9999.6.5.11", + "p384_sphincssha2192fsimple", + "1.3.9999.6.7.13", + "sphincsshake128fsimple", + "1.3.9999.6.7.14", + "p256_sphincsshake128fsimple", + "1.3.9999.6.7.15", + "rsa3072_sphincsshake128fsimple", + ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_END }; int oqs_patch_oids(void) @@ -153,94 +231,175 @@ int oqs_patch_oids(void) #ifdef OQS_KEM_ENCODERS - - -if (getenv("OQS_OID_FRODO640AES")) oqs_oid_alg_list[0] = getenv("OQS_OID_FRODO640AES"); - -if (getenv("OQS_OID_P256_FRODO640AES")) oqs_oid_alg_list[2] = getenv("OQS_OID_P256_FRODO640AES"); -if (getenv("OQS_OID_X25519_FRODO640AES")) oqs_oid_alg_list[4] = getenv("OQS_OID_X25519_FRODO640AES"); -if (getenv("OQS_OID_FRODO640SHAKE")) oqs_oid_alg_list[6] = getenv("OQS_OID_FRODO640SHAKE"); - -if (getenv("OQS_OID_P256_FRODO640SHAKE")) oqs_oid_alg_list[8] = getenv("OQS_OID_P256_FRODO640SHAKE"); -if (getenv("OQS_OID_X25519_FRODO640SHAKE")) oqs_oid_alg_list[10] = getenv("OQS_OID_X25519_FRODO640SHAKE"); -if (getenv("OQS_OID_FRODO976AES")) oqs_oid_alg_list[12] = getenv("OQS_OID_FRODO976AES"); - -if (getenv("OQS_OID_P384_FRODO976AES")) oqs_oid_alg_list[14] = getenv("OQS_OID_P384_FRODO976AES"); -if (getenv("OQS_OID_X448_FRODO976AES")) oqs_oid_alg_list[16] = getenv("OQS_OID_X448_FRODO976AES"); -if (getenv("OQS_OID_FRODO976SHAKE")) oqs_oid_alg_list[18] = getenv("OQS_OID_FRODO976SHAKE"); - -if (getenv("OQS_OID_P384_FRODO976SHAKE")) oqs_oid_alg_list[20] = getenv("OQS_OID_P384_FRODO976SHAKE"); -if (getenv("OQS_OID_X448_FRODO976SHAKE")) oqs_oid_alg_list[22] = getenv("OQS_OID_X448_FRODO976SHAKE"); -if (getenv("OQS_OID_FRODO1344AES")) oqs_oid_alg_list[24] = getenv("OQS_OID_FRODO1344AES"); - -if (getenv("OQS_OID_P521_FRODO1344AES")) oqs_oid_alg_list[26] = getenv("OQS_OID_P521_FRODO1344AES"); -if (getenv("OQS_OID_FRODO1344SHAKE")) oqs_oid_alg_list[28] = getenv("OQS_OID_FRODO1344SHAKE"); - -if (getenv("OQS_OID_P521_FRODO1344SHAKE")) oqs_oid_alg_list[30] = getenv("OQS_OID_P521_FRODO1344SHAKE"); -if (getenv("OQS_OID_KYBER512")) oqs_oid_alg_list[32] = getenv("OQS_OID_KYBER512"); - -if (getenv("OQS_OID_P256_KYBER512")) oqs_oid_alg_list[34] = getenv("OQS_OID_P256_KYBER512"); -if (getenv("OQS_OID_X25519_KYBER512")) oqs_oid_alg_list[36] = getenv("OQS_OID_X25519_KYBER512"); -if (getenv("OQS_OID_KYBER768")) oqs_oid_alg_list[38] = getenv("OQS_OID_KYBER768"); - -if (getenv("OQS_OID_P384_KYBER768")) oqs_oid_alg_list[40] = getenv("OQS_OID_P384_KYBER768"); -if (getenv("OQS_OID_X448_KYBER768")) oqs_oid_alg_list[42] = getenv("OQS_OID_X448_KYBER768"); -if (getenv("OQS_OID_X25519_KYBER768")) oqs_oid_alg_list[44] = getenv("OQS_OID_X25519_KYBER768"); -if (getenv("OQS_OID_P256_KYBER768")) oqs_oid_alg_list[46] = getenv("OQS_OID_P256_KYBER768"); -if (getenv("OQS_OID_KYBER1024")) oqs_oid_alg_list[48] = getenv("OQS_OID_KYBER1024"); - -if (getenv("OQS_OID_P521_KYBER1024")) oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); -if (getenv("OQS_OID_BIKEL1")) oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); - -if (getenv("OQS_OID_P256_BIKEL1")) oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); -if (getenv("OQS_OID_X25519_BIKEL1")) oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); -if (getenv("OQS_OID_BIKEL3")) oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); - -if (getenv("OQS_OID_P384_BIKEL3")) oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); -if (getenv("OQS_OID_X448_BIKEL3")) oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); -if (getenv("OQS_OID_BIKEL5")) oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); - -if (getenv("OQS_OID_P521_BIKEL5")) oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); -if (getenv("OQS_OID_HQC128")) oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); - -if (getenv("OQS_OID_P256_HQC128")) oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); -if (getenv("OQS_OID_X25519_HQC128")) oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); -if (getenv("OQS_OID_HQC192")) oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); - -if (getenv("OQS_OID_P384_HQC192")) oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); -if (getenv("OQS_OID_X448_HQC192")) oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); -if (getenv("OQS_OID_HQC256")) oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); - -if (getenv("OQS_OID_P521_HQC256")) oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); - -#define OQS_KEMOID_CNT 82+2 + if (getenv("OQS_OID_FRODO640AES")) + oqs_oid_alg_list[0] = getenv("OQS_OID_FRODO640AES"); + + if (getenv("OQS_OID_P256_FRODO640AES")) + oqs_oid_alg_list[2] = getenv("OQS_OID_P256_FRODO640AES"); + if (getenv("OQS_OID_X25519_FRODO640AES")) + oqs_oid_alg_list[4] = getenv("OQS_OID_X25519_FRODO640AES"); + if (getenv("OQS_OID_FRODO640SHAKE")) + oqs_oid_alg_list[6] = getenv("OQS_OID_FRODO640SHAKE"); + + if (getenv("OQS_OID_P256_FRODO640SHAKE")) + oqs_oid_alg_list[8] = getenv("OQS_OID_P256_FRODO640SHAKE"); + if (getenv("OQS_OID_X25519_FRODO640SHAKE")) + oqs_oid_alg_list[10] = getenv("OQS_OID_X25519_FRODO640SHAKE"); + if (getenv("OQS_OID_FRODO976AES")) + oqs_oid_alg_list[12] = getenv("OQS_OID_FRODO976AES"); + + if (getenv("OQS_OID_P384_FRODO976AES")) + oqs_oid_alg_list[14] = getenv("OQS_OID_P384_FRODO976AES"); + if (getenv("OQS_OID_X448_FRODO976AES")) + oqs_oid_alg_list[16] = getenv("OQS_OID_X448_FRODO976AES"); + if (getenv("OQS_OID_FRODO976SHAKE")) + oqs_oid_alg_list[18] = getenv("OQS_OID_FRODO976SHAKE"); + + if (getenv("OQS_OID_P384_FRODO976SHAKE")) + oqs_oid_alg_list[20] = getenv("OQS_OID_P384_FRODO976SHAKE"); + if (getenv("OQS_OID_X448_FRODO976SHAKE")) + oqs_oid_alg_list[22] = getenv("OQS_OID_X448_FRODO976SHAKE"); + if (getenv("OQS_OID_FRODO1344AES")) + oqs_oid_alg_list[24] = getenv("OQS_OID_FRODO1344AES"); + + if (getenv("OQS_OID_P521_FRODO1344AES")) + oqs_oid_alg_list[26] = getenv("OQS_OID_P521_FRODO1344AES"); + if (getenv("OQS_OID_FRODO1344SHAKE")) + oqs_oid_alg_list[28] = getenv("OQS_OID_FRODO1344SHAKE"); + + if (getenv("OQS_OID_P521_FRODO1344SHAKE")) + oqs_oid_alg_list[30] = getenv("OQS_OID_P521_FRODO1344SHAKE"); + if (getenv("OQS_OID_KYBER512")) + oqs_oid_alg_list[32] = getenv("OQS_OID_KYBER512"); + + if (getenv("OQS_OID_P256_KYBER512")) + oqs_oid_alg_list[34] = getenv("OQS_OID_P256_KYBER512"); + if (getenv("OQS_OID_X25519_KYBER512")) + oqs_oid_alg_list[36] = getenv("OQS_OID_X25519_KYBER512"); + if (getenv("OQS_OID_KYBER768")) + oqs_oid_alg_list[38] = getenv("OQS_OID_KYBER768"); + + if (getenv("OQS_OID_P384_KYBER768")) + oqs_oid_alg_list[40] = getenv("OQS_OID_P384_KYBER768"); + if (getenv("OQS_OID_X448_KYBER768")) + oqs_oid_alg_list[42] = getenv("OQS_OID_X448_KYBER768"); + if (getenv("OQS_OID_X25519_KYBER768")) + oqs_oid_alg_list[44] = getenv("OQS_OID_X25519_KYBER768"); + if (getenv("OQS_OID_P256_KYBER768")) + oqs_oid_alg_list[46] = getenv("OQS_OID_P256_KYBER768"); + if (getenv("OQS_OID_KYBER1024")) + oqs_oid_alg_list[48] = getenv("OQS_OID_KYBER1024"); + + if (getenv("OQS_OID_P521_KYBER1024")) + oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); + if (getenv("OQS_OID_BIKEL1")) + oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); + + if (getenv("OQS_OID_P256_BIKEL1")) + oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); + if (getenv("OQS_OID_X25519_BIKEL1")) + oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); + if (getenv("OQS_OID_BIKEL3")) + oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); + + if (getenv("OQS_OID_P384_BIKEL3")) + oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); + if (getenv("OQS_OID_X448_BIKEL3")) + oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); + if (getenv("OQS_OID_BIKEL5")) + oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); + + if (getenv("OQS_OID_P521_BIKEL5")) + oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); + if (getenv("OQS_OID_HQC128")) + oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); + + if (getenv("OQS_OID_P256_HQC128")) + oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); + if (getenv("OQS_OID_X25519_HQC128")) + oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); + if (getenv("OQS_OID_HQC192")) + oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); + + if (getenv("OQS_OID_P384_HQC192")) + oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); + if (getenv("OQS_OID_X448_HQC192")) + oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); + if (getenv("OQS_OID_HQC256")) + oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); + + if (getenv("OQS_OID_P521_HQC256")) + oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); + +# define OQS_KEMOID_CNT 82 + 2 #else -#define OQS_KEMOID_CNT 0 +# define OQS_KEMOID_CNT 0 #endif /* OQS_KEM_ENCODERS */ - if (getenv("OQS_OID_DILITHIUM2")) oqs_oid_alg_list[0+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM2"); - if (getenv("OQS_OID_P256_DILITHIUM2")) oqs_oid_alg_list[2+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_DILITHIUM2"); - if (getenv("OQS_OID_RSA3072_DILITHIUM2")) oqs_oid_alg_list[4+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_DILITHIUM2"); - if (getenv("OQS_OID_DILITHIUM3")) oqs_oid_alg_list[6+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM3"); - if (getenv("OQS_OID_P384_DILITHIUM3")) oqs_oid_alg_list[8+OQS_KEMOID_CNT] = getenv("OQS_OID_P384_DILITHIUM3"); - if (getenv("OQS_OID_DILITHIUM5")) oqs_oid_alg_list[10+OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM5"); - if (getenv("OQS_OID_P521_DILITHIUM5")) oqs_oid_alg_list[12+OQS_KEMOID_CNT] = getenv("OQS_OID_P521_DILITHIUM5"); - if (getenv("OQS_OID_FALCON512")) oqs_oid_alg_list[14+OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); - if (getenv("OQS_OID_P256_FALCON512")) oqs_oid_alg_list[16+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_FALCON512"); - if (getenv("OQS_OID_RSA3072_FALCON512")) oqs_oid_alg_list[18+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_FALCON512"); - if (getenv("OQS_OID_FALCON1024")) oqs_oid_alg_list[20+OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); - if (getenv("OQS_OID_P521_FALCON1024")) oqs_oid_alg_list[22+OQS_KEMOID_CNT] = getenv("OQS_OID_P521_FALCON1024"); - if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[24+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[26+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_oid_alg_list[28+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[30+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[32+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_oid_alg_list[34+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) oqs_oid_alg_list[36+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) oqs_oid_alg_list[38+OQS_KEMOID_CNT] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[40+OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[42+OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_oid_alg_list[44+OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); -///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END + if (getenv("OQS_OID_DILITHIUM2")) + oqs_oid_alg_list[0 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM2"); + if (getenv("OQS_OID_P256_DILITHIUM2")) + oqs_oid_alg_list[2 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_DILITHIUM2"); + if (getenv("OQS_OID_RSA3072_DILITHIUM2")) + oqs_oid_alg_list[4 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_DILITHIUM2"); + if (getenv("OQS_OID_DILITHIUM3")) + oqs_oid_alg_list[6 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM3"); + if (getenv("OQS_OID_P384_DILITHIUM3")) + oqs_oid_alg_list[8 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P384_DILITHIUM3"); + if (getenv("OQS_OID_DILITHIUM5")) + oqs_oid_alg_list[10 + OQS_KEMOID_CNT] = getenv("OQS_OID_DILITHIUM5"); + if (getenv("OQS_OID_P521_DILITHIUM5")) + oqs_oid_alg_list[12 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_DILITHIUM5"); + if (getenv("OQS_OID_FALCON512")) + oqs_oid_alg_list[14 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); + if (getenv("OQS_OID_P256_FALCON512")) + oqs_oid_alg_list[16 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_FALCON512"); + if (getenv("OQS_OID_RSA3072_FALCON512")) + oqs_oid_alg_list[18 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_FALCON512"); + if (getenv("OQS_OID_FALCON1024")) + oqs_oid_alg_list[20 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); + if (getenv("OQS_OID_P521_FALCON1024")) + oqs_oid_alg_list[22 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_FALCON1024"); + if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) + oqs_oid_alg_list[24 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) + oqs_oid_alg_list[26 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) + oqs_oid_alg_list[28 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) + oqs_oid_alg_list[30 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) + oqs_oid_alg_list[32 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) + oqs_oid_alg_list[34 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) + oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) + oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) + oqs_oid_alg_list[40 + OQS_KEMOID_CNT] + = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) + oqs_oid_alg_list[42 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) + oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); + ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; } @@ -250,85 +409,208 @@ const char *oqs_alg_encoding_list[OQS_OID_CNT] = {0}; int oqs_patch_encodings(void) { ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_START - if (getenv("OQS_ENCODING_DILITHIUM2")) oqs_alg_encoding_list[0] = getenv("OQS_ENCODING_DILITHIUM2"); - if (getenv("OQS_ENCODING_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[1] = getenv("OQS_ENCODING_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_P256_DILITHIUM2")) oqs_alg_encoding_list[2] = getenv("OQS_ENCODING_P256_DILITHIUM2"); - if (getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[3] = getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2")) oqs_alg_encoding_list[4] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2"); - if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[5] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) oqs_alg_encoding_list[7] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) oqs_alg_encoding_list[9] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) oqs_alg_encoding_list[11] = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256")) oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) oqs_alg_encoding_list[13] = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3")) oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); - if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); - if (getenv("OQS_ENCODING_P384_DILITHIUM3")) oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); - if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) oqs_alg_encoding_list[19] = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) oqs_alg_encoding_list[21] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) oqs_alg_encoding_list[23] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256")) oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) oqs_alg_encoding_list[25] = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) oqs_alg_encoding_list[27] = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) oqs_alg_encoding_list[29] = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5")) oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); - if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); - if (getenv("OQS_ENCODING_P521_DILITHIUM5")) oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); - if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384")) oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) oqs_alg_encoding_list[35] = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) oqs_alg_encoding_list[37] = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) oqs_alg_encoding_list[39] = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512")) oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON512"); - if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_P256_FALCON512")) oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_FALCON512"); - if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_FALCON512")) oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_FALCON512"); - if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) oqs_alg_encoding_list[45] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_P256")) oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_FALCON512_P256"); - if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) oqs_alg_encoding_list[47] = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_BP256")) oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_FALCON512_BP256"); - if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_ED25519")) oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_FALCON512_ED25519"); - if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON1024")) oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_FALCON1024"); - if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); - if (getenv("OQS_ENCODING_P521_FALCON1024")) oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_P521_FALCON1024"); - if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) oqs_alg_encoding_list[70] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); - if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) oqs_alg_encoding_list[71] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[72] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[73] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[74] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[75] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_alg_encoding_list[76] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); - if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) oqs_alg_encoding_list[77] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); -///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END + if (getenv("OQS_ENCODING_DILITHIUM2")) + oqs_alg_encoding_list[0] = getenv("OQS_ENCODING_DILITHIUM2"); + if (getenv("OQS_ENCODING_DILITHIUM2_ALGNAME")) + oqs_alg_encoding_list[1] = getenv("OQS_ENCODING_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_P256_DILITHIUM2")) + oqs_alg_encoding_list[2] = getenv("OQS_ENCODING_P256_DILITHIUM2"); + if (getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME")) + oqs_alg_encoding_list[3] + = getenv("OQS_ENCODING_P256_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2")) + oqs_alg_encoding_list[4] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2"); + if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) + oqs_alg_encoding_list[5] + = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) + oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) + oqs_alg_encoding_list[7] + = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) + oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); + if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) + oqs_alg_encoding_list[9] + = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) + oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) + oqs_alg_encoding_list[11] + = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256")) + oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); + if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) + oqs_alg_encoding_list[13] + = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) + oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) + oqs_alg_encoding_list[15] + = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3")) + oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); + if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) + oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); + if (getenv("OQS_ENCODING_P384_DILITHIUM3")) + oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); + if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) + oqs_alg_encoding_list[19] + = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) + oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) + oqs_alg_encoding_list[21] + = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) + oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); + if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) + oqs_alg_encoding_list[23] + = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256")) + oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); + if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) + oqs_alg_encoding_list[25] + = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) + oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); + if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) + oqs_alg_encoding_list[27] + = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) + oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); + if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) + oqs_alg_encoding_list[29] + = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5")) + oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); + if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) + oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_P521_DILITHIUM5")) + oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); + if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) + oqs_alg_encoding_list[33] + = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384")) + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); + if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) + oqs_alg_encoding_list[35] + = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); + if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) + oqs_alg_encoding_list[37] + = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) + oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); + if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) + oqs_alg_encoding_list[39] + = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512")) + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON512"); + if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) + oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_P256_FALCON512")) + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_FALCON512"); + if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) + oqs_alg_encoding_list[43] + = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_FALCON512")) + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_FALCON512"); + if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) + oqs_alg_encoding_list[45] + = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_P256")) + oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_FALCON512_P256"); + if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) + oqs_alg_encoding_list[47] + = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_BP256")) + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_FALCON512_BP256"); + if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) + oqs_alg_encoding_list[49] + = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON512_ED25519")) + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_FALCON512_ED25519"); + if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) + oqs_alg_encoding_list[51] + = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_FALCON1024")) + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_FALCON1024"); + if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) + oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_P521_FALCON1024")) + oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_P521_FALCON1024"); + if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) + oqs_alg_encoding_list[55] + = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) + oqs_alg_encoding_list[56] + = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[57] + = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) + oqs_alg_encoding_list[58] + = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[59] + = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) + oqs_alg_encoding_list[60] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[61] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) + oqs_alg_encoding_list[62] + = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) + oqs_alg_encoding_list[63] + = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) + oqs_alg_encoding_list[64] + = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) + oqs_alg_encoding_list[65] + = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) + oqs_alg_encoding_list[66] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) + oqs_alg_encoding_list[67] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) + oqs_alg_encoding_list[68] + = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[69] + = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) + oqs_alg_encoding_list[70] + = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); + if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[71] + = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) + oqs_alg_encoding_list[72] + = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[73] + = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) + oqs_alg_encoding_list[74] + = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[75] + = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) + oqs_alg_encoding_list[76] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); + if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) + oqs_alg_encoding_list[77] + = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); + ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; } #endif @@ -429,7 +711,7 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("p256_sphincsshake128fsimple", 128, oqs_signature_functions), SIGALG("rsa3072_sphincsshake128fsimple", 128, oqs_signature_functions), #endif -///// OQS_TEMPLATE_FRAGMENT_SIG_FUNCTIONS_END + ///// OQS_TEMPLATE_FRAGMENT_SIG_FUNCTIONS_END {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { @@ -507,8 +789,8 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { KEMBASEALG(hqc256, 256) KEMHYBALG(p521_hqc256, 256) #endif -// clang-format on -///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END + // clang-format on + ///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { @@ -660,8 +942,8 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { KEMKMHYBALG(p521_hqc256, 256, ecp) #endif -// clang-format on -///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END + // clang-format on + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), {NULL, NULL, NULL}}; diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 1911e1a4..6255b041 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -35,64 +35,64 @@ typedef struct oqs_group_constants_st { static OQS_GROUP_CONSTANTS oqs_group_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_START - { 0x0200, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x0200, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F00, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0201, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F00, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F80, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0201, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F01, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0202, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F01, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F81, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0202, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F02, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0203, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F02, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F82, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0203, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F03, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0204, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F03, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F83, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0204, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F04, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F04, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0242, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FAE, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0242, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F42, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F42, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FAF, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0243, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F43, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1 }, - { 0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, + {0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - { 0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1 }, -///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END + {0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + ///// OQS_TEMPLATE_FRAGMENT_GROUP_ASSIGNMENTS_END }; // Adds entries for tlsname, `ecx`_tlsname and `ecp`_tlsname @@ -128,13 +128,16 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(frodo640aes, frodo640aes, frodo640aes, 0), OQS_GROUP_ENTRY(p256_frodo640aes, p256_frodo640aes, p256_frodo640aes, 1), - OQS_GROUP_ENTRY(x25519_frodo640aes, x25519_frodo640aes, x25519_frodo640aes, 2), + OQS_GROUP_ENTRY(x25519_frodo640aes, x25519_frodo640aes, x25519_frodo640aes, + 2), #endif #ifdef OQS_ENABLE_KEM_frodokem_640_shake OQS_GROUP_ENTRY(frodo640shake, frodo640shake, frodo640shake, 3), - OQS_GROUP_ENTRY(p256_frodo640shake, p256_frodo640shake, p256_frodo640shake, 4), - OQS_GROUP_ENTRY(x25519_frodo640shake, x25519_frodo640shake, x25519_frodo640shake, 5), + OQS_GROUP_ENTRY(p256_frodo640shake, p256_frodo640shake, p256_frodo640shake, + 4), + OQS_GROUP_ENTRY(x25519_frodo640shake, x25519_frodo640shake, + x25519_frodo640shake, 5), #endif #ifdef OQS_ENABLE_KEM_frodokem_976_aes OQS_GROUP_ENTRY(frodo976aes, frodo976aes, frodo976aes, 6), @@ -145,18 +148,22 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { #ifdef OQS_ENABLE_KEM_frodokem_976_shake OQS_GROUP_ENTRY(frodo976shake, frodo976shake, frodo976shake, 9), - OQS_GROUP_ENTRY(p384_frodo976shake, p384_frodo976shake, p384_frodo976shake, 10), - OQS_GROUP_ENTRY(x448_frodo976shake, x448_frodo976shake, x448_frodo976shake, 11), + OQS_GROUP_ENTRY(p384_frodo976shake, p384_frodo976shake, p384_frodo976shake, + 10), + OQS_GROUP_ENTRY(x448_frodo976shake, x448_frodo976shake, x448_frodo976shake, + 11), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_aes OQS_GROUP_ENTRY(frodo1344aes, frodo1344aes, frodo1344aes, 12), - OQS_GROUP_ENTRY(p521_frodo1344aes, p521_frodo1344aes, p521_frodo1344aes, 13), + OQS_GROUP_ENTRY(p521_frodo1344aes, p521_frodo1344aes, p521_frodo1344aes, + 13), #endif #ifdef OQS_ENABLE_KEM_frodokem_1344_shake OQS_GROUP_ENTRY(frodo1344shake, frodo1344shake, frodo1344shake, 14), - OQS_GROUP_ENTRY(p521_frodo1344shake, p521_frodo1344shake, p521_frodo1344shake, 15), + OQS_GROUP_ENTRY(p521_frodo1344shake, p521_frodo1344shake, + p521_frodo1344shake, 15), #endif #ifdef OQS_ENABLE_KEM_kyber_512 OQS_GROUP_ENTRY(kyber512, kyber512, kyber512, 16), @@ -211,7 +218,7 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 41), #endif -///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END + ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END }; typedef struct oqs_sigalg_constants_st { @@ -224,103 +231,202 @@ typedef struct oqs_sigalg_constants_st { static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_START - { 0xfea0, 128, TLS1_3_VERSION, 0 }, - { 0xfea1, 128, TLS1_3_VERSION, 0 }, - { 0xfea2, 128, TLS1_3_VERSION, 0 }, - { 0xfea3, 192, TLS1_3_VERSION, 0 }, - { 0xfea4, 192, TLS1_3_VERSION, 0 }, - { 0xfea5, 256, TLS1_3_VERSION, 0 }, - { 0xfea6, 256, TLS1_3_VERSION, 0 }, - { 0xfeae, 128, TLS1_3_VERSION, 0 }, - { 0xfeaf, 128, TLS1_3_VERSION, 0 }, - { 0xfeb0, 128, TLS1_3_VERSION, 0 }, - { 0xfeb1, 256, TLS1_3_VERSION, 0 }, - { 0xfeb2, 256, TLS1_3_VERSION, 0 }, - { 0xfeb3, 128, TLS1_3_VERSION, 0 }, - { 0xfeb4, 128, TLS1_3_VERSION, 0 }, - { 0xfeb5, 128, TLS1_3_VERSION, 0 }, - { 0xfeb6, 128, TLS1_3_VERSION, 0 }, - { 0xfeb7, 128, TLS1_3_VERSION, 0 }, - { 0xfeb8, 128, TLS1_3_VERSION, 0 }, - { 0xfeb9, 192, TLS1_3_VERSION, 0 }, - { 0xfeba, 192, TLS1_3_VERSION, 0 }, - { 0xfec2, 128, TLS1_3_VERSION, 0 }, - { 0xfec3, 128, TLS1_3_VERSION, 0 }, - { 0xfec4, 128, TLS1_3_VERSION, 0 }, -///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END + {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0}, + {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0}, + {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0}, + {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0}, + {0xfeaf, 128, TLS1_3_VERSION, 0}, {0xfeb0, 128, TLS1_3_VERSION, 0}, + {0xfeb1, 256, TLS1_3_VERSION, 0}, {0xfeb2, 256, TLS1_3_VERSION, 0}, + {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, + {0xfeb5, 128, TLS1_3_VERSION, 0}, {0xfeb6, 128, TLS1_3_VERSION, 0}, + {0xfeb7, 128, TLS1_3_VERSION, 0}, {0xfeb8, 128, TLS1_3_VERSION, 0}, + {0xfeb9, 192, TLS1_3_VERSION, 0}, {0xfeba, 192, TLS1_3_VERSION, 0}, + {0xfec2, 128, TLS1_3_VERSION, 0}, {0xfec3, 128, TLS1_3_VERSION, 0}, + {0xfec4, 128, TLS1_3_VERSION, 0}, + ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END }; int oqs_patch_codepoints() { ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_START - if (getenv("OQS_CODEPOINT_FRODO640AES")) oqs_group_list[0].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640AES")); - if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) oqs_group_list[1].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) oqs_group_list[2].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); - if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) oqs_group_list[3].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) oqs_group_list[4].group_id = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) oqs_group_list[5].group_id = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO976AES")) oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); - if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) oqs_group_list[7].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); - if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) oqs_group_list[8].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); - if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) oqs_group_list[9].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) oqs_group_list[10].group_id = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) oqs_group_list[11].group_id = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); - if (getenv("OQS_CODEPOINT_FRODO1344AES")) oqs_group_list[12].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) oqs_group_list[13].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); - if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) oqs_group_list[14].group_id = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) oqs_group_list[15].group_id = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); - if (getenv("OQS_CODEPOINT_KYBER512")) oqs_group_list[16].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); - if (getenv("OQS_CODEPOINT_P256_KYBER512")) oqs_group_list[17].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); - if (getenv("OQS_CODEPOINT_X25519_KYBER512")) oqs_group_list[18].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); - if (getenv("OQS_CODEPOINT_KYBER768")) oqs_group_list[19].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); - if (getenv("OQS_CODEPOINT_P384_KYBER768")) oqs_group_list[20].group_id = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); - if (getenv("OQS_CODEPOINT_X448_KYBER768")) oqs_group_list[21].group_id = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); - if (getenv("OQS_CODEPOINT_X25519_KYBER768")) oqs_group_list[22].group_id = atoi(getenv("OQS_CODEPOINT_X25519_KYBER768")); - if (getenv("OQS_CODEPOINT_P256_KYBER768")) oqs_group_list[23].group_id = atoi(getenv("OQS_CODEPOINT_P256_KYBER768")); - if (getenv("OQS_CODEPOINT_KYBER1024")) oqs_group_list[24].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); - if (getenv("OQS_CODEPOINT_P521_KYBER1024")) oqs_group_list[25].group_id = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); - if (getenv("OQS_CODEPOINT_BIKEL1")) oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); - if (getenv("OQS_CODEPOINT_P256_BIKEL1")) oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); - if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) oqs_group_list[28].group_id = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); - if (getenv("OQS_CODEPOINT_BIKEL3")) oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); - if (getenv("OQS_CODEPOINT_P384_BIKEL3")) oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); - if (getenv("OQS_CODEPOINT_X448_BIKEL3")) oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); - if (getenv("OQS_CODEPOINT_BIKEL5")) oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); - if (getenv("OQS_CODEPOINT_P521_BIKEL5")) oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); - if (getenv("OQS_CODEPOINT_HQC128")) oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); - if (getenv("OQS_CODEPOINT_P256_HQC128")) oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); - if (getenv("OQS_CODEPOINT_X25519_HQC128")) oqs_group_list[36].group_id = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); - if (getenv("OQS_CODEPOINT_HQC192")) oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); - if (getenv("OQS_CODEPOINT_P384_HQC192")) oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); - if (getenv("OQS_CODEPOINT_X448_HQC192")) oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); - if (getenv("OQS_CODEPOINT_HQC256")) oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); - if (getenv("OQS_CODEPOINT_P521_HQC256")) oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); - - if (getenv("OQS_CODEPOINT_DILITHIUM2")) oqs_sigalg_list[0].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_P256_DILITHIUM2")) oqs_sigalg_list[1].code_point = atoi(getenv("OQS_CODEPOINT_P256_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")) oqs_sigalg_list[2].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")); - if (getenv("OQS_CODEPOINT_DILITHIUM3")) oqs_sigalg_list[3].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM3")); - if (getenv("OQS_CODEPOINT_P384_DILITHIUM3")) oqs_sigalg_list[4].code_point = atoi(getenv("OQS_CODEPOINT_P384_DILITHIUM3")); - if (getenv("OQS_CODEPOINT_DILITHIUM5")) oqs_sigalg_list[5].code_point = atoi(getenv("OQS_CODEPOINT_DILITHIUM5")); - if (getenv("OQS_CODEPOINT_P521_DILITHIUM5")) oqs_sigalg_list[6].code_point = atoi(getenv("OQS_CODEPOINT_P521_DILITHIUM5")); - if (getenv("OQS_CODEPOINT_FALCON512")) oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_FALCON512")); - if (getenv("OQS_CODEPOINT_P256_FALCON512")) oqs_sigalg_list[8].code_point = atoi(getenv("OQS_CODEPOINT_P256_FALCON512")); - if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) oqs_sigalg_list[9].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); - if (getenv("OQS_CODEPOINT_FALCON1024")) oqs_sigalg_list[10].code_point = atoi(getenv("OQS_CODEPOINT_FALCON1024")); - if (getenv("OQS_CODEPOINT_P521_FALCON1024")) oqs_sigalg_list[11].code_point = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[12].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[13].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) oqs_sigalg_list[14].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[15].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[16].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) oqs_sigalg_list[17].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) oqs_sigalg_list[18].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); - if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) oqs_sigalg_list[19].code_point = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); - if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[20].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); - if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[21].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); - if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) oqs_sigalg_list[22].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); -///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END + if (getenv("OQS_CODEPOINT_FRODO640AES")) + oqs_group_list[0].group_id = atoi(getenv("OQS_CODEPOINT_FRODO640AES")); + if (getenv("OQS_CODEPOINT_P256_FRODO640AES")) + oqs_group_list[1].group_id + = atoi(getenv("OQS_CODEPOINT_P256_FRODO640AES")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640AES")) + oqs_group_list[2].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640AES")); + if (getenv("OQS_CODEPOINT_FRODO640SHAKE")) + oqs_group_list[3].group_id + = atoi(getenv("OQS_CODEPOINT_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")) + oqs_group_list[4].group_id + = atoi(getenv("OQS_CODEPOINT_P256_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")) + oqs_group_list[5].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_FRODO640SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO976AES")) + oqs_group_list[6].group_id = atoi(getenv("OQS_CODEPOINT_FRODO976AES")); + if (getenv("OQS_CODEPOINT_P384_FRODO976AES")) + oqs_group_list[7].group_id + = atoi(getenv("OQS_CODEPOINT_P384_FRODO976AES")); + if (getenv("OQS_CODEPOINT_X448_FRODO976AES")) + oqs_group_list[8].group_id + = atoi(getenv("OQS_CODEPOINT_X448_FRODO976AES")); + if (getenv("OQS_CODEPOINT_FRODO976SHAKE")) + oqs_group_list[9].group_id + = atoi(getenv("OQS_CODEPOINT_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")) + oqs_group_list[10].group_id + = atoi(getenv("OQS_CODEPOINT_P384_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")) + oqs_group_list[11].group_id + = atoi(getenv("OQS_CODEPOINT_X448_FRODO976SHAKE")); + if (getenv("OQS_CODEPOINT_FRODO1344AES")) + oqs_group_list[12].group_id + = atoi(getenv("OQS_CODEPOINT_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344AES")) + oqs_group_list[13].group_id + = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344AES")); + if (getenv("OQS_CODEPOINT_FRODO1344SHAKE")) + oqs_group_list[14].group_id + = atoi(getenv("OQS_CODEPOINT_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")) + oqs_group_list[15].group_id + = atoi(getenv("OQS_CODEPOINT_P521_FRODO1344SHAKE")); + if (getenv("OQS_CODEPOINT_KYBER512")) + oqs_group_list[16].group_id = atoi(getenv("OQS_CODEPOINT_KYBER512")); + if (getenv("OQS_CODEPOINT_P256_KYBER512")) + oqs_group_list[17].group_id + = atoi(getenv("OQS_CODEPOINT_P256_KYBER512")); + if (getenv("OQS_CODEPOINT_X25519_KYBER512")) + oqs_group_list[18].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_KYBER512")); + if (getenv("OQS_CODEPOINT_KYBER768")) + oqs_group_list[19].group_id = atoi(getenv("OQS_CODEPOINT_KYBER768")); + if (getenv("OQS_CODEPOINT_P384_KYBER768")) + oqs_group_list[20].group_id + = atoi(getenv("OQS_CODEPOINT_P384_KYBER768")); + if (getenv("OQS_CODEPOINT_X448_KYBER768")) + oqs_group_list[21].group_id + = atoi(getenv("OQS_CODEPOINT_X448_KYBER768")); + if (getenv("OQS_CODEPOINT_X25519_KYBER768")) + oqs_group_list[22].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_KYBER768")); + if (getenv("OQS_CODEPOINT_P256_KYBER768")) + oqs_group_list[23].group_id + = atoi(getenv("OQS_CODEPOINT_P256_KYBER768")); + if (getenv("OQS_CODEPOINT_KYBER1024")) + oqs_group_list[24].group_id = atoi(getenv("OQS_CODEPOINT_KYBER1024")); + if (getenv("OQS_CODEPOINT_P521_KYBER1024")) + oqs_group_list[25].group_id + = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); + if (getenv("OQS_CODEPOINT_BIKEL1")) + oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); + if (getenv("OQS_CODEPOINT_P256_BIKEL1")) + oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); + if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) + oqs_group_list[28].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); + if (getenv("OQS_CODEPOINT_BIKEL3")) + oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); + if (getenv("OQS_CODEPOINT_P384_BIKEL3")) + oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); + if (getenv("OQS_CODEPOINT_X448_BIKEL3")) + oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); + if (getenv("OQS_CODEPOINT_BIKEL5")) + oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); + if (getenv("OQS_CODEPOINT_P521_BIKEL5")) + oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); + if (getenv("OQS_CODEPOINT_HQC128")) + oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); + if (getenv("OQS_CODEPOINT_P256_HQC128")) + oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); + if (getenv("OQS_CODEPOINT_X25519_HQC128")) + oqs_group_list[36].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); + if (getenv("OQS_CODEPOINT_HQC192")) + oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); + if (getenv("OQS_CODEPOINT_P384_HQC192")) + oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); + if (getenv("OQS_CODEPOINT_X448_HQC192")) + oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); + if (getenv("OQS_CODEPOINT_HQC256")) + oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); + if (getenv("OQS_CODEPOINT_P521_HQC256")) + oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); + + if (getenv("OQS_CODEPOINT_DILITHIUM2")) + oqs_sigalg_list[0].code_point + = atoi(getenv("OQS_CODEPOINT_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_P256_DILITHIUM2")) + oqs_sigalg_list[1].code_point + = atoi(getenv("OQS_CODEPOINT_P256_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")) + oqs_sigalg_list[2].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_DILITHIUM2")); + if (getenv("OQS_CODEPOINT_DILITHIUM3")) + oqs_sigalg_list[3].code_point + = atoi(getenv("OQS_CODEPOINT_DILITHIUM3")); + if (getenv("OQS_CODEPOINT_P384_DILITHIUM3")) + oqs_sigalg_list[4].code_point + = atoi(getenv("OQS_CODEPOINT_P384_DILITHIUM3")); + if (getenv("OQS_CODEPOINT_DILITHIUM5")) + oqs_sigalg_list[5].code_point + = atoi(getenv("OQS_CODEPOINT_DILITHIUM5")); + if (getenv("OQS_CODEPOINT_P521_DILITHIUM5")) + oqs_sigalg_list[6].code_point + = atoi(getenv("OQS_CODEPOINT_P521_DILITHIUM5")); + if (getenv("OQS_CODEPOINT_FALCON512")) + oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_FALCON512")); + if (getenv("OQS_CODEPOINT_P256_FALCON512")) + oqs_sigalg_list[8].code_point + = atoi(getenv("OQS_CODEPOINT_P256_FALCON512")); + if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) + oqs_sigalg_list[9].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); + if (getenv("OQS_CODEPOINT_FALCON1024")) + oqs_sigalg_list[10].code_point + = atoi(getenv("OQS_CODEPOINT_FALCON1024")); + if (getenv("OQS_CODEPOINT_P521_FALCON1024")) + oqs_sigalg_list[11].code_point + = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) + oqs_sigalg_list[12].code_point + = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) + oqs_sigalg_list[13].code_point + = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) + oqs_sigalg_list[14].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) + oqs_sigalg_list[15].code_point + = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) + oqs_sigalg_list[16].code_point + = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) + oqs_sigalg_list[17].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) + oqs_sigalg_list[18].code_point + = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); + if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) + oqs_sigalg_list[19].code_point + = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); + if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) + oqs_sigalg_list[20].code_point + = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); + if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) + oqs_sigalg_list[21].code_point + = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); + if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) + oqs_sigalg_list[22].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); + ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END return 1; } @@ -360,48 +466,72 @@ static int oqs_group_capability(OSSL_CALLBACK *cb, void *arg) static const OSSL_PARAM oqs_param_sigalg_list[][12] = { ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_START -#ifdef OQS_ENABLE_SIG_dilithium_2 - OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2, "1.3.6.1.4.1.2.267.7.4.4", 0), - OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2, "1.3.9999.2.7.1", 1), - OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2, "1.3.9999.2.7.2", 2), -#endif -#ifdef OQS_ENABLE_SIG_dilithium_3 - OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3, "1.3.6.1.4.1.2.267.7.6.5", 3), - OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3, "1.3.9999.2.7.3", 4), -#endif -#ifdef OQS_ENABLE_SIG_dilithium_5 - OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5, "1.3.6.1.4.1.2.267.7.8.7", 5), - OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, "1.3.9999.2.7.4", 6), -#endif -#ifdef OQS_ENABLE_SIG_falcon_512 +# ifdef OQS_ENABLE_SIG_dilithium_2 + OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2, + "1.3.6.1.4.1.2.267.7.4.4", 0), + OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2, + "1.3.9999.2.7.1", 1), + OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2, + "1.3.9999.2.7.2", 2), +# endif +# ifdef OQS_ENABLE_SIG_dilithium_3 + OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3, + "1.3.6.1.4.1.2.267.7.6.5", 3), + OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3, + "1.3.9999.2.7.3", 4), +# endif +# ifdef OQS_ENABLE_SIG_dilithium_5 + OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5, + "1.3.6.1.4.1.2.267.7.8.7", 5), + OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, + "1.3.9999.2.7.4", 6), +# endif +# ifdef OQS_ENABLE_SIG_falcon_512 OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 7), - OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, "1.3.9999.3.7", 8), - OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, "1.3.9999.3.8", 9), -#endif -#ifdef OQS_ENABLE_SIG_falcon_1024 + OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, + "1.3.9999.3.7", 8), + OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, + "1.3.9999.3.8", 9), +# endif +# ifdef OQS_ENABLE_SIG_falcon_1024 OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 10), - OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, "1.3.9999.3.10", 11), -#endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple - OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, sphincssha2128fsimple, "1.3.9999.6.4.13", 12), - OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 13), - OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 14), -#endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple - OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, sphincssha2128ssimple, "1.3.9999.6.4.16", 15), - OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 16), - OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 17), -#endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple - OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, sphincssha2192fsimple, "1.3.9999.6.5.10", 18), - OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 19), -#endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple - OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, sphincsshake128fsimple, "1.3.9999.6.7.13", 20), - OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 21), - OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 22), -#endif -///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END + OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, + "1.3.9999.3.10", 11), +# endif +# ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple + OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, + sphincssha2128fsimple, "1.3.9999.6.4.13", 12), + OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, + p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 13), + OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, + rsa3072_sphincssha2128fsimple, + rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 14), +# endif +# ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple + OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, + sphincssha2128ssimple, "1.3.9999.6.4.16", 15), + OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, + p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 16), + OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, + rsa3072_sphincssha2128ssimple, + rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 17), +# endif +# ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple + OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, + sphincssha2192fsimple, "1.3.9999.6.5.10", 18), + OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, + p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 19), +# endif +# ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple + OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, + sphincsshake128fsimple, "1.3.9999.6.7.13", 20), + OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, + p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 21), + OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, + rsa3072_sphincsshake128fsimple, + rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 22), +# endif + ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END }; static int oqs_sigalg_capability(OSSL_CALLBACK *cb, void *arg) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 30d6835d..3b28743a 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -53,103 +53,120 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START - - - - #ifdef OQS_KEM_ENCODERS -#define NID_TABLE_LEN 81 +# define NID_TABLE_LEN 81 #else -#define NID_TABLE_LEN 39 +# define NID_TABLE_LEN 39 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { #ifdef OQS_KEM_ENCODERS - { 0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128 }, - { 0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM , 128 }, - { 0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECX_HYB_KEM , 128 }, - { 0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128 }, - { 0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_ECP_HYB_KEM , 128 }, - { 0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_ECX_HYB_KEM , 128 }, - { 0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192 }, - { 0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192 }, - { 0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256 }, - { 0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_ECP_HYB_KEM , 256 }, - { 0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256 }, - { 0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_ECP_HYB_KEM , 256 }, - { 0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128 }, - { 0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM , 128 }, - { 0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM , 128 }, - { 0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192 }, - { 0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256 }, - { 0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM , 256 }, - { 0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128 }, - { 0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM , 128 }, - { 0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM , 128 }, - { 0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192 }, - { 0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256 }, - { 0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM , 256 }, - { 0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128 }, - { 0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM , 128 }, - { 0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM , 128 }, - { 0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192 }, - { 0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM , 192 }, - { 0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM , 192 }, - { 0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256 }, - { 0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM , 256 }, + {0, "frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_KEM, 128}, + {0, "p256_frodo640aes", OQS_KEM_alg_frodokem_640_aes, KEY_TYPE_ECP_HYB_KEM, + 128}, + {0, "x25519_frodo640aes", OQS_KEM_alg_frodokem_640_aes, + KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "frodo640shake", OQS_KEM_alg_frodokem_640_shake, KEY_TYPE_KEM, 128}, + {0, "p256_frodo640shake", OQS_KEM_alg_frodokem_640_shake, + KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_frodo640shake", OQS_KEM_alg_frodokem_640_shake, + KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_KEM, 192}, + {0, "p384_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECP_HYB_KEM, + 192}, + {0, "x448_frodo976aes", OQS_KEM_alg_frodokem_976_aes, KEY_TYPE_ECX_HYB_KEM, + 192}, + {0, "frodo976shake", OQS_KEM_alg_frodokem_976_shake, KEY_TYPE_KEM, 192}, + {0, "p384_frodo976shake", OQS_KEM_alg_frodokem_976_shake, + KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_frodo976shake", OQS_KEM_alg_frodokem_976_shake, + KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, KEY_TYPE_KEM, 256}, + {0, "p521_frodo1344aes", OQS_KEM_alg_frodokem_1344_aes, + KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, KEY_TYPE_KEM, 256}, + {0, "p521_frodo1344shake", OQS_KEM_alg_frodokem_1344_shake, + KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_KEM, 128}, + {0, "p256_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_kyber512", OQS_KEM_alg_kyber_512, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_KEM, 192}, + {0, "p384_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "x25519_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256}, + {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, + {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_KEM, 192}, + {0, "p384_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_bikel3", OQS_KEM_alg_bike_l3, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_KEM, 256}, + {0, "p521_bikel5", OQS_KEM_alg_bike_l5, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_KEM, 128}, + {0, "p256_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_hqc128", OQS_KEM_alg_hqc_128, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_KEM, 192}, + {0, "p384_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_hqc192", OQS_KEM_alg_hqc_192, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_KEM, 256}, + {0, "p521_hqc256", OQS_KEM_alg_hqc_256, KEY_TYPE_ECP_HYB_KEM, 256}, #endif /* OQS_KEM_ENCODERS */ - { 0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128 }, - { 0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128 }, - { 0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128 }, - { 0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112 }, - { 0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112 }, - { 0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256 }, - { 0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192 }, - { 0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192 }, - { 0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256 }, - { 0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128 }, - { 0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256 }, - { 0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256 }, - { 0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192 }, - { 0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384 }, - { 0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192 }, - { 0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128 }, - { 0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128 }, - { 0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128 }, - { 0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128 }, - { 0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256 }, - { 0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128 }, - { 0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256 }, - { 0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256 }, - { 0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_SIG, 128 }, - { 0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_HYB_SIG, 128 }, - { 0, "rsa3072_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_HYB_SIG, 128 }, - { 0, "sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_SIG, 128 }, - { 0, "p256_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_HYB_SIG, 128 }, - { 0, "rsa3072_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, KEY_TYPE_HYB_SIG, 128 }, - { 0, "sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, KEY_TYPE_SIG, 192 }, - { 0, "p384_sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, KEY_TYPE_HYB_SIG, 192 }, - { 0, "sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_SIG, 128 }, - { 0, "p256_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128 }, - { 0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, KEY_TYPE_HYB_SIG, 128 }, -///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END + {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, + {0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, + {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, + {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, + {0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192}, + {0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192}, + {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, + {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, + {0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256}, + {0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256}, + {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, + {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, + {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, + {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, + {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, + {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, + {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, + {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, + {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, + {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, + KEY_TYPE_SIG, 128}, + {0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, + KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, + KEY_TYPE_HYB_SIG, 128}, + {0, "sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, + KEY_TYPE_SIG, 128}, + {0, "p256_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, + KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_sphincssha2128ssimple", OQS_SIG_alg_sphincs_sha2_128s_simple, + KEY_TYPE_HYB_SIG, 128}, + {0, "sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, + KEY_TYPE_SIG, 192}, + {0, "p384_sphincssha2192fsimple", OQS_SIG_alg_sphincs_sha2_192f_simple, + KEY_TYPE_HYB_SIG, 192}, + {0, "sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, + KEY_TYPE_SIG, 128}, + {0, "p256_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, + KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_sphincsshake128fsimple", OQS_SIG_alg_sphincs_shake_128f_simple, + KEY_TYPE_HYB_SIG, 128}, + ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_END }; int oqs_set_nid(char *tlsname, int nid) From aaa5c1b2e6f8bc6d459715191f79e36b4a1ae49d Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 19 Dec 2023 15:02:21 -0600 Subject: [PATCH 093/160] fixed DOQS_KEM_ENCODERS=ON --- oqsprov/oqsprov_keys.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 3b28743a..b2ec8f96 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -824,7 +824,8 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, /* Recreate EVP data structure after import. RetVal 0 is error. */ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { - if (key->keytype == KEY_TYPE_HYB_SIG) { // hybrid key + if ((key->keytype != KEY_TYPE_CMP_SIG) + && (key->numkeys == 2)) { // hybrid key int classical_pubkey_len, classical_privkey_len; if (!key->evp_info) { ERR_raise(ERR_LIB_USER, OQSPROV_R_EVPINFO_MISSING); From 27fcea99abb5933b47f1e499ead49c5466143770 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 21 Dec 2023 09:16:46 -0600 Subject: [PATCH 094/160] added composite to README.md and ALGORITHMS.md && inverted logic for KEM_ENCODERS=ON to optimize condition checks --- ALGORITHMS.md | 16 +++ README.md | 10 +- oqs-template/ALGORITHMS.md/oids.fragment | 3 + oqs-template/README.md/algs.fragment | 1 + oqsprov/oqsprov_keys.c | 157 ++++++++++++----------- 5 files changed, 105 insertions(+), 82 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 314ba3cb..b5d668aa 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -122,13 +122,29 @@ adapting the OIDs of all supported signature algorithms as per the table below. | dilithium2 | 1.3.6.1.4.1.2.267.7.4.4 |Yes| OQS_OID_DILITHIUM2 | p256_dilithium2 | 1.3.9999.2.7.1 |Yes| OQS_OID_P256_DILITHIUM2 | rsa3072_dilithium2 | 1.3.9999.2.7.2 |Yes| OQS_OID_RSA3072_DILITHIUM2 +| dilithium2_pss2048 | 2.16.840.1.114027.80.8.1.1 |Yes| OQS_OID_DILITHIUM2_pss2048 +| dilithium2_rsa2048 | 2.16.840.1.114027.80.8.1.2 |Yes| OQS_OID_DILITHIUM2_rsa2048 +| dilithium2_ed25519 | 2.16.840.1.114027.80.8.1.3 |Yes| OQS_OID_DILITHIUM2_ed25519 +| dilithium2_p256 | 2.16.840.1.114027.80.8.1.4 |Yes| OQS_OID_DILITHIUM2_p256 +| dilithium2_bp256 | 2.16.840.1.114027.80.8.1.5 |Yes| OQS_OID_DILITHIUM2_bp256 | dilithium3 | 1.3.6.1.4.1.2.267.7.6.5 |Yes| OQS_OID_DILITHIUM3 | p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3 +| dilithium3_pss3072 | 2.16.840.1.114027.80.8.1.6 |Yes| OQS_OID_DILITHIUM3_pss3072 +| dilithium3_rsa3072 | 2.16.840.1.114027.80.8.1.7 |Yes| OQS_OID_DILITHIUM3_rsa3072 +| dilithium3_p256 | 2.16.840.1.114027.80.8.1.8 |Yes| OQS_OID_DILITHIUM3_p256 +| dilithium3_bp256 | 2.16.840.1.114027.80.8.1.9 |Yes| OQS_OID_DILITHIUM3_bp256 +| dilithium3_ed25519 | 2.16.840.1.114027.80.8.1.10 |Yes| OQS_OID_DILITHIUM3_ed25519 | dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5 | p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5 +| dilithium5_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_DILITHIUM5_p384 +| dilithium5_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_DILITHIUM5_bp384 +| dilithium5_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_DILITHIUM5_ed448 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 +| falcon512_p256 | 2.16.840.1.114027.80.8.1.14 |Yes| OQS_OID_FALCON512_p256 +| falcon512_bp256 | 2.16.840.1.114027.80.8.1.15 |Yes| OQS_OID_FALCON512_bp256 +| falcon512_ed25519 | 2.16.840.1.114027.80.8.1.16 |Yes| OQS_OID_FALCON512_ed25519 | falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024 | p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024 | sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE diff --git a/README.md b/README.md index c30af18b..449d3cad 100644 --- a/README.md +++ b/README.md @@ -43,8 +43,8 @@ This implementation makes available the following quantum safe algorithms: ### Signature algorithms -- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* -- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* +- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium2_pss2048`\*, `dilithium2_rsa2048`\*, `dilithium2_ed25519`\*, `dilithium2_p256`\*, `dilithium2_bp256`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium3_pss3072`\*, `dilithium3_rsa3072`\*, `dilithium3_p256`\*, `dilithium3_bp256`\*, `dilithium3_ed25519`\*, `dilithium5`\*, `p521_dilithium5`\*, `dilithium5_p384`\*, `dilithium5_bp384`\*, `dilithium5_ed448`\* +- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon512_p256`\*, `falcon512_bp256`\*, `falcon512_ed25519`\*, `falcon1024`\*, `p521_falcon1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple` @@ -63,9 +63,11 @@ TLS operations. This designation [can be changed by modifying the "enabled" flags in the main algorithm configuration file](CONFIGURE.md#pre-build-configuration). In order to support parallel use of classic and quantum-safe cryptography -this provider also provides different hybrid algorithms, combining classic -and quantum-safe methods: These are listed above with a prefix denoting a +this provider also provides different hybrid and composite algorithms, combining classic +and quantum-safe methods: For hybrid, these are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". +For composite, these are listed above with a suffix denoting a +classic algorithm, e.g., for elliptic curve: "_p256". A full list of algorithms, their interoperability code points and OIDs as well as a method to dynamically adapt them, e.g., for interoperability testing are diff --git a/oqs-template/ALGORITHMS.md/oids.fragment b/oqs-template/ALGORITHMS.md/oids.fragment index cea8c3c3..0e04d830 100644 --- a/oqs-template/ALGORITHMS.md/oids.fragment +++ b/oqs-template/ALGORITHMS.md/oids.fragment @@ -8,6 +8,9 @@ {%- for classical_alg in variant['mix_with'] %} | {{ classical_alg['name'] }}_{{variant['name']}} | {{ classical_alg['oid'] }} | {%- if variant['enable'] -%} Yes {%- else -%} No {%- endif -%} | OQS_OID_{{ classical_alg['name']|upper }}_{{ variant['name']|upper }} {%- endfor %} + {%- for composite_alg in variant['composite'] %} +| {{variant['name']}}_{{ composite_alg['name'] }} | {{ composite_alg['oid'] }} | {%- if variant['enable'] -%} Yes {%- else -%} No {%- endif -%} | OQS_OID_{{ variant['name']|upper }}_{{ composite_alg['name'] }} + {%- endfor %} {%- endfor %} {%- endfor %} diff --git a/oqs-template/README.md/algs.fragment b/oqs-template/README.md/algs.fragment index 17e0785c..e13eb0b2 100644 --- a/oqs-template/README.md/algs.fragment +++ b/oqs-template/README.md/algs.fragment @@ -12,6 +12,7 @@ `{{ variant['name'] }}` {%- if variant['enable'] -%} \* {%- endif -%} {%- for classical_alg in variant['mix_with'] -%} , `{{ classical_alg['name']}}_{{ variant['name'] }}`{%- if variant['enable'] -%} \* {%- endif -%}{%- endfor -%} +{%- for composite_alg in variant['composite'] -%} , `{{ variant['name'] }}_{{ composite_alg['name']}}`{%- if variant['enable'] -%} \* {%- endif -%}{%- endfor -%} {%- if not loop.last %}, {% endif -%} {%- endfor -%} {%- endif -%} diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index b2ec8f96..ad5e0f6f 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -824,84 +824,6 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, /* Recreate EVP data structure after import. RetVal 0 is error. */ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) { - if ((key->keytype != KEY_TYPE_CMP_SIG) - && (key->numkeys == 2)) { // hybrid key - int classical_pubkey_len, classical_privkey_len; - if (!key->evp_info) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_EVPINFO_MISSING); - goto rec_err; - } - if (op == KEY_OP_PUBLIC) { - const unsigned char *enc_pubkey = key->comp_pubkey[0]; - DECODE_UINT32(classical_pubkey_len, key->pubkey); - if (key->evp_info->raw_key_support) { - key->classical_pkey = EVP_PKEY_new_raw_public_key( - key->evp_info->keytype, NULL, enc_pubkey, - classical_pubkey_len); - if (!key->classical_pkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; - } - } else { - EVP_PKEY *npk = EVP_PKEY_new(); - if (key->evp_info->keytype != EVP_PKEY_RSA) { - npk = setECParams(npk, key->evp_info->nid); - } - key->classical_pkey - = d2i_PublicKey(key->evp_info->keytype, &npk, &enc_pubkey, - classical_pubkey_len); - if (!key->classical_pkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - EVP_PKEY_free(npk); - goto rec_err; - } - } - } - if (op == KEY_OP_PRIVATE) { - DECODE_UINT32(classical_privkey_len, key->privkey); - const unsigned char *enc_privkey = key->comp_privkey[0]; - unsigned char *enc_pubkey = key->comp_pubkey[0]; - if (key->evp_info->raw_key_support) { - key->classical_pkey = EVP_PKEY_new_raw_private_key( - key->evp_info->keytype, NULL, enc_privkey, - classical_privkey_len); - if (!key->classical_pkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; - } -#ifndef NOPUBKEY_IN_PRIVKEY - // re-create classic public key part from private key: - size_t pubkeylen; - - EVP_PKEY_get_raw_public_key(key->classical_pkey, NULL, - &pubkeylen); - if (pubkeylen != key->evp_info->length_public_key - || EVP_PKEY_get_raw_public_key(key->classical_pkey, - enc_pubkey, &pubkeylen) - != 1) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; - } -#endif - } else { - key->classical_pkey - = d2i_PrivateKey(key->evp_info->keytype, NULL, &enc_privkey, - classical_privkey_len); - if (!key->classical_pkey) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; - } -#ifndef NOPUBKEY_IN_PRIVKEY - // re-create classic public key part from private key: - int pubkeylen = i2d_PublicKey(key->classical_pkey, &enc_pubkey); - if (pubkeylen != key->evp_info->length_public_key) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto rec_err; - } -#endif - } - } - } if (key->keytype == KEY_TYPE_CMP_SIG) { int i; if (op == KEY_OP_PUBLIC) { @@ -1001,6 +923,85 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) OPENSSL_free(name); } } + } else { + if ((key->numkeys == 2)) { // hybrid key + int classical_pubkey_len, classical_privkey_len; + if (!key->evp_info) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_EVPINFO_MISSING); + goto rec_err; + } + if (op == KEY_OP_PUBLIC) { + const unsigned char *enc_pubkey = key->comp_pubkey[0]; + DECODE_UINT32(classical_pubkey_len, key->pubkey); + if (key->evp_info->raw_key_support) { + key->classical_pkey = EVP_PKEY_new_raw_public_key( + key->evp_info->keytype, NULL, enc_pubkey, + classical_pubkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } + } else { + EVP_PKEY *npk = EVP_PKEY_new(); + if (key->evp_info->keytype != EVP_PKEY_RSA) { + npk = setECParams(npk, key->evp_info->nid); + } + key->classical_pkey + = d2i_PublicKey(key->evp_info->keytype, &npk, + &enc_pubkey, classical_pubkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + EVP_PKEY_free(npk); + goto rec_err; + } + } + } + if (op == KEY_OP_PRIVATE) { + DECODE_UINT32(classical_privkey_len, key->privkey); + const unsigned char *enc_privkey = key->comp_privkey[0]; + unsigned char *enc_pubkey = key->comp_pubkey[0]; + if (key->evp_info->raw_key_support) { + key->classical_pkey = EVP_PKEY_new_raw_private_key( + key->evp_info->keytype, NULL, enc_privkey, + classical_privkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#ifndef NOPUBKEY_IN_PRIVKEY + // re-create classic public key part from private key: + size_t pubkeylen; + + EVP_PKEY_get_raw_public_key(key->classical_pkey, NULL, + &pubkeylen); + if (pubkeylen != key->evp_info->length_public_key + || EVP_PKEY_get_raw_public_key(key->classical_pkey, + enc_pubkey, &pubkeylen) + != 1) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#endif + } else { + key->classical_pkey + = d2i_PrivateKey(key->evp_info->keytype, NULL, + &enc_privkey, classical_privkey_len); + if (!key->classical_pkey) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#ifndef NOPUBKEY_IN_PRIVKEY + // re-create classic public key part from private key: + int pubkeylen + = i2d_PublicKey(key->classical_pkey, &enc_pubkey); + if (pubkeylen != key->evp_info->length_public_key) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto rec_err; + } +#endif + } + } + } } return 1; From e7971e993bb49bd9f8471618a49886124bcf22a5 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sun, 24 Dec 2023 13:16:35 +0100 Subject: [PATCH 095/160] 0.5.3 release --- .github/workflows/linux.yml | 4 ++-- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 4 +++- CMakeLists.txt | 2 +- RELEASE.md | 36 +++++++++++++++++++++++++++++++++-- 5 files changed, 41 insertions(+), 7 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 057845c4..7d03a91c 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -50,7 +50,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - name: Full build - run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh + run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} LIBOQS_BRANCH=0.9.1 ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test @@ -189,7 +189,7 @@ jobs: - name: Clone and build liboqs for linux-aarch64 working-directory: /opt/ run: | - git clone --depth=1 --branch main https://github.com/open-quantum-safe/liboqs.git liboqs + git clone --depth=1 --branch 0.9.1 https://github.com/open-quantum-safe/liboqs.git liboqs cd liboqs mkdir build install cmake --toolchain "${CMAKE_TOOLCHAIN_FILE}" \ diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 6ecc434f..96835adb 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -35,7 +35,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: main + ref: 0.9.1 path: liboqs - name: Retrieve OpenSSL32 from cache id: cache-openssl32 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 7e75aa91..438bb4ab 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -38,7 +38,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: main + ref: 0.9.1 path: liboqs - name: Install cygwin uses: cygwin/cygwin-install-action@master @@ -125,6 +125,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs + ref: 0.9.1 path: liboqs - uses: ilammy/msvc-dev-cmd@v1 with: @@ -237,6 +238,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs + ref: 0.9.1 path: liboqs - uses: ilammy/msvc-dev-cmd@v1 with: diff --git a/CMakeLists.txt b/CMakeLists.txt index fad726df..632f44cc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ else() cmake_minimum_required(VERSION 3.0 FATAL_ERROR) endif() project(oqs-provider LANGUAGES C) -set(OQSPROVIDER_VERSION_TEXT "0.5.3-dev") +set(OQSPROVIDER_VERSION_TEXT "0.5.3") set(CMAKE_C_STANDARD 11) set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS ON) if(CMAKE_BUILD_TYPE STREQUAL "Debug") diff --git a/RELEASE.md b/RELEASE.md index 0959a5a4..b545549e 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,4 +1,4 @@ -# oqs-provider 0.5.3-dev +# oqs-provider 0.5.3 ## About @@ -14,10 +14,42 @@ Further details on building, testing and use can be found in [README.md](https:/ ## Release notes -This is version 0.5.3-dev of oqs-provider. +This is version 0.5.3 of oqs-provider. +### Security considerations + +This improves a non-constant time issue in previous releases for Kyber. + +### What's New + +This release continues from the 0.5.2 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This release is guaranteed to be in sync with v0.9.1 of `liboqs`. + +This release also makes available ready-to-run binaries for Linux (.so), Windows (.dll) and MacOS (.dylib) compiled for `x64` CPUs. Activation and use is documented in [USAGE.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/USAGE.md). +### Additional new feature highlights + +- Kyber code update addressing constant time property +- Code point updates for HQC following code updates in `liboqs` +- Document project governance + +## What's Changed +* Clarify liboqs_DIR naming convention by @ajbozarth in https://github.com/open-quantum-safe/oqs-provider/pull/292 +* check empty params lists passed by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/296 +* Fix minor typos in documentation by @johnma14 in https://github.com/open-quantum-safe/oqs-provider/pull/304 +* HQC code point update by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/306 +* Fix broken circleci job for macOS by @johnma14 in https://github.com/open-quantum-safe/oqs-provider/pull/305 +* Contribution policy by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/286 +* Fix link in GOVERNANCE.md [skip ci] by @pi-314159 in https://github.com/open-quantum-safe/oqs-provider/pull/309 +* Add a example of how to load oqsprovider using `OSSL_PROVIDER_add_builtin`. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/308 +* Get Windows CI to work again by @qnfm in https://github.com/open-quantum-safe/oqs-provider/pull/310 +* Use `build` directory instead of `_build`. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/314 + +## New Contributors +* @ajbozarth made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/292 +* @johnma14 made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/304 +* @pi-314159 made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/309 +**Full Changelog**: https://github.com/open-quantum-safe/oqs-provider/compare/0.5.2...0.5.3 Previous Release Notes ====================== From e4e0164b499320a13d82595acaeff6519bb9503f Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sun, 24 Dec 2023 14:33:53 +0100 Subject: [PATCH 096/160] correct upstream and Windows CI snafus (#322) Enabling 0.5.3 release --- .github/workflows/linux.yml | 23 ++++++++++++----------- .github/workflows/windows.yml | 4 ++-- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7d03a91c..cf45ea3f 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -55,17 +55,18 @@ jobs: run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V - - name: Verify nothing changes on re-generate code - run: | - apt-get update && apt-get install -y clang-format && \ - git config --global user.name "ciuser" && \ - git config --global user.email "ci@openquantumsafe.org" && \ - git config --global --add safe.directory `pwd` && \ - export LIBOQS_SRC_DIR=`pwd`/liboqs && \ - ! pip3 install -r oqs-template/requirements.txt 2>&1 | grep ERROR && \ - python3 oqs-template/generate.py && \ - find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format -i && \ - ! git status | grep modified +# Need to disable due to missing HQC update cherry-pick in liboqs release: +# - name: Verify nothing changes on re-generate code +# run: | +# apt-get update && apt-get install -y clang-format && \ +# git config --global user.name "ciuser" && \ +# git config --global user.email "ci@openquantumsafe.org" && \ +# git config --global --add safe.directory `pwd` && \ +# export LIBOQS_SRC_DIR=`pwd`/liboqs && \ +# ! pip3 install -r oqs-template/requirements.txt 2>&1 | grep ERROR && \ +# python3 oqs-template/generate.py && \ +# find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format -i && \ +# ! git status | grep modified - name: Build .deb install package run: cpack working-directory: build diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 438bb4ab..5304d1ac 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -155,7 +155,7 @@ jobs: working-directory: liboqs - name: prepare the OpenSSL build directory if: steps.cache-openssl32.outputs.cache-hit != 'true' - run: mkdir build + run: mkdir _build working-directory: openssl - name: OpenSSL config if: steps.cache-openssl32.outputs.cache-hit != 'true' @@ -265,7 +265,7 @@ jobs: working-directory: liboqs - name: prepare the OpenSSL build directory if: steps.cache-openssl32n.outputs.cache-hit != 'true' - run: mkdir build + run: mkdir _build working-directory: openssl - name: OpenSSL config if: steps.cache-openssl32n.outputs.cache-hit != 'true' From 9a483f39bf9759d9938ecb14e823f7acb7912893 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 28 Dec 2023 08:07:25 +0100 Subject: [PATCH 097/160] Revert "Use `build` directory instead of `_build`. (#314)" (#325) This reverts commit f205f116a82ea981278313b7bf2d9032c0710821. --- .circleci/config.yml | 36 +++++++++++++-------------- .github/workflows/linux.yml | 8 +++--- .github/workflows/macos.yml | 14 +++++------ .github/workflows/standalone.yml | 6 ++--- .github/workflows/windows.yml | 42 ++++++++++++++++---------------- .gitignore | 4 +-- ALGORITHMS.md | 2 +- NOTES-UNIX.md | 14 +++++------ NOTES-Windows.md | 12 ++++----- README.md | 10 ++++---- scripts/common.py | 4 +-- scripts/fullbuild.sh | 14 +++++------ scripts/release-test.sh | 4 +-- scripts/runtests.sh | 4 +-- 14 files changed, 87 insertions(+), 87 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index b14d8626..c900afdb 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -41,7 +41,7 @@ jobs: name: Clone and build liboqs (<< parameters.CMAKE_ARGS >>) command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && - cd liboqs && mkdir build && cd build && + cd liboqs && mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DCMAKE_INSTALL_PREFIX=$(pwd)/../../.local .. && ninja install && cd .. && cd .. && pwd - when: @@ -61,9 +61,9 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. + mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - when: condition: @@ -76,15 +76,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. + mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir build/ + ctest --test-dir _build/ else ./scripts/runtests.sh -V fi @@ -107,15 +107,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - rm -rf build && mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja + rm -rf _build && mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - run: name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON) command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir build/ + ctest --test-dir _build/ else ./scripts/runtests.sh -V fi @@ -159,7 +159,7 @@ jobs: name: Clone and build liboqs command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && - export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir build && cd build && + export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build && export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >> || echo "")" cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install && cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV" @@ -180,9 +180,9 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - export OPENSSL_INSTALL=$(pwd)/.local && mkdir build && cd build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" + export OPENSSL_INSTALL=$(pwd)/.local && mkdir _build && cd _build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - when: condition: @@ -196,15 +196,15 @@ jobs: oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >>)" - mkdir build && cd build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV" + mkdir _build && cd _build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV" if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir build/ --output-on-failure + ctest --test-dir _build/ --output-on-failure else ./scripts/runtests.sh -V fi @@ -215,15 +215,15 @@ jobs: if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON" fi - rm -rf build && mkdir build && cd build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja + rm -rf _build && mkdir _build && cd _build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - file build/lib/oqsprovider.a + file _build/lib/oqsprovider.a fi - run: name: Run tests command: | if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then - ctest --test-dir build/ --output-on-failure + ctest --test-dir _build/ --output-on-failure else ./scripts/runtests.sh -V fi diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index cf45ea3f..954578b6 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -24,7 +24,7 @@ jobs: - name: Full build run: OQSPROV_CMAKE_PARAMS=${{ matrix.cmake-params}} ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing - run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so + run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V @@ -52,7 +52,7 @@ jobs: - name: Full build run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} LIBOQS_BRANCH=0.9.1 ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing - run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so + run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V # Need to disable due to missing HQC update cherry-pick in liboqs release: @@ -69,12 +69,12 @@ jobs: # ! git status | grep modified - name: Build .deb install package run: cpack - working-directory: build + working-directory: _build - name: Retain .deb installer uses: actions/upload-artifact@v3 with: name: oqsprovider-x64 - path: build/*.deb + path: _build/*.deb asan_linux_intel: name: "Security checks" diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 96835adb..88129082 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -57,17 +57,17 @@ jobs: key: ${{ runner.os }}-openssl32 - name: build liboqs run: | - cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B build - cmake --build build - cmake --install build + cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B _build + cmake --build _build + cmake --install _build working-directory: liboqs - name: build oqs-provider - run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B build && cmake --build build + run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B _build && cmake --build _build - name: Check Openssl providers - run: OPENSSL_MODULES=build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default + run: OPENSSL_MODULES=_build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default - name: Run tests run: PATH=../.localopenssl32/bin:$PATH ctest -V - working-directory: build + working-directory: _build # Try brew install of head: If error message below appears, build and test passed successfully - name: brew install test run: brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" @@ -76,4 +76,4 @@ jobs: uses: actions/upload-artifact@v3 with: name: oqs-provider-${{matrix.os}}-x64 - path: build/lib/oqsprovider.dylib + path: _build/lib/oqsprovider.dylib diff --git a/.github/workflows/standalone.yml b/.github/workflows/standalone.yml index 3e949d94..6e27e626 100644 --- a/.github/workflows/standalone.yml +++ b/.github/workflows/standalone.yml @@ -5,7 +5,7 @@ on: branches: [ '*' ] pull_request: branches: [ "main" ] - + jobs: macos_intel: @@ -18,9 +18,9 @@ jobs: - name: Checkout oqsprovider code uses: actions/checkout@v2 - name: Build oqsprovider - run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B build && cmake --build build + run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build - name: Test oqsprovider - run: ctest --parallel 5 --test-dir build + run: ctest --parallel 5 --test-dir _build linux_intel: runs-on: ubuntu-latest diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 5304d1ac..87b2ab6c 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -58,8 +58,8 @@ jobs: which cmake cmake --version gcc --version - mkdir build - cd build + mkdir _build + cd _build cmake -GNinja -DOPENSSL_ROOT_DIR=/opt/openssl32 -DCMAKE_INSTALL_PREFIX="${{ env.IP }}" ${{ matrix.platform.oqsconfig }} -DCMAKE_C_COMPILER=gcc .. ninja ninja install @@ -79,17 +79,17 @@ jobs: c:\cygwin\opt\openssl32 key: ${{ runner.os }}-cygwinopenssl32 - name: build oqs-provider - run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B build && cd build && ninja && cd .." + run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B _build && cd _build && ninja && cd .." - name: Check Openssl providers - run: bash -c "OPENSSL_MODULES=build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default" + run: bash -c "OPENSSL_MODULES=_build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default" - name: Run tests run: bash -c "echo $PATH && PATH=/opt/openssl32/bin:/usr/bin ctest -V" - working-directory: build + working-directory: _build - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-cygwin - path: D:/a/oqs-provider/oqs-provider/build/bin/oqsprovider.dll + path: D:/a/oqs-provider/oqs-provider/_build/bin/oqsprovider.dll msvc: # Run a job for each of the specified target architectures: @@ -140,10 +140,10 @@ jobs: if: steps.cache-openssl32.outputs.cache-hit != 'true' # OQS_USE_OPENSSL=OFF by default on Win32 # if cmake --build fails, try explicit -# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release -# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B build -# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd .. -# cmake --install build +# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release +# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B _build +# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd .. +# cmake --install _build - name: build liboqs run: | cmake --version @@ -188,17 +188,17 @@ jobs: key: ${{ runner.os }}-msvcopenssl32 - name: build oqs-provider run: | - cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build - cd build + cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build + cd _build ninja - name: Run tests run: | - ctest -V --test-dir build + ctest -V --test-dir _build - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-msvc - path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll + path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll msvc_native: # Run a job for each of the specified target architectures: @@ -211,7 +211,7 @@ jobs: - arch: win64 oqsconfig: -DOQS_ALGS_ENABLED=STD osslconfig: no-shared no-fips VC-WIN64A - toolchain: + toolchain: - .CMake/toolchain_windows_amd64.cmake msarch: - x64 @@ -260,7 +260,7 @@ jobs: run: | cmake --version cmake -B build --toolchain ${{ matrix.toolchain }} . - cmake --build build + cmake --build build cmake --build build --target INSTALL working-directory: liboqs - name: prepare the OpenSSL build directory @@ -294,14 +294,14 @@ jobs: key: ${{ runner.os }}-msvcopenssl32n - name: build oqs-provider run: | - cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build - cmake --build build --config=${{ matrix.type }} + cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build + cmake --build _build --config=${{ matrix.type }} - name: Run tests run: | - ctest --test-dir build -C ${{ matrix.type }} + ctest --test-dir _build -C ${{ matrix.type }} - name: Retain oqsprovider.dll uses: actions/upload-artifact@v3 with: name: oqs-provider-msvc - path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll - + path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll + diff --git a/.gitignore b/.gitignore index 137ff80b..003421d7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,12 +1,12 @@ # checked out OSSL variants -openssl*/* +openssl*/* openssl # checked out liboqs liboqs # installed SW .local # build directory -build +_build # generated from openssl src: test/ssltestlib.c test/ssltestlib.h diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 314ba3cb..9ec32f93 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -107,7 +107,7 @@ can be used to successfully confirm interoperability between the oqs-provider and the Cloudflare infrastructure using this hybrid classic/quantum-safe algorithm: ``` -OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path build/oqsprov -provider oqsprovider -provider default +OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path _build/oqsprov -provider oqsprovider -provider default ``` # OIDs diff --git a/NOTES-UNIX.md b/NOTES-UNIX.md index 5b7a5b95..af40c8fa 100644 --- a/NOTES-UNIX.md +++ b/NOTES-UNIX.md @@ -28,30 +28,30 @@ to be present to be build, e.g., via `apt install cmake build-essential git`. ## Build Standard `cmake` build sequence can be used (assuming prerequisites are installed) -to build in/install from directory `build`: +to build in/install from directory `_build`: - cmake -S . -B build && cmake --build build && cmake --install build + cmake -S . -B _build && cmake --build _build && cmake --install _build If `openssl` and/or `liboqs` have not been installed to system standard locations -use the `cmake` define "-DOPENSSL_ROOT_DIR" and/or the environment variable +use the `cmake` define "-DOPENSSL_ROOT_DIR" and/or the environment variable "liboqs_DIR" to utilize those, e.g., like this: - liboqs_DIR=../liboqs cmake -DOPENSSL_ROOT_DIR=/opt/openssl3 -S . -B build && cmake --build build && cmake --install build + liboqs_DIR=../liboqs cmake -DOPENSSL_ROOT_DIR=/opt/openssl3 -S . -B _build && cmake --build _build && cmake --install _build Further configuration options are documented [here](CONFIGURE.md#build-install-options). ## Test -Standard `ctest` can be used to validate correct operation in build directory `build`, e.g.: +Standard `ctest` can be used to validate correct operation in build directory `_build`, e.g.: - cd build && ctest --parallel 5 --rerun-failed --output-on-failure -V + cd _build && ctest --parallel 5 --rerun-failed --output-on-failure -V ## Packaging ### Debian A build target to create UNIX .deb packaging is available via the standard -`package` target, e.g., executing `make package` in the `build` subdirectory. +`package` target, e.g., executing `make package` in the `_build` subdirectory. The resultant file can be installed as usual via `dpkg -i ...`. ### MacOS diff --git a/NOTES-Windows.md b/NOTES-Windows.md index 50942d79..80eeffd5 100644 --- a/NOTES-Windows.md +++ b/NOTES-Windows.md @@ -17,7 +17,7 @@ A complete scripted setup is available in the [CI tooling for oqs-provider](http ### liboqs -Instructions for building `liboqs` from source is available +Instructions for building `liboqs` from source is available [here](https://github.com/open-quantum-safe/liboqs#windows). ## Build tooling @@ -28,9 +28,9 @@ a C compiler are present, e.g., as in MS Visual Studio 2022. ## Build A standard `cmake` build sequence can be used (assuming prerequisites are installed) -to build in/install from directory `build`: +to build in/install from directory `_build`: - cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -GNinja -S . -B build && cd build && ninja && ninja install + cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -GNinja -S . -B _build && cd _build && ninja && ninja install The specific `CMAKE_C_FLAGS` silence some overly strict warning messages and the specific reference to the build type ensures a shared library with @@ -41,15 +41,15 @@ If `openssl` and/or `liboqs` have not been installed to system standard location use the `cmake` defines "-DOPENSSL_ROOT_DIR" and/or "-Dliboqs_DIR" to utilize those, e.g., like this: - cmake -DOPENSSL_ROOT_DIR=c:\opt\openssl3 -Dliboqs_DIR=c:\liboqs -S . -B build && cmake --build build && cmake --install build + cmake -DOPENSSL_ROOT_DIR=c:\opt\openssl3 -Dliboqs_DIR=c:\liboqs -S . -B _build && cmake --build _build && cmake --install _build Further configuration options are documented [here](CONFIGURE.md#build-install-options). ## Test -Standard `ctest` can be used to validate correct operation in build directory `build`, e.g.: +Standard `ctest` can be used to validate correct operation in build directory `_build`, e.g.: - ctest -V --test-dir build + ctest -V --test-dir _build ## Packaging diff --git a/README.md b/README.md index c30af18b..23d07b70 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ key establishment in TLS1.3 including management of such keys via the OpenSSL (3.0) provider interface and hybrid KEM schemes. Also, QSC signatures including CMS and CMP functionality are available via the OpenSSL EVP interface. Key persistence is provided via the encode/decode -mechanism and X.509 data structures. Starting with OpenSSL 3.2 support for +mechanism and X.509 data structures. Starting with OpenSSL 3.2 support for TLS1.3 signature functionality is available and final glitches for CMS have been resolved. @@ -62,7 +62,7 @@ In addition, algorithms not denoted with "\*" above are not enabled for TLS operations. This designation [can be changed by modifying the "enabled" flags in the main algorithm configuration file](CONFIGURE.md#pre-build-configuration). -In order to support parallel use of classic and quantum-safe cryptography +In order to support parallel use of classic and quantum-safe cryptography this provider also provides different hybrid algorithms, combining classic and quantum-safe methods: These are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". @@ -80,7 +80,7 @@ respectively (tested on Linux Ubuntu and Mint as well as MacOS). By default, these scripts always build and test against the current OpenSSL `master` branch. -These scripts can be [configured by setting various variables](CONFIGURE.md#convenience-build-script-options). Please note that these scripts do _not_ install `oqsprovider`. This can be facilitated by running `cmake --install build` (and following the [activation instructions](USAGE.md#activation). +These scripts can be [configured by setting various variables](CONFIGURE.md#convenience-build-script-options). Please note that these scripts do _not_ install `oqsprovider`. This can be facilitated by running `cmake --install _build` (and following the [activation instructions](USAGE.md#activation). Building and testing -------------------- @@ -104,8 +104,8 @@ for details. ## Basic steps - cmake -S . -B build && cmake --build build && ctest --test-dir build && cmake --install build - + cmake -S . -B _build && cmake --build _build && ctest --test-dir _build && cmake --install _build + Using ----- diff --git a/scripts/common.py b/scripts/common.py index d28b1267..7b936214 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -28,7 +28,7 @@ def all_pq_groups(): ag = "" for kex in key_exchanges: if len(ag)==0: - ag = kex + ag = kex else: ag = ag + ":" + kex return ag @@ -158,7 +158,7 @@ def gen_keys(ossl, ossl_config, sig_alg, test_artifacts_dir, filename_prefix): # also create pubkeys from certs for dgst verify tests: env = os.environ #env["OPENSSL_CONF"]=os.path.join("scripts", "openssl.cnf") - #env["OPENSSL_MODULES"]=os.path.join("build", "lib") + #env["OPENSSL_MODULES"]=os.path.join("_build", "lib") run_subprocess([ossl, 'req', '-in', os.path.join(test_artifacts_dir, '{}_{}_srv.csr'.format(filename_prefix, sig_alg)), '-pubkey', '-out', os.path.join(test_artifacts_dir, '{}_{}_srv.pubk'.format(filename_prefix, sig_alg)) ], diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index de6551aa..a411d901 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -21,10 +21,10 @@ fi if [ $# -gt 0 ]; then if [ "$1" == "-f" ]; then - rm -rf build + rm -rf _build fi if [ "$1" == "-F" ]; then - rm -rf build openssl liboqs .local + rm -rf _build openssl liboqs .local fi fi @@ -107,7 +107,7 @@ if [ -z $liboqs_DIR ]; then # STD: only include NIST standardized algorithms # NIST_R4: only include algorithms in round 4 of the NIST competition # All: include all algorithms supported by liboqs (default) - cd liboqs && cmake -GNinja $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B build && cd build && ninja && ninja install && cd ../.. + cd liboqs && cmake -GNinja $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B _build && cd _build && ninja && ninja install && cd ../.. if [ $? -ne 0 ]; then echo "liboqs build failed. Exiting." exit -1 @@ -117,16 +117,16 @@ if [ -z $liboqs_DIR ]; then fi # Check whether provider is built: -if [ ! -f "build/lib/oqsprovider.$SHLIBEXT" ]; then - echo "oqsprovider (build/lib/oqsprovider.$SHLIBEXT) not built: Building..." +if [ ! -f "_build/lib/oqsprovider.$SHLIBEXT" ]; then + echo "oqsprovider (_build/lib/oqsprovider.$SHLIBEXT) not built: Building..." # for full debug build add: -DCMAKE_BUILD_TYPE=Debug #BUILD_TYPE="-DCMAKE_BUILD_TYPE=Debug" BUILD_TYPE="" # for omitting public key in private keys add -DNOPUBKEY_IN_PRIVKEY=ON if [ -z "$OPENSSL_INSTALL" ]; then - cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B build && cmake --build build + cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build else - cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B build && cmake --build build + cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE $OQSPROV_CMAKE_PARAMS -S . -B _build && cmake --build _build fi if [ $? -ne 0 ]; then echo "provider build failed. Exiting." diff --git a/scripts/release-test.sh b/scripts/release-test.sh index b8e2b812..df3a60b2 100755 --- a/scripts/release-test.sh +++ b/scripts/release-test.sh @@ -24,11 +24,11 @@ if [ -d oqs-template ]; then # Activate all algorithms sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml python3 oqs-template/generate.py - rm -rf build + rm -rf _build ./scripts/fullbuild.sh ./scripts/runtests.sh if [ -f .local/bin/openssl ]; then - OPENSSL_MODULES=`pwd`/build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py + OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py else echo "For full TLS PQ SIG/KEM matrix test, build (latest) openssl locally." fi diff --git a/scripts/runtests.sh b/scripts/runtests.sh index 7ad61cd2..79762205 100755 --- a/scripts/runtests.sh +++ b/scripts/runtests.sh @@ -90,7 +90,7 @@ if [ -z "${OPENSSL_APP}" ]; then fi if [ -z "${OPENSSL_MODULES}" ]; then - export OPENSSL_MODULES="$(pwd)/build/lib" + export OPENSSL_MODULES="$(pwd)/_build/lib" fi if [ -z "${LD_LIBRARY_PATH}" ]; then @@ -188,7 +188,7 @@ ${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-externalinterop.sh # Without removing OPENSSL_CONF ctest hangs... ??? unset OPENSSL_CONF rv=0 -if ! ( cd build && ctest $@ ); then +if ! ( cd _build && ctest $@ ); then rv=1 fi From 8f6937c85b10a2057261daf7a3a91832bff9712a Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 28 Dec 2023 08:26:00 +0100 Subject: [PATCH 098/160] 0.5.3rc2 --- RELEASE.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/RELEASE.md b/RELEASE.md index b545549e..c9b215ad 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -22,7 +22,7 @@ This improves a non-constant time issue in previous releases for Kyber. ### What's New -This release continues from the 0.5.2 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This release is guaranteed to be in sync with v0.9.1 of `liboqs`. +This release continues from the 0.5.2 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This release is functionally guaranteed to be in sync with v0.9.1 of `liboqs` (see note below), This release also makes available ready-to-run binaries for Linux (.so), Windows (.dll) and MacOS (.dylib) compiled for `x64` CPUs. Activation and use is documented in [USAGE.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/USAGE.md). @@ -42,7 +42,11 @@ This release also makes available ready-to-run binaries for Linux (.so), Windows * Fix link in GOVERNANCE.md [skip ci] by @pi-314159 in https://github.com/open-quantum-safe/oqs-provider/pull/309 * Add a example of how to load oqsprovider using `OSSL_PROVIDER_add_builtin`. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/308 * Get Windows CI to work again by @qnfm in https://github.com/open-quantum-safe/oqs-provider/pull/310 -* Use `build` directory instead of `_build`. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/314 +* correct upstream and Windows CI snafus by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/322 + +## Release-specific note + +Due to an incomplete cherry-pick in `liboqs`, the code-generator logic in `oqsprovider` does produce incorrect documentation when used in conjunction with `liboqs` release 0.9.1. The corresponding CI test therefore is disabled for this `oqsprovider` release and this note has been created to warn users of this inconsistency in `liboqs` v0.9.1. It has no functional implications. ## New Contributors * @ajbozarth made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/292 From eb80076d1683121db35fabf8c1b0c6f9125c1b6d Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 3 Jan 2024 10:15:08 +0100 Subject: [PATCH 099/160] reverting to dev (#327) * reverting to dev * eliminate 0.5.3 release draft --- .github/workflows/linux.yml | 27 ++++++++-------- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 6 ++-- CMakeLists.txt | 2 +- GOVERNANCE.md | 2 -- README.md | 27 ++++++++++++---- RELEASE.md | 60 ----------------------------------- 7 files changed, 38 insertions(+), 88 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 954578b6..73eef30d 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -50,23 +50,22 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - name: Full build - run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} LIBOQS_BRANCH=0.9.1 ./scripts/fullbuild.sh + run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} LIBOQS_BRANCH=main ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test run: ./scripts/runtests.sh -V -# Need to disable due to missing HQC update cherry-pick in liboqs release: -# - name: Verify nothing changes on re-generate code -# run: | -# apt-get update && apt-get install -y clang-format && \ -# git config --global user.name "ciuser" && \ -# git config --global user.email "ci@openquantumsafe.org" && \ -# git config --global --add safe.directory `pwd` && \ -# export LIBOQS_SRC_DIR=`pwd`/liboqs && \ -# ! pip3 install -r oqs-template/requirements.txt 2>&1 | grep ERROR && \ -# python3 oqs-template/generate.py && \ -# find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format -i && \ -# ! git status | grep modified + - name: Verify nothing changes on re-generate code + run: | + apt-get update && apt-get install -y clang-format && \ + git config --global user.name "ciuser" && \ + git config --global user.email "ci@openquantumsafe.org" && \ + git config --global --add safe.directory `pwd` && \ + export LIBOQS_SRC_DIR=`pwd`/liboqs && \ + ! pip3 install -r oqs-template/requirements.txt 2>&1 | grep ERROR && \ + python3 oqs-template/generate.py && \ + find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format -i && \ + ! git status | grep modified - name: Build .deb install package run: cpack working-directory: _build @@ -190,7 +189,7 @@ jobs: - name: Clone and build liboqs for linux-aarch64 working-directory: /opt/ run: | - git clone --depth=1 --branch 0.9.1 https://github.com/open-quantum-safe/liboqs.git liboqs + git clone --depth=1 --branch main https://github.com/open-quantum-safe/liboqs.git liboqs cd liboqs mkdir build install cmake --toolchain "${CMAKE_TOOLCHAIN_FILE}" \ diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 88129082..7a6f95f4 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -35,7 +35,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: 0.9.1 + ref: main path: liboqs - name: Retrieve OpenSSL32 from cache id: cache-openssl32 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 87b2ab6c..a699e8cb 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -38,7 +38,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: 0.9.1 + ref: main path: liboqs - name: Install cygwin uses: cygwin/cygwin-install-action@master @@ -125,7 +125,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: 0.9.1 + ref: main path: liboqs - uses: ilammy/msvc-dev-cmd@v1 with: @@ -238,7 +238,7 @@ jobs: with: set-safe-directory: true repository: open-quantum-safe/liboqs - ref: 0.9.1 + ref: main path: liboqs - uses: ilammy/msvc-dev-cmd@v1 with: diff --git a/CMakeLists.txt b/CMakeLists.txt index 632f44cc..fad726df 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ else() cmake_minimum_required(VERSION 3.0 FATAL_ERROR) endif() project(oqs-provider LANGUAGES C) -set(OQSPROVIDER_VERSION_TEXT "0.5.3") +set(OQSPROVIDER_VERSION_TEXT "0.5.3-dev") set(CMAKE_C_STANDARD 11) set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS ON) if(CMAKE_BUILD_TYPE STREQUAL "Debug") diff --git a/GOVERNANCE.md b/GOVERNANCE.md index a90d4d15..d9626453 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -59,12 +59,10 @@ Current Maintainers and Committers are to be documented below by way of referenc ### Maintainers @baentsch -@dstebila ### Committers @baentsch @bhess -@dstebila @thb-sb @christianpaquin diff --git a/README.md b/README.md index 23d07b70..fa428fa8 100644 --- a/README.md +++ b/README.md @@ -129,15 +129,28 @@ has not been not getting back-ported to OpenSSL3.0. Also not supported in this version are provider-based signature algorithms used during TLS1.3 operations as documented in https://github.com/openssl/openssl/issues/10512. -## 3.2(-dev) +## 3.2 -After https://github.com/openssl/openssl/pull/19312 landed, (also PQ) signature -algorithms are working in TLS1.3 (handshaking); after https://github.com/openssl/openssl/pull/20486 -has landed, also algorithms with very long signatures are supported. +This version has full support for all TLS1.3 operations using PQ algorithms +when deploying `oqsprovider`. + +A final configuration limitation for provider-based signature algorithms exists +as documented in https://github.com/openssl/openssl/issues/22761. + +## 3.3(-dev) + +When https://github.com/openssl/openssl/pull/22779 land, the last config-time limitation +for provider-based signatures should be gone. For [general OpenSSL implementation limitations, e.g., regarding provider feature usage and support, see here](https://wiki.openssl.org/index.php/OpenSSL_3.0#STATUS_of_current_development). +Governance & Contributions +-------------------------- + +Project governance is documented in [GOVERNANCE.md](GOVERNANCE.md) and contribution +policy is documented in [CONTRIBUTING.md](CONTRIBUTING.md). + Team ---- @@ -163,17 +176,17 @@ the separate file [RELEASE.md](RELEASE.md). Acknowledgments --------------- -The `oqsprovider` project is supported through the [NGI Assure Fund](https://nlnet.nl/assure), +The `oqsprovider` project had been supported through the [NGI Assure Fund](https://nlnet.nl/assure), a fund established by [NLnet](https://nlnet.nl) with financial support from the European Commission's [Next Generation Internet programme](https://www.ngi.eu), under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073. -Financial support for the development of Open Quantum Safe has been provided +Financial support for the development of Open Quantum Safe had been provided by Amazon Web Services and the Tutte Institute for Mathematics and Computing. The OQS project would like to make a special acknowledgement to the companies who -have dedicated programmer time to contribute source code to OQS, including +had dedicated programmer time to contribute source code to OQS, including Amazon Web Services, evolutionQ, Microsoft Research, Cisco Systems, and IBM Research. Research projects which developed specific components of OQS have been diff --git a/RELEASE.md b/RELEASE.md index c9b215ad..a4653782 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,63 +1,3 @@ -# oqs-provider 0.5.3 - -## About - -The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. - -**oqs-provider** is a standalone [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and [hybrid key exchange](https://datatracker.ietf.org/doc/draft-ietf-pquip-pqt-hybrid-terminology) for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS, CMP and `dgst` (signature) operations. - -When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. The ultimate goal is that all `openssl` functionality shall be [PQC-enabled](https://csrc.nist.gov/projects/post-quantum-cryptography). - -In general, the oqs-provider `main` branch is meant to be usable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). - -Further details on building, testing and use can be found in [README.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md). See in particular limitations on intended use. - -## Release notes - -This is version 0.5.3 of oqs-provider. - -### Security considerations - -This improves a non-constant time issue in previous releases for Kyber. - -### What's New - -This release continues from the 0.5.2 release of oqs-provider and is fully tested to be used in conjunction with the main branch of [liboqs](https://github.com/open-quantum-safe/liboqs). This release is functionally guaranteed to be in sync with v0.9.1 of `liboqs` (see note below), - -This release also makes available ready-to-run binaries for Linux (.so), Windows (.dll) and MacOS (.dylib) compiled for `x64` CPUs. Activation and use is documented in [USAGE.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/USAGE.md). - -### Additional new feature highlights - -- Kyber code update addressing constant time property -- Code point updates for HQC following code updates in `liboqs` -- Document project governance - -## What's Changed -* Clarify liboqs_DIR naming convention by @ajbozarth in https://github.com/open-quantum-safe/oqs-provider/pull/292 -* check empty params lists passed by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/296 -* Fix minor typos in documentation by @johnma14 in https://github.com/open-quantum-safe/oqs-provider/pull/304 -* HQC code point update by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/306 -* Fix broken circleci job for macOS by @johnma14 in https://github.com/open-quantum-safe/oqs-provider/pull/305 -* Contribution policy by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/286 -* Fix link in GOVERNANCE.md [skip ci] by @pi-314159 in https://github.com/open-quantum-safe/oqs-provider/pull/309 -* Add a example of how to load oqsprovider using `OSSL_PROVIDER_add_builtin`. by @thb-sb in https://github.com/open-quantum-safe/oqs-provider/pull/308 -* Get Windows CI to work again by @qnfm in https://github.com/open-quantum-safe/oqs-provider/pull/310 -* correct upstream and Windows CI snafus by @baentsch in https://github.com/open-quantum-safe/oqs-provider/pull/322 - -## Release-specific note - -Due to an incomplete cherry-pick in `liboqs`, the code-generator logic in `oqsprovider` does produce incorrect documentation when used in conjunction with `liboqs` release 0.9.1. The corresponding CI test therefore is disabled for this `oqsprovider` release and this note has been created to warn users of this inconsistency in `liboqs` v0.9.1. It has no functional implications. - -## New Contributors -* @ajbozarth made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/292 -* @johnma14 made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/304 -* @pi-314159 made their first contribution in https://github.com/open-quantum-safe/oqs-provider/pull/309 - -**Full Changelog**: https://github.com/open-quantum-safe/oqs-provider/compare/0.5.2...0.5.3 - -Previous Release Notes -====================== - # oqs-provider 0.5.2 ## About From 4b40af0fb3f9b09458502f61cb7dea3974bf386b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 11 Jan 2024 11:17:46 -0600 Subject: [PATCH 100/160] fix rsa size mismatch bug --- oqsprov/oqsprov_keys.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index ad5e0f6f..4ed9666e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1123,10 +1123,6 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, plen = aux; } } - if (rsa_diff > 4) { // diff is too big, this means an decoding error - ASN1_OCTET_STRING_free(oct); - return NULL; - } oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); ASN1_OCTET_STRING_free(oct); @@ -1550,10 +1546,11 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen_init(kgctx); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); if (ctx->evp_info->keytype == EVP_PKEY_RSA) { - if (ctx->evp_info->length_public_key > 270) + if (ctx->evp_info->length_public_key > 270) { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); - else + } else { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 2048); + } ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); } From f2264d9e0d62a171bb101ab7e3212382f3b130ee Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 15 Jan 2024 09:03:51 -0600 Subject: [PATCH 101/160] fixed memory leaks --- oqsprov/oqs_encode_key2any.c | 34 +++++++++++++--------------------- oqsprov/oqs_sig.c | 14 ++++++-------- oqsprov/oqsprov_keys.c | 19 +++++++++++-------- 3 files changed, 30 insertions(+), 37 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index b060754d..3438fe12 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -713,16 +713,15 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) aString[i] = ASN1_OCTET_STRING_new(); tempOct[i] = ASN1_OCTET_STRING_new(); temp[i] = NULL; + buflen = 0; if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) == NULL) { OPENSSL_free(name); for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + ASN1_OCTET_STRING_free(aString[i]); + ASN1_OCTET_STRING_free(tempOct[i]); + ASN1_TYPE_free(aType[i]); } OPENSSL_free(sk); return -1; @@ -740,11 +739,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if (buflen > oqsxkey->privkeylen_cmp[i]) { OPENSSL_free(name); for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + ASN1_OCTET_STRING_free(aString[i]); + ASN1_OCTET_STRING_free(tempOct[i]); + ASN1_TYPE_free(aType[i]); } OPENSSL_free(sk); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -756,7 +753,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; cbuf[i] = OPENSSL_malloc(buflen); - memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); if (get_oqsname_fromtls(name) != 0) { // include pubkey in privkey for PQC memcpy(cbuf[i], oqsxkey->comp_privkey[i], @@ -773,11 +769,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) if (!sk_ASN1_TYPE_push(sk, aType[i])) { for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + ASN1_OCTET_STRING_free(aString[i]); + ASN1_OCTET_STRING_free(tempOct[i]); + ASN1_TYPE_free(aType[i]); } OPENSSL_free(sk); OPENSSL_free(name); @@ -788,11 +782,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + ASN1_OCTET_STRING_free(aString[i]); + ASN1_OCTET_STRING_free(tempOct[i]); + ASN1_TYPE_free(aType[i]); } OPENSSL_free(sk); diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 17117459..45fffb79 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -471,11 +471,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); - OPENSSL_free(evp_ctx); + EVP_MD_CTX_free(evp_ctx); OPENSSL_free(buf); goto endsign; } - OPENSSL_free(evp_ctx); + EVP_MD_CTX_free(evp_ctx); } else { if ((classical_ctx_sign = EVP_PKEY_CTX_new(oqs_key_classic, NULL)) @@ -591,9 +591,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } oqs_sig_len = i2d_CompositeSignature(compsig, &sig); - OPENSSL_free(compsig->sig1->data); - OPENSSL_free(compsig->sig2->data); - OPENSSL_free(compsig); + CompositeSignature_free(compsig); OPENSSL_free(final_tbs); } else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen, oqsxkey->comp_privkey[oqsxkey->numkeys - 1]) @@ -809,10 +807,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); - OPENSSL_free(evp_ctx); + EVP_MD_CTX_free(evp_ctx); goto endverify; } - OPENSSL_free(evp_ctx); + EVP_MD_CTX_free(evp_ctx); } else { if (((ctx_verify = EVP_PKEY_CTX_new(oqsxkey->classical_pkey, NULL)) @@ -893,7 +891,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, OPENSSL_free(name); } - OPENSSL_free(compsig); + CompositeSignature_free(compsig); OPENSSL_free(final_tbs); } else { if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) { diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 4ed9666e..81bbb072 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1387,29 +1387,32 @@ void oqsx_key_free(OQSX_KEY *key) #endif OPENSSL_free(key->propq); + OPENSSL_free(key->tls_name); OPENSSL_secure_clear_free(key->privkey, key->privkeylen); OPENSSL_secure_clear_free(key->pubkey, key->pubkeylen); OPENSSL_free(key->comp_pubkey); OPENSSL_free(key->comp_privkey); + if (key->keytype == KEY_TYPE_CMP_SIG) { + OPENSSL_free(key->privkeylen_cmp); + OPENSSL_free(key->pubkeylen_cmp); + } if (key->keytype == KEY_TYPE_KEM) OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM) { OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem); - } else { + } else OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig); - if (key->oqsx_provider_ctx.oqsx_evp_ctx) { - EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx); - EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam); - OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); - } + EVP_PKEY_free(key->classical_pkey); + if (key->oqsx_provider_ctx.oqsx_evp_ctx) { + EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx); + EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam); + OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx); } - OPENSSL_free(key->tls_name); #ifdef OQS_PROVIDER_NOATOMIC CRYPTO_THREAD_lock_free(key->lock); #endif - OPENSSL_free(key->classical_pkey); OPENSSL_free(key); } From ffc2ffd3f896b8008f0dc3f8c3cebbe94dc7dae9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Jan 2024 10:54:38 +0100 Subject: [PATCH 102/160] Bump jinja2 from 3.0.3 to 3.1.3 in /oqs-template (#334) * Bump jinja2 from 3.0.3 to 3.1.3 in /oqs-template Bumps [jinja2](https://github.com/pallets/jinja) from 3.0.3 to 3.1.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.0.3...3.1.3) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] * add MSVC native toolchain --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com> --- .CMake/toolchain_windows_amd64.cmake | 12 ++++++++++++ .github/workflows/windows.yml | 11 ++++++----- oqs-template/requirements.txt | 2 +- 3 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 .CMake/toolchain_windows_amd64.cmake diff --git a/.CMake/toolchain_windows_amd64.cmake b/.CMake/toolchain_windows_amd64.cmake new file mode 100644 index 00000000..60a0dca9 --- /dev/null +++ b/.CMake/toolchain_windows_amd64.cmake @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: MIT + +set(CMAKE_SYSTEM_NAME Windows) + +set(CMAKE_SYSTEM_PROCESSOR AMD64) + +set(CMAKE_CROSSCOMPILING OFF) + +set(CMAKE_GENERATOR_PLATFORM + x64 + CACHE STRING "Platform" FORCE +) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index a699e8cb..56a5d1c4 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -96,8 +96,9 @@ jobs: strategy: matrix: os: +# liboqs doesn't check Windows 2019 - windows-2019 -# - windows-2022 + - windows-2022 platform: - arch: win64 oqsconfig: -DOQS_ALGS_ENABLED=STD @@ -149,7 +150,7 @@ jobs: cmake --version mkdir build cd build - cmake -GNinja -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -DOQS_DIST_BUILD=ON .. + cmake -GNinja -DCMAKE_C_COMPILER="cl" -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -DOQS_DIST_BUILD=ON .. ninja ninja install working-directory: liboqs @@ -188,7 +189,7 @@ jobs: key: ${{ runner.os }}-msvcopenssl32 - name: build oqs-provider run: | - cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build + cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_COMPILER="cl" -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build cd _build ninja - name: Run tests @@ -205,7 +206,7 @@ jobs: strategy: matrix: os: -# - windows-2019 + - windows-2019 - windows-2022 platform: - arch: win64 @@ -294,7 +295,7 @@ jobs: key: ${{ runner.os }}-msvcopenssl32n - name: build oqs-provider run: | - cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build + cmake --toolchain ${{ matrix.toolchain }} -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_COMPILER="cl" -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build cmake --build _build --config=${{ matrix.type }} - name: Run tests run: | diff --git a/oqs-template/requirements.txt b/oqs-template/requirements.txt index 6bd605b4..1cc5566d 100644 --- a/oqs-template/requirements.txt +++ b/oqs-template/requirements.txt @@ -1,4 +1,4 @@ -Jinja2==3.0.3 +Jinja2==3.1.3 MarkupSafe==2.1.3 PyYAML==6.0 tabulate==0.9.0 From 5fce56839dedbf7bdec9bcf1baa21962a1581834 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Thu, 18 Jan 2024 14:49:57 +0100 Subject: [PATCH 103/160] LICENSE copyright update [skip ci] (#336) --- LICENSE.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE.txt b/LICENSE.txt index 4ca97962..eeaecf8b 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -1,6 +1,6 @@ The MIT license, the text of which is below, applies to oqs-provider in general. -Copyright (c) 2016-2021 Open Quantum Safe project +Copyright (c) 2016-2024 The Open Quantum Safe project authors. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal From 48100c733bad6cc22084259d3d12e6f32c788689 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 18 Jan 2024 16:00:28 -0600 Subject: [PATCH 104/160] solved some memleaks --- oqsprov/oqs_encode_key2any.c | 97 +++++++++++++++++++++--------------- oqsprov/oqsprov_keys.c | 27 ++++++---- 2 files changed, 74 insertions(+), 50 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 3438fe12..d54fd6ca 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -696,14 +696,11 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } else { ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); - ASN1_STRING **aString - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - ASN1_STRING **tempOct - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); + ASN1_OCTET_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_OCTET_STRING)); unsigned char **temp - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); - unsigned char **cbuf - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); + = OPENSSL_secure_malloc(oqsxkey->numkeys * sizeof(void *)); + size_t templen[oqsxkey->numkeys]; int i; if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -711,19 +708,24 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); aString[i] = ASN1_OCTET_STRING_new(); - tempOct[i] = ASN1_OCTET_STRING_new(); temp[i] = NULL; - buflen = 0; if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) == NULL) { - OPENSSL_free(name); - for (i = 0; i < oqsxkey->numkeys; i++) { - ASN1_OCTET_STRING_free(aString[i]); - ASN1_OCTET_STRING_free(tempOct[i]); - ASN1_TYPE_free(aType[i]); + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + OPENSSL_clear_free(temp[j], templen[j]); } - OPENSSL_free(sk); + + if (sk_ASN1_TYPE_num(sk) != -1) + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + else + ASN1_TYPE_free(aType[i]); + + OPENSSL_free(name); return -1; } @@ -737,14 +739,21 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) buflen += 4; OPENSSL_free(enc_len); if (buflen > oqsxkey->privkeylen_cmp[i]) { - OPENSSL_free(name); - for (i = 0; i < oqsxkey->numkeys; i++) { - ASN1_OCTET_STRING_free(aString[i]); - ASN1_OCTET_STRING_free(tempOct[i]); - ASN1_TYPE_free(aType[i]); + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, + aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + OPENSSL_clear_free(temp[j], templen[j]); } - OPENSSL_free(sk); - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + + if (sk_ASN1_TYPE_num(sk) != -1) + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + else + ASN1_TYPE_free(aType[i]); + + OPENSSL_free(name); return -1; } } else @@ -752,42 +761,52 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } else buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; - cbuf[i] = OPENSSL_malloc(buflen); + buf = OPENSSL_secure_malloc(buflen); if (get_oqsname_fromtls(name) != 0) { // include pubkey in privkey for PQC - memcpy(cbuf[i], oqsxkey->comp_privkey[i], + memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); - memcpy(cbuf[i] + oqsxkey->privkeylen_cmp[i], + memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); } else - memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen); + memcpy(buf, oqsxkey->comp_privkey[i], buflen); - ASN1_STRING_set0(tempOct[i], cbuf[i], buflen); - keybloblen = i2d_ASN1_OCTET_STRING(tempOct[i], &temp[i]); - ASN1_STRING_set0(aString[i], temp[i], keybloblen); - ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); + oct.data = buf; + oct.length = buflen; + templen[i] = i2d_ASN1_OCTET_STRING(&oct, &temp[i]); + ASN1_STRING_set(aString[i], temp[i], templen[i]); + ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); if (!sk_ASN1_TYPE_push(sk, aType[i])) { - for (i = 0; i < oqsxkey->numkeys; i++) { - ASN1_OCTET_STRING_free(aString[i]); - ASN1_OCTET_STRING_free(tempOct[i]); - ASN1_TYPE_free(aType[i]); + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + OPENSSL_clear_free(temp[j], templen[j]); } - OPENSSL_free(sk); + + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); OPENSSL_free(name); + OPENSSL_secure_clear_free(buf, buflen); return -1; } OPENSSL_free(name); + if (i + 1 < oqsxkey->numkeys){ // clear buf and oct if is not the last call + OPENSSL_secure_clear_free(buf, buflen); + } } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); for (i = 0; i < oqsxkey->numkeys; i++) { + OPENSSL_cleanse(aString[i]->data, aString[i]->length); ASN1_OCTET_STRING_free(aString[i]); - ASN1_OCTET_STRING_free(tempOct[i]); - ASN1_TYPE_free(aType[i]); + OPENSSL_cleanse(aType[i]->value.sequence->data, + aType[i]->value.sequence->length); + OPENSSL_clear_free(temp[i], templen[i]); } - - OPENSSL_free(sk); + + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); } OPENSSL_secure_clear_free(buf, buflen); return keybloblen; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 81bbb072..bb074c6c 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1020,7 +1020,6 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; ASN1_OCTET_STRING *oct = NULL; - X509_PUBKEY *p8info_buf = X509_PUBKEY_new(); const unsigned char *buf; unsigned char *concat_key; int count, aux, i, buflen; @@ -1035,7 +1034,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, return NULL; } else { count = sk_ASN1_TYPE_num(sk); - concat_key = OPENSSL_secure_malloc(plen); + concat_key = OPENSSL_zalloc(plen); aux = 0; for (i = 0; i < count; i++) { @@ -1043,16 +1042,17 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, buf = aType->value.sequence->data; buflen = aType->value.sequence->length; aux += buflen; - memcpy(concat_key + plen - aux, buf, buflen); + memcpy(concat_key + plen - 1 - aux , buf, buflen); } - p = OPENSSL_memdup(concat_key + plen - aux, aux); + p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); + OPENSSL_clear_free(concat_key, plen); plen = aux; - OPENSSL_free(concat_key); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); - + if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) + OPENSSL_clear_free(p, plen); return oqsx; } @@ -1069,7 +1069,6 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, const unsigned char *buf; unsigned char *concat_key; int count, aux, i, buflen, rsa_diff = 0; - PKCS8_PRIV_KEY_INFO *p8info_buf = PKCS8_PRIV_KEY_INFO_new(); if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return 0; @@ -1090,7 +1089,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, return NULL; } else { count = sk_ASN1_TYPE_num(sk); - concat_key = OPENSSL_secure_malloc(plen); + concat_key = OPENSSL_zalloc(plen); aux = 0; for (i = 0; i < count; i++) { @@ -1106,7 +1105,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, buf = aType->value.sequence->data; buflen = aType->value.sequence->length; aux += buflen; - memcpy(concat_key + plen - aux, buf, buflen); + memcpy(concat_key + plen - 1 - aux, buf, buflen); // if is a RSA key the actual encoding size might be different // from max size we calculate that difference for to facilitate // the key reconstruction @@ -1119,13 +1118,19 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, OPENSSL_free(name); } - p = concat_key + plen - aux; + p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); + OPENSSL_clear_free(concat_key, plen); plen = aux; + sk_ASN1_TYPE_free(sk); } } oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); - ASN1_OCTET_STRING_free(oct); + if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { + ASN1_OCTET_STRING_free(oct); + }else{ + OPENSSL_clear_free(p, plen); + } return oqsx; } From c8d30c87d4deadf153c293f89fae7c3efb5acba1 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Fri, 19 Jan 2024 09:25:12 +0100 Subject: [PATCH 105/160] update to 0.5.4-dev (#337) --- .github/workflows/linux.yml | 1 + CMakeLists.txt | 2 +- RELEASE.md | 25 +++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 73eef30d..9f4b07de 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -65,6 +65,7 @@ jobs: ! pip3 install -r oqs-template/requirements.txt 2>&1 | grep ERROR && \ python3 oqs-template/generate.py && \ find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs clang-format -i && \ + git diff && \ ! git status | grep modified - name: Build .deb install package run: cpack diff --git a/CMakeLists.txt b/CMakeLists.txt index fad726df..901422ff 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ else() cmake_minimum_required(VERSION 3.0 FATAL_ERROR) endif() project(oqs-provider LANGUAGES C) -set(OQSPROVIDER_VERSION_TEXT "0.5.3-dev") +set(OQSPROVIDER_VERSION_TEXT "0.5.4-dev") set(CMAKE_C_STANDARD 11) set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS ON) if(CMAKE_BUILD_TYPE STREQUAL "Debug") diff --git a/RELEASE.md b/RELEASE.md index a4653782..74c85f19 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,3 +1,28 @@ +# oqs-provider 0.5.4-dev + +## About + +The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. + +**oqs-provider** is a standalone [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and [hybrid key exchange](https://datatracker.ietf.org/doc/draft-ietf-pquip-pqt-hybrid-terminology) for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS, CMP and `dgst` (signature) operations. + +When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. The ultimate goal is that all `openssl` functionality shall be [PQC-enabled](https://csrc.nist.gov/projects/post-quantum-cryptography). + +In general, the oqs-provider `main` branch is meant to be usable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). + +Further details on building, testing and use can be found in [README.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md). See in particular limitations on intended use. + +## Release notes + +This is version 0.5.4-dev of oqs-provider. + +Previous Release Notes +====================== + +# oqs-provider 0.5.3 + +This is a maintenance release not changing any `oqsprovider` functionality but only tracking a security update in `liboqs` (0.9.2). + # oqs-provider 0.5.2 ## About From b31f9de17f0dba00b9b2d6cdbd122a243fd0cf96 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 22 Jan 2024 13:32:33 -0600 Subject: [PATCH 106/160] solved memory leaks --- oqsprov/oqs_encode_key2any.c | 87 +++++++++++++++++++----------------- oqsprov/oqsprov_keys.c | 19 +++++--- 2 files changed, 57 insertions(+), 49 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index d54fd6ca..7d8851fe 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -500,7 +500,8 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) { const OQSX_KEY *oqsxkey = vxkey; unsigned char *keyblob, *buf; - int keybloblen, nid; + int keybloblen, nid, buflen = 0; + ASN1_OCTET_STRING oct; STACK_OF(ASN1_TYPE) *sk = NULL; int ret = 0; @@ -542,55 +543,55 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } #endif } else { - ASN1_TYPE **aType - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); - ASN1_STRING **aString - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - ASN1_STRING **tempOct - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_STRING)); - unsigned char **temp - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); - unsigned char **cbuf - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(void *)); - int len, i; if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; + ASN1_TYPE *aType[oqsxkey->numkeys]; + ASN1_OCTET_STRING *aString[oqsxkey->numkeys]; + unsigned char *temp[oqsxkey->numkeys]; + size_t templen[oqsxkey->numkeys]; + int i; for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); aString[i] = ASN1_OCTET_STRING_new(); - tempOct[i] = ASN1_OCTET_STRING_new(); temp[i] = NULL; - len = oqsxkey->pubkeylen_cmp[i]; - cbuf[i] = OPENSSL_memdup(oqsxkey->comp_pubkey[i], len); - ASN1_STRING_set0(tempOct[i], cbuf[i], len); - keybloblen = i2d_ASN1_OCTET_STRING(tempOct[i], &temp[i]); - ASN1_STRING_set0(aString[i], temp[i], keybloblen); - ASN1_TYPE_set(aType[i], V_ASN1_SEQUENCE, aString[i]); + buflen = oqsxkey->pubkeylen_cmp[i]; + buf = OPENSSL_secure_malloc(buflen); + memcpy(buf, oqsxkey->comp_pubkey[i], buflen); + + oct.data = buf; + oct.length = buflen; + templen[i] = i2d_ASN1_OCTET_STRING(&oct, &temp[i]); + ASN1_STRING_set(aString[i], temp[i], templen[i]); + ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); if (!sk_ASN1_TYPE_push(sk, aType[i])) { - for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + OPENSSL_clear_free(temp[j], templen[j]); } - OPENSSL_free(sk); + + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + OPENSSL_secure_clear_free(buf, buflen); return -1; } + OPENSSL_secure_clear_free(buf, buflen); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); for (i = 0; i < oqsxkey->numkeys; i++) { - OPENSSL_free(temp[i]); - OPENSSL_free(cbuf[i]); - OPENSSL_free(aType[i]); - OPENSSL_free(aString[i]); - OPENSSL_free(tempOct[i]); + OPENSSL_cleanse(aString[i]->data, aString[i]->length); + ASN1_OCTET_STRING_free(aString[i]); + OPENSSL_cleanse(aType[i]->value.sequence->data, + aType[i]->value.sequence->length); + OPENSSL_clear_free(temp[i], templen[i]); } - OPENSSL_free(sk); + + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); return keybloblen; } @@ -694,14 +695,12 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } } else { - ASN1_TYPE **aType - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE)); - ASN1_OCTET_STRING **aString - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_OCTET_STRING)); - unsigned char **temp - = OPENSSL_secure_malloc(oqsxkey->numkeys * sizeof(void *)); + ASN1_TYPE *aType[oqsxkey->numkeys]; + ASN1_OCTET_STRING *aString[oqsxkey->numkeys]; + unsigned char *temp[oqsxkey->numkeys]; size_t templen[oqsxkey->numkeys]; int i; + if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; @@ -717,7 +716,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_OCTET_STRING_free(aString[j]); OPENSSL_cleanse(aType[j]->value.sequence->data, aType[j]->value.sequence->length); - OPENSSL_clear_free(temp[j], templen[j]); + if (j < i) + OPENSSL_clear_free(temp[j], templen[j]); } if (sk_ASN1_TYPE_num(sk) != -1) @@ -745,7 +745,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ASN1_OCTET_STRING_free(aString[j]); OPENSSL_cleanse(aType[j]->value.sequence->data, aType[j]->value.sequence->length); - OPENSSL_clear_free(temp[j], templen[j]); + if (j < i) + OPENSSL_clear_free(temp[j], templen[j]); } if (sk_ASN1_TYPE_num(sk) != -1) @@ -792,7 +793,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) return -1; } OPENSSL_free(name); - if (i + 1 < oqsxkey->numkeys){ // clear buf and oct if is not the last call + if (i + 1 + < oqsxkey + ->numkeys) { // clear buf and oct if is not the last call OPENSSL_secure_clear_free(buf, buflen); } } @@ -805,7 +808,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) aType[i]->value.sequence->length); OPENSSL_clear_free(temp[i], templen[i]); } - + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); } OPENSSL_secure_clear_free(buf, buflen); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index bb074c6c..57080102 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1030,11 +1030,12 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) { sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); if (sk == NULL) { + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; } else { count = sk_ASN1_TYPE_num(sk); - concat_key = OPENSSL_zalloc(plen); + concat_key = OPENSSL_zalloc(plen); aux = 0; for (i = 0; i < count; i++) { @@ -1042,16 +1043,18 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, buf = aType->value.sequence->data; buflen = aType->value.sequence->length; aux += buflen; - memcpy(concat_key + plen - 1 - aux , buf, buflen); + memcpy(concat_key + plen - 1 - aux, buf, buflen); + ASN1_TYPE_free(aType); } - p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); - OPENSSL_clear_free(concat_key, plen); + p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); + OPENSSL_clear_free(concat_key, plen); plen = aux; + sk_ASN1_TYPE_free(sk); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); - if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) + if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) OPENSSL_clear_free(p, plen); return oqsx; } @@ -1085,6 +1088,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, } else { sk = d2i_ASN1_SEQUENCE_ANY(NULL, &p, plen); if (sk == NULL) { + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; } else { @@ -1116,10 +1120,11 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, rsa_diff = nids_sig[6].length_private_key - buflen; } OPENSSL_free(name); + ASN1_TYPE_free(aType); } p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); - OPENSSL_clear_free(concat_key, plen); + OPENSSL_clear_free(concat_key, plen); plen = aux; sk_ASN1_TYPE_free(sk); } @@ -1128,7 +1133,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { ASN1_OCTET_STRING_free(oct); - }else{ + } else { OPENSSL_clear_free(p, plen); } return oqsx; From 63bb39d9118e13c788bf85c86fff415aac79a7b3 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 22 Jan 2024 14:56:55 -0600 Subject: [PATCH 107/160] correcting mem allocation --- oqsprov/oqs_encode_key2any.c | 46 +++++++++++++++++++++++++++++------- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 7d8851fe..074d5939 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -545,10 +545,13 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } else { if ((sk = sk_ASN1_TYPE_new_null()) == NULL) return -1; - ASN1_TYPE *aType[oqsxkey->numkeys]; - ASN1_OCTET_STRING *aString[oqsxkey->numkeys]; - unsigned char *temp[oqsxkey->numkeys]; - size_t templen[oqsxkey->numkeys]; + ASN1_TYPE **aType + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE *)); + ASN1_OCTET_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_OCTET_STRING *)); + unsigned char **temp + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(unsigned char *)); + size_t *templen = OPENSSL_malloc(oqsxkey->numkeys * sizeof(size_t)); int i; for (i = 0; i < oqsxkey->numkeys; i++) { @@ -577,6 +580,10 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); OPENSSL_secure_clear_free(buf, buflen); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); return -1; } OPENSSL_secure_clear_free(buf, buflen); @@ -592,6 +599,10 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) } sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); return keybloblen; } @@ -695,10 +706,13 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) keybloblen = 0; // signal error } } else { - ASN1_TYPE *aType[oqsxkey->numkeys]; - ASN1_OCTET_STRING *aString[oqsxkey->numkeys]; - unsigned char *temp[oqsxkey->numkeys]; - size_t templen[oqsxkey->numkeys]; + ASN1_TYPE **aType + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE *)); + ASN1_OCTET_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_OCTET_STRING *)); + unsigned char **temp + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(unsigned char *)); + size_t *templen = OPENSSL_malloc(oqsxkey->numkeys * sizeof(size_t)); int i; if ((sk = sk_ASN1_TYPE_new_null()) == NULL) @@ -725,6 +739,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) else ASN1_TYPE_free(aType[i]); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); OPENSSL_free(name); return -1; } @@ -754,6 +772,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) else ASN1_TYPE_free(aType[i]); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); OPENSSL_free(name); return -1; } @@ -789,6 +811,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); OPENSSL_free(name); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); OPENSSL_secure_clear_free(buf, buflen); return -1; } @@ -810,6 +836,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); } OPENSSL_secure_clear_free(buf, buflen); return keybloblen; From 7b21bd3bf35ba5fec53d5e5ab20f071b8afcd8b8 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Tue, 23 Jan 2024 18:04:32 +0100 Subject: [PATCH 108/160] bring GOVERNANCE in line with liboqs [skip ci] (#342) --- GOVERNANCE.md | 78 +++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 60 insertions(+), 18 deletions(-) diff --git a/GOVERNANCE.md b/GOVERNANCE.md index d9626453..680c9cfa 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -1,34 +1,74 @@ # Governance -## Foreword +## Basic principles -This file documents the governance guidelines used for this project. It is principally concerned with defining the roles of project contributors, the associated rights and responsibilities, and the process for transitioning between them. As such, this document is written in a fairly formal and precise tone, so as to be succint and unambiguous. This should not be interpreted as a lack of warmth on the part of the OQS team---we're really quite friendly! We do not intend to act as gatekeepers by laying out this tier of roles and the associated rules. Instead, we hope that clearly defining these roles and the processes for attaining them shows contributors a clear path by which to become more involved in project governance, if they so wish. We welcome all questions, discussions, and contributions, and we would love to have more people on board. +This project aims to operate by the following principles: -We recognize that some of the policies discussed here can seem intimidating---for instance, revocation of privileges or code of conduct violations. It is our hope that we don't have to rely on these guidelines; however, we believe that it is important to have them in place should they be needed. +- **Openness**: The project will be open in its operation, open to contributions, and produce open source software. +- **Respect**: The project will foster respectful interactions with all participants. +- **Scientific integrity**: The project will follow advancements in cryptographic research and will be guided by standards and best practices. -## Roles +Decision making in the project will follow the principles above, and be governed first and foremost by reason and mutually respectful interaction between all participants. +The project will aim to build consensus for decisions, and will where possible operate by the approach of [lazy consensus](https://community.apache.org/committers/decisionMaking.html). +If decisions cannot be reached using lazy consensus, voting will be used to come to a resolution. + +## Community and Roles + +The OQS community is open to all who would like to participate in the project following its principles, including academic, industry, public sector, and individual contributors. The following roles exist in the project: -1. Maintainer: Person with GitHub administrative rights. +### Users + +A **User** is a person or organization using software produced by the project. + +Responsibilities: + +- Abide by the [license][LICENSE.txt] +- Consider participating in the project! -2. Committer: Person with GitHub "Write" privileges; this entails the right and obligation to review PRs by Contributors and to actively participate in discussions. +### Community Members -3. Contributor: Person that has contributed code. +A **Community Member** is a User who interacts with the project, for example by participating in discussions on Github or mailing lists, or in project meetings. -4. Users: Person using the project passively or actively, e.g., by participating in discussions. +Responsibilities: -## Relationships between roles +- Follow the [code of conduct](CODE_OF_CONDUCT.md) -Any User may also be a Contributor. Any Contributor may also be a Committer. Any Committer may also be a Maintainer. A Maintainer must be a Committer. +### Contributors -## Change of role +A **Contributor** is a Community Member who contributes directly to the project by submitting code or documentation, or actively participating in issues or pull requests on Github. -Any User may become a Contributor by creating a pull request (PR) and getting it successfully reviewed and merged by Committers. +### Committers + +A **Committer** is a Contributor with increased experience in the project who helps review pull requests and actively participates in discussions about the project. Committers will be members of the open-quantum-safe GitHub organization and will have "write" permissions in GitHub. + +Responsibilities: + +- Further the goals of the project. +- Monitor and respond to GitHub issues. +- Review and merge pull requests. +- Assist with security releases when required. +- Participate in discussions and project meetings. + +### Maintainers + +A **Maintainer** is a Committer who makes significant and sustained contributions to the project, and is committed to guiding the direction of the project. Maintainers will have "administrative" permissions in GitHub. + +Responsibilities: + +- Oversee the overall project health and growth. +- Lead communication for the project. +- Define general and technical guidelines for the project. +- Identify priorities and manage the release cycle. + +### Change of role + +Any Community Member may become a Contributor by creating a pull request (PR) and getting it successfully reviewed and merged by Committers. Any Contributor can become a Committer by contributing sufficient code and displaying deep subject matter knowledge in discussions such that a majority of Committers vote for this change of role. A Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of Committers. -As such a voting decision may be considered subjective, Contributors striving to become Committers are encouraged to ask for advice by Committers as to what---if anything---should be done to attain this status (additional to already documented knowledge in contributions). Baseline requirements for contributions are documented in [CONTRIBUTING.md](CONTRIBUTING.md). Any Contributor can create a discussion item to request a vote to become Committer. +As such a voting decision may be considered subjective, Contributors striving to become Committers are encouraged to ask for advice from Committers/Maintainers as to what they can do to obtain this role. Baseline requirements for contributions are documented in [CONTRIBUTING.md](CONTRIBUTING.md). Any Contributor can create a discussion item to request a vote to become Committer. Any Committer can become a Maintainer by majority vote of voting Committers. A current Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of all Committers. @@ -36,11 +76,11 @@ A Maintainer is not permitted to remove another Maintainer's GitHub privileges. A Committer may be automatically moved to Contributor status if not actively contributing by discussion or PR review during the last 90 days or by voluntarily suspending this status (e.g., by taking a ["Leave of absence"](#leave-of-absence)). If a Maintainer loses or relinquishes the Committer status and, hence, the Maintainer status, the Committers have to determine whether a new Maintainer needs to be elected. -Any person violating the [code of conduct](CODE_OF_CONDUCT.md), consistently not fulfilling the role responsibilities or other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree. +Any person violating the [code of conduct](CODE_OF_CONDUCT.md), consistently not fulfilling the role responsibilities, or for other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree. Depending on the reason for removal, a Maintainer may be converted to Emeritus status. Emeritus Maintainers may still be consulted on some project matters, and can be returned to Maintainer status if their availability changes and a simple majority of Committers agrees. -## Leave of absence +### Leave of absence Any Committer may voluntarily step down from the role for a documented period of time, losing voting rights for that time period. The period is documented in this file next to the person's name below. At the end of this time period, the Committer automatically regains their voting rights. @@ -52,9 +92,7 @@ Change of role or changes to this document is subject to voting. Votes are to be executed by way of open GitHub discussions. No quorum is needed for votes open for 4 weeks. Urgent matters may be decided by majority vote among Maintainers or 2/3 majority by all Committers within an arbitrary voting period. -## Documentation of roles - -Current Maintainers and Committers are to be documented below by way of reference to their GitHub handles. +## Current Maintainers and Committers ### Maintainers @@ -66,3 +104,7 @@ Current Maintainers and Committers are to be documented below by way of referenc @bhess @thb-sb @christianpaquin + +## Afterword + +*This governance document was based in part of the [Falco Project governance document](https://github.com/falcosecurity/evolution/blob/main/GOVERNANCE.md). From 24f98e8274becb49b33bf94ef07d5dbae7c35fdc Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Fri, 2 Feb 2024 11:53:42 -0500 Subject: [PATCH 109/160] Automatically trigger CI on significant liboqs changes (#345) * Add CI job for triggering downstream tests, e.g., during releases * Add wrapper around CI script for local use * Generalize workflow so that the provider ref can be specified --- .github/workflows/release.yml | 58 +++++++++++++++++++++++++++++++++ scripts/release-test-ci.sh | 36 +++++++++++++++++++++ scripts/release-test.sh | 60 +++++++++++++++++------------------ 3 files changed, 123 insertions(+), 31 deletions(-) create mode 100644 .github/workflows/release.yml create mode 100755 scripts/release-test-ci.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..ed5774b2 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,58 @@ +name: Release tests + +on: + repository_dispatch: + types: [ "liboqs-release" ] + +# To trigger this job, generate a GitHub personal access token and run the following command: +# +# curl --request POST \ +# --header "Accept: application/vnd.github+json" \ +# --header "Authorization: Bearer YOUR_TOKEN_HERE" \ +# --header "X-GitHub-Api-Version: 2022-11-28" \ +# --data '{ +# "event_type": "liboqs-release", +# "client_payload": { +# "provider_ref": "PROVIDER_BRANCH_OR_TAG_HERE", +# "liboqs_ref": "LIBOQS_BRANCH_OR_TAG_HERE" +# } +# }' \ +# https://api.github.com/repos/open-quantum-safe/oqs-provider/dispatches + +jobs: + release-test: + runs-on: ubuntu-latest + container: + image: openquantumsafe/ci-ubuntu-jammy:latest + + steps: + - name: Check if requested ref exists + env: + provider_ref: ${{ github.event.client_payload.provider_ref }} + run: | + # try both branch and tag + wget --quiet \ + --header "Accept: application/vnd.github+json" \ + --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/repos/open-quantum-safe/oqs-provider/branches/$provider_ref || \ + wget --quiet \ + --header "Accept: application/vnd.github+json" \ + --header "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/repos/open-quantum-safe/oqs-provider/git/ref/tags/$provider_ref \ + && echo "provider_ref=$provider_ref" >> "$GITHUB_ENV" \ + || echo "provider_ref=main" >> "$GITHUB_ENV" + - name: Checkout oqs-provider on requested ref if it exists; otherwise, fall back to main + uses: actions/checkout@v4 + with: + ref: ${{ env.provider_ref }} + # This is designed to be triggered automatically from liboqs CI, so don't bother validating the liboqs ref. + - name: Checkout liboqs at requested ref + uses: actions/checkout@v4 + with: + repository: open-quantum-safe/liboqs + path: liboqs + ref: ${{ github.event.client_payload.liboqs_ref }} + - name: Run release tests + run: OPENSSL_BRANCH=master ./scripts/release-test-ci.sh diff --git a/scripts/release-test-ci.sh b/scripts/release-test-ci.sh new file mode 100755 index 00000000..62a9ea02 --- /dev/null +++ b/scripts/release-test-ci.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# Stop in case of error +set -e + +# To be run as part of a release test only on Linux +# requires python, pytest, xdist; install e.g. via +# sudo apt install python3 python3-pytest python3-pytest-xdist python3-psutil + +# must be run in main folder +# multicore machine recommended for fast execution + +# expect (ideally latest/release-test) liboqs to be already build and present +if [ -d liboqs ]; then + export LIBOQS_SRC_DIR=`pwd`/liboqs +else + echo "liboqs not found. Exiting." + exit 1 +fi + +if [ -d oqs-template ]; then + # Activate all algorithms + sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml + python3 oqs-template/generate.py + ./scripts/fullbuild.sh + ./scripts/runtests.sh + if [ -f .local/bin/openssl ]; then + OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py + else + echo "For full TLS PQ SIG/KEM matrix test, build (latest) openssl locally." + fi +else + echo "$0 must be run in main oqs-provider folder. Exiting." + exit 1 +fi + diff --git a/scripts/release-test.sh b/scripts/release-test.sh index df3a60b2..fcbc96e2 100755 --- a/scripts/release-test.sh +++ b/scripts/release-test.sh @@ -3,37 +3,35 @@ # Stop in case of error set -e -# To be run as part of a release test only on Linux -# requires python, pytest, xdist; install e.g. via -# sudo apt install python3 python3-pytest python3-pytest-xdist python3-psutil +# Wrapper around the release-test-ci.sh script to preserve uncommitted modifications. -# must be run in main folder -# multicore machine recommended for fast execution +# back up git status and checkout a fresh branch with identical staged/unstaged changes +save_local_git() { + # git stash does not have an --allow-empty option, so make sure we have something to stash. + # This allows us to safely call git stash pop. + tmpfile=$(mktemp ./XXXXXX) + git add $tmpfile + # back up uncommitted changes + git stash push --quiet + # restore changes but save stash + git stash apply --quiet + # delete dummy file + git rm -f $tmpfile --quiet + # save working branch name + working_branch=$(git branch --show-current) + # checkout a fresh branch + reltest_branch="reltest-$RANDOM" + git checkout -b $reltest_branch --quiet +} -# expect (ideally latest/release-test) liboqs to be already build and present -if [ -d liboqs ]; then - export LIBOQS_SRC_DIR=`pwd`/liboqs -else - echo "liboqs not found. Exiting." - exit 1 -fi - -if [ -d oqs-template ]; then - # just a temp setup - git checkout -b reltest - # Activate all algorithms - sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml - python3 oqs-template/generate.py - rm -rf _build - ./scripts/fullbuild.sh - ./scripts/runtests.sh - if [ -f .local/bin/openssl ]; then - OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py - else - echo "For full TLS PQ SIG/KEM matrix test, build (latest) openssl locally." - fi - git reset --hard && git checkout main && git branch -D reltest -else - echo "$0 must be run in main oqs-provider folder. Exiting." -fi +# restore git status +restore_local_git() { + # switch back to working branch; delete temporary branch; reset to HEAD; pop stashed changes; delete dummy file + git switch $working_branch --quiet && git branch -D $reltest_branch --quiet && git reset --hard --quiet && git stash pop --quiet && git rm -f $tmpfile --quiet +} +save_local_git +trap restore_local_git EXIT +# clean out the build directory and run tests +rm -rf _build +./scripts/release-test-ci.sh From 0457f040a4f3c43285b5de4dd8d5ba62dd79f41f Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 3 Feb 2024 17:03:53 +0100 Subject: [PATCH 110/160] add more defensive error handling (#346) * add more defensive error handling --- oqsprov/oqs_encode_key2any.c | 16 ++++++ oqsprov/oqsprov_keys.c | 105 +++++++++++++++++++---------------- 2 files changed, 73 insertions(+), 48 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 04b561ad..fd503081 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -515,6 +515,10 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) buflen = encoding_ctx->encoding_impl->crypto_publickeybytes; buf = OPENSSL_secure_zalloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } ret = qsc_encode(encoding_ctx->encoding_ctx, encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, 0, 0, 1); @@ -591,6 +595,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) : encoding_ctx->encoding_impl ->crypto_secretkeybytes_nooptional); buf = OPENSSL_secure_zalloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } ret = qsc_encode(encoding_ctx->encoding_ctx, encoding_ctx->encoding_impl, @@ -603,12 +611,20 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #ifdef NOPUBKEY_IN_PRIVKEY buflen = privkeylen; buf = OPENSSL_secure_malloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); #else buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); buf = OPENSSL_secure_malloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 1b7d062e..9118ab64 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -355,28 +355,28 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, if (key->oqsx_encoding_ctx.encoding_impl->crypto_publickeybytes != plen) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } if (oqsx_key_allocate_keymaterial(key, 0)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; + goto err_key_op; } if (qsc_decode(key->oqsx_encoding_ctx.encoding_ctx, key->oqsx_encoding_ctx.encoding_impl, p, (unsigned char **)&key->pubkey, 0, 0, 1) != QSC_ENC_OK) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } } else { #endif if (key->pubkeylen != plen) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } if (oqsx_key_allocate_keymaterial(key, 0)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; + goto err_key_op; } memcpy(key->pubkey, p, plen); #ifdef USE_ENCODING_LIB @@ -394,7 +394,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, // adjust expected size if (classical_privatekey_len > key->evp_info->length_private_key) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } actualprivkeylen -= (key->evp_info->length_private_key - classical_privatekey_len); @@ -415,12 +415,12 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, int pubkey_available = withoptional; if (oqsx_key_allocate_keymaterial(key, 1)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; + goto err_key_op; } if (pubkey_available) { if (oqsx_key_allocate_keymaterial(key, 0)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; + goto err_key_op; } } @@ -430,7 +430,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, (unsigned char **)&key->privkey, withoptional) != QSC_ENC_OK) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } } else { @@ -447,7 +447,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, (int)(actualprivkeylen + oqsx_key_get_oqs_public_key_len(key))); #endif ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } if (oqsx_key_allocate_keymaterial(key, 1) #ifndef NOPUBKEY_IN_PRIVKEY @@ -455,7 +455,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, #endif ) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err; + goto err_key_op; } // first populate private key data memcpy(key->privkey, p, actualprivkeylen); @@ -464,7 +464,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, if (oqsx_key_get_oqs_public_key_len(key) != plen - actualprivkeylen) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err; + goto err_key_op; } // populate OQS public key structure if (key->numkeys == 2) { @@ -482,11 +482,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, } #endif if (!oqsx_key_set_composites(key) || !oqsx_key_recreate_classickey(key, op)) - goto err; + goto err_key_op; return key; -err: +err_key_op: oqsx_key_free(key); return NULL; } @@ -647,22 +647,22 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, { int ret = 1; int idx = (bit_security - 128) / 64; - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 2, err_init); if (!strncmp(algname, "rsa3072_", 8)) idx += 3; else if (algname[0] != 'p') { OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); ret = 0; - goto err; + goto err_init; } - ON_ERR_GOTO(idx < 0 || idx > 3, err); + ON_ERR_GOTO(idx < 0 || idx > 3, err_init); evp_ctx->evp_info = &nids_sig[idx]; evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); + ON_ERR_GOTO(!evp_ctx->ctx, err_init); if (idx < 3) { // EC ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); @@ -676,13 +676,13 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, free_evp_ctx); } // RSA bit length set only during keygen - goto err; + goto err_init; free_evp_ctx: EVP_PKEY_CTX_free(evp_ctx->ctx); evp_ctx->ctx = NULL; -err: +err_init: return ret; } @@ -695,24 +695,24 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecp); evp_ctx->evp_info = &nids_ecp[idx]; evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); + ON_ERR_GOTO(!evp_ctx->ctx, err_init_ecp); ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); + ON_ERR_GOTO(ret <= 0, err_init_ecp); ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, evp_ctx->evp_info->nid); - ON_ERR_GOTO(ret <= 0, err); + ON_ERR_GOTO(ret <= 0, err_init_ecp); ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); - ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err); + ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err_init_ecp); -err: +err_init_ecp: return ret; } @@ -726,20 +726,20 @@ static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecx); evp_ctx->evp_info = &nids_ecx[idx]; evp_ctx->keyParam = EVP_PKEY_new(); - ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err_init_ecx); ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); - ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err_init_ecx); evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); - ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err_init_ecx); -err: +err_init_ecx: return ret; } @@ -754,7 +754,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, int primitive, const char *propq, int bit_security, int alg_idx) { - OQSX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); + OQSX_KEY *ret = OPENSSL_zalloc( + sizeof(*ret)); // ensure all component pointers are NULL OQSX_EVP_CTX *evp_ctx = NULL; int ret2 = 0; @@ -763,10 +764,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, #ifdef OQS_PROVIDER_NOATOMIC ret->lock = CRYPTO_THREAD_lock_new(); - if (ret->lock == NULL) { - OPENSSL_free(ret); - goto err; - } + ON_ERR_GOTO(!ret->lock, err); #endif if (oqs_name == NULL) { @@ -784,6 +782,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); + ON_ERR_GOTO(!ret->comp_privkey || !ret->comp_pubkey, err); ret->oqsx_provider_ctx.oqsx_qs_ctx.sig = OQS_SIG_new(oqs_name); if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.sig) { fprintf( @@ -822,6 +821,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 1; ret->comp_privkey = OPENSSL_malloc(sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(sizeof(void *)); + ON_ERR_GOTO(!ret->comp_privkey || !ret->comp_pubkey, err); ret->oqsx_provider_ctx.oqsx_qs_ctx.kem = OQS_KEM_new(oqs_name); if (!ret->oqsx_provider_ctx.oqsx_qs_ctx.kem) { fprintf( @@ -856,6 +856,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ON_ERR_GOTO(!ret->comp_privkey || !ret->comp_pubkey, err); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_secret_key @@ -886,6 +887,7 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ON_ERR_GOTO(!ret->comp_privkey || !ret->comp_pubkey, err); ret->privkeylen = (ret->numkeys - 1) * SIZE_OF_UINT32 + ret->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_secret_key @@ -907,13 +909,12 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->libctx = libctx; ret->references = 1; ret->tls_name = OPENSSL_strdup(tls_name); + ON_ERR_GOTO(!ret->tls_name, err); ret->bit_security = bit_security; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - if (ret->propq == NULL) - goto err; + ON_ERR_GOTO(!ret->propq, err); } OQS_KEY_PRINTF2("OQSX_KEY: new key created: %s\n", ret->tls_name); @@ -922,6 +923,14 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, return ret; err: ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); +#ifdef OQS_PROVIDER_NOATOMIC + if (ret->lock) + CRYPTO_THREAD_lock_free(ret->lock); +#endif + OPENSSL_free(ret->tls_name); + OPENSSL_free(ret->propq); + OPENSSL_free(ret->comp_privkey); + OPENSSL_free(ret->comp_pubkey); OPENSSL_free(ret); return NULL; } @@ -1000,13 +1009,13 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private) if (!key->privkey && include_private) { key->privkey = OPENSSL_secure_zalloc(key->privkeylen); - ON_ERR_SET_GOTO(!key->privkey, ret, 1, err); + ON_ERR_SET_GOTO(!key->privkey, ret, 1, err_alloc); } if (!key->pubkey && !include_private) { key->pubkey = OPENSSL_secure_zalloc(key->pubkeylen); - ON_ERR_SET_GOTO(!key->pubkey, ret, 1, err); + ON_ERR_SET_GOTO(!key->pubkey, ret, 1, err_alloc); } -err: +err_alloc: return ret; } @@ -1165,21 +1174,21 @@ int oqsx_key_gen(OQSX_KEY *key) if (key->privkey == NULL || key->pubkey == NULL) { ret = oqsx_key_allocate_keymaterial(key, 0) || oqsx_key_allocate_keymaterial(key, 1); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); } if (key->keytype == KEY_TYPE_KEM) { ret = !oqsx_key_set_composites(key); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); ret = oqsx_key_gen_oqs(key, 1); } else if (key->keytype == KEY_TYPE_ECP_HYB_KEM || key->keytype == KEY_TYPE_ECX_HYB_KEM || key->keytype == KEY_TYPE_HYB_SIG) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->pubkey, key->privkey); - ON_ERR_GOTO(pkey == NULL, err); + ON_ERR_GOTO(pkey == NULL, err_gen); ret = !oqsx_key_set_composites(key); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); OQS_KEY_PRINTF3("OQSKM: OQSX_KEY privkeylen %ld & pubkeylen: %ld\n", key->privkeylen, key->pubkeylen); @@ -1187,12 +1196,12 @@ int oqsx_key_gen(OQSX_KEY *key) ret = oqsx_key_gen_oqs(key, key->keytype != KEY_TYPE_HYB_SIG); } else if (key->keytype == KEY_TYPE_SIG) { ret = !oqsx_key_set_composites(key); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); ret = oqsx_key_gen_oqs(key, 0); } else { ret = 1; } -err: +err_gen: if (ret) { EVP_PKEY_free(pkey); key->classical_pkey = NULL; From 81eae6d1ce58492dfa89d952f2f1961ed0c67f20 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 3 Feb 2024 17:04:43 +0100 Subject: [PATCH 111/160] correct wrong use of sizeof (#347) --- oqsprov/oqsprov_keys.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 9118ab64..205e47cc 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -626,7 +626,8 @@ static const OQSX_EVP_INFO nids_sig[] = { {EVP_PKEY_RSA, NID_rsaEncryption, 0, 398, 1770, 0, 384}, // 128 bit }; -// These two array need to stay synced: +// These two arrays need to stay synced: +// note only leading 4 chars of alg name are checked static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; static const OQSX_EVP_INFO nids_ecp[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit @@ -634,7 +635,8 @@ static const OQSX_EVP_INFO nids_ecp[] = { {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0} // 256 bit }; -// These two array need to stay synced: +// These two arrays need to stay synced: +// note only leading 4 chars of alg name are checked static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", 0}; static const OQSX_EVP_INFO nids_ecx[] = { {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit @@ -690,7 +692,7 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; int idx = 0; - while (idx < sizeof(OQSX_ECP_NAMES)) { + while (idx < OSSL_NELEM(OQSX_ECP_NAMES)) { if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) break; idx++; @@ -721,7 +723,7 @@ static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) int ret = 1; int idx = 0; - while (idx < sizeof(OQSX_ECX_NAMES)) { + while (idx < OSSL_NELEM(OQSX_ECX_NAMES)) { if (!strncmp(tls_name, OQSX_ECX_NAMES[idx], 4)) break; idx++; From 510fea62449edb14b3ead8a51061b251817298cf Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Mon, 12 Feb 2024 15:42:16 +0100 Subject: [PATCH 112/160] Protecting from NULL parameters (#350) * guard against possible NULL parameters passed * fix SECURITY status [skip ci] --- SECURITY.md | 4 +++- oqsprov/oqs_kmgmt.c | 22 ++++++++++++++++++---- oqsprov/oqs_prov.h | 3 ++- 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 8e1623b7..a58a1077 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,7 +6,9 @@ We only support the most recent release. | Version | Supported | | ------- | ------------------ | -| 0.5.1 | :white_check_mark: | +| 0.5.3 | :white_check_mark: | +| 0.5.2 | :x: | +| 0.5.1 | :x: | | < 0.5 | :x: | ## Reporting a Vulnerability diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 5be50149..dd93cb97 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -133,6 +133,11 @@ static int oqsx_match(const void *keydata1, const void *keydata2, int selection) keydata2); OQS_KM_PRINTF2("OQSKEYMGMT: match called for selection %d\n", selection); + if (key1 == NULL || key2 == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return 0; + } + #ifdef NOPUBKEY_IN_PRIVKEY /* Now this is a "leap of faith" logic: If a public-only PKEY and a * private-only PKEY are tested for equality we cannot do anything other @@ -278,8 +283,8 @@ static int oqsx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, * In this implementation, only public and private keys can be exported, * nothing else */ - if (key == NULL) { - ERR_raise(ERR_LIB_USER, OQSPROV_UNEXPECTED_NULL); + if (key == NULL || param_cb == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); return 0; } @@ -328,6 +333,11 @@ static int oqsx_get_params(void *key, OSSL_PARAM params[]) OQSX_KEY *oqsxk = key; OSSL_PARAM *p; + if (oqsxk == NULL || params == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return 0; + } + OQS_KM_PRINTF2("OQSKEYMGMT: get_params called for %s\n", params[0].key); if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL && !OSSL_PARAM_set_int(p, oqsx_key_secbits(oqsxk))) @@ -413,6 +423,10 @@ static int oqsx_set_params(void *key, const OSSL_PARAM params[]) const OSSL_PARAM *p; OQS_KM_PRINTF("OQSKEYMGMT: set_params called\n"); + if (oqsxkey == NULL) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return 0; + } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL) { size_t used_len; @@ -485,10 +499,10 @@ static void *oqsx_genkey(struct oqsx_gen_ctx *gctx) { OQSX_KEY *key; - OQS_KM_PRINTF3("OQSKEYMGMT: gen called for %s (%s)\n", gctx->oqs_name, - gctx->tls_name); if (gctx == NULL) return NULL; + OQS_KM_PRINTF3("OQSKEYMGMT: gen called for %s (%s)\n", gctx->oqs_name, + gctx->tls_name); if ((key = oqsx_key_new(gctx->libctx, gctx->oqs_name, gctx->tls_name, gctx->primitive, gctx->propq, gctx->bit_security, gctx->alg_idx)) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1c938bf1..ce09636f 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -85,7 +85,8 @@ typedef struct prov_oqs_ctx_st { PROV_OQS_CTX *oqsx_newprovctx(OSSL_LIB_CTX *libctx, const OSSL_CORE_HANDLE *handle, BIO_METHOD *bm); void oqsx_freeprovctx(PROV_OQS_CTX *ctx); -#define PROV_OQS_LIBCTX_OF(provctx) (((PROV_OQS_CTX *)provctx)->libctx) +#define PROV_OQS_LIBCTX_OF(provctx) \ + provctx ? (((PROV_OQS_CTX *)provctx)->libctx) : NULL #include "oqs/oqs.h" #ifdef USE_ENCODING_LIB From 05eaba2c1243b24b2f0de805ee99b997fe3e082f Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 15 Feb 2024 14:04:53 -0600 Subject: [PATCH 113/160] added oid to privkey and fix keys format --- oqsprov/oqs_encode_key2any.c | 78 +++++++++++++++++++++++++++--------- oqsprov/oqs_prov.h | 5 +++ oqsprov/oqsprov_keys.c | 32 ++++++++++++--- 3 files changed, 89 insertions(+), 26 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 074d5939..ca8caa75 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -547,8 +547,8 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) return -1; ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE *)); - ASN1_OCTET_STRING **aString - = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_OCTET_STRING *)); + ASN1_BIT_STRING **aString + = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_BIT_STRING *)); unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(unsigned char *)); size_t *templen = OPENSSL_malloc(oqsxkey->numkeys * sizeof(size_t)); @@ -556,7 +556,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); - aString[i] = ASN1_OCTET_STRING_new(); + aString[i] = ASN1_BIT_STRING_new(); temp[i] = NULL; buflen = oqsxkey->pubkeylen_cmp[i]; @@ -565,14 +565,15 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) oct.data = buf; oct.length = buflen; - templen[i] = i2d_ASN1_OCTET_STRING(&oct, &temp[i]); + oct.flags = 0; + templen[i] = i2d_ASN1_BIT_STRING(&oct, &temp[i]); ASN1_STRING_set(aString[i], temp[i], templen[i]); ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); if (!sk_ASN1_TYPE_push(sk, aType[i])) { for (int j = 0; j <= i; j++) { OPENSSL_cleanse(aString[j]->data, aString[j]->length); - ASN1_OCTET_STRING_free(aString[j]); + ASN1_BIT_STRING_free(aString[j]); OPENSSL_cleanse(aType[j]->value.sequence->data, aType[j]->value.sequence->length); OPENSSL_clear_free(temp[j], templen[j]); @@ -592,7 +593,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) for (i = 0; i < oqsxkey->numkeys; i++) { OPENSSL_cleanse(aString[i]->data, aString[i]->length); - ASN1_OCTET_STRING_free(aString[i]); + ASN1_BIT_STRING_free(aString[i]); OPENSSL_cleanse(aType[i]->value.sequence->data, aType[i]->value.sequence->length); OPENSSL_clear_free(temp[i], templen[i]); @@ -705,6 +706,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); keybloblen = 0; // signal error } + OPENSSL_secure_clear_free(buf, buflen); } else { ASN1_TYPE **aType = OPENSSL_malloc(oqsxkey->numkeys * sizeof(ASN1_TYPE *)); @@ -713,6 +715,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) unsigned char **temp = OPENSSL_malloc(oqsxkey->numkeys * sizeof(unsigned char *)); size_t *templen = OPENSSL_malloc(oqsxkey->numkeys * sizeof(size_t)); + PKCS8_PRIV_KEY_INFO *p8inf_internal = NULL; int i; if ((sk = sk_ASN1_TYPE_new_null()) == NULL) @@ -721,7 +724,10 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) for (i = 0; i < oqsxkey->numkeys; i++) { aType[i] = ASN1_TYPE_new(); aString[i] = ASN1_OCTET_STRING_new(); + p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); temp[i] = NULL; + int nid, version; + void *pval; if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i)) == NULL) { @@ -743,13 +749,16 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(aString); OPENSSL_free(temp); OPENSSL_free(templen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); OPENSSL_free(name); return -1; } if (get_oqsname_fromtls(name) == 0) { - if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype - == EVP_PKEY_RSA) { // get the RSA real key size + + nid = oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype; + if (nid == EVP_PKEY_RSA) { // get the RSA real key size unsigned char *enc_len = OPENSSL_strndup(oqsxkey->comp_privkey[i], 4); OPENSSL_cleanse(enc_len, 2); @@ -776,13 +785,16 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(aString); OPENSSL_free(temp); OPENSSL_free(templen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); OPENSSL_free(name); return -1; } } else buflen = oqsxkey->privkeylen_cmp[i]; - } else + } else { + nid = OBJ_sn2nid(name); buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i]; + } buf = OPENSSL_secure_malloc(buflen); if (get_oqsname_fromtls(name) @@ -791,12 +803,40 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) oqsxkey->privkeylen_cmp[i]); memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); - } else + } else { memcpy(buf, oqsxkey->comp_privkey[i], buflen); + } - oct.data = buf; - oct.length = buflen; - templen[i] = i2d_ASN1_OCTET_STRING(&oct, &temp[i]); + if (nid == EVP_PKEY_EC) { + version = V_ASN1_OBJECT; + pval = OBJ_nid2obj( + oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); + } else { + version = V_ASN1_UNDEF; + pval = NULL; + } + if (!PKCS8_pkey_set0(p8inf_internal, OBJ_nid2obj(nid), 0, version, + pval, buf, buflen)) { + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + OPENSSL_clear_free(temp[j], templen[j]); + } + + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + OPENSSL_free(name); + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); + OPENSSL_cleanse(buf, buflen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + return -1; + } + + templen[i] = i2d_PKCS8_PRIV_KEY_INFO(p8inf_internal, &temp[i]); ASN1_STRING_set(aString[i], temp[i], templen[i]); ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); @@ -815,15 +855,14 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(aString); OPENSSL_free(temp); OPENSSL_free(templen); - OPENSSL_secure_clear_free(buf, buflen); + OPENSSL_cleanse(buf, buflen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); return -1; } OPENSSL_free(name); - if (i + 1 - < oqsxkey - ->numkeys) { // clear buf and oct if is not the last call - OPENSSL_secure_clear_free(buf, buflen); - } + + OPENSSL_cleanse(buf, buflen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); } keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder); @@ -841,7 +880,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(temp); OPENSSL_free(templen); } - OPENSSL_secure_clear_free(buf, buflen); return keybloblen; } diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 1bf1c02e..6cfa7fbd 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -205,6 +205,11 @@ char *get_cmpname(int nid, int index); int get_oqsalg_idx(int nid); int get_composite_idx(int idx); +/* Workaround for not functioning EC PARAM initialization + * TBD, check https://github.com/openssl/openssl/issues/16989 + */ +EVP_PKEY *setECParams(EVP_PKEY *eck, int nid); + /* Register given NID with tlsname in OSSL3 registry */ int oqs_set_nid(char *tlsname, int nid); diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 57080102..1e50f80b 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1069,8 +1069,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, const X509_ALGOR *palg; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; - const unsigned char *buf; - unsigned char *concat_key; + unsigned char *concat_key, *buf; int count, aux, i, buflen, rsa_diff = 0; if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) @@ -1094,20 +1093,39 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, } else { count = sk_ASN1_TYPE_num(sk); concat_key = OPENSSL_zalloc(plen); + PKCS8_PRIV_KEY_INFO *p8inf_internal = NULL; aux = 0; for (i = 0; i < count; i++) { aType = sk_ASN1_TYPE_pop(sk); + p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); char *name; if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) == NULL) { OPENSSL_free(name); + ASN1_TYPE_free(aType); + OPENSSL_clear_free(concat_key, plen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + sk_ASN1_TYPE_free(sk); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); return NULL; } - buf = aType->value.sequence->data; buflen = aType->value.sequence->length; + const unsigned char *buf2 = aType->value.sequence->data; + + p8inf_internal + = d2i_PKCS8_PRIV_KEY_INFO(&p8inf_internal, &buf2, buflen); + if (!PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, + p8inf_internal)) { + OPENSSL_free(name); + ASN1_TYPE_free(aType); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + OPENSSL_clear_free(concat_key, plen); + sk_ASN1_TYPE_free(sk); + return NULL; + } + aux += buflen; memcpy(concat_key + plen - 1 - aux, buf, buflen); // if is a RSA key the actual encoding size might be different @@ -1120,6 +1138,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, rsa_diff = nids_sig[6].length_private_key - buflen; } OPENSSL_free(name); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); ASN1_TYPE_free(aType); } @@ -1300,8 +1319,8 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, ret->numkeys = 2; ret->privkeylen = 0; ret->pubkeylen = 0; - ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); - ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(void *)); + ret->privkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(size_t)); + ret->pubkeylen_cmp = OPENSSL_malloc(ret->numkeys * sizeof(size_t)); ret->comp_privkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); ret->comp_pubkey = OPENSSL_malloc(ret->numkeys * sizeof(void *)); @@ -1547,8 +1566,9 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, size_t pubkeylen = 0, privkeylen = 0; - if (encode) + if (encode) { // hybrid aux = SIZE_OF_UINT32; + } if (ctx->keyParam) kgctx = EVP_PKEY_CTX_new(ctx->keyParam, NULL); From b3c6ca4f57512facb255bc45357490d5d188e9a2 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 15 Feb 2024 14:35:02 -0600 Subject: [PATCH 114/160] merged upstream --- oqsprov/oqs_encode_key2any.c | 66 ++++++++--------- oqsprov/oqsprov_keys.c | 138 ++++++++++++++++++----------------- 2 files changed, 103 insertions(+), 101 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index c7683c5f..73838901 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -521,16 +521,16 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) const OQSX_ENCODING_CTX *encoding_ctx = &oqsxkey->oqsx_encoding_ctx; buflen = encoding_ctx->encoding_impl->crypto_publickeybytes; - buf = OPENSSL_secure_zalloc(buflen); - if (buf == NULL) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - return -1; - } - ret = qsc_encode(encoding_ctx->encoding_ctx, - encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, 0, - 0, 1); - if (ret != QSC_ENC_OK) - return -1; + buf = OPENSSL_secure_zalloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } + ret = qsc_encode(encoding_ctx->encoding_ctx, + encoding_ctx->encoding_impl, oqsxkey->pubkey, &buf, + 0, 0, 1); + if (ret != QSC_ENC_OK) + return -1; *pder = buf; return buflen; @@ -665,15 +665,15 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) # else int withoptional = 1; # endif - buflen - = (withoptional ? encoding_ctx->encoding_impl->crypto_secretkeybytes - : encoding_ctx->encoding_impl - ->crypto_secretkeybytes_nooptional); - buf = OPENSSL_secure_zalloc(buflen); - if (buf == NULL) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - return -1; - } + buflen = (withoptional + ? encoding_ctx->encoding_impl->crypto_secretkeybytes + : encoding_ctx->encoding_impl + ->crypto_secretkeybytes_nooptional); + buf = OPENSSL_secure_zalloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } ret = qsc_encode(encoding_ctx->encoding_ctx, encoding_ctx->encoding_impl, @@ -684,27 +684,27 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } else { #endif #ifdef NOPUBKEY_IN_PRIVKEY - buflen = privkeylen; + buflen = privkeylen; + buf = OPENSSL_secure_malloc(buflen); + if (buf == NULL) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } + OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", + buflen); + memcpy(buf, oqsxkey->privkey, privkeylen); +#else + buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); buf = OPENSSL_secure_malloc(buflen); if (buf == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); return -1; } - OQS_ENC_PRINTF2("OQS ENC provider: saving privkey of length %d\n", + OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", buflen); memcpy(buf, oqsxkey->privkey, privkeylen); -#else - buflen = privkeylen + oqsx_key_get_oqs_public_key_len(oqsxkey); - buf = OPENSSL_secure_malloc(buflen); - if (buf == NULL) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - return -1; - } - OQS_ENC_PRINTF2("OQS ENC provider: saving priv+pubkey of length %d\n", - buflen); - memcpy(buf, oqsxkey->privkey, privkeylen); - memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], - oqsx_key_get_oqs_public_key_len(oqsxkey)); + memcpy(buf + privkeylen, oqsxkey->comp_pubkey[oqsxkey->numkeys - 1], + oqsx_key_get_oqs_public_key_len(oqsxkey)); #endif #ifdef USE_ENCODING_LIB } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index daae8828..fcfe4f5e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -408,6 +408,7 @@ static const OQSX_EVP_INFO nids_sig[] = { }; // These two array need to stay synced: +// note only leading 4 chars of alg name are checked static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; static const OQSX_EVP_INFO nids_ecp[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit @@ -416,6 +417,7 @@ static const OQSX_EVP_INFO nids_ecp[] = { }; // These two array need to stay synced: +// note only leading 4 chars of alg name are checked static const char *OQSX_ECX_NAMES[] = {"x25519", "x448", 0}; static const OQSX_EVP_INFO nids_ecx[] = { {EVP_PKEY_X25519, 0, 1, 32, 32, 32, 0}, // 128 bit @@ -428,7 +430,7 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, { int ret = 1; int idx = (bit_security - 128) / 64; - ON_ERR_GOTO(idx < 0 || idx > 5, err); + ON_ERR_GOTO(idx < 0 || idx > 5, err_init); if (!strncmp(algname, "rsa", 3) || !strncmp(algname, "pss", 3)) { idx += 5; @@ -441,33 +443,33 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, } else { OQS_KEY_PRINTF2("OQS KEY: Incorrect hybrid name: %s\n", algname); ret = 0; - goto err; + goto err_init; } } - ON_ERR_GOTO(idx < 0 || idx > 6, err); + ON_ERR_GOTO(idx < 0 || idx > 6, err_init); if (algname[0] == 'e') // ED25519 or ED448 { evp_ctx->evp_info = &nids_sig[idx + 7]; evp_ctx->keyParam = EVP_PKEY_new(); - ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err_init); ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); - ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err_init); evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); - ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err_init); } else { evp_ctx->evp_info = &nids_sig[idx]; evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); + ON_ERR_GOTO(!evp_ctx->ctx, err_init); if (idx < 5) { // EC ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); + ON_ERR_GOTO(ret <= 0, err_init); ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid( evp_ctx->ctx, evp_ctx->evp_info->nid); @@ -478,13 +480,13 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, } } // RSA bit length set only during keygen - goto err; + goto err_init; free_evp_ctx: EVP_PKEY_CTX_free(evp_ctx->ctx); evp_ctx->ctx = NULL; -err: +err_init: return ret; } @@ -492,29 +494,29 @@ static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; int idx = 0; - while (idx < sizeof(OQSX_ECP_NAMES)) { + while (idx < OSSL_NELEM(OQSX_ECP_NAMES)) { if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecp); evp_ctx->evp_info = &nids_ecp[idx]; evp_ctx->ctx = EVP_PKEY_CTX_new_id(evp_ctx->evp_info->keytype, NULL); - ON_ERR_GOTO(!evp_ctx->ctx, err); + ON_ERR_GOTO(!evp_ctx->ctx, err_init_ecp); ret = EVP_PKEY_paramgen_init(evp_ctx->ctx); - ON_ERR_GOTO(ret <= 0, err); + ON_ERR_GOTO(ret <= 0, err_init_ecp); ret = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(evp_ctx->ctx, evp_ctx->evp_info->nid); - ON_ERR_GOTO(ret <= 0, err); + ON_ERR_GOTO(ret <= 0, err_init_ecp); ret = EVP_PKEY_paramgen(evp_ctx->ctx, &evp_ctx->keyParam); - ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err); + ON_ERR_GOTO(ret <= 0 || !evp_ctx->keyParam, err_init_ecp); -err: +err_init_ecp: return ret; } @@ -523,25 +525,25 @@ static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) int ret = 1; int idx = 0; - while (idx < sizeof(OQSX_ECX_NAMES)) { + while (idx < OSSL_NELEM(OQSX_ECX_NAMES)) { if (!strncmp(tls_name, OQSX_ECX_NAMES[idx], 4)) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err); + ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecx); evp_ctx->evp_info = &nids_ecx[idx]; evp_ctx->keyParam = EVP_PKEY_new(); - ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->keyParam, ret, -1, err_init_ecx); ret = EVP_PKEY_set_type(evp_ctx->keyParam, evp_ctx->evp_info->keytype); - ON_ERR_SET_GOTO(ret <= 0, ret, -1, err); + ON_ERR_SET_GOTO(ret <= 0, ret, -1, err_init_ecx); evp_ctx->ctx = EVP_PKEY_CTX_new(evp_ctx->keyParam, NULL); - ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err); + ON_ERR_SET_GOTO(!evp_ctx->ctx, ret, -1, err_init_ecx); -err: +err_init_ecx: return ret; } @@ -738,26 +740,26 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, # else int withoptional = 1; # endif - int pubkey_available = withoptional; - if (oqsx_key_allocate_keymaterial(key, 1)) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err_key_op; - } - if (pubkey_available) { - if (oqsx_key_allocate_keymaterial(key, 0)) { + int pubkey_available = withoptional; + if (oqsx_key_allocate_keymaterial(key, 1)) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); goto err_key_op; } - } + if (pubkey_available) { + if (oqsx_key_allocate_keymaterial(key, 0)) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err_key_op; + } + } - if (qsc_decode( - encoding_ctx, key->oqsx_encoding_ctx.encoding_impl, 0, - (pubkey_available ? (unsigned char **)&key->pubkey : 0), p, - (unsigned char **)&key->privkey, withoptional) - != QSC_ENC_OK) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err_key_op; - } + if (qsc_decode( + encoding_ctx, key->oqsx_encoding_ctx.encoding_impl, 0, + (pubkey_available ? (unsigned char **)&key->pubkey : 0), + p, (unsigned char **)&key->privkey, withoptional) + != QSC_ENC_OK) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err_key_op; + } } else { #endif @@ -775,36 +777,36 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, (int)(actualprivkeylen + oqsx_key_get_oqs_public_key_len(key))); #endif - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err_key_op; - } - if (oqsx_key_allocate_keymaterial(key, 1) + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err_key_op; + } + if (oqsx_key_allocate_keymaterial(key, 1) #ifndef NOPUBKEY_IN_PRIVKEY || oqsx_key_allocate_keymaterial(key, 0) #endif - ) { - ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); - goto err_key_op; - } - // first populate private key data - memcpy(key->privkey, p, actualprivkeylen); + ) { + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + goto err_key_op; + } + // first populate private key data + memcpy(key->privkey, p, actualprivkeylen); #ifndef NOPUBKEY_IN_PRIVKEY - // only enough data to fill public OQS key component - if (oqsx_key_get_oqs_public_key_len(key) - != plen - actualprivkeylen) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); - goto err_key_op; - } - // populate OQS public key structure - if (key->numkeys == 2) { - unsigned char *pubkey = (unsigned char *)key->pubkey; - ENCODE_UINT32(pubkey, key->evp_info->length_public_key); - memcpy(pubkey + SIZE_OF_UINT32 - + key->evp_info->length_public_key, - p + actualprivkeylen, plen - actualprivkeylen); - } else - memcpy(key->pubkey, p + key->privkeylen, - plen - key->privkeylen); + // only enough data to fill public OQS key component + if (oqsx_key_get_oqs_public_key_len(key) + != plen - actualprivkeylen) { + ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + goto err_key_op; + } + // populate OQS public key structure + if (key->numkeys == 2) { + unsigned char *pubkey = (unsigned char *)key->pubkey; + ENCODE_UINT32(pubkey, key->evp_info->length_public_key); + memcpy(pubkey + SIZE_OF_UINT32 + + key->evp_info->length_public_key, + p + actualprivkeylen, plen - actualprivkeylen); + } else + memcpy(key->pubkey, p + key->privkeylen, + plen - key->privkeylen); #endif } } @@ -1694,21 +1696,21 @@ int oqsx_key_gen(OQSX_KEY *key) char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { OPENSSL_free(name); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); } if (get_oqsname_fromtls(name) == 0) { pkey = oqsx_key_gen_evp_key(key->oqsx_provider_ctx.oqsx_evp_ctx, key->comp_pubkey[i], key->comp_privkey[i], 0); OPENSSL_free(name); - ON_ERR_GOTO(pkey == NULL, err); + ON_ERR_GOTO(pkey == NULL, err_gen); key->classical_pkey = pkey; } else { ret = OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, key->comp_pubkey[i], key->comp_privkey[i]); OPENSSL_free(name); - ON_ERR_GOTO(ret, err); + ON_ERR_GOTO(ret, err_gen); } } From b723cc93c920e43f97f3707df3514c91e3898b87 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 15 Feb 2024 15:08:40 -0600 Subject: [PATCH 115/160] adjusted flags for SubjectPublicKeyInto BIT_STRING --- oqsprov/oqs_encode_key2any.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 73838901..3ef60fae 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -569,7 +569,7 @@ static int oqsx_spki_pub_to_der(const void *vxkey, unsigned char **pder) oct.data = buf; oct.length = buflen; - oct.flags = 0; + oct.flags = 8; templen[i] = i2d_ASN1_BIT_STRING(&oct, &temp[i]); ASN1_STRING_set(aString[i], temp[i], templen[i]); ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); From 49bb2d271ec64f35f5a3905577f2dbc2c1b8d07d Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Fri, 23 Feb 2024 09:01:09 +0100 Subject: [PATCH 116/160] guard external testing against algorithm absence (#352) --- scripts/oqsprovider-externalinterop.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/scripts/oqsprovider-externalinterop.sh b/scripts/oqsprovider-externalinterop.sh index f2af0f32..7a161a4e 100755 --- a/scripts/oqsprovider-externalinterop.sh +++ b/scripts/oqsprovider-externalinterop.sh @@ -26,7 +26,19 @@ else export USE_PROXY="" fi +# Ascertain algorithms are available: + echo " Cloudflare:" -export OQS_CODEPOINT_X25519_KYBER512=65072 -(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 -(echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 + +if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber768); then + echo "Skipping unconfigured x25519_kyber768 interop test" +else + export OQS_CODEPOINT_X25519_KYBER512=65072 + (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00 +fi + +if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber512); then + echo "Skipping unconfigured x25519_kyber512 interop test" +else + (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00 +fi From 4796730748160d811de6e0ee602bf7c935ff994b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 23 Feb 2024 14:22:58 -0600 Subject: [PATCH 117/160] added support for EC without ECParam and Pubkey --- oqsprov/oqsprov_keys.c | 75 +++++++++++++++++++++++++++++++++++------- 1 file changed, 64 insertions(+), 11 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index fcfe4f5e..357f4d44 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -695,6 +695,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err_key_op; } + key->privkeylen_cmp[i] = privlen; } else privlen = key->privkeylen_cmp[i]; } else { // PQC key @@ -883,16 +884,18 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) if (get_oqsname_fromtls(name) == 0) { const unsigned char *enc_privkey = key->comp_privkey[i]; if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info - ->raw_key_support) + ->raw_key_support) { + EVP_PKEY *npk; key->classical_pkey = d2i_PrivateKey( key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info ->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); - else + } else { key->classical_pkey = EVP_PKEY_new_raw_private_key( key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info ->keytype, NULL, enc_privkey, key->privkeylen_cmp[i]); + } if (!key->classical_pkey) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); @@ -1072,7 +1075,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; unsigned char *concat_key, *buf; - int count, aux, i, buflen, rsa_diff = 0; + int count, aux, i, buflen, key_diff = 0; if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return 0; @@ -1094,13 +1097,17 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, return NULL; } else { count = sk_ASN1_TYPE_num(sk); + plen = 2 * plen; // get more than necessary in case its needed concat_key = OPENSSL_zalloc(plen); PKCS8_PRIV_KEY_INFO *p8inf_internal = NULL; + const X509_ALGOR *palg_internal; + int keytype, nid; aux = 0; for (i = 0; i < count; i++) { aType = sk_ASN1_TYPE_pop(sk); p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); + nid = 1; char *name; if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) @@ -1118,7 +1125,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p8inf_internal = d2i_PKCS8_PRIV_KEY_INFO(&p8inf_internal, &buf2, buflen); - if (!PKCS8_pkey_get0(NULL, &buf, &buflen, NULL, + if (!PKCS8_pkey_get0(NULL, &buf, &buflen, &palg_internal, p8inf_internal)) { OPENSSL_free(name); ASN1_TYPE_free(aType); @@ -1128,17 +1135,63 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, return NULL; } - aux += buflen; - memcpy(concat_key + plen - 1 - aux, buf, buflen); + keytype = OBJ_obj2nid(palg_internal->algorithm); + + // Checking OPTIONAL params on EC + if (keytype == EVP_PKEY_EC) { + nid = OBJ_obj2nid(palg_internal->parameter->value.object); + for (int j = 0; j < OSSL_NELEM(nids_sig); j++) { + if ((nids_sig[j].nid == nid) + && (nids_sig[j].length_private_key > buflen)) { + EC_KEY *ec_pkey; + const unsigned char *buf3 = buf; + unsigned char *buf4, *buf5; + + if (buflen + != nids_sig[j].kex_length_secret + + 7) { // no ECParameter and no + // Pubkey + OPENSSL_free(name); + ASN1_TYPE_free(aType); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + OPENSSL_clear_free(concat_key, plen); + sk_ASN1_TYPE_free(sk); + return NULL; + } + ec_pkey = EC_KEY_new_by_curve_name(nid); + ec_pkey = d2i_ECPrivateKey(&ec_pkey, &buf3, buflen); + EC_KEY_set_enc_flags(ec_pkey, 0); + buf4 = OPENSSL_malloc( + nids_sig[j].length_private_key); + buf5 = buf4; + buflen = i2d_ECPrivateKey(ec_pkey, &buf5); + + aux += buflen; + memcpy(concat_key + plen - 1 - aux, buf4, buflen); + nid = 0; // use as flag to not memcpy twice + + OPENSSL_clear_free(buf4, buflen); + EC_KEY_free(ec_pkey); + break; + } + } + } + // if is a RSA key the actual encoding size might be different // from max size we calculate that difference for to facilitate // the key reconstruction - if (!strncmp(name, "rsa", 3) || !strncmp(name, "pss", 3)) { + if (keytype == EVP_PKEY_RSA) { if (name[3] == '3') // 3072 - rsa_diff = nids_sig[5].length_private_key - buflen; + key_diff = nids_sig[5].length_private_key - buflen; else // 2048 - rsa_diff = nids_sig[6].length_private_key - buflen; + key_diff = nids_sig[6].length_private_key - buflen; } + + if (nid) { + aux += buflen; + memcpy(concat_key + plen - 1 - aux, buf, buflen); + } + OPENSSL_free(name); PKCS8_PRIV_KEY_INFO_free(p8inf_internal); ASN1_TYPE_free(aType); @@ -1146,12 +1199,12 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); OPENSSL_clear_free(concat_key, plen); - plen = aux; + plen = aux; // update plen to correct size sk_ASN1_TYPE_free(sk); } } - oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); + oqsx = oqsx_key_op(palg, p, plen + key_diff, KEY_OP_PRIVATE, libctx, propq); if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { ASN1_OCTET_STRING_free(oct); } else { From 19e5a975a249d11e38937de80651bc855bb7ec3c Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Sat, 24 Feb 2024 07:34:02 +0100 Subject: [PATCH 118/160] first cut adding ML-* (#348) * introducing ML-* algorithms * split KEX testing in 2 and add openssl bug warning to README * clarify utility of KEM OIDs --- ALGORITHMS.md | 108 +++++--- CONFIGURE.md | 11 +- README.md | 9 + oqs-template/generate.py | 8 +- oqs-template/generate.yml | 79 +++++- oqs-template/generate_oid_nid_table.py | 16 +- oqs-template/generatehelpers.py | 8 +- oqs-template/oqs-kem-info.md | 184 +++++++------ oqs-template/oqs-sig-info.md | 283 +++++++++---------- oqsprov/oqs_decode_der2key.c | 40 +++ oqsprov/oqs_encode_key2any.c | 176 ++++++++++++ oqsprov/oqs_kmgmt.c | 165 ++++++++--- oqsprov/oqs_prov.h | 309 +++++++++++++++++++++ oqsprov/oqsdecoders.inc | 60 ++++ oqsprov/oqsencoders.inc | 181 ++++++++++++ oqsprov/oqsprov.c | 367 ++++++++++++++++++------- oqsprov/oqsprov_capabilities.c | 244 +++++++++++----- oqsprov/oqsprov_keys.c | 21 +- scripts/common.py | 28 +- scripts/release-test-ci.sh | 2 +- scripts/test_tls_full.py | 39 ++- 21 files changed, 1828 insertions(+), 510 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 9ec32f93..149568cb 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -38,6 +38,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p256_kyber768 | 0x639A | Yes | OQS_CODEPOINT_P256_KYBER768 | | kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 | | p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 | +| mlkem512 | 0x0247 | Yes | OQS_CODEPOINT_MLKEM512 | +| p256_mlkem512 | 0x2F47 | Yes | OQS_CODEPOINT_P256_MLKEM512 | +| x25519_mlkem512 | 0x2FB2 | Yes | OQS_CODEPOINT_X25519_MLKEM512 | +| mlkem768 | 0x0248 | Yes | OQS_CODEPOINT_MLKEM768 | +| p384_mlkem768 | 0x2F48 | Yes | OQS_CODEPOINT_P384_MLKEM768 | +| x448_mlkem768 | 0x2FB3 | Yes | OQS_CODEPOINT_X448_MLKEM768 | +| x25519_mlkem768 | 0x2FB4 | Yes | OQS_CODEPOINT_X25519_MLKEM768 | +| p256_mlkem768 | 0x2FB5 | Yes | OQS_CODEPOINT_P256_MLKEM768 | +| mlkem1024 | 0x0249 | Yes | OQS_CODEPOINT_MLKEM1024 | +| p521_mlkem1024 | 0x2F49 | Yes | OQS_CODEPOINT_P521_MLKEM1024 | | bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 | | p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 | | x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 | @@ -61,6 +71,13 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p384_dilithium3 | 0xfea4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3 | dilithium5 | 0xfea5 |Yes| OQS_CODEPOINT_DILITHIUM5 | p521_dilithium5 | 0xfea6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5 +| mldsa44 | 0xfed0 |Yes| OQS_CODEPOINT_MLDSA44 +| p256_mldsa44 | 0xfed3 |Yes| OQS_CODEPOINT_P256_MLDSA44 +| rsa3072_mldsa44 | 0xfed4 |Yes| OQS_CODEPOINT_RSA3072_MLDSA44 +| mldsa65 | 0xfed1 |Yes| OQS_CODEPOINT_MLDSA65 +| p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65 +| mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87 +| p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87 | falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512 | p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512 | rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 @@ -126,6 +143,13 @@ adapting the OIDs of all supported signature algorithms as per the table below. | p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3 | dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5 | p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5 +| mldsa44 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_MLDSA44 +| p256_mldsa44 | 1.3.9999.7.1 |Yes| OQS_OID_P256_MLDSA44 +| rsa3072_mldsa44 | 1.3.9999.7.2 |Yes| OQS_OID_RSA3072_MLDSA44 +| mldsa65 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_MLDSA65 +| p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65 +| mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87 +| p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 @@ -164,48 +188,58 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li |Algorithm name | default OID | environment variable | |---------------|:-----------------:|----------------------| -| frodo640aes | 1.3.9999.99.50 | OQS_OID_FRODO640AES -| p256_frodo640aes | 1.3.9999.99.49 | OQS_OID_P256_FRODO640AES -| x25519_frodo640aes | 1.3.9999.99.38 | OQS_OID_X25519_FRODO640AES -| frodo640shake | 1.3.9999.99.52 | OQS_OID_FRODO640SHAKE -| p256_frodo640shake | 1.3.9999.99.51 | OQS_OID_P256_FRODO640SHAKE -| x25519_frodo640shake | 1.3.9999.99.39 | OQS_OID_X25519_FRODO640SHAKE -| frodo976aes | 1.3.9999.99.54 | OQS_OID_FRODO976AES -| p384_frodo976aes | 1.3.9999.99.53 | OQS_OID_P384_FRODO976AES -| x448_frodo976aes | 1.3.9999.99.40 | OQS_OID_X448_FRODO976AES -| frodo976shake | 1.3.9999.99.56 | OQS_OID_FRODO976SHAKE -| p384_frodo976shake | 1.3.9999.99.55 | OQS_OID_P384_FRODO976SHAKE -| x448_frodo976shake | 1.3.9999.99.41 | OQS_OID_X448_FRODO976SHAKE -| frodo1344aes | 1.3.9999.99.58 | OQS_OID_FRODO1344AES -| p521_frodo1344aes | 1.3.9999.99.57 | OQS_OID_P521_FRODO1344AES -| frodo1344shake | 1.3.9999.99.60 | OQS_OID_FRODO1344SHAKE -| p521_frodo1344shake | 1.3.9999.99.59 | OQS_OID_P521_FRODO1344SHAKE +| frodo640aes | 1.3.9999.99.58 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.57 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.43 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.60 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.59 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.44 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.62 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.61 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.45 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.64 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.63 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.46 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.66 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.65 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.68 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.67 | OQS_OID_P521_FRODO1344SHAKE | kyber512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_KYBER512 | p256_kyber512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_KYBER512 | x25519_kyber512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_KYBER512 | kyber768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_KYBER768 -| p384_kyber768 | 1.3.9999.99.61 | OQS_OID_P384_KYBER768 -| x448_kyber768 | 1.3.9999.99.42 | OQS_OID_X448_KYBER768 -| x25519_kyber768 | 1.3.9999.99.43 | OQS_OID_X25519_KYBER768 -| p256_kyber768 | 1.3.9999.99.44 | OQS_OID_P256_KYBER768 +| p384_kyber768 | 1.3.9999.99.69 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.47 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.48 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.49 | OQS_OID_P256_KYBER768 | kyber1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_KYBER1024 -| p521_kyber1024 | 1.3.9999.99.62 | OQS_OID_P521_KYBER1024 -| bikel1 | 1.3.9999.99.64 | OQS_OID_BIKEL1 -| p256_bikel1 | 1.3.9999.99.63 | OQS_OID_P256_BIKEL1 -| x25519_bikel1 | 1.3.9999.99.45 | OQS_OID_X25519_BIKEL1 -| bikel3 | 1.3.9999.99.66 | OQS_OID_BIKEL3 -| p384_bikel3 | 1.3.9999.99.65 | OQS_OID_P384_BIKEL3 -| x448_bikel3 | 1.3.9999.99.46 | OQS_OID_X448_BIKEL3 -| bikel5 | 1.3.9999.99.68 | OQS_OID_BIKEL5 -| p521_bikel5 | 1.3.9999.99.67 | OQS_OID_P521_BIKEL5 -| hqc128 | 1.3.9999.99.70 | OQS_OID_HQC128 -| p256_hqc128 | 1.3.9999.99.69 | OQS_OID_P256_HQC128 -| x25519_hqc128 | 1.3.9999.99.47 | OQS_OID_X25519_HQC128 -| hqc192 | 1.3.9999.99.72 | OQS_OID_HQC192 -| p384_hqc192 | 1.3.9999.99.71 | OQS_OID_P384_HQC192 -| x448_hqc192 | 1.3.9999.99.48 | OQS_OID_X448_HQC192 -| hqc256 | 1.3.9999.99.74 | OQS_OID_HQC256 -| p521_hqc256 | 1.3.9999.99.73 | OQS_OID_P521_HQC256 +| p521_kyber1024 | 1.3.9999.99.70 | OQS_OID_P521_KYBER1024 +| mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512 +| p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512 +| x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512 +| mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768 +| p384_mlkem768 | 1.3.9999.99.71 | OQS_OID_P384_MLKEM768 +| x448_mlkem768 | 1.3.9999.99.50 | OQS_OID_X448_MLKEM768 +| x25519_mlkem768 | 1.3.9999.99.51 | OQS_OID_X25519_MLKEM768 +| p256_mlkem768 | 1.3.9999.99.52 | OQS_OID_P256_MLKEM768 +| mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 +| p521_mlkem1024 | 1.3.9999.99.72 | OQS_OID_P521_MLKEM1024 +| bikel1 | 1.3.9999.99.74 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.73 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.53 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.76 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.75 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.54 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.78 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.77 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.80 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.79 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.55 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.82 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.81 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.56 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.84 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.83 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/CONFIGURE.md b/CONFIGURE.md index dff28861..626513d3 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -54,10 +54,13 @@ The default value is `OFF`. ### OQS_KEM_ENCODERS -By setting this to "ON", `oqsprovider` is configured to provide encoders and decoders for -KEM algorithms both for public and private key file formats. This increases the size of -the provider but enables further use cases. -The default value is `OFF`. +By setting this to "ON", `oqsprovider` is configured to provide encoders +and decoders for KEM algorithms both for public and private key file formats. +This increases the size of the provider but enables further use cases. +The underlying OIDs are chosen at random and should not be relied on for +future use. For purposes of interoperability testing the chosen OIDs can +always --at runtime-- be set by [environment variables](https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md#oids) to arbitrary values +The default value therefore is `OFF`. ### OQS_PROVIDER_BUILD_STATIC diff --git a/README.md b/README.md index fa428fa8..9ee5f48f 100644 --- a/README.md +++ b/README.md @@ -40,10 +40,12 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `x448_kyber768`, `x25519_kyber768`, `p256_kyber768`, `kyber1024`, `p521_kyber1024` - **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `x448_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `x448_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` - **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `x448_hqc192`, `hqc256`, `p521_hqc256`† +- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `x25519_mlkem768`, `p256_mlkem768`, `mlkem1024`, `p521_mlkem1024` ### Signature algorithms - **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* +- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\* - **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` @@ -142,6 +144,13 @@ as documented in https://github.com/openssl/openssl/issues/22761. When https://github.com/openssl/openssl/pull/22779 land, the last config-time limitation for provider-based signatures should be gone. +A limitation present in all OpenSSL versions is the number of default groups +supported: [At most 44 default groups may be specified](https://github.com/openssl/openssl/issues/23624) +, e.g., passing to [SSL_CTX_set1_groups](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html). +Therefore caution is advised activating all KEMs supported by `oqsprovider`: +This may lead to `openssl` crashing. + + For [general OpenSSL implementation limitations, e.g., regarding provider feature usage and support, see here](https://wiki.openssl.org/index.php/OpenSSL_3.0#STATUS_of_current_development). diff --git a/oqs-template/generate.py b/oqs-template/generate.py index 03271e8f..5888df72 100644 --- a/oqs-template/generate.py +++ b/oqs-template/generate.py @@ -38,7 +38,7 @@ def get_kem_nistlevel(alg): if alg['family'] == 'CRYSTALS-Kyber': datasheetname = 'kyber' elif alg['family'] == 'SIDH': datasheetname = 'sike' elif alg['family'] == 'NTRU-Prime': datasheetname = 'ntruprime' - else: datasheetname = alg['family'].lower() + else: datasheetname = alg['family'].lower().replace('-', '_') # load datasheet algymlfilename = os.path.join(os.environ['LIBOQS_SRC_DIR'], 'docs', 'algorithms', 'kem', '{:s}.yml'.format(datasheetname)) algyml = yaml.safe_load(file_get_contents(algymlfilename, encoding='utf-8')) @@ -53,7 +53,7 @@ def simplify(s): return False # find the variant that matches for variant in algyml['parameter-sets']: - if matches(variant['name'], alg): + if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)): return variant['claimed-nist-level'] return None @@ -66,7 +66,7 @@ def get_sig_nistlevel(family, alg): elif family['family'] == 'SPHINCS-Haraka': datasheetname = 'sphincs' elif family['family'] == 'SPHINCS-SHA2': datasheetname = 'sphincs' elif family['family'] == 'SPHINCS-SHAKE': datasheetname = 'sphincs' - else: datasheetname = family['family'].lower() + else: datasheetname = family['family'].lower().replace('-', '_') # load datasheet algymlfilename = os.path.join(os.environ['LIBOQS_SRC_DIR'], 'docs', 'algorithms', 'sig', '{:s}.yml'.format(datasheetname)) algyml = yaml.safe_load(file_get_contents(algymlfilename, encoding='utf-8')) @@ -78,7 +78,7 @@ def simplify(s): return False # find the variant that matches for variant in algyml['parameter-sets']: - if matches(variant['name'], alg): + if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)): return variant['claimed-nist-level'] return None diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 099d36ed..7069c82b 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -1,5 +1,5 @@ # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs -# Next free plain KEM ID: 0x0247, p-hybrid: 0x2F47, X-hybrid: 0x2FB2 +# Next free plain KEM ID: 0x024A, p-hybrid: 0x2F4A, X-hybrid: 0x2FB6 kems: - family: 'FrodoKEM' @@ -145,6 +145,41 @@ kems: hybrid_group: secp521_r1 nid: '0x2F11' oqs_alg: 'OQS_KEM_alg_kyber_1024' + - + family: 'ML-KEM' + name_group: 'mlkem512' + nid: '0x0247' + oid: '1.3.6.1.4.1.22554.5.6.1' + nid_hybrid: '0x2F47' + hybrid_oid: '1.3.6.1.4.1.22554.5.7.1' + oqs_alg: 'OQS_KEM_alg_ml_kem_512' + extra_nids: + current: + - hybrid_group: "x25519" + hybrid_oid: '1.3.6.1.4.1.22554.5.8.1' + nid: '0x2FB2' + - + family: 'ML-KEM' + name_group: 'mlkem768' + nid: '0x0248' + oid: '1.3.6.1.4.1.22554.5.6.2' + nid_hybrid: '0x2F48' + oqs_alg: 'OQS_KEM_alg_ml_kem_768' + extra_nids: + current: + - hybrid_group: "x448" + nid: '0x2FB3' + - hybrid_group: "x25519" + nid: '0x2FB4' + - hybrid_group: "p256" + nid: '0x2FB5' + - + family: 'ML-KEM' + name_group: 'mlkem1024' + nid: '0x0249' + oid: '1.3.6.1.4.1.22554.5.6.3' + nid_hybrid: '0x2F49' + oqs_alg: 'OQS_KEM_alg_ml_kem_1024' - family: 'BIKE' name_group: 'bike1l1fo' @@ -358,7 +393,7 @@ kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values -# Next free signature ID: 0xfed0 +# Next free signature ID: 0xfed7 sigs: # - # iso (1) @@ -489,6 +524,46 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.2.11.4', 'code_point': '0xfead'}] + - + family: 'ML-DSA' + variants: + - + name: 'mldsa44' + pretty_name: 'ML-DSA-44' + oqs_meth: 'OQS_SIG_alg_ml_dsa_44' + oid: '1.3.6.1.4.1.2.267.12.4.4' + code_point: '0xfed0' + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.7.1', + 'code_point': '0xfed3'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.7.2', + 'code_point': '0xfed4'}] + - + name: 'mldsa65' + pretty_name: 'ML-DSA-65' + oqs_meth: 'OQS_SIG_alg_ml_dsa_65' + oid: '1.3.6.1.4.1.2.267.12.6.5' + code_point: '0xfed1' + enable: true + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.7.3', + 'code_point': '0xfed5'}] + - + name: 'mldsa87' + pretty_name: 'ML-DSA-87' + oqs_meth: 'OQS_SIG_alg_ml_dsa_87' + oid: '1.3.6.1.4.1.2.267.12.8.7' + code_point: '0xfed2' + enable: true + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.7.4', + 'code_point': '0xfed6'}] - # iso (1) # identified-organization (3) diff --git a/oqs-template/generate_oid_nid_table.py b/oqs-template/generate_oid_nid_table.py index 24a0ac24..71fa98a5 100644 --- a/oqs-template/generate_oid_nid_table.py +++ b/oqs-template/generate_oid_nid_table.py @@ -47,7 +47,7 @@ def gen_sig_table(oqslibdocdir): for hybrid in variant['mix_with']: table.append([variant['name'] + ' **hybrid with** ' + hybrid['name'], liboqs_sigs[sig['family']]['spec-version'], - liboqs_sigs[sig['family']]['nist-round'], + str(liboqs_sigs[sig['family']]['nist-round']), claimed_nist_level, hybrid['code_point'], hybrid['oid']]) @@ -58,12 +58,12 @@ def gen_sig_table(oqslibdocdir): if 'extra_nids' in variant: for i in range(len(variant['extra_nids']['old'])): table.append([variant['name'], variant['extra_nids']['old'][i]['implementation_version'], - variant['extra_nids']['old'][i]['nist-round'], claimed_nist_level, variant['extra_nids']['old'][i]['code_point'], + str(variant['extra_nids']['old'][i]['nist-round']), claimed_nist_level, variant['extra_nids']['old'][i]['code_point'], variant['extra_nids']['old'][i]['oid']]) for hybrid in variant['extra_nids']['old'][i]['mix_with']: table.append([variant['name'] + ' **hybrid with** ' + hybrid['name'], variant['extra_nids']['old'][i]['implementation_version'], - variant['extra_nids']['old'][i]['nist-round'], + str(variant['extra_nids']['old'][i]['nist-round']), claimed_nist_level, hybrid['code_point'], hybrid['oid']]) @@ -114,10 +114,10 @@ def gen_kem_table(oqslibdocdir): try: table.append([kem['family'], implementation_version, - kem['name_group'], liboqs_kems[kem['family']]['nist-round'], claimed_nist_level, + kem['name_group'], str(liboqs_kems[kem['family']]['nist-round']), claimed_nist_level, kem['nid'], ""]) table.append([kem['family'], implementation_version, - kem['name_group'], liboqs_kems[kem['family']]['nist-round'], claimed_nist_level, + kem['name_group'], str(liboqs_kems[kem['family']]['nist-round']), claimed_nist_level, kem['nid_hybrid'], hybrid_elliptic_curve]) except KeyError as ke: # Non-existant NIDs mean this alg is not supported any more @@ -127,18 +127,18 @@ def gen_kem_table(oqslibdocdir): if 'current' in kem['extra_nids']: # assume "current" NIDs to mean liboqs-driven NIST round information: for entry in kem['extra_nids']['current']: table.append([kem['family'], implementation_version, - kem['name_group'], liboqs_kems[kem['family']]['nist-round'], claimed_nist_level, + kem['name_group'], str(liboqs_kems[kem['family']]['nist-round']), claimed_nist_level, entry['nid'], entry['hybrid_group'] if 'hybrid_group' in entry else ""]) if 'old' in kem['extra_nids']: for entry in kem['extra_nids']['old']: table.append([kem['family'], entry['implementation_version'], - kem['name_group'], entry['nist-round'], claimed_nist_level, + kem['name_group'], str(entry['nist-round']), claimed_nist_level, entry['nid'], entry['hybrid_group'] if 'hybrid_group' in entry else ""]) # sort by: family, version, security level, variant, hybrid - table.sort(key = lambda row: "{:s}|{:s}|{:d}|{:s}|{:s}".format(row[0], row[1], row[3], row[2], row[5])) + table.sort(key = lambda row: "{:s}|{:s}|{:s}|{:s}|{:s}".format(row[0], row[1], row[3], row[2], row[5])) table = [table_header] + table diff --git a/oqs-template/generatehelpers.py b/oqs-template/generatehelpers.py index 8da3eff0..689d37af 100644 --- a/oqs-template/generatehelpers.py +++ b/oqs-template/generatehelpers.py @@ -24,7 +24,7 @@ def get_kem_nistlevel(alg, docsdir): if alg['family'] == 'CRYSTALS-Kyber': datasheetname = 'kyber' elif alg['family'] == 'SIDH': datasheetname = 'sike' elif alg['family'] == 'NTRU-Prime': datasheetname = 'ntruprime' - else: datasheetname = alg['family'].lower() + else: datasheetname = alg['family'].lower().replace('-', '_') # load datasheet try: algymlfilename = os.path.join(docsdir, 'algorithms', 'kem', '{:s}.yml'.format(datasheetname)) @@ -44,7 +44,7 @@ def simplify(s): return False # find the variant that matches for variant in algyml['parameter-sets']: - if matches(variant['name'], alg): + if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)): return variant['claimed-nist-level'] # Information file for algorithms no longer supported by liboqs: oldalgs = yaml.safe_load(file_get_contents(os.path.join("oqs-template", "oldalgs.yml"), encoding='utf-8')) @@ -61,7 +61,7 @@ def get_sig_nistlevel(family, alg, docsdir): elif family['family'] == 'SPHINCS-SHAKE256': datasheetname = 'sphincs' elif family['family'] == 'SPHINCS-SHA2': datasheetname = 'sphincs' elif family['family'] == 'SPHINCS-SHAKE': datasheetname = 'sphincs' - else: datasheetname = family['family'].lower() + else: datasheetname = family['family'].lower().replace('-', '_') # load datasheet algymlfilename = os.path.join(docsdir, 'algorithms', 'sig', '{:s}.yml'.format(datasheetname)) algyml = yaml.safe_load(file_get_contents(algymlfilename, encoding='utf-8')) @@ -73,7 +73,7 @@ def simplify(s): return False # find the variant that matches for variant in algyml['parameter-sets']: - if matches(variant['name'], alg): + if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)): return variant['claimed-nist-level'] # Information file for algorithms no longer supported by liboqs: oldalgs = yaml.safe_load(file_get_contents(os.path.join("oqs-template", "oldalgs.yml"), encoding='utf-8')) diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index d85fca20..66ba2326 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -1,87 +1,97 @@ -| Family | Implementation Version | Variant | NIST round | Claimed NIST Level | Code Point | Hybrid Elliptic Curve (if any) | -|:---------------|:-------------------------|:---------------|-------------:|---------------------:|:-------------|:---------------------------------| -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x0241 | | -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2F41 | secp256_r1 | -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2FAE | x25519 | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x0242 | | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2F42 | secp384_r1 | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2FAF | x448 | -| BIKE | 5.1 | bikel5 | 4 | 5 | 0x0243 | | -| BIKE | 5.1 | bikel5 | 4 | 5 | 0x2F43 | secp521_r1 | -| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x0206 | | -| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x2F06 | secp256_r1 | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x0223 | | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F23 | secp256_r1 | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F28 | x25519 | -| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x0207 | | -| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x2F07 | secp384_r1 | -| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x0224 | | -| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x2F24 | secp384_r1 | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x0238 | | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F37 | x25519 | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F38 | secp256_r1 | -| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x023B | | -| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x2F3B | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x0211 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x2F11 | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x020F | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F0F | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F26 | x25519 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x0210 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x2F10 | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x022B | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x2F2B | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x0229 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x2F29 | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x022A | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x2F2A | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x023D | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x2F3D | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x023A | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F39 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F3A | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x023C | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F3C | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F90 | x448 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x6399 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x639A | p256 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x0240 | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x2F40 | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x023E | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2F3E | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2FA9 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x023F | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2F3F | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2FAA | x448 | -| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x0204 | | -| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x2F04 | secp521_r1 | -| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x0205 | | -| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x2F05 | secp521_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x0200 | | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F00 | secp256_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F80 | x25519 | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x0201 | | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F01 | secp256_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F81 | x25519 | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x0202 | | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F02 | secp384_r1 | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F82 | x448 | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x0203 | | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F03 | secp384_r1 | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F83 | x448 | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x022C | | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2F2C | secp256_r1 | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2FAC | x25519 | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x022D | | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2F2D | secp384_r1 | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2FAD | x448 | -| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x022E | | -| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x2F2E | secp521_r1 | -| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x0244 | | -| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2F44 | secp256_r1 | -| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2FB0 | x25519 | -| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x0245 | | -| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2F45 | secp384_r1 | -| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2FB1 | x448 | -| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x0246 | | -| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x2F46 | secp521_r1 | +| Family | Implementation Version | Variant | NIST round | Claimed NIST Level | Code Point | Hybrid Elliptic Curve (if any) | +|:---------------|:-------------------------|:---------------|:-------------|---------------------:|:-------------|:---------------------------------| +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x0241 | | +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2F41 | secp256_r1 | +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2FAE | x25519 | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x0242 | | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2F42 | secp384_r1 | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2FAF | x448 | +| BIKE | 5.1 | bikel5 | 4 | 5 | 0x0243 | | +| BIKE | 5.1 | bikel5 | 4 | 5 | 0x2F43 | secp521_r1 | +| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x0206 | | +| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x2F06 | secp256_r1 | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x0223 | | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F23 | secp256_r1 | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F28 | x25519 | +| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x0207 | | +| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x2F07 | secp384_r1 | +| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x0224 | | +| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x2F24 | secp384_r1 | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x0238 | | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F37 | x25519 | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F38 | secp256_r1 | +| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x023B | | +| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x2F3B | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x0211 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x2F11 | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x020F | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F0F | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F26 | x25519 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x0210 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x2F10 | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x022B | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x2F2B | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x0229 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x2F29 | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x022A | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x2F2A | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x023D | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x2F3D | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x023A | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F39 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F3A | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x023C | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F3C | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F90 | x448 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x6399 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x639A | p256 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x0240 | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x2F40 | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x023E | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2F3E | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2FA9 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x023F | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2F3F | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2FAA | x448 | +| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x0204 | | +| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x2F04 | secp521_r1 | +| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x0205 | | +| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x2F05 | secp521_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x0200 | | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F00 | secp256_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F80 | x25519 | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x0201 | | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F01 | secp256_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F81 | x25519 | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x0202 | | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F02 | secp384_r1 | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F82 | x448 | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x0203 | | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F03 | secp384_r1 | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F83 | x448 | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x022C | | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2F2C | secp256_r1 | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2FAC | x25519 | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x022D | | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2F2D | secp384_r1 | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2FAD | x448 | +| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x022E | | +| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x2F2E | secp521_r1 | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x0244 | | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2F44 | secp256_r1 | +| HQC | 2023-04-30 | hqc128 | 4 | 1 | 0x2FB0 | x25519 | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x0245 | | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2F45 | secp384_r1 | +| HQC | 2023-04-30 | hqc192 | 4 | 3 | 0x2FB1 | x448 | +| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x0246 | | +| HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x2F46 | secp521_r1 | +| ML-KEM | ML-KEM-ipd | mlkem1024 | ipd | 5 | 0x0249 | | +| ML-KEM | ML-KEM-ipd | mlkem1024 | ipd | 5 | 0x2F49 | secp521_r1 | +| ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x0247 | | +| ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x2F47 | secp256_r1 | +| ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x2FB2 | x25519 | +| ML-KEM | ML-KEM-ipd | mlkem768 | ipd | 3 | 0x0248 | | +| ML-KEM | ML-KEM-ipd | mlkem768 | ipd | 3 | 0x2F48 | secp384_r1 | +| ML-KEM | ML-KEM-ipd | mlkem768 | ipd | 3 | 0x2FB3 | x448 | +| ML-KEM | ML-KEM-ipd | mlkem768 | ipd | 3 | 0x2FB4 | x25519 | +| ML-KEM | ML-KEM-ipd | mlkem768 | ipd | 3 | 0x2FB5 | p256 | diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md index 9f084982..15607003 100644 --- a/oqs-template/oqs-sig-info.md +++ b/oqs-template/oqs-sig-info.md @@ -1,138 +1,145 @@ -| Algorithm | Implementation Version | NIST round | Claimed NIST Level | Code Point | OID | -|:--------------------------------------------------|:----------------------------------------------|-------------:|---------------------:|:-------------|:-------------------------| -| dilithium2 | 3.1 | 3 | 2 | 0xfea0 | 1.3.6.1.4.1.2.267.7.4.4 | -| dilithium2 **hybrid with** p256 | 3.1 | 3 | 2 | 0xfea1 | 1.3.9999.2.7.1 | -| dilithium2 **hybrid with** rsa3072 | 3.1 | 3 | 2 | 0xfea2 | 1.3.9999.2.7.2 | -| dilithium3 | 3.1 | 3 | 3 | 0xfea3 | 1.3.6.1.4.1.2.267.7.6.5 | -| dilithium3 **hybrid with** p384 | 3.1 | 3 | 3 | 0xfea4 | 1.3.9999.2.7.3 | -| dilithium5 | 3.1 | 3 | 5 | 0xfea5 | 1.3.6.1.4.1.2.267.7.8.7 | -| dilithium5 **hybrid with** p521 | 3.1 | 3 | 5 | 0xfea6 | 1.3.9999.2.7.4 | -| dilithium2_aes | NIST Round 3 submission | 3 | 2 | 0xfea7 | 1.3.6.1.4.1.2.267.11.4.4 | -| dilithium2_aes **hybrid with** p256 | NIST Round 3 submission | 3 | 2 | 0xfea8 | 1.3.9999.2.11.1 | -| dilithium2_aes **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 2 | 0xfea9 | 1.3.9999.2.11.2 | -| dilithium3_aes | NIST Round 3 submission | 3 | 3 | 0xfeaa | 1.3.6.1.4.1.2.267.11.6.5 | -| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | -| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | -| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | -| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | -| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | -| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | -| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | -| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | -| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | -| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | -| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | -| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | -| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | -| sphincsharaka128frobust | NIST Round 3 submission | 3 | 1 | 0xfe42 | 1.3.9999.6.1.1 | -| sphincsharaka128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe43 | 1.3.9999.6.1.2 | -| sphincsharaka128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe44 | 1.3.9999.6.1.3 | -| sphincsharaka128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe45 | 1.3.9999.6.1.4 | -| sphincsharaka128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe46 | 1.3.9999.6.1.5 | -| sphincsharaka128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe47 | 1.3.9999.6.1.6 | -| sphincsharaka128srobust | NIST Round 3 submission | 3 | 1 | 0xfe48 | 1.3.9999.6.1.7 | -| sphincsharaka128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe49 | 1.3.9999.6.1.8 | -| sphincsharaka128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4a | 1.3.9999.6.1.9 | -| sphincsharaka128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe4b | 1.3.9999.6.1.10 | -| sphincsharaka128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe4c | 1.3.9999.6.1.11 | -| sphincsharaka128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4d | 1.3.9999.6.1.12 | -| sphincsharaka192frobust | NIST Round 3 submission | 3 | 3 | 0xfe4e | 1.3.9999.6.2.1 | -| sphincsharaka192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe4f | 1.3.9999.6.2.2 | -| sphincsharaka192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe50 | 1.3.9999.6.2.3 | -| sphincsharaka192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe51 | 1.3.9999.6.2.4 | -| sphincsharaka192srobust | NIST Round 3 submission | 3 | 3 | 0xfe52 | 1.3.9999.6.2.5 | -| sphincsharaka192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe53 | 1.3.9999.6.2.6 | -| sphincsharaka192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe54 | 1.3.9999.6.2.7 | -| sphincsharaka192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe55 | 1.3.9999.6.2.8 | -| sphincsharaka256frobust | NIST Round 3 submission | 3 | 3 | 0xfe56 | 1.3.9999.6.3.1 | -| sphincsharaka256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 3 | 0xfe57 | 1.3.9999.6.3.2 | -| sphincsharaka256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe58 | 1.3.9999.6.3.3 | -| sphincsharaka256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe59 | 1.3.9999.6.3.4 | -| sphincsharaka256srobust | NIST Round 3 submission | 3 | 5 | 0xfe5a | 1.3.9999.6.3.5 | -| sphincsharaka256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5b | 1.3.9999.6.3.6 | -| sphincsharaka256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe5c | 1.3.9999.6.3.7 | -| sphincsharaka256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5d | 1.3.9999.6.3.8 | -| sphincssha26128frobust | NIST Round 3 submission | 3 | 5 | 0xfe5e | 1.3.9999.6.4.1 | -| sphincssha26128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe5f | 1.3.9999.6.4.2 | -| sphincssha26128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe60 | 1.3.9999.6.4.3 | -| sphincssha2128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb3 | 1.3.9999.6.4.13 | -| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb4 | 1.3.9999.6.4.14 | -| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb5 | 1.3.9999.6.4.15 | -| sphincssha2128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe61 | 1.3.9999.6.4.4 | -| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe62 | 1.3.9999.6.4.5 | -| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe63 | 1.3.9999.6.4.6 | -| sphincssha256128srobust | NIST Round 3 submission | 3 | 5 | 0xfe64 | 1.3.9999.6.4.7 | -| sphincssha256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe65 | 1.3.9999.6.4.8 | -| sphincssha256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe66 | 1.3.9999.6.4.9 | -| sphincssha2128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb6 | 1.3.9999.6.4.16 | -| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb7 | 1.3.9999.6.4.17 | -| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb8 | 1.3.9999.6.4.18 | -| sphincssha2128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe67 | 1.3.9999.6.4.10 | -| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe68 | 1.3.9999.6.4.11 | -| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe69 | 1.3.9999.6.4.12 | -| sphincssha256192frobust | NIST Round 3 submission | 3 | 5 | 0xfe6a | 1.3.9999.6.5.1 | -| sphincssha256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6b | 1.3.9999.6.5.2 | -| sphincssha2192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeb9 | 1.3.9999.6.5.10 | -| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeba | 1.3.9999.6.5.11 | -| sphincssha2192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe6c | 1.3.9999.6.5.3 | -| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe6d | 1.3.9999.6.5.4 | -| sphincssha256192srobust | NIST Round 3 submission | 3 | 5 | 0xfe6e | 1.3.9999.6.5.5 | -| sphincssha256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6f | 1.3.9999.6.5.6 | -| sphincssha2192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebb | 1.3.9999.6.5.12 | -| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebc | 1.3.9999.6.5.13 | -| sphincssha2192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe70 | 1.3.9999.6.5.7 | -| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe71 | 1.3.9999.6.5.8 | -| sphincssha256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe72 | 1.3.9999.6.6.1 | -| sphincssha256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe73 | 1.3.9999.6.6.2 | -| sphincssha2256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebd | 1.3.9999.6.6.10 | -| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebe | 1.3.9999.6.6.11 | -| sphincssha2256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe74 | 1.3.9999.6.6.3 | -| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe75 | 1.3.9999.6.6.4 | -| sphincssha256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe76 | 1.3.9999.6.6.5 | -| sphincssha256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe77 | 1.3.9999.6.6.6 | -| sphincssha2256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec0 | 1.3.9999.6.6.12 | -| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec1 | 1.3.9999.6.6.13 | -| sphincssha2256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe78 | 1.3.9999.6.6.7 | -| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe79 | 1.3.9999.6.6.8 | -| sphincsshake256128frobust | NIST Round 3 submission | 3 | 1 | 0xfe7a | 1.3.9999.6.7.1 | -| sphincsshake256128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7b | 1.3.9999.6.7.2 | -| sphincsshake256128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7c | 1.3.9999.6.7.3 | -| sphincsshake128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec2 | 1.3.9999.6.7.13 | -| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec3 | 1.3.9999.6.7.14 | -| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec4 | 1.3.9999.6.7.15 | -| sphincsshake128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe7d | 1.3.9999.6.7.4 | -| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7e | 1.3.9999.6.7.5 | -| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7f | 1.3.9999.6.7.6 | -| sphincsshake256128srobust | NIST Round 3 submission | 3 | 1 | 0xfe80 | 1.3.9999.6.7.7 | -| sphincsshake256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe81 | 1.3.9999.6.7.8 | -| sphincsshake256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe82 | 1.3.9999.6.7.9 | -| sphincsshake128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec5 | 1.3.9999.6.7.16 | -| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec6 | 1.3.9999.6.7.17 | -| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec7 | 1.3.9999.6.7.18 | -| sphincsshake128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe83 | 1.3.9999.6.7.10 | -| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe84 | 1.3.9999.6.7.11 | -| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe85 | 1.3.9999.6.7.12 | -| sphincsshake256192frobust | NIST Round 3 submission | 3 | 3 | 0xfe86 | 1.3.9999.6.8.1 | -| sphincsshake256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe87 | 1.3.9999.6.8.2 | -| sphincsshake192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec8 | 1.3.9999.6.8.10 | -| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec9 | 1.3.9999.6.8.11 | -| sphincsshake192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe88 | 1.3.9999.6.8.3 | -| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe89 | 1.3.9999.6.8.4 | -| sphincsshake256192srobust | NIST Round 3 submission | 3 | 3 | 0xfe8a | 1.3.9999.6.8.5 | -| sphincsshake256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8b | 1.3.9999.6.8.6 | -| sphincsshake192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeca | 1.3.9999.6.8.12 | -| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfecb | 1.3.9999.6.8.13 | -| sphincsshake192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe8c | 1.3.9999.6.8.7 | -| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8d | 1.3.9999.6.8.8 | -| sphincsshake256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe8e | 1.3.9999.6.9.1 | -| sphincsshake256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe8f | 1.3.9999.6.9.2 | -| sphincsshake256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecc | 1.3.9999.6.9.10 | -| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecd | 1.3.9999.6.9.11 | -| sphincsshake256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe90 | 1.3.9999.6.9.3 | -| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe91 | 1.3.9999.6.9.4 | -| sphincsshake256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe92 | 1.3.9999.6.9.5 | -| sphincsshake256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe93 | 1.3.9999.6.9.6 | -| sphincsshake256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfece | 1.3.9999.6.9.12 | -| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecf | 1.3.9999.6.9.13 | -| sphincsshake256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe94 | 1.3.9999.6.9.7 | -| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe95 | 1.3.9999.6.9.8 | \ No newline at end of file +| Algorithm | Implementation Version | NIST round | Claimed NIST Level | Code Point | OID | +|:--------------------------------------------------|:----------------------------------------------|:-------------|---------------------:|:-------------|:-------------------------| +| dilithium2 | 3.1 | 3 | 2 | 0xfea0 | 1.3.6.1.4.1.2.267.7.4.4 | +| dilithium2 **hybrid with** p256 | 3.1 | 3 | 2 | 0xfea1 | 1.3.9999.2.7.1 | +| dilithium2 **hybrid with** rsa3072 | 3.1 | 3 | 2 | 0xfea2 | 1.3.9999.2.7.2 | +| dilithium3 | 3.1 | 3 | 3 | 0xfea3 | 1.3.6.1.4.1.2.267.7.6.5 | +| dilithium3 **hybrid with** p384 | 3.1 | 3 | 3 | 0xfea4 | 1.3.9999.2.7.3 | +| dilithium5 | 3.1 | 3 | 5 | 0xfea5 | 1.3.6.1.4.1.2.267.7.8.7 | +| dilithium5 **hybrid with** p521 | 3.1 | 3 | 5 | 0xfea6 | 1.3.9999.2.7.4 | +| dilithium2_aes | NIST Round 3 submission | 3 | 2 | 0xfea7 | 1.3.6.1.4.1.2.267.11.4.4 | +| dilithium2_aes **hybrid with** p256 | NIST Round 3 submission | 3 | 2 | 0xfea8 | 1.3.9999.2.11.1 | +| dilithium2_aes **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 2 | 0xfea9 | 1.3.9999.2.11.2 | +| dilithium3_aes | NIST Round 3 submission | 3 | 3 | 0xfeaa | 1.3.6.1.4.1.2.267.11.6.5 | +| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | +| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | +| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | +| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | +| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | +| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | +| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | +| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | +| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | +| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | +| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | +| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | +| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | +| mldsa44 | ML-DSA-ipd | ipd | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 | +| mldsa44 **hybrid with** p256 | ML-DSA-ipd | ipd | 1 | 0xfed3 | 1.3.9999.7.1 | +| mldsa44 **hybrid with** rsa3072 | ML-DSA-ipd | ipd | 1 | 0xfed4 | 1.3.9999.7.2 | +| mldsa65 | ML-DSA-ipd | ipd | 3 | 0xfed1 | 1.3.6.1.4.1.2.267.12.6.5 | +| mldsa65 **hybrid with** p384 | ML-DSA-ipd | ipd | 3 | 0xfed5 | 1.3.9999.7.3 | +| mldsa87 | ML-DSA-ipd | ipd | 5 | 0xfed2 | 1.3.6.1.4.1.2.267.12.8.7 | +| mldsa87 **hybrid with** p521 | ML-DSA-ipd | ipd | 5 | 0xfed6 | 1.3.9999.7.4 | +| sphincsharaka128frobust | NIST Round 3 submission | 3 | 1 | 0xfe42 | 1.3.9999.6.1.1 | +| sphincsharaka128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe43 | 1.3.9999.6.1.2 | +| sphincsharaka128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe44 | 1.3.9999.6.1.3 | +| sphincsharaka128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe45 | 1.3.9999.6.1.4 | +| sphincsharaka128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe46 | 1.3.9999.6.1.5 | +| sphincsharaka128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe47 | 1.3.9999.6.1.6 | +| sphincsharaka128srobust | NIST Round 3 submission | 3 | 1 | 0xfe48 | 1.3.9999.6.1.7 | +| sphincsharaka128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe49 | 1.3.9999.6.1.8 | +| sphincsharaka128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4a | 1.3.9999.6.1.9 | +| sphincsharaka128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe4b | 1.3.9999.6.1.10 | +| sphincsharaka128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe4c | 1.3.9999.6.1.11 | +| sphincsharaka128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4d | 1.3.9999.6.1.12 | +| sphincsharaka192frobust | NIST Round 3 submission | 3 | 3 | 0xfe4e | 1.3.9999.6.2.1 | +| sphincsharaka192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe4f | 1.3.9999.6.2.2 | +| sphincsharaka192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe50 | 1.3.9999.6.2.3 | +| sphincsharaka192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe51 | 1.3.9999.6.2.4 | +| sphincsharaka192srobust | NIST Round 3 submission | 3 | 3 | 0xfe52 | 1.3.9999.6.2.5 | +| sphincsharaka192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe53 | 1.3.9999.6.2.6 | +| sphincsharaka192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe54 | 1.3.9999.6.2.7 | +| sphincsharaka192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe55 | 1.3.9999.6.2.8 | +| sphincsharaka256frobust | NIST Round 3 submission | 3 | 3 | 0xfe56 | 1.3.9999.6.3.1 | +| sphincsharaka256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 3 | 0xfe57 | 1.3.9999.6.3.2 | +| sphincsharaka256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe58 | 1.3.9999.6.3.3 | +| sphincsharaka256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe59 | 1.3.9999.6.3.4 | +| sphincsharaka256srobust | NIST Round 3 submission | 3 | 5 | 0xfe5a | 1.3.9999.6.3.5 | +| sphincsharaka256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5b | 1.3.9999.6.3.6 | +| sphincsharaka256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe5c | 1.3.9999.6.3.7 | +| sphincsharaka256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5d | 1.3.9999.6.3.8 | +| sphincssha26128frobust | NIST Round 3 submission | 3 | 5 | 0xfe5e | 1.3.9999.6.4.1 | +| sphincssha26128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe5f | 1.3.9999.6.4.2 | +| sphincssha26128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe60 | 1.3.9999.6.4.3 | +| sphincssha2128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb3 | 1.3.9999.6.4.13 | +| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb4 | 1.3.9999.6.4.14 | +| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb5 | 1.3.9999.6.4.15 | +| sphincssha2128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe61 | 1.3.9999.6.4.4 | +| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe62 | 1.3.9999.6.4.5 | +| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe63 | 1.3.9999.6.4.6 | +| sphincssha256128srobust | NIST Round 3 submission | 3 | 5 | 0xfe64 | 1.3.9999.6.4.7 | +| sphincssha256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe65 | 1.3.9999.6.4.8 | +| sphincssha256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe66 | 1.3.9999.6.4.9 | +| sphincssha2128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb6 | 1.3.9999.6.4.16 | +| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb7 | 1.3.9999.6.4.17 | +| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb8 | 1.3.9999.6.4.18 | +| sphincssha2128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe67 | 1.3.9999.6.4.10 | +| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe68 | 1.3.9999.6.4.11 | +| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe69 | 1.3.9999.6.4.12 | +| sphincssha256192frobust | NIST Round 3 submission | 3 | 5 | 0xfe6a | 1.3.9999.6.5.1 | +| sphincssha256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6b | 1.3.9999.6.5.2 | +| sphincssha2192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeb9 | 1.3.9999.6.5.10 | +| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeba | 1.3.9999.6.5.11 | +| sphincssha2192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe6c | 1.3.9999.6.5.3 | +| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe6d | 1.3.9999.6.5.4 | +| sphincssha256192srobust | NIST Round 3 submission | 3 | 5 | 0xfe6e | 1.3.9999.6.5.5 | +| sphincssha256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6f | 1.3.9999.6.5.6 | +| sphincssha2192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebb | 1.3.9999.6.5.12 | +| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebc | 1.3.9999.6.5.13 | +| sphincssha2192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe70 | 1.3.9999.6.5.7 | +| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe71 | 1.3.9999.6.5.8 | +| sphincssha256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe72 | 1.3.9999.6.6.1 | +| sphincssha256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe73 | 1.3.9999.6.6.2 | +| sphincssha2256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebd | 1.3.9999.6.6.10 | +| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebe | 1.3.9999.6.6.11 | +| sphincssha2256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe74 | 1.3.9999.6.6.3 | +| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe75 | 1.3.9999.6.6.4 | +| sphincssha256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe76 | 1.3.9999.6.6.5 | +| sphincssha256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe77 | 1.3.9999.6.6.6 | +| sphincssha2256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec0 | 1.3.9999.6.6.12 | +| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec1 | 1.3.9999.6.6.13 | +| sphincssha2256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe78 | 1.3.9999.6.6.7 | +| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe79 | 1.3.9999.6.6.8 | +| sphincsshake256128frobust | NIST Round 3 submission | 3 | 1 | 0xfe7a | 1.3.9999.6.7.1 | +| sphincsshake256128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7b | 1.3.9999.6.7.2 | +| sphincsshake256128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7c | 1.3.9999.6.7.3 | +| sphincsshake128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec2 | 1.3.9999.6.7.13 | +| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec3 | 1.3.9999.6.7.14 | +| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec4 | 1.3.9999.6.7.15 | +| sphincsshake128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe7d | 1.3.9999.6.7.4 | +| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7e | 1.3.9999.6.7.5 | +| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7f | 1.3.9999.6.7.6 | +| sphincsshake256128srobust | NIST Round 3 submission | 3 | 1 | 0xfe80 | 1.3.9999.6.7.7 | +| sphincsshake256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe81 | 1.3.9999.6.7.8 | +| sphincsshake256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe82 | 1.3.9999.6.7.9 | +| sphincsshake128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec5 | 1.3.9999.6.7.16 | +| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec6 | 1.3.9999.6.7.17 | +| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec7 | 1.3.9999.6.7.18 | +| sphincsshake128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe83 | 1.3.9999.6.7.10 | +| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe84 | 1.3.9999.6.7.11 | +| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe85 | 1.3.9999.6.7.12 | +| sphincsshake256192frobust | NIST Round 3 submission | 3 | 3 | 0xfe86 | 1.3.9999.6.8.1 | +| sphincsshake256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe87 | 1.3.9999.6.8.2 | +| sphincsshake192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec8 | 1.3.9999.6.8.10 | +| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec9 | 1.3.9999.6.8.11 | +| sphincsshake192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe88 | 1.3.9999.6.8.3 | +| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe89 | 1.3.9999.6.8.4 | +| sphincsshake256192srobust | NIST Round 3 submission | 3 | 3 | 0xfe8a | 1.3.9999.6.8.5 | +| sphincsshake256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8b | 1.3.9999.6.8.6 | +| sphincsshake192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeca | 1.3.9999.6.8.12 | +| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfecb | 1.3.9999.6.8.13 | +| sphincsshake192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe8c | 1.3.9999.6.8.7 | +| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8d | 1.3.9999.6.8.8 | +| sphincsshake256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe8e | 1.3.9999.6.9.1 | +| sphincsshake256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe8f | 1.3.9999.6.9.2 | +| sphincsshake256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecc | 1.3.9999.6.9.10 | +| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecd | 1.3.9999.6.9.11 | +| sphincsshake256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe90 | 1.3.9999.6.9.3 | +| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe91 | 1.3.9999.6.9.4 | +| sphincsshake256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe92 | 1.3.9999.6.9.5 | +| sphincsshake256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe93 | 1.3.9999.6.9.6 | +| sphincsshake256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfece | 1.3.9999.6.9.12 | +| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecf | 1.3.9999.6.9.13 | +| sphincsshake256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe94 | 1.3.9999.6.9.7 | +| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe95 | 1.3.9999.6.9.8 | \ No newline at end of file diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index 52c2b44c..a88fd4b8 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -620,6 +620,32 @@ MAKE_DECODER(, "kyber1024", kyber1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p521_kyber1024", p521_kyber1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mlkem512", mlkem512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mlkem512", mlkem512, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p256_mlkem512", p256_mlkem512, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_mlkem512", p256_mlkem512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_mlkem512", x25519_mlkem512, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_mlkem512", x25519_mlkem512, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "mlkem768", mlkem768, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mlkem768", mlkem768, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p384_mlkem768", p384_mlkem768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_mlkem768", p384_mlkem768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x448_mlkem768", x448_mlkem768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x448_mlkem768", x448_mlkem768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecx, "x25519_mlkem768", x25519_mlkem768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecx, "x25519_mlkem768", x25519_mlkem768, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p256_mlkem768", p256_mlkem768, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p256_mlkem768", p256_mlkem768, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mlkem1024", mlkem1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mlkem1024", mlkem1024, oqsx, SubjectPublicKeyInfo); + +MAKE_DECODER(_ecp, "p521_mlkem1024", p521_mlkem1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p521_mlkem1024", p521_mlkem1024, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, PrivateKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, SubjectPublicKeyInfo); @@ -675,6 +701,20 @@ MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44", mldsa44, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44", mldsa44, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_mldsa44", p256_mldsa44, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p256_mldsa44", p256_mldsa44, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_mldsa44", rsa3072_mldsa44, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_mldsa44", rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65", mldsa65, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65", mldsa65, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p384_mldsa65", p384_mldsa65, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p384_mldsa65", p384_mldsa65, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa87", mldsa87, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa87", mldsa87, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p521_mldsa87", p521_mldsa87, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "p521_mldsa87", p521_mldsa87, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index fd503081..5e545ec0 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -752,6 +752,39 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define p521_kyber1024_evp_type 0 #define p521_kyber1024_input_type "p521_kyber1024" #define p521_kyber1024_pem_type "p521_kyber1024" +#define mlkem512_evp_type 0 +#define mlkem512_input_type "mlkem512" +#define mlkem512_pem_type "mlkem512" + +#define p256_mlkem512_evp_type 0 +#define p256_mlkem512_input_type "p256_mlkem512" +#define p256_mlkem512_pem_type "p256_mlkem512" +#define x25519_mlkem512_evp_type 0 +#define x25519_mlkem512_input_type "x25519_mlkem512" +#define x25519_mlkem512_pem_type "x25519_mlkem512" +#define mlkem768_evp_type 0 +#define mlkem768_input_type "mlkem768" +#define mlkem768_pem_type "mlkem768" + +#define p384_mlkem768_evp_type 0 +#define p384_mlkem768_input_type "p384_mlkem768" +#define p384_mlkem768_pem_type "p384_mlkem768" +#define x448_mlkem768_evp_type 0 +#define x448_mlkem768_input_type "x448_mlkem768" +#define x448_mlkem768_pem_type "x448_mlkem768" +#define x25519_mlkem768_evp_type 0 +#define x25519_mlkem768_input_type "x25519_mlkem768" +#define x25519_mlkem768_pem_type "x25519_mlkem768" +#define p256_mlkem768_evp_type 0 +#define p256_mlkem768_input_type "p256_mlkem768" +#define p256_mlkem768_pem_type "p256_mlkem768" +#define mlkem1024_evp_type 0 +#define mlkem1024_input_type "mlkem1024" +#define mlkem1024_pem_type "mlkem1024" + +#define p521_mlkem1024_evp_type 0 +#define p521_mlkem1024_input_type "p521_mlkem1024" +#define p521_mlkem1024_pem_type "p521_mlkem1024" #define bikel1_evp_type 0 #define bikel1_input_type "bikel1" #define bikel1_pem_type "bikel1" @@ -828,6 +861,27 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define p521_dilithium5_evp_type 0 #define p521_dilithium5_input_type "p521_dilithium5" #define p521_dilithium5_pem_type "p521_dilithium5" +#define mldsa44_evp_type 0 +#define mldsa44_input_type "mldsa44" +#define mldsa44_pem_type "mldsa44" +#define p256_mldsa44_evp_type 0 +#define p256_mldsa44_input_type "p256_mldsa44" +#define p256_mldsa44_pem_type "p256_mldsa44" +#define rsa3072_mldsa44_evp_type 0 +#define rsa3072_mldsa44_input_type "rsa3072_mldsa44" +#define rsa3072_mldsa44_pem_type "rsa3072_mldsa44" +#define mldsa65_evp_type 0 +#define mldsa65_input_type "mldsa65" +#define mldsa65_pem_type "mldsa65" +#define p384_mldsa65_evp_type 0 +#define p384_mldsa65_input_type "p384_mldsa65" +#define p384_mldsa65_pem_type "p384_mldsa65" +#define mldsa87_evp_type 0 +#define mldsa87_input_type "mldsa87" +#define mldsa87_pem_type "mldsa87" +#define p521_mldsa87_evp_type 0 +#define p521_mldsa87_input_type "p521_mldsa87" +#define p521_mldsa87_pem_type "p521_mldsa87" #define falcon512_evp_type 0 #define falcon512_input_type "falcon512" #define falcon512_pem_type "falcon512" @@ -1643,6 +1697,79 @@ MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(_ecp, p521_kyber1024, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(_ecp, p521_kyber1024); +MAKE_ENCODER(, mlkem512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mlkem512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mlkem512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mlkem512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mlkem512); + +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_mlkem512); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_mlkem512); +MAKE_ENCODER(, mlkem768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mlkem768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mlkem768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mlkem768); + +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_mlkem768); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x448_mlkem768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x448_mlkem768); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecx, x25519_mlkem768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecx, x25519_mlkem768); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p256_mlkem768, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p256_mlkem768); +MAKE_ENCODER(, mlkem1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mlkem1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mlkem1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mlkem1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mlkem1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mlkem1024); + +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p521_mlkem1024); MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, bikel1, oqsx, PrivateKeyInfo, der); @@ -1812,6 +1939,55 @@ MAKE_ENCODER(, p521_dilithium5, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_dilithium5); +MAKE_ENCODER(, mldsa44, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44); +MAKE_ENCODER(, p256_mldsa44, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_mldsa44, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_mldsa44, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_mldsa44, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_mldsa44, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_mldsa44, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_mldsa44); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_mldsa44); +MAKE_ENCODER(, mldsa65, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65); +MAKE_ENCODER(, p384_mldsa65, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p384_mldsa65, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p384_mldsa65, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p384_mldsa65, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p384_mldsa65, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p384_mldsa65, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p384_mldsa65); +MAKE_ENCODER(, mldsa87, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa87, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa87); +MAKE_ENCODER(, p521_mldsa87, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p521_mldsa87, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p521_mldsa87, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p521_mldsa87, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p521_mldsa87, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p521_mldsa87, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p521_mldsa87); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index dd93cb97..2a547f33 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -671,93 +671,171 @@ static void *p521_dilithium5_gen_init(void *provctx, int selection) "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 6); } +static void *mldsa44_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44", KEY_TYPE_SIG, NULL, 128, 7); +} + +static void *mldsa44_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", + 0, 128, 7); +} +static void *p256_mldsa44_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 8); +} + +static void *p256_mldsa44_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 8); +} +static void *rsa3072_mldsa44_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 9); +} + +static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 9); +} +static void *mldsa65_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65", KEY_TYPE_SIG, NULL, 192, 10); +} + +static void *mldsa65_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", + 0, 192, 10); +} +static void *p384_mldsa65_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 11); +} + +static void *p384_mldsa65_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 11); +} +static void *mldsa87_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, + "mldsa87", KEY_TYPE_SIG, NULL, 256, 12); +} + +static void *mldsa87_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", + 0, 256, 12); +} +static void *p521_mldsa87_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, + "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 13); +} + +static void *p521_mldsa87_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, + "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 13); +} + static void *falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 7); + "falcon512", KEY_TYPE_SIG, NULL, 128, 14); } static void *falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 7); + "falcon512", 0, 128, 14); } static void *p256_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 8); + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 15); } static void *p256_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 8); + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 15); } static void *rsa3072_falcon512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 9); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 16); } static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 9); + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 16); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 10); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 17); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 10); + "falcon1024", 0, 256, 17); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 11); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 18); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 11); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 18); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 12); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 19); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 12); + "sphincssha2128fsimple", 0, 128, 19); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 13); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 20); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 13); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 20); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 14); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 21); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -765,39 +843,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 14); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 21); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 15); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 22); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 15); + "sphincssha2128ssimple", 0, 128, 22); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 16); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 23); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 16); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 23); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 17); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 24); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -805,66 +883,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 17); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 24); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 18); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 25); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 18); + "sphincssha2192fsimple", 0, 192, 25); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 19); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 26); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 19); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 26); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 20); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 27); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 20); + "sphincsshake128fsimple", 0, 128, 27); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 21); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 21); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 28); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 22); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -872,7 +950,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 22); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 29); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1031,6 +1109,13 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3) MAKE_SIG_KEYMGMT_FUNCTIONS(p384_dilithium3) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_dilithium5) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44) +MAKE_SIG_KEYMGMT_FUNCTIONS(p256_mldsa44) +MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_mldsa44) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65) +MAKE_SIG_KEYMGMT_FUNCTIONS(p384_mldsa65) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87) +MAKE_SIG_KEYMGMT_FUNCTIONS(p521_mldsa87) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) @@ -1100,6 +1185,22 @@ MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_kyber768, OQS_KEM_alg_kyber_768, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(kyber1024, OQS_KEM_alg_kyber_1024, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_kyber1024, OQS_KEM_alg_kyber_1024, 256) +MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem512, OQS_KEM_alg_ml_kem_512, 128) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_mlkem512, OQS_KEM_alg_ml_kem_512, 128) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_mlkem512, OQS_KEM_alg_ml_kem_512, 128) +MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem768, OQS_KEM_alg_ml_kem_768, 192) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_mlkem768, OQS_KEM_alg_ml_kem_768, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x448_mlkem768, OQS_KEM_alg_ml_kem_768, 192) + +MAKE_KEM_ECX_KEYMGMT_FUNCTIONS(x25519_mlkem768, OQS_KEM_alg_ml_kem_768, 128) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_mlkem768, OQS_KEM_alg_ml_kem_768, 128) +MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) + +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel1, OQS_KEM_alg_bike_l1, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_bikel1, OQS_KEM_alg_bike_l1, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index ce09636f..98f8828b 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -683,6 +683,176 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_kyber1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_kyber1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mlkem512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_mlkem512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_mlkem512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_mlkem512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mlkem768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_mlkem768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x448_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x448_mlkem768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x448_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x448_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_x25519_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_x25519_mlkem768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_x25519_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_x25519_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mlkem768_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_mlkem768_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_mlkem768_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mlkem1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mlkem1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mlkem1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mlkem1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mlkem1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_mlkem1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_mlkem1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_mlkem1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH @@ -1059,6 +1229,125 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_mldsa44_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_mldsa44_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mldsa65_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mldsa65_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_mldsa65_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_mldsa65_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_mldsa65_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_mldsa87_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_mldsa87_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_mldsa87_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_mldsa87_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_mldsa87_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1398,6 +1687,13 @@ extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_mldsa44_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_mldsa44_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p384_mldsa65_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p521_mldsa87_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; @@ -1453,6 +1749,19 @@ extern const OSSL_DISPATCH oqs_ecp_p256_kyber768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_kyber1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p521_kyber1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mlkem512_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p256_mlkem512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_mlkem512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mlkem768_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p384_mlkem768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x448_mlkem768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecx_x25519_mlkem768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_p256_mlkem768_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mlkem1024_keymgmt_functions[]; + +extern const OSSL_DISPATCH oqs_ecp_p521_mlkem1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_bikel1_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p256_bikel1_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 94f65d15..ede1df7e 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -139,6 +139,41 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_kyber1024", der, SubjectPublicKeyInfo, p521_kyber1024), # endif +# ifdef OQS_ENABLE_KEM_ml_kem_512 + DECODER_w_structure("mlkem512", der, PrivateKeyInfo, mlkem512), + DECODER_w_structure("mlkem512", der, SubjectPublicKeyInfo, mlkem512), + DECODER_w_structure("p256_mlkem512", der, PrivateKeyInfo, p256_mlkem512), + DECODER_w_structure("p256_mlkem512", der, SubjectPublicKeyInfo, + p256_mlkem512), + DECODER_w_structure("x25519_mlkem512", der, PrivateKeyInfo, + x25519_mlkem512), + DECODER_w_structure("x25519_mlkem512", der, SubjectPublicKeyInfo, + x25519_mlkem512), +# endif +# ifdef OQS_ENABLE_KEM_ml_kem_768 + DECODER_w_structure("mlkem768", der, PrivateKeyInfo, mlkem768), + DECODER_w_structure("mlkem768", der, SubjectPublicKeyInfo, mlkem768), + DECODER_w_structure("p384_mlkem768", der, PrivateKeyInfo, p384_mlkem768), + DECODER_w_structure("p384_mlkem768", der, SubjectPublicKeyInfo, + p384_mlkem768), + DECODER_w_structure("x448_mlkem768", der, PrivateKeyInfo, x448_mlkem768), + DECODER_w_structure("x448_mlkem768", der, SubjectPublicKeyInfo, + x448_mlkem768), + DECODER_w_structure("x25519_mlkem768", der, PrivateKeyInfo, + x25519_mlkem768), + DECODER_w_structure("x25519_mlkem768", der, SubjectPublicKeyInfo, + x25519_mlkem768), + DECODER_w_structure("p256_mlkem768", der, PrivateKeyInfo, p256_mlkem768), + DECODER_w_structure("p256_mlkem768", der, SubjectPublicKeyInfo, + p256_mlkem768), +# endif +# ifdef OQS_ENABLE_KEM_ml_kem_1024 + DECODER_w_structure("mlkem1024", der, PrivateKeyInfo, mlkem1024), + DECODER_w_structure("mlkem1024", der, SubjectPublicKeyInfo, mlkem1024), + DECODER_w_structure("p521_mlkem1024", der, PrivateKeyInfo, p521_mlkem1024), + DECODER_w_structure("p521_mlkem1024", der, SubjectPublicKeyInfo, + p521_mlkem1024), +# endif # ifdef OQS_ENABLE_KEM_bike_l1 DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), DECODER_w_structure("bikel1", der, SubjectPublicKeyInfo, bikel1), @@ -216,6 +251,31 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5), #endif +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + DECODER_w_structure("mldsa44", der, PrivateKeyInfo, mldsa44), + DECODER_w_structure("mldsa44", der, SubjectPublicKeyInfo, mldsa44), + DECODER_w_structure("p256_mldsa44", der, PrivateKeyInfo, p256_mldsa44), + DECODER_w_structure("p256_mldsa44", der, SubjectPublicKeyInfo, + p256_mldsa44), + DECODER_w_structure("rsa3072_mldsa44", der, PrivateKeyInfo, + rsa3072_mldsa44), + DECODER_w_structure("rsa3072_mldsa44", der, SubjectPublicKeyInfo, + rsa3072_mldsa44), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + DECODER_w_structure("mldsa65", der, PrivateKeyInfo, mldsa65), + DECODER_w_structure("mldsa65", der, SubjectPublicKeyInfo, mldsa65), + DECODER_w_structure("p384_mldsa65", der, PrivateKeyInfo, p384_mldsa65), + DECODER_w_structure("p384_mldsa65", der, SubjectPublicKeyInfo, + p384_mldsa65), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + DECODER_w_structure("mldsa87", der, PrivateKeyInfo, mldsa87), + DECODER_w_structure("mldsa87", der, SubjectPublicKeyInfo, mldsa87), + DECODER_w_structure("p521_mldsa87", der, PrivateKeyInfo, p521_mldsa87), + DECODER_w_structure("p521_mldsa87", der, SubjectPublicKeyInfo, + p521_mldsa87), +#endif #ifdef OQS_ENABLE_SIG_falcon_512 DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), DECODER_w_structure("falcon512", der, SubjectPublicKeyInfo, falcon512), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 62010dfd..b3aab89f 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -393,6 +393,114 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("p521_kyber1024", p521_kyber1024), # endif +# ifdef OQS_ENABLE_KEM_ml_kem_512 + ENCODER_w_structure("mlkem512", mlkem512, der, PrivateKeyInfo), + ENCODER_w_structure("mlkem512", mlkem512, pem, PrivateKeyInfo), + ENCODER_w_structure("mlkem512", mlkem512, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem512", mlkem512, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem512", mlkem512, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mlkem512", mlkem512, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mlkem512", mlkem512), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, der, PrivateKeyInfo), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_mlkem512", p256_mlkem512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_mlkem512", p256_mlkem512), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_mlkem512", x25519_mlkem512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_mlkem512", x25519_mlkem512), +# endif +# ifdef OQS_ENABLE_KEM_ml_kem_768 + ENCODER_w_structure("mlkem768", mlkem768, der, PrivateKeyInfo), + ENCODER_w_structure("mlkem768", mlkem768, pem, PrivateKeyInfo), + ENCODER_w_structure("mlkem768", mlkem768, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem768", mlkem768, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem768", mlkem768, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mlkem768", mlkem768, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mlkem768", mlkem768), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, der, PrivateKeyInfo), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_mlkem768", p384_mlkem768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_mlkem768", p384_mlkem768), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, der, PrivateKeyInfo), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, pem, PrivateKeyInfo), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x448_mlkem768", x448_mlkem768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x448_mlkem768", x448_mlkem768), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, + PrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, + PrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("x25519_mlkem768", x25519_mlkem768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("x25519_mlkem768", x25519_mlkem768), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, PrivateKeyInfo), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_mlkem768", p256_mlkem768, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_mlkem768", p256_mlkem768), +# endif +# ifdef OQS_ENABLE_KEM_ml_kem_1024 + ENCODER_w_structure("mlkem1024", mlkem1024, der, PrivateKeyInfo), + ENCODER_w_structure("mlkem1024", mlkem1024, pem, PrivateKeyInfo), + ENCODER_w_structure("mlkem1024", mlkem1024, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem1024", mlkem1024, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mlkem1024", mlkem1024, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mlkem1024", mlkem1024, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mlkem1024", mlkem1024), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, der, PrivateKeyInfo), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_mlkem1024", p521_mlkem1024), +# endif # ifdef OQS_ENABLE_KEM_bike_l1 ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), ENCODER_w_structure("bikel1", bikel1, pem, PrivateKeyInfo), @@ -623,6 +731,79 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("p521_dilithium5", p521_dilithium5), #endif +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + ENCODER_w_structure("mldsa44", mldsa44, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa44", mldsa44, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa44", mldsa44, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44", mldsa44, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44", mldsa44, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44", mldsa44, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44", mldsa44), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, der, PrivateKeyInfo), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, pem, PrivateKeyInfo), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_mldsa44", p256_mldsa44, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_mldsa44", p256_mldsa44), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, der, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, pem, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_mldsa44", rsa3072_mldsa44), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + ENCODER_w_structure("mldsa65", mldsa65, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa65", mldsa65, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa65", mldsa65, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65", mldsa65, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65", mldsa65, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65", mldsa65, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65", mldsa65), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, der, PrivateKeyInfo), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_mldsa65", p384_mldsa65, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_mldsa65", p384_mldsa65), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + ENCODER_w_structure("mldsa87", mldsa87, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa87", mldsa87, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa87", mldsa87, der, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87", mldsa87, pem, EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87", mldsa87, der, SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa87", mldsa87, pem, SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa87", mldsa87), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, der, PrivateKeyInfo), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, pem, PrivateKeyInfo), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_mldsa87", p521_mldsa87, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_mldsa87", p521_mldsa87), +#endif #ifdef OQS_ENABLE_SIG_falcon_512 ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), ENCODER_w_structure("falcon512", falcon512, pem, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index dba438c0..9a6a2408 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,45 +49,45 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 130 +# define OQS_OID_CNT 164 #else -# define OQS_OID_CNT 46 +# define OQS_OID_CNT 60 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { #ifdef OQS_KEM_ENCODERS - "1.3.9999.99.13", + "1.3.9999.99.16", "frodo640aes", - "1.3.9999.99.12", + "1.3.9999.99.15", "p256_frodo640aes", "1.3.9999.99.1", "x25519_frodo640aes", - "1.3.9999.99.15", + "1.3.9999.99.18", "frodo640shake", - "1.3.9999.99.14", + "1.3.9999.99.17", "p256_frodo640shake", "1.3.9999.99.2", "x25519_frodo640shake", - "1.3.9999.99.17", + "1.3.9999.99.20", "frodo976aes", - "1.3.9999.99.16", + "1.3.9999.99.19", "p384_frodo976aes", "1.3.9999.99.3", "x448_frodo976aes", - "1.3.9999.99.19", + "1.3.9999.99.22", "frodo976shake", - "1.3.9999.99.18", + "1.3.9999.99.21", "p384_frodo976shake", "1.3.9999.99.4", "x448_frodo976shake", - "1.3.9999.99.21", + "1.3.9999.99.24", "frodo1344aes", - "1.3.9999.99.20", - "p521_frodo1344aes", "1.3.9999.99.23", + "p521_frodo1344aes", + "1.3.9999.99.26", "frodo1344shake", - "1.3.9999.99.22", + "1.3.9999.99.25", "p521_frodo1344shake", "1.3.6.1.4.1.22554.5.6.1", "kyber512", @@ -97,7 +97,7 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_kyber512", "1.3.6.1.4.1.22554.5.6.2", "kyber768", - "1.3.9999.99.24", + "1.3.9999.99.27", "p384_kyber768", "1.3.9999.99.5", "x448_kyber768", @@ -107,39 +107,59 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_kyber768", "1.3.6.1.4.1.22554.5.6.3", "kyber1024", - "1.3.9999.99.25", + "1.3.9999.99.28", "p521_kyber1024", - "1.3.9999.99.27", + "1.3.6.1.4.1.22554.5.6.1", + "mlkem512", + "1.3.6.1.4.1.22554.5.7.1", + "p256_mlkem512", + "1.3.6.1.4.1.22554.5.8.1", + "x25519_mlkem512", + "1.3.6.1.4.1.22554.5.6.2", + "mlkem768", + "1.3.9999.99.29", + "p384_mlkem768", + "1.3.9999.99.8", + "x448_mlkem768", + "1.3.9999.99.9", + "x25519_mlkem768", + "1.3.9999.99.10", + "p256_mlkem768", + "1.3.6.1.4.1.22554.5.6.3", + "mlkem1024", + "1.3.9999.99.30", + "p521_mlkem1024", + "1.3.9999.99.32", "bikel1", - "1.3.9999.99.26", + "1.3.9999.99.31", "p256_bikel1", - "1.3.9999.99.8", + "1.3.9999.99.11", "x25519_bikel1", - "1.3.9999.99.29", + "1.3.9999.99.34", "bikel3", - "1.3.9999.99.28", + "1.3.9999.99.33", "p384_bikel3", - "1.3.9999.99.9", + "1.3.9999.99.12", "x448_bikel3", - "1.3.9999.99.31", + "1.3.9999.99.36", "bikel5", - "1.3.9999.99.30", + "1.3.9999.99.35", "p521_bikel5", - "1.3.9999.99.33", + "1.3.9999.99.38", "hqc128", - "1.3.9999.99.32", + "1.3.9999.99.37", "p256_hqc128", - "1.3.9999.99.10", + "1.3.9999.99.13", "x25519_hqc128", - "1.3.9999.99.35", + "1.3.9999.99.40", "hqc192", - "1.3.9999.99.34", + "1.3.9999.99.39", "p384_hqc192", - "1.3.9999.99.11", + "1.3.9999.99.14", "x448_hqc192", - "1.3.9999.99.37", + "1.3.9999.99.42", "hqc256", - "1.3.9999.99.36", + "1.3.9999.99.41", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ @@ -158,6 +178,20 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "dilithium5", "1.3.9999.2.7.4", "p521_dilithium5", + "1.3.6.1.4.1.2.267.12.4.4", + "mldsa44", + "1.3.9999.7.1", + "p256_mldsa44", + "1.3.9999.7.2", + "rsa3072_mldsa44", + "1.3.6.1.4.1.2.267.12.6.5", + "mldsa65", + "1.3.9999.7.3", + "p384_mldsa65", + "1.3.6.1.4.1.2.267.12.8.7", + "mldsa87", + "1.3.9999.7.4", + "p521_mldsa87", "1.3.9999.3.6", "falcon512", "1.3.9999.3.7", @@ -260,46 +294,69 @@ int oqs_patch_oids(void) if (getenv("OQS_OID_P521_KYBER1024")) oqs_oid_alg_list[50] = getenv("OQS_OID_P521_KYBER1024"); + if (getenv("OQS_OID_MLKEM512")) + oqs_oid_alg_list[52] = getenv("OQS_OID_MLKEM512"); + + if (getenv("OQS_OID_P256_MLKEM512")) + oqs_oid_alg_list[54] = getenv("OQS_OID_P256_MLKEM512"); + if (getenv("OQS_OID_X25519_MLKEM512")) + oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_MLKEM512"); + if (getenv("OQS_OID_MLKEM768")) + oqs_oid_alg_list[58] = getenv("OQS_OID_MLKEM768"); + + if (getenv("OQS_OID_P384_MLKEM768")) + oqs_oid_alg_list[60] = getenv("OQS_OID_P384_MLKEM768"); + if (getenv("OQS_OID_X448_MLKEM768")) + oqs_oid_alg_list[62] = getenv("OQS_OID_X448_MLKEM768"); + if (getenv("OQS_OID_X25519_MLKEM768")) + oqs_oid_alg_list[64] = getenv("OQS_OID_X25519_MLKEM768"); + if (getenv("OQS_OID_P256_MLKEM768")) + oqs_oid_alg_list[66] = getenv("OQS_OID_P256_MLKEM768"); + if (getenv("OQS_OID_MLKEM1024")) + oqs_oid_alg_list[68] = getenv("OQS_OID_MLKEM1024"); + + if (getenv("OQS_OID_P521_MLKEM1024")) + oqs_oid_alg_list[70] = getenv("OQS_OID_P521_MLKEM1024"); if (getenv("OQS_OID_BIKEL1")) - oqs_oid_alg_list[52] = getenv("OQS_OID_BIKEL1"); + oqs_oid_alg_list[72] = getenv("OQS_OID_BIKEL1"); if (getenv("OQS_OID_P256_BIKEL1")) - oqs_oid_alg_list[54] = getenv("OQS_OID_P256_BIKEL1"); + oqs_oid_alg_list[74] = getenv("OQS_OID_P256_BIKEL1"); if (getenv("OQS_OID_X25519_BIKEL1")) - oqs_oid_alg_list[56] = getenv("OQS_OID_X25519_BIKEL1"); + oqs_oid_alg_list[76] = getenv("OQS_OID_X25519_BIKEL1"); if (getenv("OQS_OID_BIKEL3")) - oqs_oid_alg_list[58] = getenv("OQS_OID_BIKEL3"); + oqs_oid_alg_list[78] = getenv("OQS_OID_BIKEL3"); if (getenv("OQS_OID_P384_BIKEL3")) - oqs_oid_alg_list[60] = getenv("OQS_OID_P384_BIKEL3"); + oqs_oid_alg_list[80] = getenv("OQS_OID_P384_BIKEL3"); if (getenv("OQS_OID_X448_BIKEL3")) - oqs_oid_alg_list[62] = getenv("OQS_OID_X448_BIKEL3"); + oqs_oid_alg_list[82] = getenv("OQS_OID_X448_BIKEL3"); if (getenv("OQS_OID_BIKEL5")) - oqs_oid_alg_list[64] = getenv("OQS_OID_BIKEL5"); + oqs_oid_alg_list[84] = getenv("OQS_OID_BIKEL5"); if (getenv("OQS_OID_P521_BIKEL5")) - oqs_oid_alg_list[66] = getenv("OQS_OID_P521_BIKEL5"); + oqs_oid_alg_list[86] = getenv("OQS_OID_P521_BIKEL5"); if (getenv("OQS_OID_HQC128")) - oqs_oid_alg_list[68] = getenv("OQS_OID_HQC128"); + oqs_oid_alg_list[88] = getenv("OQS_OID_HQC128"); if (getenv("OQS_OID_P256_HQC128")) - oqs_oid_alg_list[70] = getenv("OQS_OID_P256_HQC128"); + oqs_oid_alg_list[90] = getenv("OQS_OID_P256_HQC128"); if (getenv("OQS_OID_X25519_HQC128")) - oqs_oid_alg_list[72] = getenv("OQS_OID_X25519_HQC128"); + oqs_oid_alg_list[92] = getenv("OQS_OID_X25519_HQC128"); if (getenv("OQS_OID_HQC192")) - oqs_oid_alg_list[74] = getenv("OQS_OID_HQC192"); + oqs_oid_alg_list[94] = getenv("OQS_OID_HQC192"); if (getenv("OQS_OID_P384_HQC192")) - oqs_oid_alg_list[76] = getenv("OQS_OID_P384_HQC192"); + oqs_oid_alg_list[96] = getenv("OQS_OID_P384_HQC192"); if (getenv("OQS_OID_X448_HQC192")) - oqs_oid_alg_list[78] = getenv("OQS_OID_X448_HQC192"); + oqs_oid_alg_list[98] = getenv("OQS_OID_X448_HQC192"); if (getenv("OQS_OID_HQC256")) - oqs_oid_alg_list[80] = getenv("OQS_OID_HQC256"); + oqs_oid_alg_list[100] = getenv("OQS_OID_HQC256"); if (getenv("OQS_OID_P521_HQC256")) - oqs_oid_alg_list[82] = getenv("OQS_OID_P521_HQC256"); + oqs_oid_alg_list[102] = getenv("OQS_OID_P521_HQC256"); -# define OQS_KEMOID_CNT 82 + 2 +# define OQS_KEMOID_CNT 102 + 2 #else # define OQS_KEMOID_CNT 0 #endif /* OQS_KEM_ENCODERS */ @@ -321,51 +378,66 @@ int oqs_patch_oids(void) if (getenv("OQS_OID_P521_DILITHIUM5")) oqs_oid_alg_list[12 + OQS_KEMOID_CNT] = getenv("OQS_OID_P521_DILITHIUM5"); + if (getenv("OQS_OID_MLDSA44")) + oqs_oid_alg_list[14 + OQS_KEMOID_CNT] = getenv("OQS_OID_MLDSA44"); + if (getenv("OQS_OID_P256_MLDSA44")) + oqs_oid_alg_list[16 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_MLDSA44"); + if (getenv("OQS_OID_RSA3072_MLDSA44")) + oqs_oid_alg_list[18 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_MLDSA44"); + if (getenv("OQS_OID_MLDSA65")) + oqs_oid_alg_list[20 + OQS_KEMOID_CNT] = getenv("OQS_OID_MLDSA65"); + if (getenv("OQS_OID_P384_MLDSA65")) + oqs_oid_alg_list[22 + OQS_KEMOID_CNT] = getenv("OQS_OID_P384_MLDSA65"); + if (getenv("OQS_OID_MLDSA87")) + oqs_oid_alg_list[24 + OQS_KEMOID_CNT] = getenv("OQS_OID_MLDSA87"); + if (getenv("OQS_OID_P521_MLDSA87")) + oqs_oid_alg_list[26 + OQS_KEMOID_CNT] = getenv("OQS_OID_P521_MLDSA87"); if (getenv("OQS_OID_FALCON512")) - oqs_oid_alg_list[14 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); + oqs_oid_alg_list[28 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON512"); if (getenv("OQS_OID_P256_FALCON512")) - oqs_oid_alg_list[16 + OQS_KEMOID_CNT] + oqs_oid_alg_list[30 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_FALCON512"); if (getenv("OQS_OID_RSA3072_FALCON512")) - oqs_oid_alg_list[18 + OQS_KEMOID_CNT] + oqs_oid_alg_list[32 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_FALCON512"); if (getenv("OQS_OID_FALCON1024")) - oqs_oid_alg_list[20 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); + oqs_oid_alg_list[34 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); if (getenv("OQS_OID_P521_FALCON1024")) - oqs_oid_alg_list[22 + OQS_KEMOID_CNT] + oqs_oid_alg_list[36 + OQS_KEMOID_CNT] = getenv("OQS_OID_P521_FALCON1024"); if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[24 + OQS_KEMOID_CNT] + oqs_oid_alg_list[38 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[26 + OQS_KEMOID_CNT] + oqs_oid_alg_list[40 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[28 + OQS_KEMOID_CNT] + oqs_oid_alg_list[42 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[30 + OQS_KEMOID_CNT] + oqs_oid_alg_list[44 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[32 + OQS_KEMOID_CNT] + oqs_oid_alg_list[46 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[34 + OQS_KEMOID_CNT] + oqs_oid_alg_list[48 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + oqs_oid_alg_list[50 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + oqs_oid_alg_list[52 + OQS_KEMOID_CNT] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[40 + OQS_KEMOID_CNT] + oqs_oid_alg_list[54 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[42 + OQS_KEMOID_CNT] + oqs_oid_alg_list[56 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + oqs_oid_alg_list[58 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; @@ -409,94 +481,123 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) oqs_alg_encoding_list[13] = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44")) + oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_MLDSA44"); + if (getenv("OQS_ENCODING_MLDSA44_ALGNAME")) + oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_MLDSA44_ALGNAME"); + if (getenv("OQS_ENCODING_P256_MLDSA44")) + oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_P256_MLDSA44"); + if (getenv("OQS_ENCODING_P256_MLDSA44_ALGNAME")) + oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_P256_MLDSA44_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_MLDSA44")) + oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_RSA3072_MLDSA44"); + if (getenv("OQS_ENCODING_RSA3072_MLDSA44_ALGNAME")) + oqs_alg_encoding_list[19] + = getenv("OQS_ENCODING_RSA3072_MLDSA44_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65")) + oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_MLDSA65"); + if (getenv("OQS_ENCODING_MLDSA65_ALGNAME")) + oqs_alg_encoding_list[21] = getenv("OQS_ENCODING_MLDSA65_ALGNAME"); + if (getenv("OQS_ENCODING_P384_MLDSA65")) + oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_P384_MLDSA65"); + if (getenv("OQS_ENCODING_P384_MLDSA65_ALGNAME")) + oqs_alg_encoding_list[23] = getenv("OQS_ENCODING_P384_MLDSA65_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA87")) + oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_MLDSA87"); + if (getenv("OQS_ENCODING_MLDSA87_ALGNAME")) + oqs_alg_encoding_list[25] = getenv("OQS_ENCODING_MLDSA87_ALGNAME"); + if (getenv("OQS_ENCODING_P521_MLDSA87")) + oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_P521_MLDSA87"); + if (getenv("OQS_ENCODING_P521_MLDSA87_ALGNAME")) + oqs_alg_encoding_list[27] = getenv("OQS_ENCODING_P521_MLDSA87_ALGNAME"); if (getenv("OQS_ENCODING_FALCON512")) - oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_FALCON512"); + oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_FALCON512"); if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) - oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); + oqs_alg_encoding_list[29] = getenv("OQS_ENCODING_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_P256_FALCON512")) - oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_P256_FALCON512"); + oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_P256_FALCON512"); if (getenv("OQS_ENCODING_P256_FALCON512_ALGNAME")) - oqs_alg_encoding_list[17] + oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_P256_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_FALCON512")) - oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_RSA3072_FALCON512"); + oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_RSA3072_FALCON512"); if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) - oqs_alg_encoding_list[19] + oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[21] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[35] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[23] + oqs_alg_encoding_list[37] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[24] + oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[25] + oqs_alg_encoding_list[39] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[26] + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[27] + oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[28] + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[29] + oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[30] + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[31] + oqs_alg_encoding_list[45] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[32] + oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[33] + oqs_alg_encoding_list[47] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[34] + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[35] + oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[36] + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[37] + oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[38] + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[39] + oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[40] + oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[41] + oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[42] + oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[43] + oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[44] + oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; @@ -555,6 +656,19 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium5", 256, oqs_signature_functions), SIGALG("p521_dilithium5", 256, oqs_signature_functions), #endif +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + SIGALG("mldsa44", 128, oqs_signature_functions), + SIGALG("p256_mldsa44", 128, oqs_signature_functions), + SIGALG("rsa3072_mldsa44", 128, oqs_signature_functions), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + SIGALG("mldsa65", 192, oqs_signature_functions), + SIGALG("p384_mldsa65", 192, oqs_signature_functions), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + SIGALG("mldsa87", 256, oqs_signature_functions), + SIGALG("p521_mldsa87", 256, oqs_signature_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_signature_functions), SIGALG("p256_falcon512", 128, oqs_signature_functions), @@ -633,6 +747,22 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { KEMBASEALG(kyber1024, 256) KEMHYBALG(p521_kyber1024, 256) #endif +#ifdef OQS_ENABLE_KEM_ml_kem_512 + KEMBASEALG(mlkem512, 128) + KEMHYBALG(p256_mlkem512, 128) + KEMHYBALG(x25519_mlkem512, 128) +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_768 + KEMBASEALG(mlkem768, 192) + KEMHYBALG(p384_mlkem768, 192) + KEMHYBALG(x448_mlkem768, 192) + KEMHYBALG(x25519_mlkem768, 128) + KEMHYBALG(p256_mlkem768, 128) +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_1024 + KEMBASEALG(mlkem1024, 256) + KEMHYBALG(p521_mlkem1024, 256) +#endif #ifdef OQS_ENABLE_KEM_bike_l1 KEMBASEALG(bikel1, 128) KEMHYBALG(p256_bikel1, 128) @@ -665,7 +795,8 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { ///// OQS_TEMPLATE_FRAGMENT_KEM_FUNCTIONS_END {NULL, NULL, NULL}}; -static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { +static const OSSL_ALGORITHM oqsprovider_keymgmt[] + = { ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_START // clang-format off @@ -682,6 +813,19 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), SIGALG("p521_dilithium5", 256, oqs_p521_dilithium5_keymgmt_functions), #endif +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + SIGALG("mldsa44", 128, oqs_mldsa44_keymgmt_functions), + SIGALG("p256_mldsa44", 128, oqs_p256_mldsa44_keymgmt_functions), + SIGALG("rsa3072_mldsa44", 128, oqs_rsa3072_mldsa44_keymgmt_functions), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + SIGALG("mldsa65", 192, oqs_mldsa65_keymgmt_functions), + SIGALG("p384_mldsa65", 192, oqs_p384_mldsa65_keymgmt_functions), +#endif +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + SIGALG("mldsa87", 256, oqs_mldsa87_keymgmt_functions), + SIGALG("p521_mldsa87", 256, oqs_p521_mldsa87_keymgmt_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), @@ -764,6 +908,25 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { KEMKMHYBALG(p521_kyber1024, 256, ecp) #endif +#ifdef OQS_ENABLE_KEM_ml_kem_512 + KEMKMALG(mlkem512, 128) + + KEMKMHYBALG(p256_mlkem512, 128, ecp) + KEMKMHYBALG(x25519_mlkem512, 128, ecx) +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_768 + KEMKMALG(mlkem768, 192) + + KEMKMHYBALG(p384_mlkem768, 192, ecp) + KEMKMHYBALG(x448_mlkem768, 192, ecx) + KEMKMHYBALG(x25519_mlkem768, 128, ecx) + KEMKMHYBALG(p256_mlkem768, 128, ecp) +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_1024 + KEMKMALG(mlkem1024, 256) + + KEMKMHYBALG(p521_mlkem1024, 256, ecp) +#endif #ifdef OQS_ENABLE_KEM_bike_l1 KEMKMALG(bikel1, 128) @@ -798,10 +961,10 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] = { KEMKMHYBALG(p521_hqc256, 256, ecp) #endif - // clang-format on - ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END - // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), - {NULL, NULL, NULL}}; + // clang-format on + ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END + // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), + {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_encoder[] = { #define ENCODER_PROVIDER "oqsprovider" diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 6255b041..81aec194 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -70,6 +70,19 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { {0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0247, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + + {0x2F47, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB2, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0248, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + + {0x2F48, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB3, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB4, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB5, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0249, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + + {0x2F49, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1}, @@ -184,39 +197,58 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(p521_kyber1024, p521_kyber1024, p521_kyber1024, 25), #endif +#ifdef OQS_ENABLE_KEM_ml_kem_512 + OQS_GROUP_ENTRY(mlkem512, mlkem512, mlkem512, 26), + + OQS_GROUP_ENTRY(p256_mlkem512, p256_mlkem512, p256_mlkem512, 27), + OQS_GROUP_ENTRY(x25519_mlkem512, x25519_mlkem512, x25519_mlkem512, 28), +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_768 + OQS_GROUP_ENTRY(mlkem768, mlkem768, mlkem768, 29), + + OQS_GROUP_ENTRY(p384_mlkem768, p384_mlkem768, p384_mlkem768, 30), + OQS_GROUP_ENTRY(x448_mlkem768, x448_mlkem768, x448_mlkem768, 31), + OQS_GROUP_ENTRY(x25519_mlkem768, x25519_mlkem768, x25519_mlkem768, 32), + OQS_GROUP_ENTRY(p256_mlkem768, p256_mlkem768, p256_mlkem768, 33), +#endif +#ifdef OQS_ENABLE_KEM_ml_kem_1024 + OQS_GROUP_ENTRY(mlkem1024, mlkem1024, mlkem1024, 34), + + OQS_GROUP_ENTRY(p521_mlkem1024, p521_mlkem1024, p521_mlkem1024, 35), +#endif #ifdef OQS_ENABLE_KEM_bike_l1 - OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 26), + OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 36), - OQS_GROUP_ENTRY(p256_bikel1, p256_bikel1, p256_bikel1, 27), - OQS_GROUP_ENTRY(x25519_bikel1, x25519_bikel1, x25519_bikel1, 28), + OQS_GROUP_ENTRY(p256_bikel1, p256_bikel1, p256_bikel1, 37), + OQS_GROUP_ENTRY(x25519_bikel1, x25519_bikel1, x25519_bikel1, 38), #endif #ifdef OQS_ENABLE_KEM_bike_l3 - OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 29), + OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 39), - OQS_GROUP_ENTRY(p384_bikel3, p384_bikel3, p384_bikel3, 30), - OQS_GROUP_ENTRY(x448_bikel3, x448_bikel3, x448_bikel3, 31), + OQS_GROUP_ENTRY(p384_bikel3, p384_bikel3, p384_bikel3, 40), + OQS_GROUP_ENTRY(x448_bikel3, x448_bikel3, x448_bikel3, 41), #endif #ifdef OQS_ENABLE_KEM_bike_l5 - OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 32), + OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 42), - OQS_GROUP_ENTRY(p521_bikel5, p521_bikel5, p521_bikel5, 33), + OQS_GROUP_ENTRY(p521_bikel5, p521_bikel5, p521_bikel5, 43), #endif #ifdef OQS_ENABLE_KEM_hqc_128 - OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 34), + OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 44), - OQS_GROUP_ENTRY(p256_hqc128, p256_hqc128, p256_hqc128, 35), - OQS_GROUP_ENTRY(x25519_hqc128, x25519_hqc128, x25519_hqc128, 36), + OQS_GROUP_ENTRY(p256_hqc128, p256_hqc128, p256_hqc128, 45), + OQS_GROUP_ENTRY(x25519_hqc128, x25519_hqc128, x25519_hqc128, 46), #endif #ifdef OQS_ENABLE_KEM_hqc_192 - OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 37), + OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 47), - OQS_GROUP_ENTRY(p384_hqc192, p384_hqc192, p384_hqc192, 38), - OQS_GROUP_ENTRY(x448_hqc192, x448_hqc192, x448_hqc192, 39), + OQS_GROUP_ENTRY(p384_hqc192, p384_hqc192, p384_hqc192, 48), + OQS_GROUP_ENTRY(x448_hqc192, x448_hqc192, x448_hqc192, 49), #endif #ifdef OQS_ENABLE_KEM_hqc_256 - OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 40), + OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 50), - OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 41), + OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 51), #endif ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END }; @@ -234,15 +266,18 @@ static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0}, {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0}, {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0}, - {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0}, - {0xfeaf, 128, TLS1_3_VERSION, 0}, {0xfeb0, 128, TLS1_3_VERSION, 0}, - {0xfeb1, 256, TLS1_3_VERSION, 0}, {0xfeb2, 256, TLS1_3_VERSION, 0}, - {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, - {0xfeb5, 128, TLS1_3_VERSION, 0}, {0xfeb6, 128, TLS1_3_VERSION, 0}, - {0xfeb7, 128, TLS1_3_VERSION, 0}, {0xfeb8, 128, TLS1_3_VERSION, 0}, - {0xfeb9, 192, TLS1_3_VERSION, 0}, {0xfeba, 192, TLS1_3_VERSION, 0}, - {0xfec2, 128, TLS1_3_VERSION, 0}, {0xfec3, 128, TLS1_3_VERSION, 0}, - {0xfec4, 128, TLS1_3_VERSION, 0}, + {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfed0, 128, TLS1_3_VERSION, 0}, + {0xfed3, 128, TLS1_3_VERSION, 0}, {0xfed4, 128, TLS1_3_VERSION, 0}, + {0xfed1, 192, TLS1_3_VERSION, 0}, {0xfed5, 192, TLS1_3_VERSION, 0}, + {0xfed2, 256, TLS1_3_VERSION, 0}, {0xfed6, 256, TLS1_3_VERSION, 0}, + {0xfeae, 128, TLS1_3_VERSION, 0}, {0xfeaf, 128, TLS1_3_VERSION, 0}, + {0xfeb0, 128, TLS1_3_VERSION, 0}, {0xfeb1, 256, TLS1_3_VERSION, 0}, + {0xfeb2, 256, TLS1_3_VERSION, 0}, {0xfeb3, 128, TLS1_3_VERSION, 0}, + {0xfeb4, 128, TLS1_3_VERSION, 0}, {0xfeb5, 128, TLS1_3_VERSION, 0}, + {0xfeb6, 128, TLS1_3_VERSION, 0}, {0xfeb7, 128, TLS1_3_VERSION, 0}, + {0xfeb8, 128, TLS1_3_VERSION, 0}, {0xfeb9, 192, TLS1_3_VERSION, 0}, + {0xfeba, 192, TLS1_3_VERSION, 0}, {0xfec2, 128, TLS1_3_VERSION, 0}, + {0xfec3, 128, TLS1_3_VERSION, 0}, {0xfec4, 128, TLS1_3_VERSION, 0}, ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END }; @@ -323,40 +358,67 @@ int oqs_patch_codepoints() if (getenv("OQS_CODEPOINT_P521_KYBER1024")) oqs_group_list[25].group_id = atoi(getenv("OQS_CODEPOINT_P521_KYBER1024")); + if (getenv("OQS_CODEPOINT_MLKEM512")) + oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_MLKEM512")); + if (getenv("OQS_CODEPOINT_P256_MLKEM512")) + oqs_group_list[27].group_id + = atoi(getenv("OQS_CODEPOINT_P256_MLKEM512")); + if (getenv("OQS_CODEPOINT_X25519_MLKEM512")) + oqs_group_list[28].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_MLKEM512")); + if (getenv("OQS_CODEPOINT_MLKEM768")) + oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_MLKEM768")); + if (getenv("OQS_CODEPOINT_P384_MLKEM768")) + oqs_group_list[30].group_id + = atoi(getenv("OQS_CODEPOINT_P384_MLKEM768")); + if (getenv("OQS_CODEPOINT_X448_MLKEM768")) + oqs_group_list[31].group_id + = atoi(getenv("OQS_CODEPOINT_X448_MLKEM768")); + if (getenv("OQS_CODEPOINT_X25519_MLKEM768")) + oqs_group_list[32].group_id + = atoi(getenv("OQS_CODEPOINT_X25519_MLKEM768")); + if (getenv("OQS_CODEPOINT_P256_MLKEM768")) + oqs_group_list[33].group_id + = atoi(getenv("OQS_CODEPOINT_P256_MLKEM768")); + if (getenv("OQS_CODEPOINT_MLKEM1024")) + oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_MLKEM1024")); + if (getenv("OQS_CODEPOINT_P521_MLKEM1024")) + oqs_group_list[35].group_id + = atoi(getenv("OQS_CODEPOINT_P521_MLKEM1024")); if (getenv("OQS_CODEPOINT_BIKEL1")) - oqs_group_list[26].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); + oqs_group_list[36].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); if (getenv("OQS_CODEPOINT_P256_BIKEL1")) - oqs_group_list[27].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); + oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) - oqs_group_list[28].group_id + oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); if (getenv("OQS_CODEPOINT_BIKEL3")) - oqs_group_list[29].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); + oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); if (getenv("OQS_CODEPOINT_P384_BIKEL3")) - oqs_group_list[30].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); + oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); if (getenv("OQS_CODEPOINT_X448_BIKEL3")) - oqs_group_list[31].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); + oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); if (getenv("OQS_CODEPOINT_BIKEL5")) - oqs_group_list[32].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); + oqs_group_list[42].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); if (getenv("OQS_CODEPOINT_P521_BIKEL5")) - oqs_group_list[33].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); + oqs_group_list[43].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); if (getenv("OQS_CODEPOINT_HQC128")) - oqs_group_list[34].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); + oqs_group_list[44].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); if (getenv("OQS_CODEPOINT_P256_HQC128")) - oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); + oqs_group_list[45].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); if (getenv("OQS_CODEPOINT_X25519_HQC128")) - oqs_group_list[36].group_id + oqs_group_list[46].group_id = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); if (getenv("OQS_CODEPOINT_HQC192")) - oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); + oqs_group_list[47].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); if (getenv("OQS_CODEPOINT_P384_HQC192")) - oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); + oqs_group_list[48].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); if (getenv("OQS_CODEPOINT_X448_HQC192")) - oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); + oqs_group_list[49].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); if (getenv("OQS_CODEPOINT_HQC256")) - oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); + oqs_group_list[50].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); if (getenv("OQS_CODEPOINT_P521_HQC256")) - oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); + oqs_group_list[51].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); if (getenv("OQS_CODEPOINT_DILITHIUM2")) oqs_sigalg_list[0].code_point @@ -379,52 +441,71 @@ int oqs_patch_codepoints() if (getenv("OQS_CODEPOINT_P521_DILITHIUM5")) oqs_sigalg_list[6].code_point = atoi(getenv("OQS_CODEPOINT_P521_DILITHIUM5")); + if (getenv("OQS_CODEPOINT_MLDSA44")) + oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_MLDSA44")); + if (getenv("OQS_CODEPOINT_P256_MLDSA44")) + oqs_sigalg_list[8].code_point + = atoi(getenv("OQS_CODEPOINT_P256_MLDSA44")); + if (getenv("OQS_CODEPOINT_RSA3072_MLDSA44")) + oqs_sigalg_list[9].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_MLDSA44")); + if (getenv("OQS_CODEPOINT_MLDSA65")) + oqs_sigalg_list[10].code_point = atoi(getenv("OQS_CODEPOINT_MLDSA65")); + if (getenv("OQS_CODEPOINT_P384_MLDSA65")) + oqs_sigalg_list[11].code_point + = atoi(getenv("OQS_CODEPOINT_P384_MLDSA65")); + if (getenv("OQS_CODEPOINT_MLDSA87")) + oqs_sigalg_list[12].code_point = atoi(getenv("OQS_CODEPOINT_MLDSA87")); + if (getenv("OQS_CODEPOINT_P521_MLDSA87")) + oqs_sigalg_list[13].code_point + = atoi(getenv("OQS_CODEPOINT_P521_MLDSA87")); if (getenv("OQS_CODEPOINT_FALCON512")) - oqs_sigalg_list[7].code_point = atoi(getenv("OQS_CODEPOINT_FALCON512")); + oqs_sigalg_list[14].code_point + = atoi(getenv("OQS_CODEPOINT_FALCON512")); if (getenv("OQS_CODEPOINT_P256_FALCON512")) - oqs_sigalg_list[8].code_point + oqs_sigalg_list[15].code_point = atoi(getenv("OQS_CODEPOINT_P256_FALCON512")); if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) - oqs_sigalg_list[9].code_point + oqs_sigalg_list[16].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); if (getenv("OQS_CODEPOINT_FALCON1024")) - oqs_sigalg_list[10].code_point + oqs_sigalg_list[17].code_point = atoi(getenv("OQS_CODEPOINT_FALCON1024")); if (getenv("OQS_CODEPOINT_P521_FALCON1024")) - oqs_sigalg_list[11].code_point + oqs_sigalg_list[18].code_point = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[12].code_point + oqs_sigalg_list[19].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[13].code_point + oqs_sigalg_list[20].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[14].code_point + oqs_sigalg_list[21].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[15].code_point + oqs_sigalg_list[22].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[16].code_point + oqs_sigalg_list[23].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[17].code_point + oqs_sigalg_list[24].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[18].code_point + oqs_sigalg_list[25].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[19].code_point + oqs_sigalg_list[26].code_point = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[20].code_point + oqs_sigalg_list[27].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[21].code_point + oqs_sigalg_list[28].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[22].code_point + oqs_sigalg_list[29].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END return 1; @@ -486,50 +567,67 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, "1.3.9999.2.7.4", 6), # endif +# ifdef OQS_ENABLE_SIG_ml_dsa_44 + OQS_SIGALG_ENTRY(mldsa44, mldsa44, mldsa44, "1.3.6.1.4.1.2.267.12.4.4", 7), + OQS_SIGALG_ENTRY(p256_mldsa44, p256_mldsa44, p256_mldsa44, "1.3.9999.7.1", + 8), + OQS_SIGALG_ENTRY(rsa3072_mldsa44, rsa3072_mldsa44, rsa3072_mldsa44, + "1.3.9999.7.2", 9), +# endif +# ifdef OQS_ENABLE_SIG_ml_dsa_65 + OQS_SIGALG_ENTRY(mldsa65, mldsa65, mldsa65, "1.3.6.1.4.1.2.267.12.6.5", 10), + OQS_SIGALG_ENTRY(p384_mldsa65, p384_mldsa65, p384_mldsa65, "1.3.9999.7.3", + 11), +# endif +# ifdef OQS_ENABLE_SIG_ml_dsa_87 + OQS_SIGALG_ENTRY(mldsa87, mldsa87, mldsa87, "1.3.6.1.4.1.2.267.12.8.7", 12), + OQS_SIGALG_ENTRY(p521_mldsa87, p521_mldsa87, p521_mldsa87, "1.3.9999.7.4", + 13), +# endif # ifdef OQS_ENABLE_SIG_falcon_512 - OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 7), + OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 14), OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, - "1.3.9999.3.7", 8), + "1.3.9999.3.7", 15), OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, - "1.3.9999.3.8", 9), + "1.3.9999.3.8", 16), # endif # ifdef OQS_ENABLE_SIG_falcon_1024 - OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 10), + OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 17), OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, - "1.3.9999.3.10", 11), + "1.3.9999.3.10", 18), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, - sphincssha2128fsimple, "1.3.9999.6.4.13", 12), + sphincssha2128fsimple, "1.3.9999.6.4.13", 19), OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, - p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 13), + p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 20), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, - rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 14), + rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 21), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, - sphincssha2128ssimple, "1.3.9999.6.4.16", 15), + sphincssha2128ssimple, "1.3.9999.6.4.16", 22), OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, - p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 16), + p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 23), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, - rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 17), + rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 24), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, - sphincssha2192fsimple, "1.3.9999.6.5.10", 18), + sphincssha2192fsimple, "1.3.9999.6.5.10", 25), OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, - p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 19), + p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 26), # endif # ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, - sphincsshake128fsimple, "1.3.9999.6.7.13", 20), + sphincsshake128fsimple, "1.3.9999.6.7.13", 27), OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, - p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 21), + p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 28), OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, - rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 22), + rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 29), # endif ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END }; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 205e47cc..800eab8d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,9 +54,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 65 +# define NID_TABLE_LEN 82 #else -# define NID_TABLE_LEN 23 +# define NID_TABLE_LEN 30 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { @@ -98,6 +98,16 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "p256_kyber768", OQS_KEM_alg_kyber_768, KEY_TYPE_ECP_HYB_KEM, 192}, {0, "kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_KEM, 256}, {0, "p521_kyber1024", OQS_KEM_alg_kyber_1024, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_KEM, 128}, + {0, "p256_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECP_HYB_KEM, 128}, + {0, "x25519_mlkem512", OQS_KEM_alg_ml_kem_512, KEY_TYPE_ECX_HYB_KEM, 128}, + {0, "mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_KEM, 192}, + {0, "p384_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "x448_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "x25519_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECX_HYB_KEM, 192}, + {0, "p256_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192}, + {0, "mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_KEM, 256}, + {0, "p521_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256}, {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, @@ -123,6 +133,13 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192}, {0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256}, {0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256}, + {0, "mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_SIG, 128}, + {0, "p256_mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_HYB_SIG, 128}, + {0, "rsa3072_mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_HYB_SIG, 128}, + {0, "mldsa65", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_SIG, 192}, + {0, "p384_mldsa65", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_HYB_SIG, 192}, + {0, "mldsa87", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_SIG, 256}, + {0, "p521_mldsa87", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_HYB_SIG, 256}, {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, diff --git a/scripts/common.py b/scripts/common.py index 7b936214..85e1492d 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -7,26 +7,32 @@ key_exchanges = [ ##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_START # post-quantum key exchanges - 'frodo640aes','frodo640shake','frodo976aes','frodo976shake','frodo1344aes','frodo1344shake','kyber512','kyber768','kyber1024','bikel1','bikel3','bikel5','hqc128','hqc192','hqc256', + 'frodo640aes','frodo640shake','frodo976aes','frodo976shake','frodo1344aes','frodo1344shake','kyber512','kyber768','kyber1024','mlkem512','mlkem768','mlkem1024','bikel1','bikel3','bikel5','hqc128','hqc192','hqc256', # post-quantum + classical key exchanges - 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', + 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_mlkem512','x25519_mlkem512','p384_mlkem768','x448_mlkem768','x25519_mlkem768','p256_mlkem768','p521_mlkem1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', ##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_END ] signatures = [ 'ecdsap256', 'rsa3072', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_START # post-quantum signatures - 'dilithium2','dilithium3','dilithium5','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', + 'dilithium2','dilithium3','dilithium5','mldsa44','mldsa65','mldsa87','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', # post-quantum + classical signatures - 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', + 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] SERVER_START_ATTEMPTS = 10 -def all_pq_groups(): +def all_pq_groups(first = 0): ag = "" - for kex in key_exchanges: + half = len(key_exchanges)//2 + if (first == 0): + kexs = key_exchanges[:half] + else: + kexs = key_exchanges[half:] + + for kex in kexs: if len(ag)==0: ag = kex else: @@ -56,7 +62,7 @@ def run_subprocess(command, working_dir='.', expected_returncode=0, input=None, assert False, "Got unexpected return code {}".format(result.returncode) return result.stdout.decode('utf-8') -def start_server(ossl, test_artifacts_dir, sig_alg, worker_id): +def start_server(ossl, test_artifacts_dir, sig_alg, worker_id, first): command = [ossl, 's_server', '-cert', os.path.join(test_artifacts_dir, '{}_{}_srv.crt'.format(worker_id, sig_alg)), '-key', os.path.join(test_artifacts_dir, '{}_{}_srv.key'.format(worker_id, sig_alg)), @@ -64,7 +70,7 @@ def start_server(ossl, test_artifacts_dir, sig_alg, worker_id): '-tls1_3', '-quiet', # add X25519 for baseline server test and all PQ KEMs for single PQ KEM tests: - '-groups', "x25519:"+all_pq_groups(), + '-groups', "x25519:"+all_pq_groups(first), # On UNIX-like systems, binding to TCP port 0 # is a request to dynamically generate an unused # port number. @@ -83,7 +89,8 @@ def start_server(ossl, test_artifacts_dir, sig_alg, worker_id): break else: server_start_attempt += 1 - time.sleep(2) + # be more lenient for slow CI servers + time.sleep(1) server_port = str(server_info.connections()[0].laddr.port) # Check SERVER_START_ATTEMPTS times to see @@ -98,7 +105,8 @@ def start_server(ossl, test_artifacts_dir, sig_alg, worker_id): break else: server_start_attempt += 1 - time.sleep(2) + # be more lenient for slow CI servers + time.sleep(1) if server_start_attempt > SERVER_START_ATTEMPTS: raise Exception('Cannot start OpenSSL server') diff --git a/scripts/release-test-ci.sh b/scripts/release-test-ci.sh index 62a9ea02..2c0ac819 100755 --- a/scripts/release-test-ci.sh +++ b/scripts/release-test-ci.sh @@ -23,7 +23,7 @@ if [ -d oqs-template ]; then sed -i "s/enable\: false/enable\: true/g" oqs-template/generate.yml python3 oqs-template/generate.py ./scripts/fullbuild.sh - ./scripts/runtests.sh + ./scripts/runtests.sh -V if [ -f .local/bin/openssl ]; then OPENSSL_MODULES=`pwd`/_build/lib OPENSSL_CONF=`pwd`/scripts/openssl-ca.cnf python3 -m pytest --numprocesses=auto scripts/test_tls_full.py else diff --git a/scripts/test_tls_full.py b/scripts/test_tls_full.py index a1639140..a91a76cc 100644 --- a/scripts/test_tls_full.py +++ b/scripts/test_tls_full.py @@ -3,23 +3,50 @@ import sys import os +# OK, I admit I don't understand this fixture/parameterization stuff +# What I do understand is that openssl crashes when running with too many key_exchange algs +# hence this crude hack to do two tests with half the KEXs each +# XXX anyone better at Python/pytest please improve this! + +@pytest.fixture(params=common.signatures) +def server0(ossl, ossl_config, test_artifacts_dir, request, worker_id): + # Setup: start ossl server + common.gen_keys(ossl, ossl_config, request.param, test_artifacts_dir, worker_id) + server, port = common.start_server(ossl, test_artifacts_dir, request.param, worker_id, 0) + # Run tests + yield (request.param, port) + # Teardown: stop ossl server + server.kill() + @pytest.fixture(params=common.signatures) -def server(ossl, ossl_config, test_artifacts_dir, request, worker_id): +def server1(ossl, ossl_config, test_artifacts_dir, request, worker_id): # Setup: start ossl server common.gen_keys(ossl, ossl_config, request.param, test_artifacts_dir, worker_id) - server, port = common.start_server(ossl, test_artifacts_dir, request.param, worker_id) + server, port = common.start_server(ossl, test_artifacts_dir, request.param, worker_id, 1) # Run tests yield (request.param, port) # Teardown: stop ossl server server.kill() -@pytest.mark.parametrize('kex_name', common.key_exchanges) -def test_sig_kem_pair(ossl, server, test_artifacts_dir, kex_name, worker_id): +@pytest.mark.parametrize('kex_name', common.key_exchanges[:len(common.key_exchanges)//2]) +def test_sig_kem_pair(ossl, server0, test_artifacts_dir, kex_name, worker_id): + client_output = common.run_subprocess([ossl, 's_client', + '-groups', kex_name, + '-CAfile', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(worker_id, server0[0])), + '-verify_return_error', + '-connect', 'localhost:{}'.format(server0[1])], + input='Q'.encode()) +# OpenSSL3 by default does not output KEM used; so rely on forced client group and OK handshake completion: + if not "SSL handshake has read" in client_output: + assert False, "Handshake failure." + +@pytest.mark.parametrize('kex_name', common.key_exchanges[len(common.key_exchanges)//2:]) +def test_sig_kem_pair(ossl, server1, test_artifacts_dir, kex_name, worker_id): client_output = common.run_subprocess([ossl, 's_client', '-groups', kex_name, - '-CAfile', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(worker_id, server[0])), + '-CAfile', os.path.join(test_artifacts_dir, '{}_{}_CA.crt'.format(worker_id, server1[0])), '-verify_return_error', - '-connect', 'localhost:{}'.format(server[1])], + '-connect', 'localhost:{}'.format(server1[1])], input='Q'.encode()) # OpenSSL3 by default does not output KEM used; so rely on forced client group and OK handshake completion: if not "SSL handshake has read" in client_output: From 3b0cb8ff49d7841425f5c4acbe27011b310a177d Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 26 Feb 2024 16:29:33 -0600 Subject: [PATCH 119/160] removed deprecated functions --- oqsprov/oqs_kmgmt.c | 157 +++++++++++++++-------------------------- oqsprov/oqsprov.c | 2 +- oqsprov/oqsprov_keys.c | 31 +++++--- 3 files changed, 77 insertions(+), 113 deletions(-) diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 853e53ed..7470a579 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -894,171 +894,126 @@ static void *p521_mldsa87_gen_init(void *provctx, int selection) "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 26); } -static void *mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44", KEY_TYPE_SIG, NULL, 128, 27); -} - -static void *mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", - 0, 128, 27); -} -static void *p256_mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 28); -} - -static void *p256_mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 28); -} -static void *rsa3072_mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 29); -} - -static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 29); -} -static void *mldsa65_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65", KEY_TYPE_SIG, NULL, 192, 30); -} - -static void *mldsa65_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", - 0, 192, 30); -} -static void *p384_mldsa65_new_key(void *provctx) +static void *falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 31); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512", KEY_TYPE_SIG, NULL, 128, 27); } -static void *p384_mldsa65_gen_init(void *provctx, int selection) +static void *falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 31); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512", 0, 128, 27); } -static void *mldsa87_new_key(void *provctx) +static void *p256_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87", KEY_TYPE_SIG, NULL, 256, 32); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 28); } -static void *mldsa87_gen_init(void *provctx, int selection) +static void *p256_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", - 0, 256, 32); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 28); } -static void *p521_mldsa87_new_key(void *provctx) +static void *rsa3072_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 33); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 29); } -static void *p521_mldsa87_gen_init(void *provctx, int selection) +static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 33); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 29); } - -static void *falcon512_new_key(void *provctx) +static void *falcon512_p256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 34); + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 30); } -static void *falcon512_gen_init(void *provctx, int selection) +static void *falcon512_p256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 34); + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 30); } -static void *p256_falcon512_new_key(void *provctx) +static void *falcon512_bp256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 35); + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); } -static void *p256_falcon512_gen_init(void *provctx, int selection) +static void *falcon512_bp256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 35); + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); } -static void *rsa3072_falcon512_new_key(void *provctx) +static void *falcon512_ed25519_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 36); + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); } -static void *rsa3072_falcon512_gen_init(void *provctx, int selection) +static void *falcon512_ed25519_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 36); + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 37); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 33); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 37); + "falcon1024", 0, 256, 33); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 38); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 38); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 39); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 35); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 39); + "sphincssha2128fsimple", 0, 128, 35); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 40); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 36); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 40); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 36); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 41); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -1066,39 +1021,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 41); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 42); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 38); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 42); + "sphincssha2128ssimple", 0, 128, 38); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 43); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 39); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 43); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 39); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 44); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 40); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -1106,66 +1061,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 44); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 40); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 45); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 41); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 45); + "sphincssha2192fsimple", 0, 192, 41); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 46); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 42); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 46); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 42); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 47); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 43); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 47); + "sphincsshake128fsimple", 0, 128, 43); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 48); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 44); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 48); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 44); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 49); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 45); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -1173,7 +1128,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 49); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 45); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 5bc18fdd..f86c98c6 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 176 +# define OQS_OID_CNT 196 #else # define OQS_OID_CNT 92 #endif diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 9384a347..77f529f2 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,7 +54,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 88 +# define NID_TABLE_LEN 98 #else # define NID_TABLE_LEN 46 #endif @@ -1124,7 +1124,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, for (i = 0; i < count; i++) { aType = sk_ASN1_TYPE_pop(sk); p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); - nid = 1; + nid = 0; char *name; if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) @@ -1160,8 +1160,11 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, for (int j = 0; j < OSSL_NELEM(nids_sig); j++) { if ((nids_sig[j].nid == nid) && (nids_sig[j].length_private_key > buflen)) { - EC_KEY *ec_pkey; - const unsigned char *buf3 = buf; + EVP_PKEY *ec_pkey; + OSSL_PARAM params[2]; + int include_pub = 1; + const unsigned char *buf3 + = aType->value.sequence->data; unsigned char *buf4, *buf5; if (buflen @@ -1175,20 +1178,26 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, sk_ASN1_TYPE_free(sk); return NULL; } - ec_pkey = EC_KEY_new_by_curve_name(nid); - ec_pkey = d2i_ECPrivateKey(&ec_pkey, &buf3, buflen); - EC_KEY_set_enc_flags(ec_pkey, 0); + ec_pkey = EVP_PKEY_new(); + d2i_PrivateKey(EVP_PKEY_EC, &ec_pkey, &buf3, + aType->value.sequence->length); + + params[0] = OSSL_PARAM_construct_int( + OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, + &include_pub); + params[1] = OSSL_PARAM_construct_end(); + EVP_PKEY_set_params(ec_pkey, params); + buf4 = OPENSSL_malloc( nids_sig[j].length_private_key); buf5 = buf4; - buflen = i2d_ECPrivateKey(ec_pkey, &buf5); + buflen = i2d_PrivateKey(ec_pkey, &buf5); aux += buflen; memcpy(concat_key + plen - 1 - aux, buf4, buflen); - nid = 0; // use as flag to not memcpy twice + EVP_PKEY_free(ec_pkey); OPENSSL_clear_free(buf4, buflen); - EC_KEY_free(ec_pkey); break; } } @@ -1204,7 +1213,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, key_diff = nids_sig[6].length_private_key - buflen; } - if (nid) { + if (!nid) { aux += buflen; memcpy(concat_key + plen - 1 - aux, buf, buflen); } From 9a1dbe4b834662b50d0215290b2ab4bcd05246fe Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 27 Feb 2024 12:12:51 -0600 Subject: [PATCH 120/160] fix composite EC --- oqsprov/oqsprov_keys.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 77f529f2..4277fee1 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1156,12 +1156,13 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, // Checking OPTIONAL params on EC if (keytype == EVP_PKEY_EC) { + int j; nid = OBJ_obj2nid(palg_internal->parameter->value.object); - for (int j = 0; j < OSSL_NELEM(nids_sig); j++) { + for (j = 0; j < OSSL_NELEM(nids_sig); j++) { if ((nids_sig[j].nid == nid) && (nids_sig[j].length_private_key > buflen)) { EVP_PKEY *ec_pkey; - OSSL_PARAM params[2]; + OSSL_PARAM params[3]; int include_pub = 1; const unsigned char *buf3 = aType->value.sequence->data; @@ -1185,7 +1186,10 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, params[0] = OSSL_PARAM_construct_int( OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, &include_pub); - params[1] = OSSL_PARAM_construct_end(); + params[1] = OSSL_PARAM_construct_utf8_string( + OSSL_PKEY_PARAM_EC_ENCODING, + OSSL_PKEY_EC_ENCODING_GROUP, 0); + params[2] = OSSL_PARAM_construct_end(); EVP_PKEY_set_params(ec_pkey, params); buf4 = OPENSSL_malloc( @@ -1201,6 +1205,9 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, break; } } + if (j == OSSL_NELEM(nids_sig)) + nid = 0; // buflen is already with the correct size, + // changing nid to memcpy at the end } // if is a RSA key the actual encoding size might be different From 63fc458915b3f462bcd5185fc7b7606a31f83b55 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 27 Feb 2024 13:10:20 -0600 Subject: [PATCH 121/160] changed composite dilithium to ML-* --- ALGORITHMS.md | 26 +- README.md | 4 +- oqs-template/generate.yml | 104 ++++---- oqsprov/oqs_decode_der2key.c | 62 ++--- oqsprov/oqs_encode_key2any.c | 260 ++++++++++---------- oqsprov/oqs_kmgmt.c | 310 ++++++++++++------------ oqsprov/oqs_prov.h | 458 +++++++++++++++++------------------ oqsprov/oqsdecoders.inc | 97 ++++---- oqsprov/oqsencoders.inc | 324 ++++++++++++------------- oqsprov/oqsprov.c | 275 +++++++++++---------- oqsprov/oqsprov_keys.c | 26 +- scripts/common.py | 2 +- 12 files changed, 957 insertions(+), 991 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 6c12bfc6..cbf8d5c6 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -139,30 +139,30 @@ adapting the OIDs of all supported signature algorithms as per the table below. | dilithium2 | 1.3.6.1.4.1.2.267.7.4.4 |Yes| OQS_OID_DILITHIUM2 | p256_dilithium2 | 1.3.9999.2.7.1 |Yes| OQS_OID_P256_DILITHIUM2 | rsa3072_dilithium2 | 1.3.9999.2.7.2 |Yes| OQS_OID_RSA3072_DILITHIUM2 -| dilithium2_pss2048 | 2.16.840.1.114027.80.8.1.1 |Yes| OQS_OID_DILITHIUM2_pss2048 -| dilithium2_rsa2048 | 2.16.840.1.114027.80.8.1.2 |Yes| OQS_OID_DILITHIUM2_rsa2048 -| dilithium2_ed25519 | 2.16.840.1.114027.80.8.1.3 |Yes| OQS_OID_DILITHIUM2_ed25519 -| dilithium2_p256 | 2.16.840.1.114027.80.8.1.4 |Yes| OQS_OID_DILITHIUM2_p256 -| dilithium2_bp256 | 2.16.840.1.114027.80.8.1.5 |Yes| OQS_OID_DILITHIUM2_bp256 | dilithium3 | 1.3.6.1.4.1.2.267.7.6.5 |Yes| OQS_OID_DILITHIUM3 | p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3 -| dilithium3_pss3072 | 2.16.840.1.114027.80.8.1.6 |Yes| OQS_OID_DILITHIUM3_pss3072 -| dilithium3_rsa3072 | 2.16.840.1.114027.80.8.1.7 |Yes| OQS_OID_DILITHIUM3_rsa3072 -| dilithium3_p256 | 2.16.840.1.114027.80.8.1.8 |Yes| OQS_OID_DILITHIUM3_p256 -| dilithium3_bp256 | 2.16.840.1.114027.80.8.1.9 |Yes| OQS_OID_DILITHIUM3_bp256 -| dilithium3_ed25519 | 2.16.840.1.114027.80.8.1.10 |Yes| OQS_OID_DILITHIUM3_ed25519 | dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5 | p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5 -| dilithium5_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_DILITHIUM5_p384 -| dilithium5_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_DILITHIUM5_bp384 -| dilithium5_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_DILITHIUM5_ed448 | mldsa44 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_MLDSA44 | p256_mldsa44 | 1.3.9999.7.1 |Yes| OQS_OID_P256_MLDSA44 | rsa3072_mldsa44 | 1.3.9999.7.2 |Yes| OQS_OID_RSA3072_MLDSA44 +| mldsa44_pss2048 | 2.16.840.1.114027.80.8.1.1 |Yes| OQS_OID_MLDSA44_pss2048 +| mldsa44_rsa2048 | 2.16.840.1.114027.80.8.1.2 |Yes| OQS_OID_MLDSA44_rsa2048 +| mldsa44_ed25519 | 2.16.840.1.114027.80.8.1.3 |Yes| OQS_OID_MLDSA44_ed25519 +| mldsa44_p256 | 2.16.840.1.114027.80.8.1.4 |Yes| OQS_OID_MLDSA44_p256 +| mldsa44_bp256 | 2.16.840.1.114027.80.8.1.5 |Yes| OQS_OID_MLDSA44_bp256 | mldsa65 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_MLDSA65 | p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65 +| mldsa65_pss3072 | 2.16.840.1.114027.80.8.1.6 |Yes| OQS_OID_MLDSA65_pss3072 +| mldsa65_rsa3072 | 2.16.840.1.114027.80.8.1.7 |Yes| OQS_OID_MLDSA65_rsa3072 +| mldsa65_p256 | 2.16.840.1.114027.80.8.1.8 |Yes| OQS_OID_MLDSA65_p256 +| mldsa65_bp256 | 2.16.840.1.114027.80.8.1.9 |Yes| OQS_OID_MLDSA65_bp256 +| mldsa65_ed25519 | 2.16.840.1.114027.80.8.1.10 |Yes| OQS_OID_MLDSA65_ed25519 | mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87 | p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87 +| mldsa87_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_MLDSA87_p384 +| mldsa87_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_MLDSA87_bp384 +| mldsa87_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_MLDSA87_ed448 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 diff --git a/README.md b/README.md index cf504636..89d89495 100644 --- a/README.md +++ b/README.md @@ -44,8 +44,8 @@ This implementation makes available the following quantum safe algorithms: ### Signature algorithms -- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium2_pss2048`\*, `dilithium2_rsa2048`\*, `dilithium2_ed25519`\*, `dilithium2_p256`\*, `dilithium2_bp256`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium3_pss3072`\*, `dilithium3_rsa3072`\*, `dilithium3_p256`\*, `dilithium3_bp256`\*, `dilithium3_ed25519`\*, `dilithium5`\*, `p521_dilithium5`\*, `dilithium5_p384`\*, `dilithium5_bp384`\*, `dilithium5_ed448`\* -- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\* +- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* +- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa44_pss2048`\*, `mldsa44_rsa2048`\*, `mldsa44_ed25519`\*, `mldsa44_p256`\*, `mldsa44_bp256`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa65_pss3072`\*, `mldsa65_rsa3072`\*, `mldsa65_p256`\*, `mldsa65_bp256`\*, `mldsa65_ed25519`\*, `mldsa87`\*, `p521_mldsa87`\*, `mldsa87_p384`\*, `mldsa87_bp384`\*, `mldsa87_ed448`\* - **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon512_p256`\*, `falcon512_bp256`\*, `falcon512_ed25519`\*, `falcon1024`\*, `p521_falcon1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 74112ded..f44a388e 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -467,26 +467,6 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.2.7.2', 'code_point': '0xfea2'}] - composite: [{'name': 'pss2048', - 'pretty_name': 'RSA PSS 2048', - 'security': '112', - 'oid': '2.16.840.1.114027.80.8.1.1'}, - {'name': 'rsa2048', - 'pretty_name': 'RSA2028', - 'security': '112', - 'oid': '2.16.840.1.114027.80.8.1.2'}, - {'name': 'ed25519', - 'pretty_name': 'ED25519', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.3'}, - {'name': 'p256', - 'pretty_name': 'ECDSA p256', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.4'}, - {'name': 'bp256', - 'pretty_name': 'ECDSA brainpoolP256r1', - 'security': '256', - 'oid': '2.16.840.1.114027.80.8.1.5'}] - name: 'dilithium3' pretty_name: 'Dilithium3' @@ -499,26 +479,6 @@ sigs: 'pretty_name': 'ECDSA p384', 'oid': '1.3.9999.2.7.3', 'code_point': '0xfea4'}] - composite: [{'name': 'pss3072', - 'pretty_name': 'RSA PSS 3072', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.6'}, - {'name': 'rsa3072', - 'pretty_name': 'RSA 3072', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.7'}, - {'name': 'p256', - 'pretty_name': 'ECDSA p256', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.8'}, - {'name': 'bp256', - 'pretty_name': 'ECDSA brainpoolP256r1', - 'security': '256', - 'oid': '2.16.840.1.114027.80.8.1.9'}, - {'name': 'ed25519', - 'pretty_name': 'ED25519', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.10'}] - name: 'dilithium5' pretty_name: 'Dilithium5' @@ -531,18 +491,6 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.2.7.4', 'code_point': '0xfea6'}] - composite: [{'name': 'p384', - 'pretty_name': 'ECDSA p384', - 'security': '192', - 'oid': '2.16.840.1.114027.80.8.1.11'}, - {'name': 'bp384', - 'pretty_name': 'ECDSA brainpoolP384r1', - 'security': '384', - 'oid': '2.16.840.1.114027.80.8.1.12'}, - {'name': 'ed448', - 'pretty_name': 'ED448', - 'security': '192', - 'oid': '2.16.840.1.114027.80.8.1.13'}] - name: 'dilithium2_aes' pretty_name: 'Dilithium2_AES' @@ -610,6 +558,26 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.7.2', 'code_point': '0xfed4'}] + composite: [{'name': 'pss2048', + 'pretty_name': 'RSA PSS 2048', + 'security': '112', + 'oid': '2.16.840.1.114027.80.8.1.1'}, + {'name': 'rsa2048', + 'pretty_name': 'RSA2028', + 'security': '112', + 'oid': '2.16.840.1.114027.80.8.1.2'}, + {'name': 'ed25519', + 'pretty_name': 'ED25519', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.3'}, + {'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.4'}, + {'name': 'bp256', + 'pretty_name': 'ECDSA brainpoolP256r1', + 'security': '256', + 'oid': '2.16.840.1.114027.80.8.1.5'}] - name: 'mldsa65' pretty_name: 'ML-DSA-65' @@ -621,6 +589,26 @@ sigs: 'pretty_name': 'ECDSA p384', 'oid': '1.3.9999.7.3', 'code_point': '0xfed5'}] + composite: [{'name': 'pss3072', + 'pretty_name': 'RSA PSS 3072', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.6'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA 3072', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.7'}, + {'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.8'}, + {'name': 'bp256', + 'pretty_name': 'ECDSA brainpoolP256r1', + 'security': '256', + 'oid': '2.16.840.1.114027.80.8.1.9'}, + {'name': 'ed25519', + 'pretty_name': 'ED25519', + 'security': '128', + 'oid': '2.16.840.1.114027.80.8.1.10'}] - name: 'mldsa87' pretty_name: 'ML-DSA-87' @@ -632,6 +620,18 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.7.4', 'code_point': '0xfed6'}] + composite: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'security': '192', + 'oid': '2.16.840.1.114027.80.8.1.11'}, + {'name': 'bp384', + 'pretty_name': 'ECDSA brainpoolP384r1', + 'security': '384', + 'oid': '2.16.840.1.114027.80.8.1.12'}, + {'name': 'ed448', + 'pretty_name': 'ED448', + 'security': '192', + 'oid': '2.16.840.1.114027.80.8.1.13'}] - # iso (1) # identified-organization (3) diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index babfe183..c65d073e 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -693,64 +693,54 @@ MAKE_DECODER(, "p256_dilithium2", p256_dilithium2, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_dilithium2", rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_pss2048", dilithium2_pss2048, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_rsa2048", dilithium2_rsa2048, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_ed25519", dilithium2_ed25519, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_p256", dilithium2_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium2_bp256", dilithium2_bp256, oqsx, - SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium3", dilithium3, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p384_dilithium3", p384_dilithium3, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_pss3072", dilithium3_pss3072, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_rsa3072", dilithium3_rsa3072, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_p256", dilithium3_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_bp256", dilithium3_bp256, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium3_ed25519", dilithium3_ed25519, oqsx, - SubjectPublicKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "dilithium5", dilithium5, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_dilithium5", p521_dilithium5, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_p384", dilithium5_p384, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_bp384", dilithium5_bp384, oqsx, - SubjectPublicKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "dilithium5_ed448", dilithium5_ed448, oqsx, - SubjectPublicKeyInfo); MAKE_DECODER(, "mldsa44", mldsa44, oqsx, PrivateKeyInfo); MAKE_DECODER(, "mldsa44", mldsa44, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_mldsa44", p256_mldsa44, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p256_mldsa44", p256_mldsa44, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_mldsa44", rsa3072_mldsa44, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_mldsa44", rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44_pss2048", mldsa44_pss2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44_pss2048", mldsa44_pss2048, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44_rsa2048", mldsa44_rsa2048, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44_rsa2048", mldsa44_rsa2048, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44_ed25519", mldsa44_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44_ed25519", mldsa44_ed25519, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44_p256", mldsa44_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44_p256", mldsa44_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa44_bp256", mldsa44_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa44_bp256", mldsa44_bp256, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "mldsa65", mldsa65, oqsx, PrivateKeyInfo); MAKE_DECODER(, "mldsa65", mldsa65, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p384_mldsa65", p384_mldsa65, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p384_mldsa65", p384_mldsa65, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65_pss3072", mldsa65_pss3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65_pss3072", mldsa65_pss3072, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65_rsa3072", mldsa65_rsa3072, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65_rsa3072", mldsa65_rsa3072, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65_p256", mldsa65_p256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65_p256", mldsa65_p256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65_bp256", mldsa65_bp256, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65_bp256", mldsa65_bp256, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa65_ed25519", mldsa65_ed25519, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa65_ed25519", mldsa65_ed25519, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "mldsa87", mldsa87, oqsx, PrivateKeyInfo); MAKE_DECODER(, "mldsa87", mldsa87, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_mldsa87", p521_mldsa87, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_mldsa87", p521_mldsa87, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa87_p384", mldsa87_p384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa87_p384", mldsa87_p384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa87_bp384", mldsa87_bp384, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa87_bp384", mldsa87_bp384, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "mldsa87_ed448", mldsa87_ed448, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "mldsa87_ed448", mldsa87_ed448, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon512", falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, PrivateKeyInfo); diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 45b81417..99e50ee2 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -1096,57 +1096,18 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_dilithium2_evp_type 0 #define rsa3072_dilithium2_input_type "rsa3072_dilithium2" #define rsa3072_dilithium2_pem_type "rsa3072_dilithium2" -#define dilithium2_pss2048_evp_type 0 -#define dilithium2_pss2048_input_type "dilithium2_pss2048" -#define dilithium2_pss2048_pem_type "dilithium2_pss2048" -#define dilithium2_rsa2048_evp_type 0 -#define dilithium2_rsa2048_input_type "dilithium2_rsa2048" -#define dilithium2_rsa2048_pem_type "dilithium2_rsa2048" -#define dilithium2_ed25519_evp_type 0 -#define dilithium2_ed25519_input_type "dilithium2_ed25519" -#define dilithium2_ed25519_pem_type "dilithium2_ed25519" -#define dilithium2_p256_evp_type 0 -#define dilithium2_p256_input_type "dilithium2_p256" -#define dilithium2_p256_pem_type "dilithium2_p256" -#define dilithium2_bp256_evp_type 0 -#define dilithium2_bp256_input_type "dilithium2_bp256" -#define dilithium2_bp256_pem_type "dilithium2_bp256" #define dilithium3_evp_type 0 #define dilithium3_input_type "dilithium3" #define dilithium3_pem_type "dilithium3" #define p384_dilithium3_evp_type 0 #define p384_dilithium3_input_type "p384_dilithium3" #define p384_dilithium3_pem_type "p384_dilithium3" -#define dilithium3_pss3072_evp_type 0 -#define dilithium3_pss3072_input_type "dilithium3_pss3072" -#define dilithium3_pss3072_pem_type "dilithium3_pss3072" -#define dilithium3_rsa3072_evp_type 0 -#define dilithium3_rsa3072_input_type "dilithium3_rsa3072" -#define dilithium3_rsa3072_pem_type "dilithium3_rsa3072" -#define dilithium3_p256_evp_type 0 -#define dilithium3_p256_input_type "dilithium3_p256" -#define dilithium3_p256_pem_type "dilithium3_p256" -#define dilithium3_bp256_evp_type 0 -#define dilithium3_bp256_input_type "dilithium3_bp256" -#define dilithium3_bp256_pem_type "dilithium3_bp256" -#define dilithium3_ed25519_evp_type 0 -#define dilithium3_ed25519_input_type "dilithium3_ed25519" -#define dilithium3_ed25519_pem_type "dilithium3_ed25519" #define dilithium5_evp_type 0 #define dilithium5_input_type "dilithium5" #define dilithium5_pem_type "dilithium5" #define p521_dilithium5_evp_type 0 #define p521_dilithium5_input_type "p521_dilithium5" #define p521_dilithium5_pem_type "p521_dilithium5" -#define dilithium5_p384_evp_type 0 -#define dilithium5_p384_input_type "dilithium5_p384" -#define dilithium5_p384_pem_type "dilithium5_p384" -#define dilithium5_bp384_evp_type 0 -#define dilithium5_bp384_input_type "dilithium5_bp384" -#define dilithium5_bp384_pem_type "dilithium5_bp384" -#define dilithium5_ed448_evp_type 0 -#define dilithium5_ed448_input_type "dilithium5_ed448" -#define dilithium5_ed448_pem_type "dilithium5_ed448" #define mldsa44_evp_type 0 #define mldsa44_input_type "mldsa44" #define mldsa44_pem_type "mldsa44" @@ -1156,18 +1117,57 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_mldsa44_evp_type 0 #define rsa3072_mldsa44_input_type "rsa3072_mldsa44" #define rsa3072_mldsa44_pem_type "rsa3072_mldsa44" +#define mldsa44_pss2048_evp_type 0 +#define mldsa44_pss2048_input_type "mldsa44_pss2048" +#define mldsa44_pss2048_pem_type "mldsa44_pss2048" +#define mldsa44_rsa2048_evp_type 0 +#define mldsa44_rsa2048_input_type "mldsa44_rsa2048" +#define mldsa44_rsa2048_pem_type "mldsa44_rsa2048" +#define mldsa44_ed25519_evp_type 0 +#define mldsa44_ed25519_input_type "mldsa44_ed25519" +#define mldsa44_ed25519_pem_type "mldsa44_ed25519" +#define mldsa44_p256_evp_type 0 +#define mldsa44_p256_input_type "mldsa44_p256" +#define mldsa44_p256_pem_type "mldsa44_p256" +#define mldsa44_bp256_evp_type 0 +#define mldsa44_bp256_input_type "mldsa44_bp256" +#define mldsa44_bp256_pem_type "mldsa44_bp256" #define mldsa65_evp_type 0 #define mldsa65_input_type "mldsa65" #define mldsa65_pem_type "mldsa65" #define p384_mldsa65_evp_type 0 #define p384_mldsa65_input_type "p384_mldsa65" #define p384_mldsa65_pem_type "p384_mldsa65" +#define mldsa65_pss3072_evp_type 0 +#define mldsa65_pss3072_input_type "mldsa65_pss3072" +#define mldsa65_pss3072_pem_type "mldsa65_pss3072" +#define mldsa65_rsa3072_evp_type 0 +#define mldsa65_rsa3072_input_type "mldsa65_rsa3072" +#define mldsa65_rsa3072_pem_type "mldsa65_rsa3072" +#define mldsa65_p256_evp_type 0 +#define mldsa65_p256_input_type "mldsa65_p256" +#define mldsa65_p256_pem_type "mldsa65_p256" +#define mldsa65_bp256_evp_type 0 +#define mldsa65_bp256_input_type "mldsa65_bp256" +#define mldsa65_bp256_pem_type "mldsa65_bp256" +#define mldsa65_ed25519_evp_type 0 +#define mldsa65_ed25519_input_type "mldsa65_ed25519" +#define mldsa65_ed25519_pem_type "mldsa65_ed25519" #define mldsa87_evp_type 0 #define mldsa87_input_type "mldsa87" #define mldsa87_pem_type "mldsa87" #define p521_mldsa87_evp_type 0 #define p521_mldsa87_input_type "p521_mldsa87" #define p521_mldsa87_pem_type "p521_mldsa87" +#define mldsa87_p384_evp_type 0 +#define mldsa87_p384_input_type "mldsa87_p384" +#define mldsa87_p384_pem_type "mldsa87_p384" +#define mldsa87_bp384_evp_type 0 +#define mldsa87_bp384_input_type "mldsa87_bp384" +#define mldsa87_bp384_pem_type "mldsa87_bp384" +#define mldsa87_ed448_evp_type 0 +#define mldsa87_ed448_input_type "mldsa87_ed448" +#define mldsa87_ed448_pem_type "mldsa87_ed448" #define falcon512_evp_type 0 #define falcon512_input_type "falcon512" #define falcon512_pem_type "falcon512" @@ -2279,41 +2279,6 @@ MAKE_ENCODER(, rsa3072_dilithium2, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_dilithium2, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_dilithium2); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_pss2048, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_pss2048); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_rsa2048, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_rsa2048); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_ed25519); -MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_p256); -MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium2_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium2_bp256); MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium3, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium3, oqsx, PrivateKeyInfo, der); @@ -2328,41 +2293,6 @@ MAKE_ENCODER(, p384_dilithium3, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p384_dilithium3, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p384_dilithium3); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_pss3072, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_pss3072); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_rsa3072, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_rsa3072); -MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_p256); -MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_bp256); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium3_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium3_ed25519); MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, dilithium5, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, dilithium5, oqsx, PrivateKeyInfo, der); @@ -2377,27 +2307,6 @@ MAKE_ENCODER(, p521_dilithium5, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_dilithium5, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_dilithium5); -MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_p384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_p384); -MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_bp384, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_bp384); -MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, dilithium5_ed448, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, dilithium5_ed448); MAKE_ENCODER(, mldsa44, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, mldsa44, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, mldsa44, oqsx, PrivateKeyInfo, der); @@ -2419,6 +2328,41 @@ MAKE_ENCODER(, rsa3072_mldsa44, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_mldsa44, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_mldsa44); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44_pss2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44_pss2048); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44_rsa2048, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44_rsa2048); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44_ed25519); +MAKE_ENCODER(, mldsa44_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44_p256); +MAKE_ENCODER(, mldsa44_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa44_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa44_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa44_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa44_bp256); MAKE_ENCODER(, mldsa65, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, mldsa65, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, mldsa65, oqsx, PrivateKeyInfo, der); @@ -2433,6 +2377,41 @@ MAKE_ENCODER(, p384_mldsa65, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p384_mldsa65, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p384_mldsa65, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p384_mldsa65); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65_pss3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65_pss3072); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65_rsa3072, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65_rsa3072); +MAKE_ENCODER(, mldsa65_p256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_p256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_p256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_p256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_p256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65_p256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65_p256); +MAKE_ENCODER(, mldsa65_bp256, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_bp256, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_bp256, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_bp256, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_bp256, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65_bp256, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65_bp256); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa65_ed25519, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa65_ed25519); MAKE_ENCODER(, mldsa87, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, mldsa87, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, mldsa87, oqsx, PrivateKeyInfo, der); @@ -2447,6 +2426,27 @@ MAKE_ENCODER(, p521_mldsa87, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_mldsa87, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_mldsa87, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_mldsa87); +MAKE_ENCODER(, mldsa87_p384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_p384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_p384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_p384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_p384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa87_p384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa87_p384); +MAKE_ENCODER(, mldsa87_bp384, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_bp384, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_bp384, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_bp384, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_bp384, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa87_bp384, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa87_bp384); +MAKE_ENCODER(, mldsa87_ed448, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_ed448, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_ed448, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, mldsa87_ed448, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, mldsa87_ed448, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, mldsa87_ed448, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, mldsa87_ed448); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon512, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon512, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 7470a579..7f818b40 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -628,270 +628,270 @@ static void *rsa3072_dilithium2_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, "rsa3072_dilithium2", KEY_TYPE_HYB_SIG, 128, 2); } -static void *dilithium2_pss2048_new_key(void *provctx) +static void *dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 3); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "dilithium3", KEY_TYPE_SIG, NULL, 192, 3); } -static void *dilithium2_pss2048_gen_init(void *provctx, int selection) +static void *dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_pss2048", KEY_TYPE_CMP_SIG, 112, 3); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "dilithium3", 0, 192, 3); } -static void *dilithium2_rsa2048_new_key(void *provctx) +static void *p384_dilithium3_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 4); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, + "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 4); } -static void *dilithium2_rsa2048_gen_init(void *provctx, int selection) +static void *p384_dilithium3_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_rsa2048", KEY_TYPE_CMP_SIG, 112, 4); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, + "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 4); } -static void *dilithium2_ed25519_new_key(void *provctx) +static void *dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 5); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "dilithium5", KEY_TYPE_SIG, NULL, 256, 5); } -static void *dilithium2_ed25519_gen_init(void *provctx, int selection) +static void *dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_ed25519", KEY_TYPE_CMP_SIG, 128, 5); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "dilithium5", 0, 256, 5); } -static void *dilithium2_p256_new_key(void *provctx) +static void *p521_dilithium5_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, NULL, 128, 6); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, + "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 6); } -static void *dilithium2_p256_gen_init(void *provctx, int selection) +static void *p521_dilithium5_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_p256", KEY_TYPE_CMP_SIG, 128, 6); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, + "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 6); } -static void *dilithium2_bp256_new_key(void *provctx) + +static void *mldsa44_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 7); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44", KEY_TYPE_SIG, NULL, 128, 7); } -static void *dilithium2_bp256_gen_init(void *provctx, int selection) +static void *mldsa44_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_2, - "dilithium2_bp256", KEY_TYPE_CMP_SIG, 256, 7); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", + 0, 128, 7); } -static void *dilithium3_new_key(void *provctx) +static void *p256_mldsa44_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3", KEY_TYPE_SIG, NULL, 192, 8); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 8); } -static void *dilithium3_gen_init(void *provctx, int selection) +static void *p256_mldsa44_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3", 0, 192, 8); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 8); } -static void *p384_dilithium3_new_key(void *provctx) +static void *rsa3072_mldsa44_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, NULL, 192, 9); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 9); } -static void *p384_dilithium3_gen_init(void *provctx, int selection) +static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "p384_dilithium3", KEY_TYPE_HYB_SIG, 192, 9); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 9); } -static void *dilithium3_pss3072_new_key(void *provctx) +static void *mldsa44_pss2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 10); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44_pss2048", KEY_TYPE_CMP_SIG, NULL, 112, 10); } -static void *dilithium3_pss3072_gen_init(void *provctx, int selection) +static void *mldsa44_pss2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_pss3072", KEY_TYPE_CMP_SIG, 128, 10); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "mldsa44_pss2048", KEY_TYPE_CMP_SIG, 112, 10); } -static void *dilithium3_rsa3072_new_key(void *provctx) +static void *mldsa44_rsa2048_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 11); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, NULL, 112, 11); } -static void *dilithium3_rsa3072_gen_init(void *provctx, int selection) +static void *mldsa44_rsa2048_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_rsa3072", KEY_TYPE_CMP_SIG, 128, 11); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "mldsa44_rsa2048", KEY_TYPE_CMP_SIG, 112, 11); } -static void *dilithium3_p256_new_key(void *provctx) +static void *mldsa44_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, NULL, 128, 12); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 12); } -static void *dilithium3_p256_gen_init(void *provctx, int selection) +static void *mldsa44_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_p256", KEY_TYPE_CMP_SIG, 128, 12); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "mldsa44_ed25519", KEY_TYPE_CMP_SIG, 128, 12); } -static void *dilithium3_bp256_new_key(void *provctx) +static void *mldsa44_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 13); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44_p256", KEY_TYPE_CMP_SIG, NULL, 128, 13); } -static void *dilithium3_bp256_gen_init(void *provctx, int selection) +static void *mldsa44_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_bp256", KEY_TYPE_CMP_SIG, 256, 13); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "mldsa44_p256", KEY_TYPE_CMP_SIG, 128, 13); } -static void *dilithium3_ed25519_new_key(void *provctx) +static void *mldsa44_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 14); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, + "mldsa44_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 14); } -static void *dilithium3_ed25519_gen_init(void *provctx, int selection) +static void *mldsa44_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_3, - "dilithium3_ed25519", KEY_TYPE_CMP_SIG, 128, 14); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, + "mldsa44_bp256", KEY_TYPE_CMP_SIG, 256, 14); } -static void *dilithium5_new_key(void *provctx) +static void *mldsa65_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5", KEY_TYPE_SIG, NULL, 256, 15); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65", KEY_TYPE_SIG, NULL, 192, 15); } -static void *dilithium5_gen_init(void *provctx, int selection) +static void *mldsa65_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5", 0, 256, 15); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", + 0, 192, 15); } -static void *p521_dilithium5_new_key(void *provctx) +static void *p384_mldsa65_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, NULL, 256, 16); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 16); } -static void *p521_dilithium5_gen_init(void *provctx, int selection) +static void *p384_mldsa65_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "p521_dilithium5", KEY_TYPE_HYB_SIG, 256, 16); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 16); } -static void *dilithium5_p384_new_key(void *provctx) +static void *mldsa65_pss3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, NULL, 192, 17); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65_pss3072", KEY_TYPE_CMP_SIG, NULL, 128, 17); } -static void *dilithium5_p384_gen_init(void *provctx, int selection) +static void *mldsa65_pss3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_p384", KEY_TYPE_CMP_SIG, 192, 17); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "mldsa65_pss3072", KEY_TYPE_CMP_SIG, 128, 17); } -static void *dilithium5_bp384_new_key(void *provctx) +static void *mldsa65_rsa3072_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 18); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, NULL, 128, 18); } -static void *dilithium5_bp384_gen_init(void *provctx, int selection) +static void *mldsa65_rsa3072_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_bp384", KEY_TYPE_CMP_SIG, 384, 18); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "mldsa65_rsa3072", KEY_TYPE_CMP_SIG, 128, 18); } -static void *dilithium5_ed448_new_key(void *provctx) +static void *mldsa65_p256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 19); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65_p256", KEY_TYPE_CMP_SIG, NULL, 128, 19); } -static void *dilithium5_ed448_gen_init(void *provctx, int selection) +static void *mldsa65_p256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_dilithium_5, - "dilithium5_ed448", KEY_TYPE_CMP_SIG, 192, 19); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "mldsa65_p256", KEY_TYPE_CMP_SIG, 128, 19); } - -static void *mldsa44_new_key(void *provctx) +static void *mldsa65_bp256_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44", KEY_TYPE_SIG, NULL, 128, 20); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 20); } -static void *mldsa44_gen_init(void *provctx, int selection) +static void *mldsa65_bp256_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", - 0, 128, 20); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "mldsa65_bp256", KEY_TYPE_CMP_SIG, 256, 20); } -static void *p256_mldsa44_new_key(void *provctx) +static void *mldsa65_ed25519_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 21); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, + "mldsa65_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 21); } -static void *p256_mldsa44_gen_init(void *provctx, int selection) +static void *mldsa65_ed25519_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 21); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, + "mldsa65_ed25519", KEY_TYPE_CMP_SIG, 128, 21); } -static void *rsa3072_mldsa44_new_key(void *provctx) +static void *mldsa87_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 22); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, + "mldsa87", KEY_TYPE_SIG, NULL, 256, 22); } -static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) +static void *mldsa87_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 22); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", + 0, 256, 22); } -static void *mldsa65_new_key(void *provctx) +static void *p521_mldsa87_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65", KEY_TYPE_SIG, NULL, 192, 23); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, + "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 23); } -static void *mldsa65_gen_init(void *provctx, int selection) +static void *p521_mldsa87_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", - 0, 192, 23); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, + "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 23); } -static void *p384_mldsa65_new_key(void *provctx) +static void *mldsa87_p384_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 24); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, + "mldsa87_p384", KEY_TYPE_CMP_SIG, NULL, 192, 24); } -static void *p384_mldsa65_gen_init(void *provctx, int selection) +static void *mldsa87_p384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 24); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, + "mldsa87_p384", KEY_TYPE_CMP_SIG, 192, 24); } -static void *mldsa87_new_key(void *provctx) +static void *mldsa87_bp384_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87", KEY_TYPE_SIG, NULL, 256, 25); + "mldsa87_bp384", KEY_TYPE_CMP_SIG, NULL, 384, 25); } -static void *mldsa87_gen_init(void *provctx, int selection) +static void *mldsa87_bp384_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", - 0, 256, 25); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, + "mldsa87_bp384", KEY_TYPE_CMP_SIG, 384, 25); } -static void *p521_mldsa87_new_key(void *provctx) +static void *mldsa87_ed448_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 26); + "mldsa87_ed448", KEY_TYPE_CMP_SIG, NULL, 192, 26); } -static void *p521_mldsa87_gen_init(void *provctx, int selection) +static void *mldsa87_ed448_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 26); + "mldsa87_ed448", KEY_TYPE_CMP_SIG, 192, 26); } static void *falcon512_new_key(void *provctx) @@ -1283,30 +1283,30 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_dilithium2) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_dilithium2) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_pss2048) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_rsa2048) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_ed25519) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium2_bp256) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3) MAKE_SIG_KEYMGMT_FUNCTIONS(p384_dilithium3) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_pss3072) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_rsa3072) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_bp256) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium3_ed25519) MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_dilithium5) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_p384) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_bp384) -MAKE_SIG_KEYMGMT_FUNCTIONS(dilithium5_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_mldsa44) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_mldsa44) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44_pss2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44_rsa2048) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44_ed25519) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa44_bp256) MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65) MAKE_SIG_KEYMGMT_FUNCTIONS(p384_mldsa65) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65_pss3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65_rsa3072) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65_p256) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65_bp256) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa65_ed25519) MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_mldsa87) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87_p384) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87_bp384) +MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 5b40fb5f..26daec72 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1184,413 +1184,413 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_dilithium2_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_to_text_encoder_functions[]; + oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium3_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_pss2048_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_to_text_encoder_functions[]; + oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_dilithium3_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_rsa2048_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_to_text_encoder_functions[]; + oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_dilithium5_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_ed25519_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_to_text_encoder_functions[]; + oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_dilithium5_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_p256_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_p256_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium2_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_to_text_encoder_functions[]; + oqs_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium2_bp256_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_p256_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_p256_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_p256_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_to_text_encoder_functions[]; + oqs_p256_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_mldsa44_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_p256_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_p256_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_rsa3072_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_rsa3072_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_dilithium3_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_dilithium3_to_text_encoder_functions[]; + oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_mldsa44_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_dilithium3_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_dilithium3_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_pss2048_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_pss2048_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_pss2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_pss2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_pss2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_to_text_encoder_functions[]; + oqs_mldsa44_pss2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_pss2048_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_pss2048_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_pss3072_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_pss2048_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_rsa2048_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_rsa2048_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_rsa2048_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_rsa2048_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_rsa2048_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_to_text_encoder_functions[]; + oqs_mldsa44_rsa2048_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_rsa2048_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_rsa2048_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_rsa3072_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_rsa2048_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_to_text_encoder_functions[]; + oqs_mldsa44_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_ed25519_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_p256_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_ed25519_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_p256_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_ed25519_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_p256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_p256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_to_text_encoder_functions[]; + oqs_mldsa44_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_bp256_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_bp256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa44_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa44_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa44_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium3_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_to_text_encoder_functions[]; + oqs_mldsa44_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa44_bp256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium3_ed25519_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa44_bp256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_to_text_encoder_functions[]; + oqs_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_p384_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_p384_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_p384_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_dilithium5_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_dilithium5_to_text_encoder_functions[]; + oqs_p384_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_mldsa65_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_dilithium5_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_p384_mldsa65_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_dilithium5_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_p384_mldsa65_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_pss3072_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_pss3072_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_pss3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_pss3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_pss3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_to_text_encoder_functions[]; + oqs_mldsa65_pss3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_pss3072_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_p384_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_pss3072_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_p384_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_pss3072_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_rsa3072_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_rsa3072_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_rsa3072_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_rsa3072_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_rsa3072_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_to_text_encoder_functions[]; + oqs_mldsa65_rsa3072_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_rsa3072_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_rsa3072_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_bp384_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_rsa3072_decoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_p256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_p256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_dilithium5_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_to_text_encoder_functions[]; + oqs_mldsa65_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_p256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_dilithium5_ed448_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_p256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_bp256_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_mldsa44_to_text_encoder_functions[]; + oqs_mldsa65_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_bp256_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_mldsa44_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_bp256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_mldsa44_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_bp256_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa65_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa65_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa65_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p256_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p256_mldsa44_to_text_encoder_functions[]; + oqs_mldsa65_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_ed25519_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p256_mldsa44_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa65_ed25519_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p256_mldsa44_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa65_ed25519_decoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_rsa3072_mldsa44_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_rsa3072_mldsa44_to_text_encoder_functions[]; + oqs_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa87_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_rsa3072_mldsa44_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa87_decoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_p521_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_p521_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_p521_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_mldsa65_to_text_encoder_functions[]; + oqs_p521_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p521_mldsa87_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_mldsa65_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_p521_mldsa87_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_mldsa65_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_p521_mldsa87_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_p384_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_p384_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_p384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_p384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa87_p384_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p384_mldsa65_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p384_mldsa65_to_text_encoder_functions[]; + oqs_mldsa87_p384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_p384_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p384_mldsa65_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa87_p384_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p384_mldsa65_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa87_p384_decoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_bp384_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_bp384_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_bp384_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_bp384_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa87_bp384_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_mldsa87_to_text_encoder_functions[]; + oqs_mldsa87_bp384_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_bp384_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_mldsa87_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa87_bp384_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_mldsa87_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa87_bp384_decoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_PrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_ed448_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_PrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; + oqs_mldsa87_ed448_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; + oqs_mldsa87_ed448_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_SubjectPublicKeyInfo_der_encoder_functions[]; + oqs_mldsa87_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH - oqs_p521_mldsa87_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_p521_mldsa87_to_text_encoder_functions[]; + oqs_mldsa87_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_ed448_to_text_encoder_functions[]; extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_p521_mldsa87_decoder_functions[]; + oqs_PrivateKeyInfo_der_to_mldsa87_ed448_decoder_functions[]; extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_p521_mldsa87_decoder_functions[]; + oqs_SubjectPublicKeyInfo_der_to_mldsa87_ed448_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon512_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1977,30 +1977,30 @@ extern const OSSL_DISPATCH extern const OSSL_DISPATCH oqs_dilithium2_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_dilithium2_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_dilithium2_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_pss2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_rsa2048_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_ed25519_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium2_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium3_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p384_dilithium3_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_pss3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_rsa3072_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium3_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_dilithium5_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_dilithium5_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_p384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_bp384_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_dilithium5_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_mldsa44_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_mldsa44_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_mldsa44_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_pss2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_rsa2048_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_ed25519_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa44_bp256_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_mldsa65_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p384_mldsa65_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_pss3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_rsa3072_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_p256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_bp256_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa65_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_mldsa87_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_mldsa87_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_p384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_bp384_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_mldsa87_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index eda81119..367ea14f 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -234,26 +234,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_dilithium2), DECODER_w_structure("rsa3072_dilithium2", der, SubjectPublicKeyInfo, rsa3072_dilithium2), - DECODER_w_structure("dilithium2_pss2048", der, PrivateKeyInfo, - dilithium2_pss2048), - DECODER_w_structure("dilithium2_pss2048", der, SubjectPublicKeyInfo, - dilithium2_pss2048), - DECODER_w_structure("dilithium2_rsa2048", der, PrivateKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_rsa2048", der, SubjectPublicKeyInfo, - dilithium2_rsa2048), - DECODER_w_structure("dilithium2_ed25519", der, PrivateKeyInfo, - dilithium2_ed25519), - DECODER_w_structure("dilithium2_ed25519", der, SubjectPublicKeyInfo, - dilithium2_ed25519), - DECODER_w_structure("dilithium2_p256", der, PrivateKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_p256", der, SubjectPublicKeyInfo, - dilithium2_p256), - DECODER_w_structure("dilithium2_bp256", der, PrivateKeyInfo, - dilithium2_bp256), - DECODER_w_structure("dilithium2_bp256", der, SubjectPublicKeyInfo, - dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 DECODER_w_structure("dilithium3", der, PrivateKeyInfo, dilithium3), @@ -262,26 +242,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), p384_dilithium3), DECODER_w_structure("p384_dilithium3", der, SubjectPublicKeyInfo, p384_dilithium3), - DECODER_w_structure("dilithium3_pss3072", der, PrivateKeyInfo, - dilithium3_pss3072), - DECODER_w_structure("dilithium3_pss3072", der, SubjectPublicKeyInfo, - dilithium3_pss3072), - DECODER_w_structure("dilithium3_rsa3072", der, PrivateKeyInfo, - dilithium3_rsa3072), - DECODER_w_structure("dilithium3_rsa3072", der, SubjectPublicKeyInfo, - dilithium3_rsa3072), - DECODER_w_structure("dilithium3_p256", der, PrivateKeyInfo, - dilithium3_p256), - DECODER_w_structure("dilithium3_p256", der, SubjectPublicKeyInfo, - dilithium3_p256), - DECODER_w_structure("dilithium3_bp256", der, PrivateKeyInfo, - dilithium3_bp256), - DECODER_w_structure("dilithium3_bp256", der, SubjectPublicKeyInfo, - dilithium3_bp256), - DECODER_w_structure("dilithium3_ed25519", der, PrivateKeyInfo, - dilithium3_ed25519), - DECODER_w_structure("dilithium3_ed25519", der, SubjectPublicKeyInfo, - dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 DECODER_w_structure("dilithium5", der, PrivateKeyInfo, dilithium5), @@ -290,18 +250,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), p521_dilithium5), DECODER_w_structure("p521_dilithium5", der, SubjectPublicKeyInfo, p521_dilithium5), - DECODER_w_structure("dilithium5_p384", der, PrivateKeyInfo, - dilithium5_p384), - DECODER_w_structure("dilithium5_p384", der, SubjectPublicKeyInfo, - dilithium5_p384), - DECODER_w_structure("dilithium5_bp384", der, PrivateKeyInfo, - dilithium5_bp384), - DECODER_w_structure("dilithium5_bp384", der, SubjectPublicKeyInfo, - dilithium5_bp384), - DECODER_w_structure("dilithium5_ed448", der, PrivateKeyInfo, - dilithium5_ed448), - DECODER_w_structure("dilithium5_ed448", der, SubjectPublicKeyInfo, - dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_44 DECODER_w_structure("mldsa44", der, PrivateKeyInfo, mldsa44), @@ -313,6 +261,24 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_mldsa44), DECODER_w_structure("rsa3072_mldsa44", der, SubjectPublicKeyInfo, rsa3072_mldsa44), + DECODER_w_structure("mldsa44_pss2048", der, PrivateKeyInfo, + mldsa44_pss2048), + DECODER_w_structure("mldsa44_pss2048", der, SubjectPublicKeyInfo, + mldsa44_pss2048), + DECODER_w_structure("mldsa44_rsa2048", der, PrivateKeyInfo, + mldsa44_rsa2048), + DECODER_w_structure("mldsa44_rsa2048", der, SubjectPublicKeyInfo, + mldsa44_rsa2048), + DECODER_w_structure("mldsa44_ed25519", der, PrivateKeyInfo, + mldsa44_ed25519), + DECODER_w_structure("mldsa44_ed25519", der, SubjectPublicKeyInfo, + mldsa44_ed25519), + DECODER_w_structure("mldsa44_p256", der, PrivateKeyInfo, mldsa44_p256), + DECODER_w_structure("mldsa44_p256", der, SubjectPublicKeyInfo, + mldsa44_p256), + DECODER_w_structure("mldsa44_bp256", der, PrivateKeyInfo, mldsa44_bp256), + DECODER_w_structure("mldsa44_bp256", der, SubjectPublicKeyInfo, + mldsa44_bp256), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_65 DECODER_w_structure("mldsa65", der, PrivateKeyInfo, mldsa65), @@ -320,6 +286,24 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p384_mldsa65", der, PrivateKeyInfo, p384_mldsa65), DECODER_w_structure("p384_mldsa65", der, SubjectPublicKeyInfo, p384_mldsa65), + DECODER_w_structure("mldsa65_pss3072", der, PrivateKeyInfo, + mldsa65_pss3072), + DECODER_w_structure("mldsa65_pss3072", der, SubjectPublicKeyInfo, + mldsa65_pss3072), + DECODER_w_structure("mldsa65_rsa3072", der, PrivateKeyInfo, + mldsa65_rsa3072), + DECODER_w_structure("mldsa65_rsa3072", der, SubjectPublicKeyInfo, + mldsa65_rsa3072), + DECODER_w_structure("mldsa65_p256", der, PrivateKeyInfo, mldsa65_p256), + DECODER_w_structure("mldsa65_p256", der, SubjectPublicKeyInfo, + mldsa65_p256), + DECODER_w_structure("mldsa65_bp256", der, PrivateKeyInfo, mldsa65_bp256), + DECODER_w_structure("mldsa65_bp256", der, SubjectPublicKeyInfo, + mldsa65_bp256), + DECODER_w_structure("mldsa65_ed25519", der, PrivateKeyInfo, + mldsa65_ed25519), + DECODER_w_structure("mldsa65_ed25519", der, SubjectPublicKeyInfo, + mldsa65_ed25519), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_87 DECODER_w_structure("mldsa87", der, PrivateKeyInfo, mldsa87), @@ -327,6 +311,15 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_mldsa87", der, PrivateKeyInfo, p521_mldsa87), DECODER_w_structure("p521_mldsa87", der, SubjectPublicKeyInfo, p521_mldsa87), + DECODER_w_structure("mldsa87_p384", der, PrivateKeyInfo, mldsa87_p384), + DECODER_w_structure("mldsa87_p384", der, SubjectPublicKeyInfo, + mldsa87_p384), + DECODER_w_structure("mldsa87_bp384", der, PrivateKeyInfo, mldsa87_bp384), + DECODER_w_structure("mldsa87_bp384", der, SubjectPublicKeyInfo, + mldsa87_bp384), + DECODER_w_structure("mldsa87_ed448", der, PrivateKeyInfo, mldsa87_ed448), + DECODER_w_structure("mldsa87_ed448", der, SubjectPublicKeyInfo, + mldsa87_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 DECODER_w_structure("falcon512", der, PrivateKeyInfo, falcon512), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index 08442ac5..1a6d3e8b 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -686,71 +686,6 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_dilithium2", rsa3072_dilithium2, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_dilithium2", rsa3072_dilithium2), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_pss2048", dilithium2_pss2048, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_pss2048", dilithium2_pss2048), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_rsa2048", dilithium2_rsa2048, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_rsa2048", dilithium2_rsa2048), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_ed25519", dilithium2_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_ed25519", dilithium2_ed25519), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_p256", dilithium2_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_p256", dilithium2_p256), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium2_bp256", dilithium2_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium2_bp256", dilithium2_bp256), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 ENCODER_w_structure("dilithium3", dilithium3, der, PrivateKeyInfo), @@ -773,71 +708,6 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p384_dilithium3", p384_dilithium3, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p384_dilithium3", p384_dilithium3), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_pss3072", dilithium3_pss3072, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_pss3072", dilithium3_pss3072), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_rsa3072", dilithium3_rsa3072, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_rsa3072", dilithium3_rsa3072), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_p256", dilithium3_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_p256", dilithium3_p256), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_bp256", dilithium3_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_bp256", dilithium3_bp256), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium3_ed25519", dilithium3_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium3_ed25519", dilithium3_ed25519), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 ENCODER_w_structure("dilithium5", dilithium5, der, PrivateKeyInfo), @@ -860,45 +730,6 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p521_dilithium5", p521_dilithium5, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p521_dilithium5", p521_dilithium5), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_p384", dilithium5_p384, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_p384", dilithium5_p384), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_bp384", dilithium5_bp384, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_bp384", dilithium5_bp384), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - PrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("dilithium5_ed448", dilithium5_ed448, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("dilithium5_ed448", dilithium5_ed448), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_44 ENCODER_w_structure("mldsa44", mldsa44, der, PrivateKeyInfo), @@ -932,6 +763,67 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_mldsa44", rsa3072_mldsa44, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_mldsa44", rsa3072_mldsa44), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44_pss2048", mldsa44_pss2048, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44_pss2048", mldsa44_pss2048), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44_rsa2048", mldsa44_rsa2048, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44_rsa2048", mldsa44_rsa2048), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44_ed25519", mldsa44_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44_ed25519", mldsa44_ed25519), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44_p256", mldsa44_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44_p256", mldsa44_p256), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa44_bp256", mldsa44_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa44_bp256", mldsa44_bp256), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_65 ENCODER_w_structure("mldsa65", mldsa65, der, PrivateKeyInfo), @@ -952,6 +844,67 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p384_mldsa65", p384_mldsa65, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p384_mldsa65", p384_mldsa65), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65_pss3072", mldsa65_pss3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65_pss3072", mldsa65_pss3072), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65_rsa3072", mldsa65_rsa3072, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65_rsa3072", mldsa65_rsa3072), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65_p256", mldsa65_p256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65_p256", mldsa65_p256), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65_bp256", mldsa65_bp256, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65_bp256", mldsa65_bp256), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, der, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, pem, + PrivateKeyInfo), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa65_ed25519", mldsa65_ed25519, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa65_ed25519", mldsa65_ed25519), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_87 ENCODER_w_structure("mldsa87", mldsa87, der, PrivateKeyInfo), @@ -972,6 +925,39 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p521_mldsa87", p521_mldsa87, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p521_mldsa87", p521_mldsa87), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa87_p384", mldsa87_p384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa87_p384", mldsa87_p384), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa87_bp384", mldsa87_bp384, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa87_bp384", mldsa87_bp384), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, der, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, pem, PrivateKeyInfo), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("mldsa87_ed448", mldsa87_ed448, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("mldsa87_ed448", mldsa87_ed448), #endif #ifdef OQS_ENABLE_SIG_falcon_512 ENCODER_w_structure("falcon512", falcon512, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index f86c98c6..6e20b01b 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -170,54 +170,54 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_dilithium2", "1.3.9999.2.7.2", "rsa3072_dilithium2", - "2.16.840.1.114027.80.8.1.1", - "dilithium2_pss2048", - "2.16.840.1.114027.80.8.1.2", - "dilithium2_rsa2048", - "2.16.840.1.114027.80.8.1.3", - "dilithium2_ed25519", - "2.16.840.1.114027.80.8.1.4", - "dilithium2_p256", - "2.16.840.1.114027.80.8.1.5", - "dilithium2_bp256", "1.3.6.1.4.1.2.267.7.6.5", "dilithium3", "1.3.9999.2.7.3", "p384_dilithium3", - "2.16.840.1.114027.80.8.1.6", - "dilithium3_pss3072", - "2.16.840.1.114027.80.8.1.7", - "dilithium3_rsa3072", - "2.16.840.1.114027.80.8.1.8", - "dilithium3_p256", - "2.16.840.1.114027.80.8.1.9", - "dilithium3_bp256", - "2.16.840.1.114027.80.8.1.10", - "dilithium3_ed25519", "1.3.6.1.4.1.2.267.7.8.7", "dilithium5", "1.3.9999.2.7.4", "p521_dilithium5", - "2.16.840.1.114027.80.8.1.11", - "dilithium5_p384", - "2.16.840.1.114027.80.8.1.12", - "dilithium5_bp384", - "2.16.840.1.114027.80.8.1.13", - "dilithium5_ed448", "1.3.6.1.4.1.2.267.12.4.4", "mldsa44", "1.3.9999.7.1", "p256_mldsa44", "1.3.9999.7.2", "rsa3072_mldsa44", + "2.16.840.1.114027.80.8.1.1", + "mldsa44_pss2048", + "2.16.840.1.114027.80.8.1.2", + "mldsa44_rsa2048", + "2.16.840.1.114027.80.8.1.3", + "mldsa44_ed25519", + "2.16.840.1.114027.80.8.1.4", + "mldsa44_p256", + "2.16.840.1.114027.80.8.1.5", + "mldsa44_bp256", "1.3.6.1.4.1.2.267.12.6.5", "mldsa65", "1.3.9999.7.3", "p384_mldsa65", + "2.16.840.1.114027.80.8.1.6", + "mldsa65_pss3072", + "2.16.840.1.114027.80.8.1.7", + "mldsa65_rsa3072", + "2.16.840.1.114027.80.8.1.8", + "mldsa65_p256", + "2.16.840.1.114027.80.8.1.9", + "mldsa65_bp256", + "2.16.840.1.114027.80.8.1.10", + "mldsa65_ed25519", "1.3.6.1.4.1.2.267.12.8.7", "mldsa87", "1.3.9999.7.4", "p521_mldsa87", + "2.16.840.1.114027.80.8.1.11", + "mldsa87_p384", + "2.16.840.1.114027.80.8.1.12", + "mldsa87_bp384", + "2.16.840.1.114027.80.8.1.13", + "mldsa87_ed448", "1.3.9999.3.6", "falcon512", "1.3.9999.3.7", @@ -495,118 +495,115 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME")) oqs_alg_encoding_list[5] = getenv("OQS_ENCODING_RSA3072_DILITHIUM2_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048")) - oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM2_PSS2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME")) - oqs_alg_encoding_list[7] - = getenv("OQS_ENCODING_DILITHIUM2_PSS2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048")) - oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_DILITHIUM2_RSA2048"); - if (getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME")) - oqs_alg_encoding_list[9] - = getenv("OQS_ENCODING_DILITHIUM2_RSA2048_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519")) - oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM2_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME")) - oqs_alg_encoding_list[11] - = getenv("OQS_ENCODING_DILITHIUM2_ED25519_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256")) - oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_DILITHIUM2_P256"); - if (getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME")) - oqs_alg_encoding_list[13] - = getenv("OQS_ENCODING_DILITHIUM2_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256")) - oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_DILITHIUM2_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME")) - oqs_alg_encoding_list[15] - = getenv("OQS_ENCODING_DILITHIUM2_BP256_ALGNAME"); if (getenv("OQS_ENCODING_DILITHIUM3")) - oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_DILITHIUM3"); + oqs_alg_encoding_list[6] = getenv("OQS_ENCODING_DILITHIUM3"); if (getenv("OQS_ENCODING_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); + oqs_alg_encoding_list[7] = getenv("OQS_ENCODING_DILITHIUM3_ALGNAME"); if (getenv("OQS_ENCODING_P384_DILITHIUM3")) - oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_P384_DILITHIUM3"); + oqs_alg_encoding_list[8] = getenv("OQS_ENCODING_P384_DILITHIUM3"); if (getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME")) - oqs_alg_encoding_list[19] + oqs_alg_encoding_list[9] = getenv("OQS_ENCODING_P384_DILITHIUM3_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072")) - oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_DILITHIUM3_PSS3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME")) - oqs_alg_encoding_list[21] - = getenv("OQS_ENCODING_DILITHIUM3_PSS3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072")) - oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_DILITHIUM3_RSA3072"); - if (getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME")) - oqs_alg_encoding_list[23] - = getenv("OQS_ENCODING_DILITHIUM3_RSA3072_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256")) - oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_DILITHIUM3_P256"); - if (getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME")) - oqs_alg_encoding_list[25] - = getenv("OQS_ENCODING_DILITHIUM3_P256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256")) - oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_DILITHIUM3_BP256"); - if (getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME")) - oqs_alg_encoding_list[27] - = getenv("OQS_ENCODING_DILITHIUM3_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519")) - oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_DILITHIUM3_ED25519"); - if (getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME")) - oqs_alg_encoding_list[29] - = getenv("OQS_ENCODING_DILITHIUM3_ED25519_ALGNAME"); if (getenv("OQS_ENCODING_DILITHIUM5")) - oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_DILITHIUM5"); + oqs_alg_encoding_list[10] = getenv("OQS_ENCODING_DILITHIUM5"); if (getenv("OQS_ENCODING_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); + oqs_alg_encoding_list[11] = getenv("OQS_ENCODING_DILITHIUM5_ALGNAME"); if (getenv("OQS_ENCODING_P521_DILITHIUM5")) - oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P521_DILITHIUM5"); + oqs_alg_encoding_list[12] = getenv("OQS_ENCODING_P521_DILITHIUM5"); if (getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME")) - oqs_alg_encoding_list[33] + oqs_alg_encoding_list[13] = getenv("OQS_ENCODING_P521_DILITHIUM5_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384")) - oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_DILITHIUM5_P384"); - if (getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME")) - oqs_alg_encoding_list[35] - = getenv("OQS_ENCODING_DILITHIUM5_P384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384")) - oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_DILITHIUM5_BP384"); - if (getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME")) - oqs_alg_encoding_list[37] - = getenv("OQS_ENCODING_DILITHIUM5_BP384_ALGNAME"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448")) - oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_DILITHIUM5_ED448"); - if (getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME")) - oqs_alg_encoding_list[39] - = getenv("OQS_ENCODING_DILITHIUM5_ED448_ALGNAME"); if (getenv("OQS_ENCODING_MLDSA44")) - oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_MLDSA44"); + oqs_alg_encoding_list[14] = getenv("OQS_ENCODING_MLDSA44"); if (getenv("OQS_ENCODING_MLDSA44_ALGNAME")) - oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_MLDSA44_ALGNAME"); + oqs_alg_encoding_list[15] = getenv("OQS_ENCODING_MLDSA44_ALGNAME"); if (getenv("OQS_ENCODING_P256_MLDSA44")) - oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P256_MLDSA44"); + oqs_alg_encoding_list[16] = getenv("OQS_ENCODING_P256_MLDSA44"); if (getenv("OQS_ENCODING_P256_MLDSA44_ALGNAME")) - oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P256_MLDSA44_ALGNAME"); + oqs_alg_encoding_list[17] = getenv("OQS_ENCODING_P256_MLDSA44_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_MLDSA44")) - oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_RSA3072_MLDSA44"); + oqs_alg_encoding_list[18] = getenv("OQS_ENCODING_RSA3072_MLDSA44"); if (getenv("OQS_ENCODING_RSA3072_MLDSA44_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[19] = getenv("OQS_ENCODING_RSA3072_MLDSA44_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44_PSS2048")) + oqs_alg_encoding_list[20] = getenv("OQS_ENCODING_MLDSA44_PSS2048"); + if (getenv("OQS_ENCODING_MLDSA44_PSS2048_ALGNAME")) + oqs_alg_encoding_list[21] + = getenv("OQS_ENCODING_MLDSA44_PSS2048_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44_RSA2048")) + oqs_alg_encoding_list[22] = getenv("OQS_ENCODING_MLDSA44_RSA2048"); + if (getenv("OQS_ENCODING_MLDSA44_RSA2048_ALGNAME")) + oqs_alg_encoding_list[23] + = getenv("OQS_ENCODING_MLDSA44_RSA2048_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44_ED25519")) + oqs_alg_encoding_list[24] = getenv("OQS_ENCODING_MLDSA44_ED25519"); + if (getenv("OQS_ENCODING_MLDSA44_ED25519_ALGNAME")) + oqs_alg_encoding_list[25] + = getenv("OQS_ENCODING_MLDSA44_ED25519_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44_P256")) + oqs_alg_encoding_list[26] = getenv("OQS_ENCODING_MLDSA44_P256"); + if (getenv("OQS_ENCODING_MLDSA44_P256_ALGNAME")) + oqs_alg_encoding_list[27] = getenv("OQS_ENCODING_MLDSA44_P256_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA44_BP256")) + oqs_alg_encoding_list[28] = getenv("OQS_ENCODING_MLDSA44_BP256"); + if (getenv("OQS_ENCODING_MLDSA44_BP256_ALGNAME")) + oqs_alg_encoding_list[29] + = getenv("OQS_ENCODING_MLDSA44_BP256_ALGNAME"); if (getenv("OQS_ENCODING_MLDSA65")) - oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_MLDSA65"); + oqs_alg_encoding_list[30] = getenv("OQS_ENCODING_MLDSA65"); if (getenv("OQS_ENCODING_MLDSA65_ALGNAME")) - oqs_alg_encoding_list[47] = getenv("OQS_ENCODING_MLDSA65_ALGNAME"); + oqs_alg_encoding_list[31] = getenv("OQS_ENCODING_MLDSA65_ALGNAME"); if (getenv("OQS_ENCODING_P384_MLDSA65")) - oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_P384_MLDSA65"); + oqs_alg_encoding_list[32] = getenv("OQS_ENCODING_P384_MLDSA65"); if (getenv("OQS_ENCODING_P384_MLDSA65_ALGNAME")) - oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_P384_MLDSA65_ALGNAME"); + oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_P384_MLDSA65_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65_PSS3072")) + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_MLDSA65_PSS3072"); + if (getenv("OQS_ENCODING_MLDSA65_PSS3072_ALGNAME")) + oqs_alg_encoding_list[35] + = getenv("OQS_ENCODING_MLDSA65_PSS3072_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65_RSA3072")) + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_MLDSA65_RSA3072"); + if (getenv("OQS_ENCODING_MLDSA65_RSA3072_ALGNAME")) + oqs_alg_encoding_list[37] + = getenv("OQS_ENCODING_MLDSA65_RSA3072_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65_P256")) + oqs_alg_encoding_list[38] = getenv("OQS_ENCODING_MLDSA65_P256"); + if (getenv("OQS_ENCODING_MLDSA65_P256_ALGNAME")) + oqs_alg_encoding_list[39] = getenv("OQS_ENCODING_MLDSA65_P256_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65_BP256")) + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_MLDSA65_BP256"); + if (getenv("OQS_ENCODING_MLDSA65_BP256_ALGNAME")) + oqs_alg_encoding_list[41] + = getenv("OQS_ENCODING_MLDSA65_BP256_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA65_ED25519")) + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_MLDSA65_ED25519"); + if (getenv("OQS_ENCODING_MLDSA65_ED25519_ALGNAME")) + oqs_alg_encoding_list[43] + = getenv("OQS_ENCODING_MLDSA65_ED25519_ALGNAME"); if (getenv("OQS_ENCODING_MLDSA87")) - oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_MLDSA87"); + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_MLDSA87"); if (getenv("OQS_ENCODING_MLDSA87_ALGNAME")) - oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_MLDSA87_ALGNAME"); + oqs_alg_encoding_list[45] = getenv("OQS_ENCODING_MLDSA87_ALGNAME"); if (getenv("OQS_ENCODING_P521_MLDSA87")) - oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_P521_MLDSA87"); + oqs_alg_encoding_list[46] = getenv("OQS_ENCODING_P521_MLDSA87"); if (getenv("OQS_ENCODING_P521_MLDSA87_ALGNAME")) - oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_P521_MLDSA87_ALGNAME"); + oqs_alg_encoding_list[47] = getenv("OQS_ENCODING_P521_MLDSA87_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA87_P384")) + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_MLDSA87_P384"); + if (getenv("OQS_ENCODING_MLDSA87_P384_ALGNAME")) + oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_MLDSA87_P384_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA87_BP384")) + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_MLDSA87_BP384"); + if (getenv("OQS_ENCODING_MLDSA87_BP384_ALGNAME")) + oqs_alg_encoding_list[51] + = getenv("OQS_ENCODING_MLDSA87_BP384_ALGNAME"); + if (getenv("OQS_ENCODING_MLDSA87_ED448")) + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_MLDSA87_ED448"); + if (getenv("OQS_ENCODING_MLDSA87_ED448_ALGNAME")) + oqs_alg_encoding_list[53] + = getenv("OQS_ENCODING_MLDSA87_ED448_ALGNAME"); if (getenv("OQS_ENCODING_FALCON512")) oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_FALCON512"); if (getenv("OQS_ENCODING_FALCON512_ALGNAME")) @@ -759,40 +756,40 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("dilithium2", 128, oqs_signature_functions), SIGALG("p256_dilithium2", 128, oqs_signature_functions), SIGALG("rsa3072_dilithium2", 128, oqs_signature_functions), - SIGALG("dilithium2_pss2048", 112, oqs_signature_functions), - SIGALG("dilithium2_rsa2048", 112, oqs_signature_functions), - SIGALG("dilithium2_ed25519", 128, oqs_signature_functions), - SIGALG("dilithium2_p256", 128, oqs_signature_functions), - SIGALG("dilithium2_bp256", 256, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_signature_functions), SIGALG("p384_dilithium3", 192, oqs_signature_functions), - SIGALG("dilithium3_pss3072", 128, oqs_signature_functions), - SIGALG("dilithium3_rsa3072", 128, oqs_signature_functions), - SIGALG("dilithium3_p256", 128, oqs_signature_functions), - SIGALG("dilithium3_bp256", 256, oqs_signature_functions), - SIGALG("dilithium3_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_signature_functions), SIGALG("p521_dilithium5", 256, oqs_signature_functions), - SIGALG("dilithium5_p384", 192, oqs_signature_functions), - SIGALG("dilithium5_bp384", 384, oqs_signature_functions), - SIGALG("dilithium5_ed448", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_44 SIGALG("mldsa44", 128, oqs_signature_functions), SIGALG("p256_mldsa44", 128, oqs_signature_functions), SIGALG("rsa3072_mldsa44", 128, oqs_signature_functions), + SIGALG("mldsa44_pss2048", 112, oqs_signature_functions), + SIGALG("mldsa44_rsa2048", 112, oqs_signature_functions), + SIGALG("mldsa44_ed25519", 128, oqs_signature_functions), + SIGALG("mldsa44_p256", 128, oqs_signature_functions), + SIGALG("mldsa44_bp256", 256, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_65 SIGALG("mldsa65", 192, oqs_signature_functions), SIGALG("p384_mldsa65", 192, oqs_signature_functions), + SIGALG("mldsa65_pss3072", 128, oqs_signature_functions), + SIGALG("mldsa65_rsa3072", 128, oqs_signature_functions), + SIGALG("mldsa65_p256", 128, oqs_signature_functions), + SIGALG("mldsa65_bp256", 256, oqs_signature_functions), + SIGALG("mldsa65_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_87 SIGALG("mldsa87", 256, oqs_signature_functions), SIGALG("p521_mldsa87", 256, oqs_signature_functions), + SIGALG("mldsa87_p384", 192, oqs_signature_functions), + SIGALG("mldsa87_bp384", 384, oqs_signature_functions), + SIGALG("mldsa87_ed448", 192, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_signature_functions), @@ -932,40 +929,40 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] SIGALG("dilithium2", 128, oqs_dilithium2_keymgmt_functions), SIGALG("p256_dilithium2", 128, oqs_p256_dilithium2_keymgmt_functions), SIGALG("rsa3072_dilithium2", 128, oqs_rsa3072_dilithium2_keymgmt_functions), - SIGALG("dilithium2_pss2048", 112, oqs_dilithium2_pss2048_keymgmt_functions), - SIGALG("dilithium2_rsa2048", 112, oqs_dilithium2_rsa2048_keymgmt_functions), - SIGALG("dilithium2_ed25519", 128, oqs_dilithium2_ed25519_keymgmt_functions), - SIGALG("dilithium2_p256", 128, oqs_dilithium2_p256_keymgmt_functions), - SIGALG("dilithium2_bp256", 256, oqs_dilithium2_bp256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_3 SIGALG("dilithium3", 192, oqs_dilithium3_keymgmt_functions), SIGALG("p384_dilithium3", 192, oqs_p384_dilithium3_keymgmt_functions), - SIGALG("dilithium3_pss3072", 128, oqs_dilithium3_pss3072_keymgmt_functions), - SIGALG("dilithium3_rsa3072", 128, oqs_dilithium3_rsa3072_keymgmt_functions), - SIGALG("dilithium3_p256", 128, oqs_dilithium3_p256_keymgmt_functions), - SIGALG("dilithium3_bp256", 256, oqs_dilithium3_bp256_keymgmt_functions), - SIGALG("dilithium3_ed25519", 128, oqs_dilithium3_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_dilithium_5 SIGALG("dilithium5", 256, oqs_dilithium5_keymgmt_functions), SIGALG("p521_dilithium5", 256, oqs_p521_dilithium5_keymgmt_functions), - SIGALG("dilithium5_p384", 192, oqs_dilithium5_p384_keymgmt_functions), - SIGALG("dilithium5_bp384", 384, oqs_dilithium5_bp384_keymgmt_functions), - SIGALG("dilithium5_ed448", 192, oqs_dilithium5_ed448_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_44 SIGALG("mldsa44", 128, oqs_mldsa44_keymgmt_functions), SIGALG("p256_mldsa44", 128, oqs_p256_mldsa44_keymgmt_functions), SIGALG("rsa3072_mldsa44", 128, oqs_rsa3072_mldsa44_keymgmt_functions), + SIGALG("mldsa44_pss2048", 112, oqs_mldsa44_pss2048_keymgmt_functions), + SIGALG("mldsa44_rsa2048", 112, oqs_mldsa44_rsa2048_keymgmt_functions), + SIGALG("mldsa44_ed25519", 128, oqs_mldsa44_ed25519_keymgmt_functions), + SIGALG("mldsa44_p256", 128, oqs_mldsa44_p256_keymgmt_functions), + SIGALG("mldsa44_bp256", 256, oqs_mldsa44_bp256_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_65 SIGALG("mldsa65", 192, oqs_mldsa65_keymgmt_functions), SIGALG("p384_mldsa65", 192, oqs_p384_mldsa65_keymgmt_functions), + SIGALG("mldsa65_pss3072", 128, oqs_mldsa65_pss3072_keymgmt_functions), + SIGALG("mldsa65_rsa3072", 128, oqs_mldsa65_rsa3072_keymgmt_functions), + SIGALG("mldsa65_p256", 128, oqs_mldsa65_p256_keymgmt_functions), + SIGALG("mldsa65_bp256", 256, oqs_mldsa65_bp256_keymgmt_functions), + SIGALG("mldsa65_ed25519", 128, oqs_mldsa65_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_87 SIGALG("mldsa87", 256, oqs_mldsa87_keymgmt_functions), SIGALG("p521_mldsa87", 256, oqs_p521_mldsa87_keymgmt_functions), + SIGALG("mldsa87_p384", 192, oqs_mldsa87_p384_keymgmt_functions), + SIGALG("mldsa87_bp384", 384, oqs_mldsa87_bp384_keymgmt_functions), + SIGALG("mldsa87_ed448", 192, oqs_mldsa87_ed448_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_512 SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 4277fee1..8b584e4d 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -129,30 +129,30 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_SIG, 128}, {0, "p256_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_dilithium2", OQS_SIG_alg_dilithium_2, KEY_TYPE_HYB_SIG, 128}, - {0, "dilithium2_pss2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_rsa2048", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 112}, - {0, "dilithium2_ed25519", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_p256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium2_bp256", OQS_SIG_alg_dilithium_2, KEY_TYPE_CMP_SIG, 256}, {0, "dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_SIG, 192}, {0, "p384_dilithium3", OQS_SIG_alg_dilithium_3, KEY_TYPE_HYB_SIG, 192}, - {0, "dilithium3_pss3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_rsa3072", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_p256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, - {0, "dilithium3_bp256", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 256}, - {0, "dilithium3_ed25519", OQS_SIG_alg_dilithium_3, KEY_TYPE_CMP_SIG, 128}, {0, "dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_SIG, 256}, {0, "p521_dilithium5", OQS_SIG_alg_dilithium_5, KEY_TYPE_HYB_SIG, 256}, - {0, "dilithium5_p384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, - {0, "dilithium5_bp384", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 384}, - {0, "dilithium5_ed448", OQS_SIG_alg_dilithium_5, KEY_TYPE_CMP_SIG, 192}, {0, "mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_SIG, 128}, {0, "p256_mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_mldsa44", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_HYB_SIG, 128}, + {0, "mldsa44_pss2048", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_CMP_SIG, 112}, + {0, "mldsa44_rsa2048", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_CMP_SIG, 112}, + {0, "mldsa44_ed25519", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_CMP_SIG, 128}, + {0, "mldsa44_p256", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_CMP_SIG, 128}, + {0, "mldsa44_bp256", OQS_SIG_alg_ml_dsa_44, KEY_TYPE_CMP_SIG, 256}, {0, "mldsa65", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_SIG, 192}, {0, "p384_mldsa65", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_HYB_SIG, 192}, + {0, "mldsa65_pss3072", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_CMP_SIG, 128}, + {0, "mldsa65_rsa3072", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_CMP_SIG, 128}, + {0, "mldsa65_p256", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_CMP_SIG, 128}, + {0, "mldsa65_bp256", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_CMP_SIG, 256}, + {0, "mldsa65_ed25519", OQS_SIG_alg_ml_dsa_65, KEY_TYPE_CMP_SIG, 128}, {0, "mldsa87", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_SIG, 256}, {0, "p521_mldsa87", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_HYB_SIG, 256}, + {0, "mldsa87_p384", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_CMP_SIG, 192}, + {0, "mldsa87_bp384", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_CMP_SIG, 384}, + {0, "mldsa87_ed448", OQS_SIG_alg_ml_dsa_87, KEY_TYPE_CMP_SIG, 192}, {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, diff --git a/scripts/common.py b/scripts/common.py index d146c8d3..7518854a 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -20,7 +20,7 @@ # post-quantum + classical signatures 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', # post-quantum + classical signatures (COMPOSITE) - 'dilithium2_pss2048','dilithium2_rsa2048','dilithium2_ed25519','dilithium2_p256','dilithium2_bp256','dilithium3_pss3072','dilithium3_rsa3072','dilithium3_p256','dilithium3_bp256','dilithium3_ed25519','dilithium5_p384','dilithium5_bp384','dilithium5_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519',##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END + 'mldsa44_pss2048','mldsa44_rsa2048','mldsa44_ed25519','mldsa44_p256','mldsa44_bp256','mldsa65_pss3072','mldsa65_rsa3072','mldsa65_p256','mldsa65_bp256','mldsa65_ed25519','mldsa87_p384','mldsa87_bp384','mldsa87_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519',##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] SERVER_START_ATTEMPTS = 10 From 1c60737981d4c8a7cbed3aa2920dd9600cb89aea Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 29 Feb 2024 08:14:01 -0600 Subject: [PATCH 122/160] added more descriptive comments --- oqs-template/generate.yml | 2 ++ oqs-template/scripts/common.py/sig_algs.fragment | 1 + oqsprov/oqs_prov.h | 6 ++++-- scripts/common.py | 3 ++- 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index f44a388e..d1e011a7 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -422,6 +422,8 @@ sigs: # 'security': '128', # 'oid': '2.16.840.1.114027.80.1.8'}] - + # The Composite OIDs are kept up to date by @feventura (Entrust) + # These are prototype OIDs and are in line with draft-ounsworth-pq-composite-sigs-12 # OID scheme for composite variants: # joint-iso-itu-t (2) # country (16) diff --git a/oqs-template/scripts/common.py/sig_algs.fragment b/oqs-template/scripts/common.py/sig_algs.fragment index d3839008..07706745 100644 --- a/oqs-template/scripts/common.py/sig_algs.fragment +++ b/oqs-template/scripts/common.py/sig_algs.fragment @@ -16,3 +16,4 @@ '{{ variant['name'] }}_{{ composite_alg['name'] }}', {%- endfor -%} {%- endfor %} {%- endfor %} + diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 26daec72..e1b6b954 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -177,8 +177,10 @@ struct oqsx_key_st { #endif int references; - /* point to actual priv key material -- classic key, if present, first, - * unless is composite i.e., OQS key always at comp_*key[numkeys-1] + /* point to actual priv key material -- if is a hydrid, the classic key will + * be present first, i.e., OQS key always at comp_*key[numkeys-1] - if is a + * composite, the classic key will be presented second, i.e., OQS key always + * at comp_*key[0] */ void **comp_privkey; void **comp_pubkey; diff --git a/scripts/common.py b/scripts/common.py index 7518854a..83ca6dff 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -20,7 +20,8 @@ # post-quantum + classical signatures 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', # post-quantum + classical signatures (COMPOSITE) - 'mldsa44_pss2048','mldsa44_rsa2048','mldsa44_ed25519','mldsa44_p256','mldsa44_bp256','mldsa65_pss3072','mldsa65_rsa3072','mldsa65_p256','mldsa65_bp256','mldsa65_ed25519','mldsa87_p384','mldsa87_bp384','mldsa87_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519',##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END + 'mldsa44_pss2048','mldsa44_rsa2048','mldsa44_ed25519','mldsa44_p256','mldsa44_bp256','mldsa65_pss3072','mldsa65_rsa3072','mldsa65_p256','mldsa65_bp256','mldsa65_ed25519','mldsa87_p384','mldsa87_bp384','mldsa87_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519', +##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] SERVER_START_ATTEMPTS = 10 From 7faffb821b16d8dfd084b5c3329be68f7797e6a1 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 29 Feb 2024 09:36:26 -0600 Subject: [PATCH 123/160] added option to easily switch back to dilithium3 instead of ML-DLS65 for interop reasons --- oqs-template/generate.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index d1e011a7..00021480 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -481,6 +481,12 @@ sigs: 'pretty_name': 'ECDSA p384', 'oid': '1.3.9999.2.7.3', 'code_point': '0xfea4'}] +# Used to interop with dilithium3 implementations +# composite: [ +# {'name': 'p256', +# 'pretty_name': 'ECDSA p256', +# 'security': '128', +# 'oid': '2.16.840.1.114027.80.8.1.8'},] - name: 'dilithium5' pretty_name: 'Dilithium5' From f756fef9f0ddc60b12ecd2ce251407f6d7cd6068 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 29 Feb 2024 09:37:13 -0600 Subject: [PATCH 124/160] switched comparison from dilithium to ML-DSA --- oqsprov/oqs_sig.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 45fffb79..0de708b2 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -400,8 +400,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, upcase_name = get_oqsname_fromtls(name); if ((upcase_name != 0) - && ((!strcmp(upcase_name, OQS_SIG_alg_dilithium_3)) - || (!strcmp(upcase_name, OQS_SIG_alg_dilithium_5))) + && ((!strcmp(upcase_name, OQS_SIG_alg_ml_dsa_65)) + || (!strcmp(upcase_name, OQS_SIG_alg_ml_dsa_87))) || (name[0] == 'e')) { aux = 1; OPENSSL_free(name); From 7892734a9d79d8cf952af7c99bf8b1d193fae93d Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 29 Feb 2024 13:14:56 -0600 Subject: [PATCH 125/160] switched comparison from dilithium to ML-DSA form validation --- oqsprov/oqs_sig.c | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 0de708b2..372d2bd5 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -424,6 +424,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } + final_tbslen -= 1; final_tbs = OPENSSL_malloc(final_tbslen); memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, @@ -720,6 +721,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if ((compsig = d2i_CompositeSignature(NULL, &sig, siglen)) == NULL) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + CompositeSignature_free(compsig); goto endverify; } @@ -730,13 +732,14 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); OPENSSL_free(name); + CompositeSignature_free(compsig); goto endverify; } upcase_name = get_oqsname_fromtls(name); if ((upcase_name != 0) - && ((!strcmp(upcase_name, OQS_SIG_alg_dilithium_3)) - || (!strcmp(upcase_name, OQS_SIG_alg_dilithium_5))) + && ((!strcmp(upcase_name, OQS_SIG_alg_ml_dsa_65)) + || (!strcmp(upcase_name, OQS_SIG_alg_ml_dsa_87))) || (name[0] == 'e')) { aux = 1; OPENSSL_free(name); @@ -757,8 +760,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, break; default: ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); goto endverify; } + final_tbslen -= 1; final_tbs = OPENSSL_malloc(final_tbslen); memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, @@ -779,6 +784,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, if ((name = get_cmpname(nid, i)) == NULL) { OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } @@ -788,6 +795,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } } else { @@ -808,6 +817,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); EVP_MD_CTX_free(evp_ctx); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } EVP_MD_CTX_free(evp_ctx); @@ -818,6 +829,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, || (EVP_PKEY_verify_init(ctx_verify) <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } if (!strncmp(name, "pss", 3)) { @@ -831,6 +844,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } } else if (oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info @@ -841,6 +856,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, <= 0) { ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } } @@ -874,6 +891,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, default: ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } } @@ -884,6 +903,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, <= 0)) { ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endverify; } } From 38c1f30ad7fc7dcf743a21a000befcb376b4102a Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Fri, 1 Mar 2024 07:23:50 +0100 Subject: [PATCH 126/160] Adapt Kyber OIDs and avoid testing using downlevel brew releases (#356) * disable testing to backlevel liboqs & remove OID duplicates * create standalone CI job names --- .github/workflows/macos.yml | 9 ++- .github/workflows/standalone.yml | 17 ++++-- ALGORITHMS.md | 94 ++++++++++++++++---------------- oqs-template/generate.yml | 5 -- oqsprov/oqsprov.c | 86 ++++++++++++++--------------- 5 files changed, 109 insertions(+), 102 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7a6f95f4..7aaeaf2d 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -70,7 +70,14 @@ jobs: working-directory: _build # Try brew install of head: If error message below appears, build and test passed successfully - name: brew install test - run: brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" + # try this only if brew'd liboqs knows about ML-KEM: + run: | + bash -c 'brew install liboqs && FIND_MLKEM=`brew info liboqs | grep files | awk "{print $1}"` + if [[ `echo $FIND_MLKEM | grep ML_KEM` ]]; then + brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" + else + echo "ML-KEM not present in liboqs. Skipping test." + fi' working-directory: scripts - name: Retain oqsprovider.dylib uses: actions/upload-artifact@v3 diff --git a/.github/workflows/standalone.yml b/.github/workflows/standalone.yml index 6e27e626..39b01457 100644 --- a/.github/workflows/standalone.yml +++ b/.github/workflows/standalone.yml @@ -8,7 +8,7 @@ on: jobs: - macos_intel: + standalone_macos_intel: runs-on: macos-13 strategy: fail-fast: false @@ -17,12 +17,17 @@ jobs: run: brew install liboqs - name: Checkout oqsprovider code uses: actions/checkout@v2 - - name: Build oqsprovider - run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build - - name: Test oqsprovider - run: ctest --parallel 5 --test-dir _build + - name: Build and test oqsprovider + # try this only if brew'd liboqs knows about ML-KEM: + run: | + bash -c 'FIND_MLKEM=`brew info liboqs | grep files | awk "{print $1}"` + if [[ `echo $FIND_MLKEM | grep ML_KEM` ]]; then + cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build && ctest --parallel 5 --test-dir _build + else + echo "ML-KEM not present in liboqs. Skipping test." + fi' - linux_intel: + standalone_linux_intel: runs-on: ubuntu-latest strategy: fail-fast: false diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 149568cb..6413425e 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -188,58 +188,58 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li |Algorithm name | default OID | environment variable | |---------------|:-----------------:|----------------------| -| frodo640aes | 1.3.9999.99.58 | OQS_OID_FRODO640AES -| p256_frodo640aes | 1.3.9999.99.57 | OQS_OID_P256_FRODO640AES -| x25519_frodo640aes | 1.3.9999.99.43 | OQS_OID_X25519_FRODO640AES -| frodo640shake | 1.3.9999.99.60 | OQS_OID_FRODO640SHAKE -| p256_frodo640shake | 1.3.9999.99.59 | OQS_OID_P256_FRODO640SHAKE -| x25519_frodo640shake | 1.3.9999.99.44 | OQS_OID_X25519_FRODO640SHAKE -| frodo976aes | 1.3.9999.99.62 | OQS_OID_FRODO976AES -| p384_frodo976aes | 1.3.9999.99.61 | OQS_OID_P384_FRODO976AES -| x448_frodo976aes | 1.3.9999.99.45 | OQS_OID_X448_FRODO976AES -| frodo976shake | 1.3.9999.99.64 | OQS_OID_FRODO976SHAKE -| p384_frodo976shake | 1.3.9999.99.63 | OQS_OID_P384_FRODO976SHAKE -| x448_frodo976shake | 1.3.9999.99.46 | OQS_OID_X448_FRODO976SHAKE -| frodo1344aes | 1.3.9999.99.66 | OQS_OID_FRODO1344AES -| p521_frodo1344aes | 1.3.9999.99.65 | OQS_OID_P521_FRODO1344AES -| frodo1344shake | 1.3.9999.99.68 | OQS_OID_FRODO1344SHAKE -| p521_frodo1344shake | 1.3.9999.99.67 | OQS_OID_P521_FRODO1344SHAKE -| kyber512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_KYBER512 -| p256_kyber512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_KYBER512 -| x25519_kyber512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_KYBER512 -| kyber768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_KYBER768 -| p384_kyber768 | 1.3.9999.99.69 | OQS_OID_P384_KYBER768 -| x448_kyber768 | 1.3.9999.99.47 | OQS_OID_X448_KYBER768 -| x25519_kyber768 | 1.3.9999.99.48 | OQS_OID_X25519_KYBER768 -| p256_kyber768 | 1.3.9999.99.49 | OQS_OID_P256_KYBER768 -| kyber1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_KYBER1024 -| p521_kyber1024 | 1.3.9999.99.70 | OQS_OID_P521_KYBER1024 +| frodo640aes | 1.3.9999.99.64 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.63 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.48 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.66 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.65 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.49 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.68 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.67 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.50 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.70 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.69 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.51 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.72 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.71 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.74 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.73 | OQS_OID_P521_FRODO1344SHAKE +| kyber512 | 1.3.9999.99.76 | OQS_OID_KYBER512 +| p256_kyber512 | 1.3.9999.99.75 | OQS_OID_P256_KYBER512 +| x25519_kyber512 | 1.3.9999.99.52 | OQS_OID_X25519_KYBER512 +| kyber768 | 1.3.9999.99.78 | OQS_OID_KYBER768 +| p384_kyber768 | 1.3.9999.99.77 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.53 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.54 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.55 | OQS_OID_P256_KYBER768 +| kyber1024 | 1.3.9999.99.80 | OQS_OID_KYBER1024 +| p521_kyber1024 | 1.3.9999.99.79 | OQS_OID_P521_KYBER1024 | mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512 | p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512 | x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512 | mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768 -| p384_mlkem768 | 1.3.9999.99.71 | OQS_OID_P384_MLKEM768 -| x448_mlkem768 | 1.3.9999.99.50 | OQS_OID_X448_MLKEM768 -| x25519_mlkem768 | 1.3.9999.99.51 | OQS_OID_X25519_MLKEM768 -| p256_mlkem768 | 1.3.9999.99.52 | OQS_OID_P256_MLKEM768 +| p384_mlkem768 | 1.3.9999.99.81 | OQS_OID_P384_MLKEM768 +| x448_mlkem768 | 1.3.9999.99.56 | OQS_OID_X448_MLKEM768 +| x25519_mlkem768 | 1.3.9999.99.57 | OQS_OID_X25519_MLKEM768 +| p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 -| p521_mlkem1024 | 1.3.9999.99.72 | OQS_OID_P521_MLKEM1024 -| bikel1 | 1.3.9999.99.74 | OQS_OID_BIKEL1 -| p256_bikel1 | 1.3.9999.99.73 | OQS_OID_P256_BIKEL1 -| x25519_bikel1 | 1.3.9999.99.53 | OQS_OID_X25519_BIKEL1 -| bikel3 | 1.3.9999.99.76 | OQS_OID_BIKEL3 -| p384_bikel3 | 1.3.9999.99.75 | OQS_OID_P384_BIKEL3 -| x448_bikel3 | 1.3.9999.99.54 | OQS_OID_X448_BIKEL3 -| bikel5 | 1.3.9999.99.78 | OQS_OID_BIKEL5 -| p521_bikel5 | 1.3.9999.99.77 | OQS_OID_P521_BIKEL5 -| hqc128 | 1.3.9999.99.80 | OQS_OID_HQC128 -| p256_hqc128 | 1.3.9999.99.79 | OQS_OID_P256_HQC128 -| x25519_hqc128 | 1.3.9999.99.55 | OQS_OID_X25519_HQC128 -| hqc192 | 1.3.9999.99.82 | OQS_OID_HQC192 -| p384_hqc192 | 1.3.9999.99.81 | OQS_OID_P384_HQC192 -| x448_hqc192 | 1.3.9999.99.56 | OQS_OID_X448_HQC192 -| hqc256 | 1.3.9999.99.84 | OQS_OID_HQC256 -| p521_hqc256 | 1.3.9999.99.83 | OQS_OID_P521_HQC256 +| p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024 +| bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.86 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.85 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.60 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.88 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.87 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.90 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.89 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.61 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.92 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.91 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.62 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.94 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.93 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 7069c82b..8ef717b5 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -85,14 +85,11 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber512' nid: '0x023A' - oid: '1.3.6.1.4.1.22554.5.6.1' nid_hybrid: '0x2F3A' - hybrid_oid: '1.3.6.1.4.1.22554.5.7.1' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: current: - hybrid_group: "x25519" - hybrid_oid: '1.3.6.1.4.1.22554.5.8.1' nid: '0x2F39' old: - implementation_version: NIST Round 2 submission @@ -110,7 +107,6 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber768' nid: '0x023C' - oid: '1.3.6.1.4.1.22554.5.6.2' nid_hybrid: '0x2F3C' extra_nids: current: @@ -133,7 +129,6 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber1024' nid: '0x023D' - oid: '1.3.6.1.4.1.22554.5.6.3' nid_hybrid: '0x2F3D' extra_nids: old: diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 9a6a2408..a29ac41f 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -57,57 +57,57 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { #ifdef OQS_KEM_ENCODERS - "1.3.9999.99.16", + "1.3.9999.99.17", "frodo640aes", - "1.3.9999.99.15", + "1.3.9999.99.16", "p256_frodo640aes", "1.3.9999.99.1", "x25519_frodo640aes", - "1.3.9999.99.18", + "1.3.9999.99.19", "frodo640shake", - "1.3.9999.99.17", + "1.3.9999.99.18", "p256_frodo640shake", "1.3.9999.99.2", "x25519_frodo640shake", - "1.3.9999.99.20", + "1.3.9999.99.21", "frodo976aes", - "1.3.9999.99.19", + "1.3.9999.99.20", "p384_frodo976aes", "1.3.9999.99.3", "x448_frodo976aes", - "1.3.9999.99.22", + "1.3.9999.99.23", "frodo976shake", - "1.3.9999.99.21", + "1.3.9999.99.22", "p384_frodo976shake", "1.3.9999.99.4", "x448_frodo976shake", - "1.3.9999.99.24", + "1.3.9999.99.25", "frodo1344aes", - "1.3.9999.99.23", + "1.3.9999.99.24", "p521_frodo1344aes", - "1.3.9999.99.26", + "1.3.9999.99.27", "frodo1344shake", - "1.3.9999.99.25", + "1.3.9999.99.26", "p521_frodo1344shake", - "1.3.6.1.4.1.22554.5.6.1", + "1.3.9999.99.29", "kyber512", - "1.3.6.1.4.1.22554.5.7.1", + "1.3.9999.99.28", "p256_kyber512", - "1.3.6.1.4.1.22554.5.8.1", + "1.3.9999.99.5", "x25519_kyber512", - "1.3.6.1.4.1.22554.5.6.2", + "1.3.9999.99.31", "kyber768", - "1.3.9999.99.27", + "1.3.9999.99.30", "p384_kyber768", - "1.3.9999.99.5", - "x448_kyber768", "1.3.9999.99.6", - "x25519_kyber768", + "x448_kyber768", "1.3.9999.99.7", + "x25519_kyber768", + "1.3.9999.99.8", "p256_kyber768", - "1.3.6.1.4.1.22554.5.6.3", + "1.3.9999.99.33", "kyber1024", - "1.3.9999.99.28", + "1.3.9999.99.32", "p521_kyber1024", "1.3.6.1.4.1.22554.5.6.1", "mlkem512", @@ -117,49 +117,49 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_mlkem512", "1.3.6.1.4.1.22554.5.6.2", "mlkem768", - "1.3.9999.99.29", + "1.3.9999.99.34", "p384_mlkem768", - "1.3.9999.99.8", - "x448_mlkem768", "1.3.9999.99.9", - "x25519_mlkem768", + "x448_mlkem768", "1.3.9999.99.10", + "x25519_mlkem768", + "1.3.9999.99.11", "p256_mlkem768", "1.3.6.1.4.1.22554.5.6.3", "mlkem1024", - "1.3.9999.99.30", + "1.3.9999.99.35", "p521_mlkem1024", - "1.3.9999.99.32", + "1.3.9999.99.37", "bikel1", - "1.3.9999.99.31", + "1.3.9999.99.36", "p256_bikel1", - "1.3.9999.99.11", + "1.3.9999.99.12", "x25519_bikel1", - "1.3.9999.99.34", + "1.3.9999.99.39", "bikel3", - "1.3.9999.99.33", + "1.3.9999.99.38", "p384_bikel3", - "1.3.9999.99.12", + "1.3.9999.99.13", "x448_bikel3", - "1.3.9999.99.36", + "1.3.9999.99.41", "bikel5", - "1.3.9999.99.35", + "1.3.9999.99.40", "p521_bikel5", - "1.3.9999.99.38", + "1.3.9999.99.43", "hqc128", - "1.3.9999.99.37", + "1.3.9999.99.42", "p256_hqc128", - "1.3.9999.99.13", + "1.3.9999.99.14", "x25519_hqc128", - "1.3.9999.99.40", + "1.3.9999.99.45", "hqc192", - "1.3.9999.99.39", + "1.3.9999.99.44", "p384_hqc192", - "1.3.9999.99.14", + "1.3.9999.99.15", "x448_hqc192", - "1.3.9999.99.42", + "1.3.9999.99.47", "hqc256", - "1.3.9999.99.41", + "1.3.9999.99.46", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ From 6dab03628a08745f8a9d9495ec2fac8ede6cb3e0 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Fri, 1 Mar 2024 14:24:30 +0100 Subject: [PATCH 127/160] Add extra debug information in case of TLS handshake failure. (#357) * Add extra debug information in case of TLS handshake failure. --- test/tlstest_helpers.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/test/tlstest_helpers.c b/test/tlstest_helpers.c index 09363f49..c2490887 100644 --- a/test/tlstest_helpers.c +++ b/test/tlstest_helpers.c @@ -148,7 +148,10 @@ int create_bare_tls_connection(SSL *serverssl, SSL *clientssl, int want, } if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) { - fprintf(stderr, "SSL_connect() failed %d, %d", retc, err); + fprintf(stderr, + "SSL_connect() failed returning %d, SSL error %d.\n", retc, + err); + ERR_print_errors_fp(stderr); if (want != SSL_ERROR_SSL) ERR_clear_error(); clienterr = 1; @@ -165,7 +168,9 @@ int create_bare_tls_connection(SSL *serverssl, SSL *clientssl, int want, if (!servererr && rets <= 0 && err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_X509_LOOKUP) { - fprintf(stderr, "SSL_accept() failed %d, %d", rets, err); + fprintf(stderr, "SSL_accept() failed returning %d, SSL error %d.\n", + rets, err); + ERR_print_errors_fp(stderr); if (want != SSL_ERROR_SSL) ERR_clear_error(); servererr = 1; From c442a5c30548a0c2740e106dafbf44b678e6c397 Mon Sep 17 00:00:00 2001 From: Bence Mali <64798108+bencemali@users.noreply.github.com> Date: Fri, 1 Mar 2024 16:53:34 +0100 Subject: [PATCH 128/160] p384_mlkem1024 hybrid added (#361) * p384_mlkem1024 hybrid added --- ALGORITHMS.md | 2 + README.md | 2 +- oqs-template/generate.yml | 10 ++++- oqs-template/oqs-kem-info.md | 1 + oqsprov/oqs_decode_der2key.c | 3 ++ oqsprov/oqs_encode_key2any.c | 10 +++++ oqsprov/oqs_kmgmt.c | 1 + oqsprov/oqs_prov.h | 18 +++++++++ oqsprov/oqsdecoders.inc | 3 ++ oqsprov/oqsencoders.inc | 11 ++++++ oqsprov/oqsprov.c | 42 ++++++++++++--------- oqsprov/oqsprov_capabilities.c | 69 ++++++++++++++++++---------------- oqsprov/oqsprov_keys.c | 3 +- scripts/common.py | 2 +- 14 files changed, 123 insertions(+), 54 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 6413425e..d6549213 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -48,6 +48,7 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p256_mlkem768 | 0x2FB5 | Yes | OQS_CODEPOINT_P256_MLKEM768 | | mlkem1024 | 0x0249 | Yes | OQS_CODEPOINT_MLKEM1024 | | p521_mlkem1024 | 0x2F49 | Yes | OQS_CODEPOINT_P521_MLKEM1024 | +| p384_mlkem1024 | 0x2F4A | Yes | OQS_CODEPOINT_P384_MLKEM1024 | | bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 | | p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 | | x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 | @@ -224,6 +225,7 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li | p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 | p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024 +| p384_mlkem1024 | 1.3.6.1.4.1.42235.6 | OQS_OID_P384_MLKEM1024 | bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1 | p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1 | x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1 diff --git a/README.md b/README.md index 9ee5f48f..b874bd06 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `x448_kyber768`, `x25519_kyber768`, `p256_kyber768`, `kyber1024`, `p521_kyber1024` - **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `x448_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `x448_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` - **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `x448_hqc192`, `hqc256`, `p521_hqc256`† -- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `x25519_mlkem768`, `p256_mlkem768`, `mlkem1024`, `p521_mlkem1024` +- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `x25519_mlkem768`, `p256_mlkem768`, `mlkem1024`, `p521_mlkem1024`, `p384_mlkem1024` ### Signature algorithms diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 8ef717b5..21536863 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -1,5 +1,5 @@ # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs -# Next free plain KEM ID: 0x024A, p-hybrid: 0x2F4A, X-hybrid: 0x2FB6 +# Next free plain KEM ID: 0x024A, p-hybrid: 0x2F4B, X-hybrid: 0x2FB6 kems: - family: 'FrodoKEM' @@ -175,6 +175,14 @@ kems: oid: '1.3.6.1.4.1.22554.5.6.3' nid_hybrid: '0x2F49' oqs_alg: 'OQS_KEM_alg_ml_kem_1024' + extra_nids: + current: + # p384_mlkem1024 hybrid doesn't appear in any standardization drafts + # this oid is proposed by Tresorit + # if the hybrid combination is standardized, feel free to change it + - hybrid_group: "p384" + hybrid_oid: '1.3.6.1.4.1.42235.6' + nid: '0x2F4A' - family: 'BIKE' name_group: 'bike1l1fo' diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index 66ba2326..dafa41cb 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -87,6 +87,7 @@ | HQC | 2023-04-30 | hqc256 | 4 | 5 | 0x2F46 | secp521_r1 | | ML-KEM | ML-KEM-ipd | mlkem1024 | ipd | 5 | 0x0249 | | | ML-KEM | ML-KEM-ipd | mlkem1024 | ipd | 5 | 0x2F49 | secp521_r1 | +| ML-KEM | ML-KEM-ipd | mlkem1024 | ipd | 5 | 0x2F4A | p384 | | ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x0247 | | | ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x2F47 | secp256_r1 | | ML-KEM | ML-KEM-ipd | mlkem512 | ipd | 1 | 0x2FB2 | x25519 | diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index a88fd4b8..ef2aeef4 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -646,6 +646,9 @@ MAKE_DECODER(, "mlkem1024", mlkem1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(_ecp, "p521_mlkem1024", p521_mlkem1024, oqsx, PrivateKeyInfo); MAKE_DECODER(_ecp, "p521_mlkem1024", p521_mlkem1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(_ecp, "p384_mlkem1024", p384_mlkem1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(_ecp, "p384_mlkem1024", p384_mlkem1024, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, PrivateKeyInfo); MAKE_DECODER(, "bikel1", bikel1, oqsx, SubjectPublicKeyInfo); diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 5e545ec0..562ab648 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -785,6 +785,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define p521_mlkem1024_evp_type 0 #define p521_mlkem1024_input_type "p521_mlkem1024" #define p521_mlkem1024_pem_type "p521_mlkem1024" +#define p384_mlkem1024_evp_type 0 +#define p384_mlkem1024_input_type "p384_mlkem1024" +#define p384_mlkem1024_pem_type "p384_mlkem1024" #define bikel1_evp_type 0 #define bikel1_input_type "bikel1" #define bikel1_pem_type "bikel1" @@ -1770,6 +1773,13 @@ MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(_ecp, p521_mlkem1024, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(_ecp, p521_mlkem1024); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(_ecp, p384_mlkem1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(_ecp, p384_mlkem1024); MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, bikel1, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, bikel1, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 2a547f33..0949925d 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -1201,6 +1201,7 @@ MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_mlkem768, OQS_KEM_alg_ml_kem_768, 128) MAKE_KEM_KEYMGMT_FUNCTIONS(mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p521_mlkem1024, OQS_KEM_alg_ml_kem_1024, 256) +MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p384_mlkem1024, OQS_KEM_alg_ml_kem_1024, 192) MAKE_KEM_KEYMGMT_FUNCTIONS(bikel1, OQS_KEM_alg_bike_l1, 128) MAKE_KEM_ECP_KEYMGMT_FUNCTIONS(p256_bikel1, OQS_KEM_alg_bike_l1, 128) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index 98f8828b..b9caaa7c 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -853,6 +853,23 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_mlkem1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_mlkem1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p384_mlkem1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p384_mlkem1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p384_mlkem1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p384_mlkem1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH oqs_bikel1_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH @@ -1762,6 +1779,7 @@ extern const OSSL_DISPATCH oqs_ecp_p256_mlkem768_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_mlkem1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p521_mlkem1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_ecp_p384_mlkem1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_bikel1_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_ecp_p256_bikel1_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index ede1df7e..a8e94d0e 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -173,6 +173,9 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_mlkem1024", der, PrivateKeyInfo, p521_mlkem1024), DECODER_w_structure("p521_mlkem1024", der, SubjectPublicKeyInfo, p521_mlkem1024), + DECODER_w_structure("p384_mlkem1024", der, PrivateKeyInfo, p384_mlkem1024), + DECODER_w_structure("p384_mlkem1024", der, SubjectPublicKeyInfo, + p384_mlkem1024), # endif # ifdef OQS_ENABLE_KEM_bike_l1 DECODER_w_structure("bikel1", der, PrivateKeyInfo, bikel1), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index b3aab89f..c40405f0 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -500,6 +500,17 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("p521_mlkem1024", p521_mlkem1024, pem, SubjectPublicKeyInfo), ENCODER_TEXT("p521_mlkem1024", p521_mlkem1024), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, der, PrivateKeyInfo), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, pem, PrivateKeyInfo), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p384_mlkem1024", p384_mlkem1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p384_mlkem1024", p384_mlkem1024), # endif # ifdef OQS_ENABLE_KEM_bike_l1 ENCODER_w_structure("bikel1", bikel1, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index a29ac41f..c68dded1 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 164 +# define OQS_OID_CNT 166 #else # define OQS_OID_CNT 60 #endif @@ -129,6 +129,8 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mlkem1024", "1.3.9999.99.35", "p521_mlkem1024", + "1.3.6.1.4.1.42235.6", + "p384_mlkem1024", "1.3.9999.99.37", "bikel1", "1.3.9999.99.36", @@ -317,46 +319,48 @@ int oqs_patch_oids(void) if (getenv("OQS_OID_P521_MLKEM1024")) oqs_oid_alg_list[70] = getenv("OQS_OID_P521_MLKEM1024"); + if (getenv("OQS_OID_P384_MLKEM1024")) + oqs_oid_alg_list[72] = getenv("OQS_OID_P384_MLKEM1024"); if (getenv("OQS_OID_BIKEL1")) - oqs_oid_alg_list[72] = getenv("OQS_OID_BIKEL1"); + oqs_oid_alg_list[74] = getenv("OQS_OID_BIKEL1"); if (getenv("OQS_OID_P256_BIKEL1")) - oqs_oid_alg_list[74] = getenv("OQS_OID_P256_BIKEL1"); + oqs_oid_alg_list[76] = getenv("OQS_OID_P256_BIKEL1"); if (getenv("OQS_OID_X25519_BIKEL1")) - oqs_oid_alg_list[76] = getenv("OQS_OID_X25519_BIKEL1"); + oqs_oid_alg_list[78] = getenv("OQS_OID_X25519_BIKEL1"); if (getenv("OQS_OID_BIKEL3")) - oqs_oid_alg_list[78] = getenv("OQS_OID_BIKEL3"); + oqs_oid_alg_list[80] = getenv("OQS_OID_BIKEL3"); if (getenv("OQS_OID_P384_BIKEL3")) - oqs_oid_alg_list[80] = getenv("OQS_OID_P384_BIKEL3"); + oqs_oid_alg_list[82] = getenv("OQS_OID_P384_BIKEL3"); if (getenv("OQS_OID_X448_BIKEL3")) - oqs_oid_alg_list[82] = getenv("OQS_OID_X448_BIKEL3"); + oqs_oid_alg_list[84] = getenv("OQS_OID_X448_BIKEL3"); if (getenv("OQS_OID_BIKEL5")) - oqs_oid_alg_list[84] = getenv("OQS_OID_BIKEL5"); + oqs_oid_alg_list[86] = getenv("OQS_OID_BIKEL5"); if (getenv("OQS_OID_P521_BIKEL5")) - oqs_oid_alg_list[86] = getenv("OQS_OID_P521_BIKEL5"); + oqs_oid_alg_list[88] = getenv("OQS_OID_P521_BIKEL5"); if (getenv("OQS_OID_HQC128")) - oqs_oid_alg_list[88] = getenv("OQS_OID_HQC128"); + oqs_oid_alg_list[90] = getenv("OQS_OID_HQC128"); if (getenv("OQS_OID_P256_HQC128")) - oqs_oid_alg_list[90] = getenv("OQS_OID_P256_HQC128"); + oqs_oid_alg_list[92] = getenv("OQS_OID_P256_HQC128"); if (getenv("OQS_OID_X25519_HQC128")) - oqs_oid_alg_list[92] = getenv("OQS_OID_X25519_HQC128"); + oqs_oid_alg_list[94] = getenv("OQS_OID_X25519_HQC128"); if (getenv("OQS_OID_HQC192")) - oqs_oid_alg_list[94] = getenv("OQS_OID_HQC192"); + oqs_oid_alg_list[96] = getenv("OQS_OID_HQC192"); if (getenv("OQS_OID_P384_HQC192")) - oqs_oid_alg_list[96] = getenv("OQS_OID_P384_HQC192"); + oqs_oid_alg_list[98] = getenv("OQS_OID_P384_HQC192"); if (getenv("OQS_OID_X448_HQC192")) - oqs_oid_alg_list[98] = getenv("OQS_OID_X448_HQC192"); + oqs_oid_alg_list[100] = getenv("OQS_OID_X448_HQC192"); if (getenv("OQS_OID_HQC256")) - oqs_oid_alg_list[100] = getenv("OQS_OID_HQC256"); + oqs_oid_alg_list[102] = getenv("OQS_OID_HQC256"); if (getenv("OQS_OID_P521_HQC256")) - oqs_oid_alg_list[102] = getenv("OQS_OID_P521_HQC256"); + oqs_oid_alg_list[104] = getenv("OQS_OID_P521_HQC256"); -# define OQS_KEMOID_CNT 102 + 2 +# define OQS_KEMOID_CNT 104 + 2 #else # define OQS_KEMOID_CNT 0 #endif /* OQS_KEM_ENCODERS */ @@ -762,6 +766,7 @@ static const OSSL_ALGORITHM oqsprovider_asym_kems[] = { #ifdef OQS_ENABLE_KEM_ml_kem_1024 KEMBASEALG(mlkem1024, 256) KEMHYBALG(p521_mlkem1024, 256) + KEMHYBALG(p384_mlkem1024, 192) #endif #ifdef OQS_ENABLE_KEM_bike_l1 KEMBASEALG(bikel1, 128) @@ -926,6 +931,7 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] KEMKMALG(mlkem1024, 256) KEMKMHYBALG(p521_mlkem1024, 256, ecp) + KEMKMHYBALG(p384_mlkem1024, 192, ecp) #endif #ifdef OQS_ENABLE_KEM_bike_l1 KEMKMALG(bikel1, 128) diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 81aec194..2ffb4cc1 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -83,6 +83,7 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { {0x0249, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F49, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F4A, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1}, @@ -215,40 +216,41 @@ static const OSSL_PARAM oqs_param_group_list[][11] = { OQS_GROUP_ENTRY(mlkem1024, mlkem1024, mlkem1024, 34), OQS_GROUP_ENTRY(p521_mlkem1024, p521_mlkem1024, p521_mlkem1024, 35), + OQS_GROUP_ENTRY(p384_mlkem1024, p384_mlkem1024, p384_mlkem1024, 36), #endif #ifdef OQS_ENABLE_KEM_bike_l1 - OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 36), + OQS_GROUP_ENTRY(bikel1, bikel1, bikel1, 37), - OQS_GROUP_ENTRY(p256_bikel1, p256_bikel1, p256_bikel1, 37), - OQS_GROUP_ENTRY(x25519_bikel1, x25519_bikel1, x25519_bikel1, 38), + OQS_GROUP_ENTRY(p256_bikel1, p256_bikel1, p256_bikel1, 38), + OQS_GROUP_ENTRY(x25519_bikel1, x25519_bikel1, x25519_bikel1, 39), #endif #ifdef OQS_ENABLE_KEM_bike_l3 - OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 39), + OQS_GROUP_ENTRY(bikel3, bikel3, bikel3, 40), - OQS_GROUP_ENTRY(p384_bikel3, p384_bikel3, p384_bikel3, 40), - OQS_GROUP_ENTRY(x448_bikel3, x448_bikel3, x448_bikel3, 41), + OQS_GROUP_ENTRY(p384_bikel3, p384_bikel3, p384_bikel3, 41), + OQS_GROUP_ENTRY(x448_bikel3, x448_bikel3, x448_bikel3, 42), #endif #ifdef OQS_ENABLE_KEM_bike_l5 - OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 42), + OQS_GROUP_ENTRY(bikel5, bikel5, bikel5, 43), - OQS_GROUP_ENTRY(p521_bikel5, p521_bikel5, p521_bikel5, 43), + OQS_GROUP_ENTRY(p521_bikel5, p521_bikel5, p521_bikel5, 44), #endif #ifdef OQS_ENABLE_KEM_hqc_128 - OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 44), + OQS_GROUP_ENTRY(hqc128, hqc128, hqc128, 45), - OQS_GROUP_ENTRY(p256_hqc128, p256_hqc128, p256_hqc128, 45), - OQS_GROUP_ENTRY(x25519_hqc128, x25519_hqc128, x25519_hqc128, 46), + OQS_GROUP_ENTRY(p256_hqc128, p256_hqc128, p256_hqc128, 46), + OQS_GROUP_ENTRY(x25519_hqc128, x25519_hqc128, x25519_hqc128, 47), #endif #ifdef OQS_ENABLE_KEM_hqc_192 - OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 47), + OQS_GROUP_ENTRY(hqc192, hqc192, hqc192, 48), - OQS_GROUP_ENTRY(p384_hqc192, p384_hqc192, p384_hqc192, 48), - OQS_GROUP_ENTRY(x448_hqc192, x448_hqc192, x448_hqc192, 49), + OQS_GROUP_ENTRY(p384_hqc192, p384_hqc192, p384_hqc192, 49), + OQS_GROUP_ENTRY(x448_hqc192, x448_hqc192, x448_hqc192, 50), #endif #ifdef OQS_ENABLE_KEM_hqc_256 - OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 50), + OQS_GROUP_ENTRY(hqc256, hqc256, hqc256, 51), - OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 51), + OQS_GROUP_ENTRY(p521_hqc256, p521_hqc256, p521_hqc256, 52), #endif ///// OQS_TEMPLATE_FRAGMENT_GROUP_NAMES_END }; @@ -385,40 +387,43 @@ int oqs_patch_codepoints() if (getenv("OQS_CODEPOINT_P521_MLKEM1024")) oqs_group_list[35].group_id = atoi(getenv("OQS_CODEPOINT_P521_MLKEM1024")); + if (getenv("OQS_CODEPOINT_P384_MLKEM1024")) + oqs_group_list[36].group_id + = atoi(getenv("OQS_CODEPOINT_P384_MLKEM1024")); if (getenv("OQS_CODEPOINT_BIKEL1")) - oqs_group_list[36].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); + oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL1")); if (getenv("OQS_CODEPOINT_P256_BIKEL1")) - oqs_group_list[37].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); + oqs_group_list[38].group_id = atoi(getenv("OQS_CODEPOINT_P256_BIKEL1")); if (getenv("OQS_CODEPOINT_X25519_BIKEL1")) - oqs_group_list[38].group_id + oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_X25519_BIKEL1")); if (getenv("OQS_CODEPOINT_BIKEL3")) - oqs_group_list[39].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); + oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL3")); if (getenv("OQS_CODEPOINT_P384_BIKEL3")) - oqs_group_list[40].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); + oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_P384_BIKEL3")); if (getenv("OQS_CODEPOINT_X448_BIKEL3")) - oqs_group_list[41].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); + oqs_group_list[42].group_id = atoi(getenv("OQS_CODEPOINT_X448_BIKEL3")); if (getenv("OQS_CODEPOINT_BIKEL5")) - oqs_group_list[42].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); + oqs_group_list[43].group_id = atoi(getenv("OQS_CODEPOINT_BIKEL5")); if (getenv("OQS_CODEPOINT_P521_BIKEL5")) - oqs_group_list[43].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); + oqs_group_list[44].group_id = atoi(getenv("OQS_CODEPOINT_P521_BIKEL5")); if (getenv("OQS_CODEPOINT_HQC128")) - oqs_group_list[44].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); + oqs_group_list[45].group_id = atoi(getenv("OQS_CODEPOINT_HQC128")); if (getenv("OQS_CODEPOINT_P256_HQC128")) - oqs_group_list[45].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); + oqs_group_list[46].group_id = atoi(getenv("OQS_CODEPOINT_P256_HQC128")); if (getenv("OQS_CODEPOINT_X25519_HQC128")) - oqs_group_list[46].group_id + oqs_group_list[47].group_id = atoi(getenv("OQS_CODEPOINT_X25519_HQC128")); if (getenv("OQS_CODEPOINT_HQC192")) - oqs_group_list[47].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); + oqs_group_list[48].group_id = atoi(getenv("OQS_CODEPOINT_HQC192")); if (getenv("OQS_CODEPOINT_P384_HQC192")) - oqs_group_list[48].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); + oqs_group_list[49].group_id = atoi(getenv("OQS_CODEPOINT_P384_HQC192")); if (getenv("OQS_CODEPOINT_X448_HQC192")) - oqs_group_list[49].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); + oqs_group_list[50].group_id = atoi(getenv("OQS_CODEPOINT_X448_HQC192")); if (getenv("OQS_CODEPOINT_HQC256")) - oqs_group_list[50].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); + oqs_group_list[51].group_id = atoi(getenv("OQS_CODEPOINT_HQC256")); if (getenv("OQS_CODEPOINT_P521_HQC256")) - oqs_group_list[51].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); + oqs_group_list[52].group_id = atoi(getenv("OQS_CODEPOINT_P521_HQC256")); if (getenv("OQS_CODEPOINT_DILITHIUM2")) oqs_sigalg_list[0].code_point diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 800eab8d..17b7169a 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,7 +54,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 82 +# define NID_TABLE_LEN 83 #else # define NID_TABLE_LEN 30 #endif @@ -108,6 +108,7 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "p256_mlkem768", OQS_KEM_alg_ml_kem_768, KEY_TYPE_ECP_HYB_KEM, 192}, {0, "mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_KEM, 256}, {0, "p521_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256}, + {0, "p384_mlkem1024", OQS_KEM_alg_ml_kem_1024, KEY_TYPE_ECP_HYB_KEM, 256}, {0, "bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_KEM, 128}, {0, "p256_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECP_HYB_KEM, 128}, {0, "x25519_bikel1", OQS_KEM_alg_bike_l1, KEY_TYPE_ECX_HYB_KEM, 128}, diff --git a/scripts/common.py b/scripts/common.py index 85e1492d..0088bb31 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -9,7 +9,7 @@ # post-quantum key exchanges 'frodo640aes','frodo640shake','frodo976aes','frodo976shake','frodo1344aes','frodo1344shake','kyber512','kyber768','kyber1024','mlkem512','mlkem768','mlkem1024','bikel1','bikel3','bikel5','hqc128','hqc192','hqc256', # post-quantum + classical key exchanges - 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_mlkem512','x25519_mlkem512','p384_mlkem768','x448_mlkem768','x25519_mlkem768','p256_mlkem768','p521_mlkem1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', + 'p256_frodo640aes','x25519_frodo640aes','p256_frodo640shake','x25519_frodo640shake','p384_frodo976aes','x448_frodo976aes','p384_frodo976shake','x448_frodo976shake','p521_frodo1344aes','p521_frodo1344shake','p256_kyber512','x25519_kyber512','p384_kyber768','x448_kyber768','x25519_kyber768','p256_kyber768','p521_kyber1024','p256_mlkem512','x25519_mlkem512','p384_mlkem768','x448_mlkem768','x25519_mlkem768','p256_mlkem768','p521_mlkem1024','p384_mlkem1024','p256_bikel1','x25519_bikel1','p384_bikel3','x448_bikel3','p521_bikel5','p256_hqc128','x25519_hqc128','p384_hqc192','x448_hqc192','p521_hqc256', ##### OQS_TEMPLATE_FRAGMENT_KEX_ALGS_END ] signatures = [ From d53db2aa17b44c918acb7aeff3e47380eb3f6db1 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Mar 2024 10:35:09 -0600 Subject: [PATCH 129/160] adding Felipe to the contribuitors list --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 89d89495..49a771d8 100644 --- a/README.md +++ b/README.md @@ -177,6 +177,7 @@ Contributors to the `oqsprovider` include: - Alex Zaslavsky - Will Childs-Klein - Thomas Bailleux +- Felipe Ventura History ------- From cee0db9572a781b4e3e75de97659b7cc1e486be1 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Mar 2024 14:16:05 -0600 Subject: [PATCH 130/160] fix OID prefix format --- oqsprov/oqs_sig.c | 61 +++++++++++++++++++++++++++-------------------- 1 file changed, 35 insertions(+), 26 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 372d2bd5..8a9554a2 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -216,32 +216,32 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, // this list need to be in order of the last number on the OID from the // composite -static const char *composite_OID_prefix[] = { - "060B6086480186FA6B50080101", // dilithium2_pss2048 +static const unsigned char *composite_OID_prefix[] = { + "060B6086480186FA6B50080101", // mldsa44_pss2048 // id-MLDSA44-RSA2048-PSS-SHA256 - "060B6086480186FA6B50080102", // dilithium2_rsa2048 + "060B6086480186FA6B50080102", // mldsa44_rsa2048 // id-MLDSA44-RSA2048-PKCS15-SHA256 - "060B6086480186FA6B50080103", // dilithium2_ed25519 + "060B6086480186FA6B50080103", // mldsa44_ed25519 // id-MLDSA44-Ed25519-SHA512 - "060B6086480186FA6B50080104", // dilithium2_p256 + "060B6086480186FA6B50080104", // mldsa44_p256 // id-MLDSA44-ECDSA-P256-SHA256 - "060B6086480186FA6B50080105", // dilithium2_bp256 + "060B6086480186FA6B50080105", // mldsa44_bp256 // id-MLDSA44-ECDSA-brainpoolP256r1-SHA256 - "060B6086480186FA6B50080106", // dilithium3_pss3072 + "060B6086480186FA6B50080106", // mldsa65_pss3072 // id-MLDSA65-RSA3072-PSS-SHA512 - "060B6086480186FA6B50080107", // dilithium3_rsa3072 + "060B6086480186FA6B50080107", // mldsa65_rsa3072 // id-MLDSA65-RSA3072-PKCS15-SHA512 - "060B6086480186FA6B50080108", // dilithium3_p256 + "060B6086480186FA6B50080108", // mldsa65_p256 // id-MLDSA65-ECDSA-P256-SHA512 - "060B6086480186FA6B50080109", // dilithium3_bp256 + "060B6086480186FA6B50080109", // mldsa65_bp256 // id-MLDSA65-ECDSA-brainpoolP256r1-SHA512 - "060B6086480186FA6B5008010A", // dilithium3_ed25519 + "060B6086480186FA6B5008010A", // mldsa65_ed25519 // id-MLDSA65-Ed25519-SHA512 - "060B6086480186FA6B5008010B", // dilithium5_p384 + "060B6086480186FA6B5008010B", // mldsa87_p384 // id-MLDSA87-ECDSA-P384-SHA512 - "060B6086480186FA6B5008010C", // dilithium5_bp384 + "060B6086480186FA6B5008010C", // mldsa87_bp384 // id-MLDSA87-ECDSA-brainpoolP384r1-SHA512 - "060B6086480186FA6B5008010D", // dilithium5_ed448 id-MLDSA87-Ed448-SHA512 + "060B6086480186FA6B5008010D", // mldsa87_ed448 id-MLDSA87-Ed448-SHA512 "060B6086480186FA6B5008010E", // falcon512_p256 // id-Falon512-ECDSA-P256-SHA256 "060B6086480186FA6B5008010F", // falcon512_bp256 @@ -251,6 +251,17 @@ static const char *composite_OID_prefix[] = { }; +void Composite_prefix_conversion(char *out, const unsigned char *in) +{ + int temp; + for (int i = 0; i < COMPOSITE_OID_PREFIRX_LEN / 2; i++) { + temp = OPENSSL_hexchar2int(in[2 * i]); + temp = temp * 16; + temp += OPENSSL_hexchar2int(in[2 * i + 1]); + out[i] = (unsigned char)temp; + } +} + /* On entry to this function, data to be signed (tbs) might have been hashed * already: this would be the case if poqs_sigctx->mdctx != NULL; if that is * NULL, we have to hash in case of hybrid signatures @@ -381,10 +392,10 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, CompositeSignature *compsig = CompositeSignature_new(); int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); - const char *oid_prefix + const unsigned char *oid_prefix = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; char *final_tbs; - size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN; + size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; int aux = 0; unsigned char *tbs_hash; @@ -424,11 +435,10 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, ERR_raise(ERR_LIB_USER, ERR_R_FATAL); goto endsign; } - final_tbslen -= 1; final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); - memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, - final_tbslen - COMPOSITE_OID_PREFIRX_LEN); + Composite_prefix_conversion(final_tbs, oid_prefix); + memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, + final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); // sign @@ -712,10 +722,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, int nid = OBJ_sn2nid(oqsxkey->tls_name); unsigned char *buf; size_t buf_len; - const char *oid_prefix + const unsigned char *oid_prefix = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; char *final_tbs; - size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN; + size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; int aux = 0; unsigned char *tbs_hash; @@ -763,11 +773,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, CompositeSignature_free(compsig); goto endverify; } - final_tbslen -= 1; final_tbs = OPENSSL_malloc(final_tbslen); - memcpy(final_tbs, oid_prefix, COMPOSITE_OID_PREFIRX_LEN); - memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN, tbs_hash, - final_tbslen - COMPOSITE_OID_PREFIRX_LEN); + Composite_prefix_conversion(final_tbs, oid_prefix); + memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, + final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); // verify From 6e08171e9bd164928e18a61afed67068a2355e8b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Mar 2024 14:32:13 -0600 Subject: [PATCH 131/160] correct generate output files --- oqsprov/oqsprov.c | 2 +- oqsprov/oqsprov_keys.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 9c65d3ca..92b5c17f 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 196 +# define OQS_OID_CNT 198 #else # define OQS_OID_CNT 92 #endif diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 61db53c8..bd093619 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,7 +54,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 98 +# define NID_TABLE_LEN 99 #else # define NID_TABLE_LEN 46 #endif From 22e0fa0937daa06137031f354444f7ce91d28d57 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Mar 2024 15:04:25 -0600 Subject: [PATCH 132/160] manipulating pointer on a temp instead of void* --- oqsprov/oqsprov_keys.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index bd093619..eefc1aa9 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -647,6 +647,8 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, size_t publen = 0; size_t previous_privlen = 0; size_t previous_publen = 0; + size_t temp_pub_len, temp_priv_len; + char *temp_priv, *temp_pub; int pqc_pub_enc = 0; int i; @@ -686,6 +688,10 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); goto err_key_op; } + temp_priv_len = previous_privlen; + temp_pub_len = previous_publen; + temp_priv = OPENSSL_secure_zalloc(temp_priv_len); + temp_pub = OPENSSL_secure_zalloc(temp_pub_len); previous_privlen = 0; previous_publen = 0; for (i = 0; i < key->numkeys; i++) { @@ -710,6 +716,8 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, OPENSSL_free(enc_len); if (privlen > key->privkeylen_cmp[i]) { OPENSSL_free(name); + OPENSSL_secure_clear_free(temp_priv, temp_priv_len); + OPENSSL_secure_clear_free(temp_pub, temp_pub_len); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err_key_op; } @@ -723,15 +731,19 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, else publen = 0; } - memcpy(key->privkey + previous_privlen, + memcpy(temp_priv + previous_privlen, p + previous_privlen + previous_publen, privlen); - memcpy(key->pubkey + previous_publen, + memcpy(temp_pub + previous_publen, p + privlen + previous_privlen + previous_publen, publen); previous_privlen += privlen; previous_publen += publen; OPENSSL_free(name); } + memcpy(key->privkey, temp_priv, previous_privlen); + memcpy(key->privkey, temp_priv, previous_privlen); + OPENSSL_secure_clear_free(temp_priv, temp_priv_len); + OPENSSL_secure_clear_free(temp_pub, temp_pub_len); } else { if (key->numkeys == 2) { DECODE_UINT32(classical_privatekey_len, From a9fcc1c5eb0652130ebcead249523f850a85281e Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Fri, 1 Mar 2024 15:16:46 -0600 Subject: [PATCH 133/160] fix pubkey typo --- oqsprov/oqsprov_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index eefc1aa9..cc2e3dbb 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -741,7 +741,7 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, OPENSSL_free(name); } memcpy(key->privkey, temp_priv, previous_privlen); - memcpy(key->privkey, temp_priv, previous_privlen); + memcpy(key->pubkey, temp_pub, previous_publen); OPENSSL_secure_clear_free(temp_priv, temp_priv_len); OPENSSL_secure_clear_free(temp_pub, temp_pub_len); } else { From fdc65c7aaa55d6a5851114d09c9b9f9c59eb8653 Mon Sep 17 00:00:00 2001 From: Bence Mali <64798108+bencemali@users.noreply.github.com> Date: Mon, 4 Mar 2024 10:56:53 +0100 Subject: [PATCH 134/160] length and null checks in en/decaps (#364) * length and null checks in en/decaps --- oqsprov/oqs_kem.c | 68 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 62 insertions(+), 6 deletions(-) diff --git a/oqsprov/oqs_kem.c b/oqsprov/oqs_kem.c index 76780a16..a56150d4 100644 --- a/oqsprov/oqs_kem.c +++ b/oqsprov/oqs_kem.c @@ -116,13 +116,42 @@ static int oqs_qs_kem_encaps_keyslot(void *vpkemctx, unsigned char *out, OQS_KEM_PRINTF("OQS Warning: OQS_KEM not initialized\n"); return -1; } - *outlen = kem_ctx->length_ciphertext; - *secretlen = kem_ctx->length_shared_secret; + if (pkemctx->kem->comp_pubkey == NULL + || pkemctx->kem->comp_pubkey[keyslot] == NULL) { + OQS_KEM_PRINTF("OQS Warning: public key is NULL\n"); + return -1; + } if (out == NULL || secret == NULL) { - OQS_KEM_PRINTF3("KEM returning lengths %ld and %ld\n", *outlen, - *secretlen); + if (outlen != NULL) { + *outlen = kem_ctx->length_ciphertext; + } + if (secretlen != NULL) { + *secretlen = kem_ctx->length_shared_secret; + } + OQS_KEM_PRINTF3("KEM returning lengths %ld and %ld\n", + kem_ctx->length_ciphertext, + kem_ctx->length_shared_secret); return 1; } + if (outlen == NULL) { + OQS_KEM_PRINTF("OQS Warning: outlen is NULL\n"); + return -1; + } + if (secretlen == NULL) { + OQS_KEM_PRINTF("OQS Warning: secretlen is NULL\n"); + return -1; + } + if (*outlen < kem_ctx->length_ciphertext) { + OQS_KEM_PRINTF("OQS Warning: out buffer too small\n"); + return -1; + } + if (*secretlen < kem_ctx->length_shared_secret) { + OQS_KEM_PRINTF("OQS Warning: secret buffer too small\n"); + return -1; + } + *outlen = kem_ctx->length_ciphertext; + *secretlen = kem_ctx->length_shared_secret; + return OQS_SUCCESS == OQS_KEM_encaps(kem_ctx, out, secret, pkemctx->kem->comp_pubkey[keyslot]); @@ -140,9 +169,36 @@ static int oqs_qs_kem_decaps_keyslot(void *vpkemctx, unsigned char *out, OQS_KEM_PRINTF("OQS Warning: OQS_KEM not initialized\n"); return -1; } - *outlen = kem_ctx->length_shared_secret; - if (out == NULL) + if (pkemctx->kem->comp_privkey == NULL + || pkemctx->kem->comp_privkey[keyslot] == NULL) { + OQS_KEM_PRINTF("OQS Warning: private key is NULL\n"); + return -1; + } + if (out == NULL) { + if (outlen != NULL) { + *outlen = kem_ctx->length_shared_secret; + } + OQS_KEM_PRINTF2("KEM returning length %ld\n", + kem_ctx->length_shared_secret); return 1; + } + if (inlen != kem_ctx->length_ciphertext) { + OQS_KEM_PRINTF("OQS Warning: wrong input length\n"); + return 0; + } + if (in == NULL) { + OQS_KEM_PRINTF("OQS Warning: in is NULL\n"); + return -1; + } + if (outlen == NULL) { + OQS_KEM_PRINTF("OQS Warning: outlen is NULL\n"); + return -1; + } + if (*outlen < kem_ctx->length_shared_secret) { + OQS_KEM_PRINTF("OQS Warning: out buffer too small\n"); + return -1; + } + *outlen = kem_ctx->length_shared_secret; return OQS_SUCCESS == OQS_KEM_decaps(kem_ctx, out, in, From 361c5f0474046beeace46a5d11146d669499c600 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 4 Mar 2024 11:41:57 -0600 Subject: [PATCH 135/160] removed strtok_r --- oqsprov/oqsprov.c | 29 ++++++++++++++--------------- oqsprov/oqsprov_keys.c | 36 ++++++++++++++++++++++-------------- 2 files changed, 36 insertions(+), 29 deletions(-) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 92b5c17f..672361d6 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -1130,22 +1130,21 @@ static const OSSL_ALGORITHM oqsprovider_decoder[] = { // get the last number on the composite OID int get_composite_idx(int idx) { - char *first_token; - char *token; - char *s; - int i; - s = OPENSSL_strdup(oqs_oid_alg_list[idx * 2]); - first_token = strtok_r(s, ".", &s); - for (i = 0; i <= 7; i++) { // 7 dots in composite OID - token = strtok_r(NULL, ".", &s); - } - if (token != NULL) { - i = atoi(token); - } else { - i = -1; + char *token, *s; + int i, len, count = 0; + + s = oqs_oid_alg_list[idx * 2]; + len = strlen(oqs_oid_alg_list[idx * 2]); + + for (i = 0; i < len; i++) { + if (s[i] == '.') { + count += 1; + } + if (count == 8) { // 8 dots in composite OID + return atoi(s + i + 1); + } } - OPENSSL_free(first_token); - return i; + return 0; } static const OSSL_PARAM *oqsprovider_gettable_params(void *provctx) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index cc2e3dbb..d4df842b 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -244,23 +244,31 @@ char *get_oqsname(int nid) char *get_cmpname(int nid, int index) { - int i, j; - char *name; - char *first_token; - char *token; - char *s; + int i, len; + char *name, *s; if ((i = get_oqsalg_idx(nid)) == -1) return NULL; - s = OPENSSL_strdup(nid_names[i].tlsname); - first_token = strtok_r(s, "_", &s); - if (index == 0) { - name = OPENSSL_strdup(first_token); - } else { - for (j = 0; j < index; j++) - token = strtok_r(s, "_", &s); - name = OPENSSL_strdup(token); + s = nid_names[i].tlsname; + len = strlen(nid_names[i].tlsname); + for (i = 0; i < len; i++) { + if (s[i] == '_') { + break; + } + } + switch (index) { + case 0: + name = OPENSSL_malloc(i); + memcpy(name, s, i); + break; + case 1: + i += 1; + name = OPENSSL_malloc(len - i); + memcpy(name, s + i, len - i); + break; + default: + name = NULL; } - OPENSSL_free(first_token); + return name; } From a8c2f92673962274fb32706df25577c4b74593f5 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 4 Mar 2024 11:51:32 -0600 Subject: [PATCH 136/160] removed Falcon accordingly to the draft-ounsworth-pq-composite-sigs-13 --- ALGORITHMS.md | 3 -- README.md | 2 +- oqs-template/generate.yml | 14 +----- oqsprov/oqs_decode_der2key.c | 7 --- oqsprov/oqs_encode_key2any.c | 30 ------------ oqsprov/oqs_kmgmt.c | 88 +++++++++++------------------------- oqsprov/oqs_prov.h | 54 ---------------------- oqsprov/oqsdecoders.inc | 11 ----- oqsprov/oqsencoders.inc | 37 --------------- oqsprov/oqsprov.c | 83 ++++++++++++---------------------- oqsprov/oqsprov_keys.c | 7 +-- scripts/common.py | 2 +- 12 files changed, 59 insertions(+), 279 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 57ef04d1..f7f5a225 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -167,9 +167,6 @@ adapting the OIDs of all supported signature algorithms as per the table below. | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 -| falcon512_p256 | 2.16.840.1.114027.80.8.1.14 |Yes| OQS_OID_FALCON512_p256 -| falcon512_bp256 | 2.16.840.1.114027.80.8.1.15 |Yes| OQS_OID_FALCON512_bp256 -| falcon512_ed25519 | 2.16.840.1.114027.80.8.1.16 |Yes| OQS_OID_FALCON512_ed25519 | falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024 | p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024 | sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE diff --git a/README.md b/README.md index 8078d41a..9c4d9c92 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* - **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa44_pss2048`\*, `mldsa44_rsa2048`\*, `mldsa44_ed25519`\*, `mldsa44_p256`\*, `mldsa44_bp256`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa65_pss3072`\*, `mldsa65_rsa3072`\*, `mldsa65_p256`\*, `mldsa65_bp256`\*, `mldsa65_ed25519`\*, `mldsa87`\*, `p521_mldsa87`\*, `mldsa87_p384`\*, `mldsa87_bp384`\*, `mldsa87_ed448`\* -- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon512_p256`\*, `falcon512_bp256`\*, `falcon512_ed25519`\*, `falcon1024`\*, `p521_falcon1024`\* +- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple` diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index b0cb5ffe..3cb69dce 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -426,7 +426,7 @@ sigs: # 'oid': '2.16.840.1.114027.80.1.8'}] - # The Composite OIDs are kept up to date by @feventura (Entrust) - # These are prototype OIDs and are in line with draft-ounsworth-pq-composite-sigs-12 + # These are prototype OIDs and are in line with draft-ounsworth-pq-composite-sigs-13 # OID scheme for composite variants: # joint-iso-itu-t (2) # country (16) @@ -666,18 +666,6 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.3.8', 'code_point': '0xfeb0'}] - composite: [{'name': 'p256', - 'pretty_name': 'ECDSA p256', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.14'}, - {'name': 'bp256', - 'pretty_name': 'ECDSA brainpoolP256r1', - 'security': '256', - 'oid': '2.16.840.1.114027.80.8.1.15'}, - {'name': 'ed25519', - 'pretty_name': 'ED25519', - 'security': '128', - 'oid': '2.16.840.1.114027.80.8.1.16'}] extra_nids: old: - implementation_version: NIST Round 3 submission diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index d9bee34f..2ab814da 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -751,13 +751,6 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_p256", falcon512_p256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_bp256", falcon512_bp256, oqsx, SubjectPublicKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, PrivateKeyInfo); -MAKE_DECODER(, "falcon512_ed25519", falcon512_ed25519, oqsx, - SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 985453cb..167083f2 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -1180,15 +1180,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_falcon512_evp_type 0 #define rsa3072_falcon512_input_type "rsa3072_falcon512" #define rsa3072_falcon512_pem_type "rsa3072_falcon512" -#define falcon512_p256_evp_type 0 -#define falcon512_p256_input_type "falcon512_p256" -#define falcon512_p256_pem_type "falcon512_p256" -#define falcon512_bp256_evp_type 0 -#define falcon512_bp256_input_type "falcon512_bp256" -#define falcon512_bp256_pem_type "falcon512_bp256" -#define falcon512_ed25519_evp_type 0 -#define falcon512_ed25519_input_type "falcon512_ed25519" -#define falcon512_ed25519_pem_type "falcon512_ed25519" #define falcon1024_evp_type 0 #define falcon1024_input_type "falcon1024" #define falcon1024_pem_type "falcon1024" @@ -2478,27 +2469,6 @@ MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_falcon512); -MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_p256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_p256); -MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_bp256, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_bp256); -MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, EncryptedPrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, PrivateKeyInfo, pem); -MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, der); -MAKE_ENCODER(, falcon512_ed25519, oqsx, SubjectPublicKeyInfo, pem); -MAKE_TEXT_ENCODER(, falcon512_ed25519); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 013c0ef2..5f017457 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -927,93 +927,60 @@ static void *rsa3072_falcon512_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 29); } -static void *falcon512_p256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 30); -} - -static void *falcon512_p256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 30); -} -static void *falcon512_bp256_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); -} - -static void *falcon512_bp256_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); -} -static void *falcon512_ed25519_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); -} - -static void *falcon512_ed25519_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); -} static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 33); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 30); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 33); + "falcon1024", 0, 256, 30); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 31); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 31); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 35); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 32); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 35); + "sphincssha2128fsimple", 0, 128, 32); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 36); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 36); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 34); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -1021,39 +988,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 37); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 34); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 38); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 35); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 38); + "sphincssha2128ssimple", 0, 128, 35); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 39); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 36); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 39); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 36); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 40); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -1061,66 +1028,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 40); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 41); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 38); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 41); + "sphincssha2192fsimple", 0, 192, 38); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 42); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 39); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 42); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 39); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 43); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 40); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 43); + "sphincsshake128fsimple", 0, 128, 40); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 44); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 41); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 44); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 41); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 45); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 42); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -1128,7 +1095,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 45); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 42); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1310,9 +1277,6 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(mldsa87_ed448) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_p256) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_bp256) -MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512_ed25519) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincssha2128fsimple) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index e2d26585..62268b31 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1661,57 +1661,6 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_p256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_p256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_bp256_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_bp256_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_falcon512_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH - oqs_PrivateKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH - oqs_SubjectPublicKeyInfo_der_to_falcon512_ed25519_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -2023,9 +1972,6 @@ extern const OSSL_DISPATCH oqs_mldsa87_ed448_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_p256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_bp256_keymgmt_functions[]; -extern const OSSL_DISPATCH oqs_falcon512_ed25519_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index 2f9e8399..89ee333d 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -334,17 +334,6 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), rsa3072_falcon512), DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512), - DECODER_w_structure("falcon512_p256", der, PrivateKeyInfo, falcon512_p256), - DECODER_w_structure("falcon512_p256", der, SubjectPublicKeyInfo, - falcon512_p256), - DECODER_w_structure("falcon512_bp256", der, PrivateKeyInfo, - falcon512_bp256), - DECODER_w_structure("falcon512_bp256", der, SubjectPublicKeyInfo, - falcon512_bp256), - DECODER_w_structure("falcon512_ed25519", der, PrivateKeyInfo, - falcon512_ed25519), - DECODER_w_structure("falcon512_ed25519", der, SubjectPublicKeyInfo, - falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index aa87bce1..d9852a14 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -1002,43 +1002,6 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), ENCODER_w_structure("rsa3072_falcon512", rsa3072_falcon512, pem, SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, PrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, PrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_p256", falcon512_p256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_p256", falcon512_p256), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_bp256", falcon512_bp256, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_bp256", falcon512_bp256), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - PrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - EncryptedPrivateKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, der, - SubjectPublicKeyInfo), - ENCODER_w_structure("falcon512_ed25519", falcon512_ed25519, pem, - SubjectPublicKeyInfo), - ENCODER_TEXT("falcon512_ed25519", falcon512_ed25519), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 672361d6..73da9e63 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,9 +49,9 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 198 +# define OQS_OID_CNT 192 #else -# define OQS_OID_CNT 92 +# define OQS_OID_CNT 86 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { @@ -226,12 +226,6 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_falcon512", "1.3.9999.3.8", "rsa3072_falcon512", - "2.16.840.1.114027.80.8.1.14", - "falcon512_p256", - "2.16.840.1.114027.80.8.1.15", - "falcon512_bp256", - "2.16.840.1.114027.80.8.1.16", - "falcon512_ed25519", "1.3.9999.3.9", "falcon1024", "1.3.9999.3.10", @@ -622,95 +616,80 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_P256")) - oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_FALCON512_P256"); - if (getenv("OQS_ENCODING_FALCON512_P256_ALGNAME")) - oqs_alg_encoding_list[61] - = getenv("OQS_ENCODING_FALCON512_P256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_BP256")) - oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_FALCON512_BP256"); - if (getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME")) - oqs_alg_encoding_list[63] - = getenv("OQS_ENCODING_FALCON512_BP256_ALGNAME"); - if (getenv("OQS_ENCODING_FALCON512_ED25519")) - oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_FALCON512_ED25519"); - if (getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME")) - oqs_alg_encoding_list[65] - = getenv("OQS_ENCODING_FALCON512_ED25519_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[69] + oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[70] + oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[71] + oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[72] + oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[73] + oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[74] + oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[75] + oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[76] + oqs_alg_encoding_list[70] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[77] + oqs_alg_encoding_list[71] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[78] + oqs_alg_encoding_list[72] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[79] + oqs_alg_encoding_list[73] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[80] + oqs_alg_encoding_list[74] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[81] + oqs_alg_encoding_list[75] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[82] + oqs_alg_encoding_list[76] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[83] + oqs_alg_encoding_list[77] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[84] + oqs_alg_encoding_list[78] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[85] + oqs_alg_encoding_list[79] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[86] + oqs_alg_encoding_list[80] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[87] + oqs_alg_encoding_list[81] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[88] + oqs_alg_encoding_list[82] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[89] + oqs_alg_encoding_list[83] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[90] + oqs_alg_encoding_list[84] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[91] + oqs_alg_encoding_list[85] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; @@ -799,9 +778,6 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("falcon512", 128, oqs_signature_functions), SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), - SIGALG("falcon512_p256", 128, oqs_signature_functions), - SIGALG("falcon512_bp256", 256, oqs_signature_functions), - SIGALG("falcon512_ed25519", 128, oqs_signature_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_signature_functions), @@ -973,9 +949,6 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] SIGALG("falcon512", 128, oqs_falcon512_keymgmt_functions), SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), - SIGALG("falcon512_p256", 128, oqs_falcon512_p256_keymgmt_functions), - SIGALG("falcon512_bp256", 256, oqs_falcon512_bp256_keymgmt_functions), - SIGALG("falcon512_ed25519", 128, oqs_falcon512_ed25519_keymgmt_functions), #endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_falcon1024_keymgmt_functions), diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index d4df842b..27d1f8ff 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,9 +54,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 99 +# define NID_TABLE_LEN 96 #else -# define NID_TABLE_LEN 46 +# define NID_TABLE_LEN 43 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { @@ -157,9 +157,6 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, - {0, "falcon512_p256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, - {0, "falcon512_bp256", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 256}, - {0, "falcon512_ed25519", OQS_SIG_alg_falcon_512, KEY_TYPE_CMP_SIG, 128}, {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, diff --git a/scripts/common.py b/scripts/common.py index 7913d4b2..f5b122b7 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -20,7 +20,7 @@ # post-quantum + classical signatures 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', # post-quantum + classical signatures (COMPOSITE) - 'mldsa44_pss2048','mldsa44_rsa2048','mldsa44_ed25519','mldsa44_p256','mldsa44_bp256','mldsa65_pss3072','mldsa65_rsa3072','mldsa65_p256','mldsa65_bp256','mldsa65_ed25519','mldsa87_p384','mldsa87_bp384','mldsa87_ed448','falcon512_p256','falcon512_bp256','falcon512_ed25519', + 'mldsa44_pss2048','mldsa44_rsa2048','mldsa44_ed25519','mldsa44_p256','mldsa44_bp256','mldsa65_pss3072','mldsa65_rsa3072','mldsa65_p256','mldsa65_bp256','mldsa65_ed25519','mldsa87_p384','mldsa87_bp384','mldsa87_ed448', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] From d854dd6e1f83be4ffdaacc6750e5bdccd5a2ae7e Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 4 Mar 2024 12:22:09 -0600 Subject: [PATCH 137/160] changed composite classic digest hash logic --- oqsprov/oqs_sig.c | 104 +++++++++++++--------------------------------- 1 file changed, 28 insertions(+), 76 deletions(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 8a9554a2..c5fd13b9 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -251,7 +251,7 @@ static const unsigned char *composite_OID_prefix[] = { }; -void Composite_prefix_conversion(char *out, const unsigned char *in) +void composite_prefix_conversion(char *out, const unsigned char *in) { int temp; for (int i = 0; i < COMPOSITE_OID_PREFIRX_LEN / 2; i++) { @@ -392,8 +392,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, CompositeSignature *compsig = CompositeSignature_new(); int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); - const unsigned char *oid_prefix - = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; + int comp_idx = get_composite_idx(get_oqsalg_idx(nid)); + const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; char *final_tbs; size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; int aux = 0; @@ -436,7 +436,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } final_tbs = OPENSSL_malloc(final_tbslen); - Composite_prefix_conversion(final_tbs, oid_prefix); + composite_prefix_conversion(final_tbs, oid_prefix); memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); @@ -525,41 +525,16 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, goto endsign; } } - - if ((name[0] == 'p') || (name[0] == 'b') - || (name[0] == 'r')) { - int aux; - if (name[0] == 'b') { - aux = 2; - } else { - aux = 1; - } - switch (name[aux]) { - case 's': // pss or rsa - case '2': // p256 or bp256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - case '3': // p384 or bp384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - case '5': // p512 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - default: - ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); - OPENSSL_free(buf); - goto endsign; - } + if (comp_idx < 6) { + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, + (unsigned char *)&digest); + } else { + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(final_tbs, final_tbslen, + (unsigned char *)&digest); } if ((EVP_PKEY_CTX_set_signature_md(classical_ctx_sign, @@ -720,10 +695,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, CompositeSignature *compsig; int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); + int comp_idx = get_composite_idx(get_oqsalg_idx(nid)); unsigned char *buf; size_t buf_len; - const unsigned char *oid_prefix - = composite_OID_prefix[get_composite_idx(get_oqsalg_idx(nid)) - 1]; + const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; char *final_tbs; size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; int aux = 0; @@ -774,7 +749,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } final_tbs = OPENSSL_malloc(final_tbslen); - Composite_prefix_conversion(final_tbs, oid_prefix); + composite_prefix_conversion(final_tbs, oid_prefix); memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); @@ -870,41 +845,18 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, goto endverify; } } - if ((name[0] == 'p') || (name[0] == 'b') - || (name[0] == 'r')) { - int aux; - if (name[0] == 'b') - aux = 2; - else - aux = 1; - switch (name[aux]) { - case 's': // pss or rsa - case '2': // p256 or bp256 - classical_md = EVP_sha256(); - digest_len = SHA256_DIGEST_LENGTH; - SHA256(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - case '3': // p384 or bp384 - classical_md = EVP_sha384(); - digest_len = SHA384_DIGEST_LENGTH; - SHA384(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - case '5': // p512 - classical_md = EVP_sha512(); - digest_len = SHA512_DIGEST_LENGTH; - SHA512(final_tbs, final_tbslen, - (unsigned char *)&digest); - break; - default: - ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); - OPENSSL_free(name); - CompositeSignature_free(compsig); - OPENSSL_free(final_tbs); - goto endverify; - } + if (comp_idx < 6) { + classical_md = EVP_sha256(); + digest_len = SHA256_DIGEST_LENGTH; + SHA256(final_tbs, final_tbslen, + (unsigned char *)&digest); + } else { + classical_md = EVP_sha512(); + digest_len = SHA512_DIGEST_LENGTH; + SHA512(final_tbs, final_tbslen, + (unsigned char *)&digest); } + if ((EVP_PKEY_CTX_set_signature_md(ctx_verify, classical_md) <= 0) || (EVP_PKEY_verify(ctx_verify, buf, buf_len, digest, From 64ca41fe2e55216fb3500f710ab9219dcdb16fb8 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 4 Mar 2024 14:10:02 -0600 Subject: [PATCH 138/160] fixed heap buffer overflow --- oqsprov/oqsprov_keys.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 27d1f8ff..a7d62265 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -254,13 +254,11 @@ char *get_cmpname(int nid, int index) } switch (index) { case 0: - name = OPENSSL_malloc(i); - memcpy(name, s, i); + name = OPENSSL_strndup(s, i); break; case 1: i += 1; - name = OPENSSL_malloc(len - i); - memcpy(name, s + i, len - i); + name = OPENSSL_strndup(s + i, len - i); break; default: name = NULL; From c24bc5f0ebe7b6314d72684e297dcce1c9e769cc Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Mon, 4 Mar 2024 14:51:46 -0600 Subject: [PATCH 139/160] removed interop comment --- oqs-template/generate.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 3cb69dce..43d52909 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -484,12 +484,6 @@ sigs: 'pretty_name': 'ECDSA p384', 'oid': '1.3.9999.2.7.3', 'code_point': '0xfea4'}] -# Used to interop with dilithium3 implementations -# composite: [ -# {'name': 'p256', -# 'pretty_name': 'ECDSA p256', -# 'security': '128', -# 'oid': '2.16.840.1.114027.80.8.1.8'},] - name: 'dilithium5' pretty_name: 'Dilithium5' From 0e75b3205a46967e4d4814ce0997ccc4d6ebe313 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 14:40:53 +0100 Subject: [PATCH 140/160] documentation update [skip ci] (#366) --- README.md | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index b874bd06..8ba8852a 100644 --- a/README.md +++ b/README.md @@ -141,18 +141,22 @@ as documented in https://github.com/openssl/openssl/issues/22761. ## 3.3(-dev) -When https://github.com/openssl/openssl/pull/22779 land, the last config-time limitation -for provider-based signatures should be gone. +When https://github.com/openssl/openssl/pull/22779 lands, a last known +config-time limitation for provider-based signatures should be gone. -A limitation present in all OpenSSL versions is the number of default groups +## All versions + +A limitation present in older OpenSSL versions is the number of default groups supported: [At most 44 default groups may be specified](https://github.com/openssl/openssl/issues/23624) , e.g., passing to [SSL_CTX_set1_groups](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html). Therefore caution is advised activating all KEMs supported by `oqsprovider`: -This may lead to `openssl` crashing. +This may lead to `openssl` crashing, depending on the OpenSSL version used: +The problem is gone in OpenSSL "master" branch and (will be gone) in the +releases 3.3.0, 3.2.2., 3.1.6 and 3.0.14. For [general OpenSSL implementation limitations, e.g., regarding provider feature usage and support, -see here](https://wiki.openssl.org/index.php/OpenSSL_3.0#STATUS_of_current_development). +see here](https://www.openssl.org/docs/man3.0/man7/migration_guide.html). Governance & Contributions -------------------------- @@ -160,11 +164,18 @@ Governance & Contributions Project governance is documented in [GOVERNANCE.md](GOVERNANCE.md) and contribution policy is documented in [CONTRIBUTING.md](CONTRIBUTING.md). +Discussions +----------- + +The policy of this project is that all discussions pertaining to changes in the +functional and non-functional aspects of `oqsprovider` shall take place in +`github`. References to external discussion fora are discouraged to retain the +free and open flow of thoughts unencumbered by potentially differing or changing +access or data retention policies by `github`-external chat forums. + Team ---- -The Open Quantum Safe project is led by [Douglas Stebila](https://www.douglas.stebila.ca/research/) and [Michele Mosca](http://faculty.iqc.uwaterloo.ca/mmosca/) at the University of Waterloo. - Contributors to the `oqsprovider` include: - Michael Baentsch @@ -185,6 +196,13 @@ the separate file [RELEASE.md](RELEASE.md). Acknowledgments --------------- +`oqsprovider` came into existence as a branch of [oqs-openssl](https://github.com/open-quantum-safe/openssl) +as part of the OQS project initially led by Douglas Stebila and Michele +Mosca at the University of Waterloo but split off to become a separate +project catering to the [OpenSSL provider](https://www.openssl.org/docs/manmaster/man7/provider.html) +concept. With OQS joining [PQCA](https://pqca.org) `oqsprovider` also +was folded into that organization. + The `oqsprovider` project had been supported through the [NGI Assure Fund](https://nlnet.nl/assure), a fund established by [NLnet](https://nlnet.nl) with financial support from the European Commission's [Next Generation Internet programme](https://www.ngi.eu), From 8a6a1cdd0aaa890735dceada81ecafd1926a589a Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Thu, 7 Mar 2024 12:46:39 +0100 Subject: [PATCH 141/160] Set Kyber OIDs (#368) * Fix OIDs for Kyber (r3) * fix comments in generate.sh [skip ci] * run clang-format --- ALGORITHMS.md | 94 +++++++++++++++++++-------------------- oqs-template/generate.sh | 9 +--- oqs-template/generate.yml | 3 ++ oqsprov/oqsprov.c | 39 ++++++++-------- 4 files changed, 71 insertions(+), 74 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index d6549213..3d17bf6d 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -189,59 +189,59 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li |Algorithm name | default OID | environment variable | |---------------|:-----------------:|----------------------| -| frodo640aes | 1.3.9999.99.64 | OQS_OID_FRODO640AES -| p256_frodo640aes | 1.3.9999.99.63 | OQS_OID_P256_FRODO640AES -| x25519_frodo640aes | 1.3.9999.99.48 | OQS_OID_X25519_FRODO640AES -| frodo640shake | 1.3.9999.99.66 | OQS_OID_FRODO640SHAKE -| p256_frodo640shake | 1.3.9999.99.65 | OQS_OID_P256_FRODO640SHAKE -| x25519_frodo640shake | 1.3.9999.99.49 | OQS_OID_X25519_FRODO640SHAKE -| frodo976aes | 1.3.9999.99.68 | OQS_OID_FRODO976AES -| p384_frodo976aes | 1.3.9999.99.67 | OQS_OID_P384_FRODO976AES -| x448_frodo976aes | 1.3.9999.99.50 | OQS_OID_X448_FRODO976AES -| frodo976shake | 1.3.9999.99.70 | OQS_OID_FRODO976SHAKE -| p384_frodo976shake | 1.3.9999.99.69 | OQS_OID_P384_FRODO976SHAKE -| x448_frodo976shake | 1.3.9999.99.51 | OQS_OID_X448_FRODO976SHAKE -| frodo1344aes | 1.3.9999.99.72 | OQS_OID_FRODO1344AES -| p521_frodo1344aes | 1.3.9999.99.71 | OQS_OID_P521_FRODO1344AES -| frodo1344shake | 1.3.9999.99.74 | OQS_OID_FRODO1344SHAKE -| p521_frodo1344shake | 1.3.9999.99.73 | OQS_OID_P521_FRODO1344SHAKE -| kyber512 | 1.3.9999.99.76 | OQS_OID_KYBER512 -| p256_kyber512 | 1.3.9999.99.75 | OQS_OID_P256_KYBER512 -| x25519_kyber512 | 1.3.9999.99.52 | OQS_OID_X25519_KYBER512 -| kyber768 | 1.3.9999.99.78 | OQS_OID_KYBER768 -| p384_kyber768 | 1.3.9999.99.77 | OQS_OID_P384_KYBER768 -| x448_kyber768 | 1.3.9999.99.53 | OQS_OID_X448_KYBER768 -| x25519_kyber768 | 1.3.9999.99.54 | OQS_OID_X25519_KYBER768 -| p256_kyber768 | 1.3.9999.99.55 | OQS_OID_P256_KYBER768 -| kyber1024 | 1.3.9999.99.80 | OQS_OID_KYBER1024 -| p521_kyber1024 | 1.3.9999.99.79 | OQS_OID_P521_KYBER1024 +| frodo640aes | 1.3.9999.99.61 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.60 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.45 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.63 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.62 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.46 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.65 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.64 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.47 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.67 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.66 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.48 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.69 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.68 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.71 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.70 | OQS_OID_P521_FRODO1344SHAKE +| kyber512 | 1.3.6.1.4.1.2.267.8.2.2 | OQS_OID_KYBER512 +| p256_kyber512 | 1.3.9999.99.72 | OQS_OID_P256_KYBER512 +| x25519_kyber512 | 1.3.9999.99.49 | OQS_OID_X25519_KYBER512 +| kyber768 | 1.3.6.1.4.1.2.267.8.3.3 | OQS_OID_KYBER768 +| p384_kyber768 | 1.3.9999.99.73 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.50 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.51 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.52 | OQS_OID_P256_KYBER768 +| kyber1024 | 1.3.6.1.4.1.2.267.8.4.4 | OQS_OID_KYBER1024 +| p521_kyber1024 | 1.3.9999.99.74 | OQS_OID_P521_KYBER1024 | mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512 | p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512 | x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512 | mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768 -| p384_mlkem768 | 1.3.9999.99.81 | OQS_OID_P384_MLKEM768 -| x448_mlkem768 | 1.3.9999.99.56 | OQS_OID_X448_MLKEM768 -| x25519_mlkem768 | 1.3.9999.99.57 | OQS_OID_X25519_MLKEM768 -| p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768 +| p384_mlkem768 | 1.3.9999.99.75 | OQS_OID_P384_MLKEM768 +| x448_mlkem768 | 1.3.9999.99.53 | OQS_OID_X448_MLKEM768 +| x25519_mlkem768 | 1.3.9999.99.54 | OQS_OID_X25519_MLKEM768 +| p256_mlkem768 | 1.3.9999.99.55 | OQS_OID_P256_MLKEM768 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 -| p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024 +| p521_mlkem1024 | 1.3.9999.99.76 | OQS_OID_P521_MLKEM1024 | p384_mlkem1024 | 1.3.6.1.4.1.42235.6 | OQS_OID_P384_MLKEM1024 -| bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1 -| p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1 -| x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1 -| bikel3 | 1.3.9999.99.86 | OQS_OID_BIKEL3 -| p384_bikel3 | 1.3.9999.99.85 | OQS_OID_P384_BIKEL3 -| x448_bikel3 | 1.3.9999.99.60 | OQS_OID_X448_BIKEL3 -| bikel5 | 1.3.9999.99.88 | OQS_OID_BIKEL5 -| p521_bikel5 | 1.3.9999.99.87 | OQS_OID_P521_BIKEL5 -| hqc128 | 1.3.9999.99.90 | OQS_OID_HQC128 -| p256_hqc128 | 1.3.9999.99.89 | OQS_OID_P256_HQC128 -| x25519_hqc128 | 1.3.9999.99.61 | OQS_OID_X25519_HQC128 -| hqc192 | 1.3.9999.99.92 | OQS_OID_HQC192 -| p384_hqc192 | 1.3.9999.99.91 | OQS_OID_P384_HQC192 -| x448_hqc192 | 1.3.9999.99.62 | OQS_OID_X448_HQC192 -| hqc256 | 1.3.9999.99.94 | OQS_OID_HQC256 -| p521_hqc256 | 1.3.9999.99.93 | OQS_OID_P521_HQC256 +| bikel1 | 1.3.9999.99.78 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.77 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.56 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.80 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.79 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.57 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.82 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.81 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.84 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.83 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.58 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.86 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.85 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.59 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.88 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.87 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/oqs-template/generate.sh b/oqs-template/generate.sh index 105c2aa9..5257e138 100755 --- a/oqs-template/generate.sh +++ b/oqs-template/generate.sh @@ -2,13 +2,8 @@ cd oqs-template -rm generate.yml - -# Step 1: Obtain current generate.yml from main: -wget -c https://raw.githubusercontent.com/open-quantum-safe/openssl/OQS-OpenSSL_1_1_1-stable/oqs-template/generate.yml - -# Step 2: Run the generator: +# Step 1: Run the generator: cd .. && python3 oqs-template/generate.py -# Step 3: Run clang-format. +# Step 2: Run clang-format. find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs "${CLANG_FORMAT:-clang-format}" -i diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 21536863..abdc27e7 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -85,6 +85,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber512' nid: '0x023A' + oid: '1.3.6.1.4.1.2.267.8.2.2' nid_hybrid: '0x2F3A' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: @@ -107,6 +108,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber768' nid: '0x023C' + oid: '1.3.6.1.4.1.2.267.8.3.3' nid_hybrid: '0x2F3C' extra_nids: current: @@ -129,6 +131,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber1024' nid: '0x023D' + oid: '1.3.6.1.4.1.2.267.8.4.4' nid_hybrid: '0x2F3D' extra_nids: old: diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index c68dded1..ec94af98 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -89,15 +89,15 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "frodo1344shake", "1.3.9999.99.26", "p521_frodo1344shake", - "1.3.9999.99.29", + "1.3.6.1.4.1.2.267.8.2.2", "kyber512", "1.3.9999.99.28", "p256_kyber512", "1.3.9999.99.5", "x25519_kyber512", - "1.3.9999.99.31", + "1.3.6.1.4.1.2.267.8.3.3", "kyber768", - "1.3.9999.99.30", + "1.3.9999.99.29", "p384_kyber768", "1.3.9999.99.6", "x448_kyber768", @@ -105,9 +105,9 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_kyber768", "1.3.9999.99.8", "p256_kyber768", - "1.3.9999.99.33", + "1.3.6.1.4.1.2.267.8.4.4", "kyber1024", - "1.3.9999.99.32", + "1.3.9999.99.30", "p521_kyber1024", "1.3.6.1.4.1.22554.5.6.1", "mlkem512", @@ -117,7 +117,7 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_mlkem512", "1.3.6.1.4.1.22554.5.6.2", "mlkem768", - "1.3.9999.99.34", + "1.3.9999.99.31", "p384_mlkem768", "1.3.9999.99.9", "x448_mlkem768", @@ -127,41 +127,41 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_mlkem768", "1.3.6.1.4.1.22554.5.6.3", "mlkem1024", - "1.3.9999.99.35", + "1.3.9999.99.32", "p521_mlkem1024", "1.3.6.1.4.1.42235.6", "p384_mlkem1024", - "1.3.9999.99.37", + "1.3.9999.99.34", "bikel1", - "1.3.9999.99.36", + "1.3.9999.99.33", "p256_bikel1", "1.3.9999.99.12", "x25519_bikel1", - "1.3.9999.99.39", + "1.3.9999.99.36", "bikel3", - "1.3.9999.99.38", + "1.3.9999.99.35", "p384_bikel3", "1.3.9999.99.13", "x448_bikel3", - "1.3.9999.99.41", + "1.3.9999.99.38", "bikel5", - "1.3.9999.99.40", + "1.3.9999.99.37", "p521_bikel5", - "1.3.9999.99.43", + "1.3.9999.99.40", "hqc128", - "1.3.9999.99.42", + "1.3.9999.99.39", "p256_hqc128", "1.3.9999.99.14", "x25519_hqc128", - "1.3.9999.99.45", + "1.3.9999.99.42", "hqc192", - "1.3.9999.99.44", + "1.3.9999.99.41", "p384_hqc192", "1.3.9999.99.15", "x448_hqc192", - "1.3.9999.99.47", + "1.3.9999.99.44", "hqc256", - "1.3.9999.99.46", + "1.3.9999.99.43", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ @@ -969,7 +969,6 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] #endif // clang-format on ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END - // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_encoder[] = { From f08657b5ac5000c1f56c42dd16331e3306b9a7b2 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Thu, 7 Mar 2024 09:35:01 -0500 Subject: [PATCH 142/160] Add code points for PADDED variant of Falcon [skip ci] (#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch --- ALGORITHMS.md | 32 +++++-- README.md | 2 +- oqs-template/generate.yml | 70 +++++++++++--- oqs-template/oqs-sig-info.md | 20 +++- oqsprov/oqs_decode_der2key.c | 17 ++++ oqsprov/oqs_encode_key2any.c | 50 ++++++++++ oqsprov/oqs_kmgmt.c | 117 ++++++++++++++++++------ oqsprov/oqs_prov.h | 96 +++++++++++++++++++ oqsprov/oqsdecoders.inc | 24 +++++ oqsprov/oqsencoders.inc | 69 ++++++++++++++ oqsprov/oqsprov.c | 162 +++++++++++++++++++++++---------- oqsprov/oqsprov_capabilities.c | 106 +++++++++++++-------- oqsprov/oqsprov_keys.c | 12 ++- scripts/common.py | 4 +- 14 files changed, 641 insertions(+), 140 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 3d17bf6d..c45d83ce 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -79,11 +79,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65 | mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87 | p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87 -| falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512 -| p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512 -| rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 -| falcon1024 | 0xfeb1 |Yes| OQS_CODEPOINT_FALCON1024 -| p521_falcon1024 | 0xfeb2 |Yes| OQS_CODEPOINT_P521_FALCON1024 +| falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512 +| p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512 +| rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 +| falconpadded512 | 0xfedc |Yes| OQS_CODEPOINT_FALCONPADDED512 +| p256_falconpadded512 | 0xfedd |Yes| OQS_CODEPOINT_P256_FALCONPADDED512 +| rsa3072_falconpadded512 | 0xfede |Yes| OQS_CODEPOINT_RSA3072_FALCONPADDED512 +| falcon1024 | 0xfeda |Yes| OQS_CODEPOINT_FALCON1024 +| p521_falcon1024 | 0xfedb |Yes| OQS_CODEPOINT_P521_FALCON1024 +| falconpadded1024 | 0xfedf |Yes| OQS_CODEPOINT_FALCONPADDED1024 +| p521_falconpadded1024 | 0xfee0 |Yes| OQS_CODEPOINT_P521_FALCONPADDED1024 | sphincssha2128fsimple | 0xfeb3 |Yes| OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE | p256_sphincssha2128fsimple | 0xfeb4 |Yes| OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE | rsa3072_sphincssha2128fsimple | 0xfeb5 |Yes| OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE @@ -151,11 +156,16 @@ adapting the OIDs of all supported signature algorithms as per the table below. | p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65 | mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87 | p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87 -| falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 -| p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 -| rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 -| falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024 -| p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024 +| falcon512 | 1.3.9999.3.11 |Yes| OQS_OID_FALCON512 +| p256_falcon512 | 1.3.9999.3.12 |Yes| OQS_OID_P256_FALCON512 +| rsa3072_falcon512 | 1.3.9999.3.13 |Yes| OQS_OID_RSA3072_FALCON512 +| falconpadded512 | 1.3.9999.3.16 |Yes| OQS_OID_FALCONPADDED512 +| p256_falconpadded512 | 1.3.9999.3.17 |Yes| OQS_OID_P256_FALCONPADDED512 +| rsa3072_falconpadded512 | 1.3.9999.3.18 |Yes| OQS_OID_RSA3072_FALCONPADDED512 +| falcon1024 | 1.3.9999.3.14 |Yes| OQS_OID_FALCON1024 +| p521_falcon1024 | 1.3.9999.3.15 |Yes| OQS_OID_P521_FALCON1024 +| falconpadded1024 | 1.3.9999.3.19 |Yes| OQS_OID_FALCONPADDED1024 +| p521_falconpadded1024 | 1.3.9999.3.20 |Yes| OQS_OID_P521_FALCONPADDED1024 | sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE | p256_sphincssha2128fsimple | 1.3.9999.6.4.14 |Yes| OQS_OID_P256_SPHINCSSHA2128FSIMPLE | rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 |Yes| OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE @@ -259,7 +269,9 @@ By setting environment variables, oqs-provider can be configured to encode keys |`OQS_ENCODING_DILITHIUM3`|`draft-uni-qsckeys-dilithium-00/sk-pk`| |`OQS_ENCODING_DILITHIUM5`|`draft-uni-qsckeys-dilithium-00/sk-pk`| |`OQS_ENCODING_FALCON512`|`draft-uni-qsckeys-falcon-00/sk-pk`| +|`OQS_ENCODING_FALCONPADDED512`|`draft-uni-qsckeys-falcon-00/sk-pk`| |`OQS_ENCODING_FALCON1024`|`draft-uni-qsckeys-falcon-00/sk-pk`| +|`OQS_ENCODING_FALCONPADDED1024`|`draft-uni-qsckeys-falcon-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2128FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2128SSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2192FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| diff --git a/README.md b/README.md index 8ba8852a..b6f5b086 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* - **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\* -- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* +- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falconpadded512`\*, `p256_falconpadded512`\*, `rsa3072_falconpadded512`\*, `falcon1024`\*, `p521_falcon1024`\*, `falconpadded1024`\*, `p521_falconpadded1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple` diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index abdc27e7..e9fcd9bb 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -399,7 +399,7 @@ kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values -# Next free signature ID: 0xfed7 +# Next free signature ID: 0xfee1 sigs: # - # iso (1) @@ -581,20 +581,32 @@ sigs: name: 'falcon512' pretty_name: 'Falcon-512' oqs_meth: 'OQS_SIG_alg_falcon_512' - oid: '1.3.9999.3.6' - code_point: '0xfeae' + oid: '1.3.9999.3.11' + code_point: '0xfed7' supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] enable: true mix_with: [{'name': 'p256', 'pretty_name': 'ECDSA p256', - 'oid': '1.3.9999.3.7', - 'code_point': '0xfeaf'}, + 'oid': '1.3.9999.3.12', + 'code_point': '0xfed8'}, {'name': 'rsa3072', 'pretty_name': 'RSA3072', - 'oid': '1.3.9999.3.8', - 'code_point': '0xfeb0'}] + 'oid': '1.3.9999.3.13', + 'code_point': '0xfed9'}] extra_nids: old: + - implementation_version: PQClean Round 3 version labelled 20211101 + nist-round: 3 + oid: '1.3.9999.3.6' + code_point: '0xfeae' + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.7', + 'code_point': '0xfeaf'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.8', + 'code_point': '0xfeb0'}] - implementation_version: NIST Round 3 submission nist-round: 3 oid: '1.3.9999.3.1' @@ -607,20 +619,44 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.3.3', 'code_point': '0xfe0d'}] + - + name: 'falconpadded512' + pretty_name: 'Falcon-padded-512' + oqs_meth: 'OQS_SIG_alg_falcon_padded_512' + oid: '1.3.9999.3.16' + code_point: '0xfedc' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.17', + 'code_point': '0xfedd'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.18', + 'code_point': '0xfede'}] - name: 'falcon1024' pretty_name: 'Falcon-1024' oqs_meth: 'OQS_SIG_alg_falcon_1024' - oid: '1.3.9999.3.9' - code_point: '0xfeb1' + oid: '1.3.9999.3.14' + code_point: '0xfeda' supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] enable: true mix_with: [{'name': 'p521', 'pretty_name': 'ECDSA p521', - 'oid': '1.3.9999.3.10', - 'code_point': '0xfeb2'}] + 'oid': '1.3.9999.3.15', + 'code_point': '0xfedb'}] extra_nids: old: + - implementation_version: PQClean Round 3 version labelled 20211101 + nist-round: 3 + oid: '1.3.9999.3.9' + code_point: '0xfeb1' + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.10', + 'code_point': '0xfeb2'}] - implementation_version: NIST Round 3 submission nist-round: 3 oid: '1.3.9999.3.4' @@ -629,6 +665,18 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.3.5', 'code_point': '0xfe0f'}] + - + name: 'falconpadded1024' + pretty_name: 'Falcon-padded-1024' + oqs_meth: 'OQS_SIG_alg_falcon_padded_1024' + oid: '1.3.9999.3.19' + code_point: '0xfedf' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.20', + 'code_point': '0xfee0'}] - family: 'SPHINCS-Haraka' variants: diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md index 15607003..e61a9824 100644 --- a/oqs-template/oqs-sig-info.md +++ b/oqs-template/oqs-sig-info.md @@ -14,16 +14,26 @@ | dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | | dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | | dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | -| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | -| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | -| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | +| falcon512 | 20211101 | 3 | 1 | 0xfed7 | 1.3.9999.3.11 | +| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfed8 | 1.3.9999.3.12 | +| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfed9 | 1.3.9999.3.13 | +| falcon512 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | +| falcon512 **hybrid with** p256 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | +| falcon512 **hybrid with** rsa3072 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | | falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | | falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | | falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | -| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | -| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | +| falconpadded512 | 20211101 | 3 | 1 | 0xfedc | 1.3.9999.3.16 | +| falconpadded512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfedd | 1.3.9999.3.17 | +| falconpadded512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfede | 1.3.9999.3.18 | +| falcon1024 | 20211101 | 3 | 5 | 0xfeda | 1.3.9999.3.14 | +| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfedb | 1.3.9999.3.15 | +| falcon1024 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | +| falcon1024 **hybrid with** p521 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | | falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | | falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | +| falconpadded1024 | 20211101 | 3 | 5 | 0xfedf | 1.3.9999.3.19 | +| falconpadded1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfee0 | 1.3.9999.3.20 | | mldsa44 | ML-DSA-ipd | ipd | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 | | mldsa44 **hybrid with** p256 | ML-DSA-ipd | ipd | 1 | 0xfed3 | 1.3.9999.7.1 | | mldsa44 **hybrid with** rsa3072 | ML-DSA-ipd | ipd | 1 | 0xfed4 | 1.3.9999.7.2 | diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index ef2aeef4..ddaf6975 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -725,10 +725,27 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, PrivateKeyInfo); MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 562ab648..b41c0f78 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -894,12 +894,27 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_falcon512_evp_type 0 #define rsa3072_falcon512_input_type "rsa3072_falcon512" #define rsa3072_falcon512_pem_type "rsa3072_falcon512" +#define falconpadded512_evp_type 0 +#define falconpadded512_input_type "falconpadded512" +#define falconpadded512_pem_type "falconpadded512" +#define p256_falconpadded512_evp_type 0 +#define p256_falconpadded512_input_type "p256_falconpadded512" +#define p256_falconpadded512_pem_type "p256_falconpadded512" +#define rsa3072_falconpadded512_evp_type 0 +#define rsa3072_falconpadded512_input_type "rsa3072_falconpadded512" +#define rsa3072_falconpadded512_pem_type "rsa3072_falconpadded512" #define falcon1024_evp_type 0 #define falcon1024_input_type "falcon1024" #define falcon1024_pem_type "falcon1024" #define p521_falcon1024_evp_type 0 #define p521_falcon1024_input_type "p521_falcon1024" #define p521_falcon1024_pem_type "p521_falcon1024" +#define falconpadded1024_evp_type 0 +#define falconpadded1024_input_type "falconpadded1024" +#define falconpadded1024_pem_type "falconpadded1024" +#define p521_falconpadded1024_evp_type 0 +#define p521_falconpadded1024_input_type "p521_falconpadded1024" +#define p521_falconpadded1024_pem_type "p521_falconpadded1024" #define sphincssha2128fsimple_evp_type 0 #define sphincssha2128fsimple_input_type "sphincssha2128fsimple" #define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" @@ -2019,6 +2034,27 @@ MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_falcon512); +MAKE_ENCODER(, falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falconpadded512); +MAKE_ENCODER(, p256_falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_falconpadded512); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_falconpadded512); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, der); @@ -2033,6 +2069,20 @@ MAKE_ENCODER(, p521_falcon1024, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_falcon1024); +MAKE_ENCODER(, falconpadded1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falconpadded1024); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p521_falconpadded1024); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 0949925d..a613a022 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -782,60 +782,120 @@ static void *rsa3072_falcon512_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 16); } +static void *falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_512, "falconpadded512", + KEY_TYPE_SIG, NULL, 128, 17); +} + +static void *falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "falconpadded512", 0, 128, 17); +} +static void *p256_falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_512, "p256_falconpadded512", + KEY_TYPE_HYB_SIG, NULL, 128, 18); +} + +static void *p256_falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 18); +} +static void *rsa3072_falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 19); +} + +static void *rsa3072_falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 19); +} static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 17); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 20); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 17); + "falcon1024", 0, 256, 20); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 18); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 21); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 18); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 21); +} +static void *falconpadded1024_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_1024, "falconpadded1024", + KEY_TYPE_SIG, NULL, 256, 22); +} + +static void *falconpadded1024_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, + "falconpadded1024", 0, 256, 22); +} +static void *p521_falconpadded1024_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_1024, "p521_falconpadded1024", + KEY_TYPE_HYB_SIG, NULL, 256, 23); +} + +static void *p521_falconpadded1024_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, + "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 23); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 19); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 24); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 19); + "sphincssha2128fsimple", 0, 128, 24); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 20); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 25); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 20); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 25); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 21); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 26); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -843,39 +903,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 21); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 26); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 22); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 27); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 22); + "sphincssha2128ssimple", 0, 128, 27); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 23); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 23); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 28); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 24); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -883,66 +943,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 24); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 29); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 25); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 30); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 25); + "sphincssha2192fsimple", 0, 192, 30); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 26); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 31); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 26); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 31); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 27); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 32); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 27); + "sphincsshake128fsimple", 0, 128, 32); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 28); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 34); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -950,7 +1010,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 29); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 34); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1119,8 +1179,13 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p521_mldsa87) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) +MAKE_SIG_KEYMGMT_FUNCTIONS(falconpadded512) +MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falconpadded512) +MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falconpadded512) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falcon1024) +MAKE_SIG_KEYMGMT_FUNCTIONS(falconpadded1024) +MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falconpadded1024) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincssha2128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincssha2128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincssha2128fsimple) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index b9caaa7c..847e6f65 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1416,6 +1416,60 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_falconpadded512_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1450,6 +1504,43 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_falconpadded1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1714,8 +1805,13 @@ extern const OSSL_DISPATCH oqs_p521_mldsa87_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_falconpadded512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falconpadded512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p521_falconpadded1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index a8e94d0e..2f6bc610 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -290,6 +290,20 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + DECODER_w_structure("falconpadded512", der, PrivateKeyInfo, + falconpadded512), + DECODER_w_structure("falconpadded512", der, SubjectPublicKeyInfo, + falconpadded512), + DECODER_w_structure("p256_falconpadded512", der, PrivateKeyInfo, + p256_falconpadded512), + DECODER_w_structure("p256_falconpadded512", der, SubjectPublicKeyInfo, + p256_falconpadded512), + DECODER_w_structure("rsa3072_falconpadded512", der, PrivateKeyInfo, + rsa3072_falconpadded512), + DECODER_w_structure("rsa3072_falconpadded512", der, SubjectPublicKeyInfo, + rsa3072_falconpadded512), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024), @@ -298,6 +312,16 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, p521_falcon1024), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + DECODER_w_structure("falconpadded1024", der, PrivateKeyInfo, + falconpadded1024), + DECODER_w_structure("falconpadded1024", der, SubjectPublicKeyInfo, + falconpadded1024), + DECODER_w_structure("p521_falconpadded1024", der, PrivateKeyInfo, + p521_falconpadded1024), + DECODER_w_structure("p521_falconpadded1024", der, SubjectPublicKeyInfo, + p521_falconpadded1024), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, sphincssha2128fsimple), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index c40405f0..e60f81e3 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -848,6 +848,47 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + ENCODER_w_structure("falconpadded512", falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falconpadded512", falconpadded512), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_falconpadded512", p256_falconpadded512), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_falconpadded512", rsa3072_falconpadded512), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), @@ -870,6 +911,34 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("p521_falcon1024", p521_falcon1024), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falconpadded1024", falconpadded1024), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_falconpadded1024", p521_falconpadded1024), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index ec94af98..64ca0256 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,9 +49,9 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 166 +# define OQS_OID_CNT 176 #else -# define OQS_OID_CNT 60 +# define OQS_OID_CNT 70 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { @@ -194,16 +194,26 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mldsa87", "1.3.9999.7.4", "p521_mldsa87", - "1.3.9999.3.6", + "1.3.9999.3.11", "falcon512", - "1.3.9999.3.7", + "1.3.9999.3.12", "p256_falcon512", - "1.3.9999.3.8", + "1.3.9999.3.13", "rsa3072_falcon512", - "1.3.9999.3.9", + "1.3.9999.3.16", + "falconpadded512", + "1.3.9999.3.17", + "p256_falconpadded512", + "1.3.9999.3.18", + "rsa3072_falconpadded512", + "1.3.9999.3.14", "falcon1024", - "1.3.9999.3.10", + "1.3.9999.3.15", "p521_falcon1024", + "1.3.9999.3.19", + "falconpadded1024", + "1.3.9999.3.20", + "p521_falconpadded1024", "1.3.9999.6.4.13", "sphincssha2128fsimple", "1.3.9999.6.4.14", @@ -405,43 +415,58 @@ int oqs_patch_oids(void) if (getenv("OQS_OID_RSA3072_FALCON512")) oqs_oid_alg_list[32 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_FALCON512"); + if (getenv("OQS_OID_FALCONPADDED512")) + oqs_oid_alg_list[34 + OQS_KEMOID_CNT] + = getenv("OQS_OID_FALCONPADDED512"); + if (getenv("OQS_OID_P256_FALCONPADDED512")) + oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_FALCONPADDED512"); + if (getenv("OQS_OID_RSA3072_FALCONPADDED512")) + oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_FALCONPADDED512"); if (getenv("OQS_OID_FALCON1024")) - oqs_oid_alg_list[34 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); + oqs_oid_alg_list[40 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); if (getenv("OQS_OID_P521_FALCON1024")) - oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + oqs_oid_alg_list[42 + OQS_KEMOID_CNT] = getenv("OQS_OID_P521_FALCON1024"); + if (getenv("OQS_OID_FALCONPADDED1024")) + oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + = getenv("OQS_OID_FALCONPADDED1024"); + if (getenv("OQS_OID_P521_FALCONPADDED1024")) + oqs_oid_alg_list[46 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_FALCONPADDED1024"); if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + oqs_oid_alg_list[48 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[40 + OQS_KEMOID_CNT] + oqs_oid_alg_list[50 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[42 + OQS_KEMOID_CNT] + oqs_oid_alg_list[52 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + oqs_oid_alg_list[54 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[46 + OQS_KEMOID_CNT] + oqs_oid_alg_list[56 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[48 + OQS_KEMOID_CNT] + oqs_oid_alg_list[58 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[50 + OQS_KEMOID_CNT] + oqs_oid_alg_list[60 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[52 + OQS_KEMOID_CNT] + oqs_oid_alg_list[62 + OQS_KEMOID_CNT] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[54 + OQS_KEMOID_CNT] + oqs_oid_alg_list[64 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[56 + OQS_KEMOID_CNT] + oqs_oid_alg_list[66 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[58 + OQS_KEMOID_CNT] + oqs_oid_alg_list[68 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; @@ -528,80 +553,107 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_FALCONPADDED512")) + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCONPADDED512"); + if (getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[35] + = getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME"); + if (getenv("OQS_ENCODING_P256_FALCONPADDED512")) + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P256_FALCONPADDED512"); + if (getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[37] + = getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512")) + oqs_alg_encoding_list[38] + = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512"); + if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[39] + = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[35] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[37] + oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_FALCONPADDED1024")) + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_FALCONPADDED1024"); + if (getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME")) + oqs_alg_encoding_list[45] + = getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME"); + if (getenv("OQS_ENCODING_P521_FALCONPADDED1024")) + oqs_alg_encoding_list[46] + = getenv("OQS_ENCODING_P521_FALCONPADDED1024"); + if (getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME")) + oqs_alg_encoding_list[47] + = getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[38] + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[39] + oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[40] + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[41] + oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[42] + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[43] + oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[44] + oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[46] + oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[47] + oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[48] + oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[49] + oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[50] + oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[51] + oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[52] + oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[53] + oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[54] + oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[55] + oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[56] + oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[57] + oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[58] + oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[59] + oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; @@ -678,10 +730,19 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + SIGALG("falconpadded512", 128, oqs_signature_functions), + SIGALG("p256_falconpadded512", 128, oqs_signature_functions), + SIGALG("rsa3072_falconpadded512", 128, oqs_signature_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_signature_functions), SIGALG("p521_falcon1024", 256, oqs_signature_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + SIGALG("falconpadded1024", 256, oqs_signature_functions), + SIGALG("p521_falconpadded1024", 256, oqs_signature_functions), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple SIGALG("sphincssha2128fsimple", 128, oqs_signature_functions), SIGALG("p256_sphincssha2128fsimple", 128, oqs_signature_functions), @@ -836,10 +897,19 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + SIGALG("falconpadded512", 128, oqs_falconpadded512_keymgmt_functions), + SIGALG("p256_falconpadded512", 128, oqs_p256_falconpadded512_keymgmt_functions), + SIGALG("rsa3072_falconpadded512", 128, oqs_rsa3072_falconpadded512_keymgmt_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_falcon1024_keymgmt_functions), SIGALG("p521_falcon1024", 256, oqs_p521_falcon1024_keymgmt_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + SIGALG("falconpadded1024", 256, oqs_falconpadded1024_keymgmt_functions), + SIGALG("p521_falconpadded1024", 256, oqs_p521_falconpadded1024_keymgmt_functions), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple SIGALG("sphincssha2128fsimple", 128, oqs_sphincssha2128fsimple_keymgmt_functions), SIGALG("p256_sphincssha2128fsimple", 128, oqs_p256_sphincssha2128fsimple_keymgmt_functions), diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 2ffb4cc1..6f006225 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -272,14 +272,17 @@ static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { {0xfed3, 128, TLS1_3_VERSION, 0}, {0xfed4, 128, TLS1_3_VERSION, 0}, {0xfed1, 192, TLS1_3_VERSION, 0}, {0xfed5, 192, TLS1_3_VERSION, 0}, {0xfed2, 256, TLS1_3_VERSION, 0}, {0xfed6, 256, TLS1_3_VERSION, 0}, - {0xfeae, 128, TLS1_3_VERSION, 0}, {0xfeaf, 128, TLS1_3_VERSION, 0}, - {0xfeb0, 128, TLS1_3_VERSION, 0}, {0xfeb1, 256, TLS1_3_VERSION, 0}, - {0xfeb2, 256, TLS1_3_VERSION, 0}, {0xfeb3, 128, TLS1_3_VERSION, 0}, - {0xfeb4, 128, TLS1_3_VERSION, 0}, {0xfeb5, 128, TLS1_3_VERSION, 0}, - {0xfeb6, 128, TLS1_3_VERSION, 0}, {0xfeb7, 128, TLS1_3_VERSION, 0}, - {0xfeb8, 128, TLS1_3_VERSION, 0}, {0xfeb9, 192, TLS1_3_VERSION, 0}, - {0xfeba, 192, TLS1_3_VERSION, 0}, {0xfec2, 128, TLS1_3_VERSION, 0}, - {0xfec3, 128, TLS1_3_VERSION, 0}, {0xfec4, 128, TLS1_3_VERSION, 0}, + {0xfed7, 128, TLS1_3_VERSION, 0}, {0xfed8, 128, TLS1_3_VERSION, 0}, + {0xfed9, 128, TLS1_3_VERSION, 0}, {0xfedc, 128, TLS1_3_VERSION, 0}, + {0xfedd, 128, TLS1_3_VERSION, 0}, {0xfede, 128, TLS1_3_VERSION, 0}, + {0xfeda, 256, TLS1_3_VERSION, 0}, {0xfedb, 256, TLS1_3_VERSION, 0}, + {0xfedf, 256, TLS1_3_VERSION, 0}, {0xfee0, 256, TLS1_3_VERSION, 0}, + {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, + {0xfeb5, 128, TLS1_3_VERSION, 0}, {0xfeb6, 128, TLS1_3_VERSION, 0}, + {0xfeb7, 128, TLS1_3_VERSION, 0}, {0xfeb8, 128, TLS1_3_VERSION, 0}, + {0xfeb9, 192, TLS1_3_VERSION, 0}, {0xfeba, 192, TLS1_3_VERSION, 0}, + {0xfec2, 128, TLS1_3_VERSION, 0}, {0xfec3, 128, TLS1_3_VERSION, 0}, + {0xfec4, 128, TLS1_3_VERSION, 0}, ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END }; @@ -473,44 +476,59 @@ int oqs_patch_codepoints() if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) oqs_sigalg_list[16].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); - if (getenv("OQS_CODEPOINT_FALCON1024")) + if (getenv("OQS_CODEPOINT_FALCONPADDED512")) oqs_sigalg_list[17].code_point + = atoi(getenv("OQS_CODEPOINT_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_P256_FALCONPADDED512")) + oqs_sigalg_list[18].code_point + = atoi(getenv("OQS_CODEPOINT_P256_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_RSA3072_FALCONPADDED512")) + oqs_sigalg_list[19].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_FALCON1024")) + oqs_sigalg_list[20].code_point = atoi(getenv("OQS_CODEPOINT_FALCON1024")); if (getenv("OQS_CODEPOINT_P521_FALCON1024")) - oqs_sigalg_list[18].code_point + oqs_sigalg_list[21].code_point = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); + if (getenv("OQS_CODEPOINT_FALCONPADDED1024")) + oqs_sigalg_list[22].code_point + = atoi(getenv("OQS_CODEPOINT_FALCONPADDED1024")); + if (getenv("OQS_CODEPOINT_P521_FALCONPADDED1024")) + oqs_sigalg_list[23].code_point + = atoi(getenv("OQS_CODEPOINT_P521_FALCONPADDED1024")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[19].code_point + oqs_sigalg_list[24].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[20].code_point + oqs_sigalg_list[25].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[21].code_point + oqs_sigalg_list[26].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[22].code_point + oqs_sigalg_list[27].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[23].code_point + oqs_sigalg_list[28].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[24].code_point + oqs_sigalg_list[29].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[25].code_point + oqs_sigalg_list[30].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[26].code_point + oqs_sigalg_list[31].code_point = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[27].code_point + oqs_sigalg_list[32].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[28].code_point + oqs_sigalg_list[33].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[29].code_point + oqs_sigalg_list[34].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END return 1; @@ -590,49 +608,63 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { 13), # endif # ifdef OQS_ENABLE_SIG_falcon_512 - OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 14), + OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.11", 14), OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, - "1.3.9999.3.7", 15), + "1.3.9999.3.12", 15), OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, - "1.3.9999.3.8", 16), + "1.3.9999.3.13", 16), +# endif +# ifdef OQS_ENABLE_SIG_falcon_padded_512 + OQS_SIGALG_ENTRY(falconpadded512, falconpadded512, falconpadded512, + "1.3.9999.3.16", 17), + OQS_SIGALG_ENTRY(p256_falconpadded512, p256_falconpadded512, + p256_falconpadded512, "1.3.9999.3.17", 18), + OQS_SIGALG_ENTRY(rsa3072_falconpadded512, rsa3072_falconpadded512, + rsa3072_falconpadded512, "1.3.9999.3.18", 19), # endif # ifdef OQS_ENABLE_SIG_falcon_1024 - OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 17), + OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.14", 20), OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, - "1.3.9999.3.10", 18), + "1.3.9999.3.15", 21), +# endif +# ifdef OQS_ENABLE_SIG_falcon_padded_1024 + OQS_SIGALG_ENTRY(falconpadded1024, falconpadded1024, falconpadded1024, + "1.3.9999.3.19", 22), + OQS_SIGALG_ENTRY(p521_falconpadded1024, p521_falconpadded1024, + p521_falconpadded1024, "1.3.9999.3.20", 23), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, - sphincssha2128fsimple, "1.3.9999.6.4.13", 19), + sphincssha2128fsimple, "1.3.9999.6.4.13", 24), OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, - p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 20), + p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 25), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, - rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 21), + rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 26), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, - sphincssha2128ssimple, "1.3.9999.6.4.16", 22), + sphincssha2128ssimple, "1.3.9999.6.4.16", 27), OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, - p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 23), + p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 28), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, - rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 24), + rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 29), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, - sphincssha2192fsimple, "1.3.9999.6.5.10", 25), + sphincssha2192fsimple, "1.3.9999.6.5.10", 30), OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, - p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 26), + p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 31), # endif # ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, - sphincsshake128fsimple, "1.3.9999.6.7.13", 27), + sphincsshake128fsimple, "1.3.9999.6.7.13", 32), OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, - p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 28), + p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 33), OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, - rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 29), + rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 34), # endif ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END }; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 17b7169a..53e96a07 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,9 +54,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 83 +# define NID_TABLE_LEN 88 #else -# define NID_TABLE_LEN 30 +# define NID_TABLE_LEN 35 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { @@ -144,8 +144,16 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, + {0, "falconpadded512", OQS_SIG_alg_falcon_padded_512, KEY_TYPE_SIG, 128}, + {0, "p256_falconpadded512", OQS_SIG_alg_falcon_padded_512, KEY_TYPE_HYB_SIG, + 128}, + {0, "rsa3072_falconpadded512", OQS_SIG_alg_falcon_padded_512, + KEY_TYPE_HYB_SIG, 128}, {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, + {0, "falconpadded1024", OQS_SIG_alg_falcon_padded_1024, KEY_TYPE_SIG, 256}, + {0, "p521_falconpadded1024", OQS_SIG_alg_falcon_padded_1024, + KEY_TYPE_HYB_SIG, 256}, {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_SIG, 128}, {0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, diff --git a/scripts/common.py b/scripts/common.py index 0088bb31..70e66d2d 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -16,9 +16,9 @@ 'ecdsap256', 'rsa3072', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_START # post-quantum signatures - 'dilithium2','dilithium3','dilithium5','mldsa44','mldsa65','mldsa87','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', + 'dilithium2','dilithium3','dilithium5','mldsa44','mldsa65','mldsa87','falcon512','falconpadded512','falcon1024','falconpadded1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', # post-quantum + classical signatures - 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', + 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p256_falconpadded512','rsa3072_falconpadded512','p521_falcon1024','p521_falconpadded1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ] From a9873af390d93cf4d0a10169622d20d60642d171 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 09:34:59 -0600 Subject: [PATCH 143/160] added composite draft link to README --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1ced62fb..a6fdb795 100644 --- a/README.md +++ b/README.md @@ -66,9 +66,10 @@ TLS operations. This designation [can be changed by modifying the In order to support parallel use of classic and quantum-safe cryptography this provider also provides different hybrid algorithms, combining classic -and quantum-safe methods: These are listed above with a prefix denoting a -classic algorithm, e.g., for elliptic curve: "p256_". -For composite, these are listed above with a suffix denoting a +and quantum-safe methods. +There are two types of combinations: +The Hybrids are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". +The Composite (https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-sigs/) are listed above with a suffix denoting a classic algorithm, e.g., for elliptic curve: "_p256". A full list of algorithms, their interoperability code points and OIDs as well From 7f2c8b23665bcbd14abd766dcf8d769b42c6381c Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 09:40:46 -0600 Subject: [PATCH 144/160] added the draft hyperlink to Composite text --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a6fdb795..90eacd70 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ this provider also provides different hybrid algorithms, combining classic and quantum-safe methods. There are two types of combinations: The Hybrids are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". -The Composite (https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-sigs/) are listed above with a suffix denoting a +The [Composite] (https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-sigs/) are listed above with a suffix denoting a classic algorithm, e.g., for elliptic curve: "_p256". A full list of algorithms, their interoperability code points and OIDs as well From 3d790e53f00934b50092ead7c868d7d393814df4 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 09:41:36 -0600 Subject: [PATCH 145/160] fixed space in the Composite hyperlink on README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 90eacd70..a80f7154 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ this provider also provides different hybrid algorithms, combining classic and quantum-safe methods. There are two types of combinations: The Hybrids are listed above with a prefix denoting a classic algorithm, e.g., for elliptic curve: "p256_". -The [Composite] (https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-sigs/) are listed above with a suffix denoting a +The [Composite](https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-sigs/) are listed above with a suffix denoting a classic algorithm, e.g., for elliptic curve: "_p256". A full list of algorithms, their interoperability code points and OIDs as well From 4802a3e9564978cf82849600cba18e747376991f Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 15:46:06 -0600 Subject: [PATCH 146/160] rebase --- oqsprov/oqs_kmgmt.c | 108 ++++++++++++++--------------------------- oqsprov/oqsprov.c | 79 +++++++++++++++--------------- oqsprov/oqsprov_keys.c | 4 +- 3 files changed, 77 insertions(+), 114 deletions(-) diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 7c6a2c5b..7c5f870e 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -931,152 +931,116 @@ static void *falconpadded512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, "falconpadded512", - KEY_TYPE_SIG, NULL, 128, 17); + KEY_TYPE_SIG, NULL, 128, 30); } static void *falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "falconpadded512", 0, 128, 17); + "falconpadded512", 0, 128, 30); } static void *p256_falconpadded512_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, "p256_falconpadded512", - KEY_TYPE_HYB_SIG, NULL, 128, 18); + KEY_TYPE_HYB_SIG, NULL, 128, 31); } static void *p256_falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 18); + "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 31); } static void *rsa3072_falconpadded512_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 19); + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 32); } static void *rsa3072_falconpadded512_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 19); -} -static void *falconpadded512_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_falcon_padded_512, "falconpadded512", - KEY_TYPE_SIG, NULL, 128, 17); -} - -static void *falconpadded512_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "falconpadded512", 0, 128, 17); -} -static void *p256_falconpadded512_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), - OQS_SIG_alg_falcon_padded_512, "p256_falconpadded512", - KEY_TYPE_HYB_SIG, NULL, 128, 18); -} - -static void *p256_falconpadded512_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 18); -} -static void *rsa3072_falconpadded512_new_key(void *provctx) -{ - return oqsx_key_new( - PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 19); -} - -static void *rsa3072_falconpadded512_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, - "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 19); + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 32); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 20); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 33); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 20); + "falcon1024", 0, 256, 33); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 21); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 21); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34); } static void *falconpadded1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_1024, "falconpadded1024", - KEY_TYPE_SIG, NULL, 256, 22); + KEY_TYPE_SIG, NULL, 256, 35); } static void *falconpadded1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, - "falconpadded1024", 0, 256, 22); + "falconpadded1024", 0, 256, 35); } static void *p521_falconpadded1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_1024, "p521_falconpadded1024", - KEY_TYPE_HYB_SIG, NULL, 256, 23); + KEY_TYPE_HYB_SIG, NULL, 256, 36); } static void *p521_falconpadded1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, - "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 23); + "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 36); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 24); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 37); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 24); + "sphincssha2128fsimple", 0, 128, 37); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 25); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 38); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 25); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 38); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 26); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 39); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -1084,39 +1048,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 26); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 39); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 27); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 40); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 27); + "sphincssha2128ssimple", 0, 128, 40); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 41); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 28); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 41); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 42); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -1124,66 +1088,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 29); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 42); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 30); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 43); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 30); + "sphincssha2192fsimple", 0, 192, 43); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 31); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 44); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 31); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 44); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 32); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 45); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 32); + "sphincsshake128fsimple", 0, 128, 45); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 46); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 33); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 46); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 34); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 47); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -1191,7 +1155,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 34); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 47); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index fc4994f7..edf946fa 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,9 +49,9 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 192 +# define OQS_OID_CNT 202 #else -# define OQS_OID_CNT 86 +# define OQS_OID_CNT 96 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { @@ -220,7 +220,7 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mldsa87_bp384", "2.16.840.1.114027.80.8.1.13", "mldsa87_ed448", - "1.3.9999.3.6", + "1.3.9999.3.11", "falcon512", "1.3.9999.3.12", "p256_falcon512", @@ -642,107 +642,106 @@ int oqs_patch_encodings(void) oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); if (getenv("OQS_ENCODING_FALCONPADDED512")) - oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCONPADDED512"); + oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_FALCONPADDED512"); if (getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME")) - oqs_alg_encoding_list[35] + oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME"); if (getenv("OQS_ENCODING_P256_FALCONPADDED512")) - oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P256_FALCONPADDED512"); + oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_P256_FALCONPADDED512"); if (getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME")) - oqs_alg_encoding_list[37] + oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512")) - oqs_alg_encoding_list[38] + oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512"); if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME")) - oqs_alg_encoding_list[39] + oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_FALCON1024"); - oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[43] + oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_FALCONPADDED1024")) - oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_FALCONPADDED1024"); + oqs_alg_encoding_list[70] = getenv("OQS_ENCODING_FALCONPADDED1024"); if (getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[71] = getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCONPADDED1024")) - oqs_alg_encoding_list[46] + oqs_alg_encoding_list[72] = getenv("OQS_ENCODING_P521_FALCONPADDED1024"); if (getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME")) - oqs_alg_encoding_list[47] + oqs_alg_encoding_list[73] = getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[48] + oqs_alg_encoding_list[74] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[49] + oqs_alg_encoding_list[75] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[50] + oqs_alg_encoding_list[76] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[51] + oqs_alg_encoding_list[77] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[52] + oqs_alg_encoding_list[78] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[53] + oqs_alg_encoding_list[79] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[54] + oqs_alg_encoding_list[80] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[55] + oqs_alg_encoding_list[81] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[56] + oqs_alg_encoding_list[82] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[57] + oqs_alg_encoding_list[83] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[58] + oqs_alg_encoding_list[84] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[59] + oqs_alg_encoding_list[85] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[60] + oqs_alg_encoding_list[86] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[61] + oqs_alg_encoding_list[87] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[62] + oqs_alg_encoding_list[88] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[63] + oqs_alg_encoding_list[89] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[64] + oqs_alg_encoding_list[90] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[65] + oqs_alg_encoding_list[91] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[66] + oqs_alg_encoding_list[92] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[67] + oqs_alg_encoding_list[93] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[68] + oqs_alg_encoding_list[94] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[69] + oqs_alg_encoding_list[95] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index bb974f85..64b9cef3 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,9 +54,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 96 +# define NID_TABLE_LEN 101 #else -# define NID_TABLE_LEN 43 +# define NID_TABLE_LEN 48 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { From a2aa5a7962c24ea9f1b899260d3325cd700fe934 Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:54:51 -0500 Subject: [PATCH 147/160] Update oqsprov/oqs_encode_key2any.c (for symmetry reasons!) Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_encode_key2any.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 7affdaa7..e9ddd229 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -820,7 +820,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); } else { - memcpy(buf, oqsxkey->comp_privkey[i], buflen); + memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); } if (nid == EVP_PKEY_EC) { From 8f8693f7899145f37761c6a824a4a0e2b715880e Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:55:23 -0500 Subject: [PATCH 148/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index c5fd13b9..12cf767d 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -27,7 +27,7 @@ // TBD: Review what we really need/want: For now go with OSSL settings: #define OSSL_MAX_NAME_SIZE 50 #define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ -#define COMPOSITE_OID_PREFIRX_LEN 26 +#define COMPOSITE_OID_PREFIX_LEN 26 #ifdef NDEBUG # define OQS_SIG_PRINTF(a) From a00140759ace8b315bb8923981575004a759abdf Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:55:52 -0500 Subject: [PATCH 149/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 12cf767d..e5f76a1f 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -395,7 +395,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, int comp_idx = get_composite_idx(get_oqsalg_idx(nid)); const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; char *final_tbs; - size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; + size_t final_tbslen = COMPOSITE_OID_PREFIX_LEN / 2; int aux = 0; unsigned char *tbs_hash; From 5131fc4353983736fa939233d2388c24bd2118d6 Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:56:07 -0500 Subject: [PATCH 150/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index e5f76a1f..1ee962ca 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -437,7 +437,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, } final_tbs = OPENSSL_malloc(final_tbslen); composite_prefix_conversion(final_tbs, oid_prefix); - memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, + memcpy(final_tbs + COMPOSITE_OID_PREFIX_LEN / 2, tbs_hash, final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); From 77b668e6826a76bf40d462acd316bf6dd2556e4e Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:56:26 -0500 Subject: [PATCH 151/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 1ee962ca..20c9419f 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -438,7 +438,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, final_tbs = OPENSSL_malloc(final_tbslen); composite_prefix_conversion(final_tbs, oid_prefix); memcpy(final_tbs + COMPOSITE_OID_PREFIX_LEN / 2, tbs_hash, - final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); + final_tbslen - COMPOSITE_OID_PREFIX_LEN / 2); OPENSSL_free(tbs_hash); // sign From 41c81d3188055a7b296b621f82ae24c9f20233ed Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:56:47 -0500 Subject: [PATCH 152/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index 20c9419f..fa2b7b7c 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -700,7 +700,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, size_t buf_len; const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; char *final_tbs; - size_t final_tbslen = COMPOSITE_OID_PREFIRX_LEN / 2; + size_t final_tbslen = COMPOSITE_OID_PREFIX_LEN / 2; int aux = 0; unsigned char *tbs_hash; From c232ca605db42563740f06a6daca05e484ae3c9a Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:57:04 -0500 Subject: [PATCH 153/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index fa2b7b7c..d270dacc 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -750,7 +750,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, } final_tbs = OPENSSL_malloc(final_tbslen); composite_prefix_conversion(final_tbs, oid_prefix); - memcpy(final_tbs + COMPOSITE_OID_PREFIRX_LEN / 2, tbs_hash, + memcpy(final_tbs + COMPOSITE_OID_PREFIX_LEN / 2, tbs_hash, final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); OPENSSL_free(tbs_hash); From a3dfc54110fbcc1796c82783727813affe77ef46 Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:57:20 -0500 Subject: [PATCH 154/160] Update oqsprov/oqs_sig.c Fix typo Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqs_sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index d270dacc..add5200d 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -751,7 +751,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, final_tbs = OPENSSL_malloc(final_tbslen); composite_prefix_conversion(final_tbs, oid_prefix); memcpy(final_tbs + COMPOSITE_OID_PREFIX_LEN / 2, tbs_hash, - final_tbslen - COMPOSITE_OID_PREFIRX_LEN / 2); + final_tbslen - COMPOSITE_OID_PREFIX_LEN / 2); OPENSSL_free(tbs_hash); // verify From 88a9018b3d8ca0df9abfd6e2fa74423574239111 Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:57:52 -0500 Subject: [PATCH 155/160] Update oqsprov/oqsprov_keys.c Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqsprov_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 64b9cef3..311bd33b 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -254,7 +254,7 @@ char *get_cmpname(int nid, int index) if ((i = get_oqsalg_idx(nid)) == -1) return NULL; s = nid_names[i].tlsname; - len = strlen(nid_names[i].tlsname); + len = strlen(s); for (i = 0; i < len; i++) { if (s[i] == '_') { break; From fb110ef2e4d1e6263b2eff696daa17407778d027 Mon Sep 17 00:00:00 2001 From: Felipe Ventura <37639194+feventura@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:58:12 -0500 Subject: [PATCH 156/160] Update oqsprov/oqsprov.c Co-authored-by: thomas <108470890+thb-sb@users.noreply.github.com> --- oqsprov/oqsprov.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index edf946fa..1bea5463 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -1176,7 +1176,7 @@ int get_composite_idx(int idx) int i, len, count = 0; s = oqs_oid_alg_list[idx * 2]; - len = strlen(oqs_oid_alg_list[idx * 2]); + len = strlen(s); for (i = 0; i < len; i++) { if (s[i] == '.') { From 0aed78dd4ddfab4b91007e77e23d75f29615610d Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 16:03:44 -0600 Subject: [PATCH 157/160] fix typo --- oqsprov/oqs_encode_key2any.c | 3 ++- oqsprov/oqs_sig.c | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index e9ddd229..6313aa62 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -820,7 +820,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); } else { - memcpy(buf, oqsxkey->comp_privkey[i], oqsxkey->privkeylen_cmp[i]); + memcpy(buf, oqsxkey->comp_privkey[i], + oqsxkey->privkeylen_cmp[i]); } if (nid == EVP_PKEY_EC) { diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index add5200d..f8144b39 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -25,8 +25,8 @@ #include // TBD: Review what we really need/want: For now go with OSSL settings: -#define OSSL_MAX_NAME_SIZE 50 -#define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ +#define OSSL_MAX_NAME_SIZE 50 +#define OSSL_MAX_PROPQUERY_SIZE 256 /* Property query strings */ #define COMPOSITE_OID_PREFIX_LEN 26 #ifdef NDEBUG @@ -254,7 +254,7 @@ static const unsigned char *composite_OID_prefix[] = { void composite_prefix_conversion(char *out, const unsigned char *in) { int temp; - for (int i = 0; i < COMPOSITE_OID_PREFIRX_LEN / 2; i++) { + for (int i = 0; i < COMPOSITE_OID_PREFIX_LEN / 2; i++) { temp = OPENSSL_hexchar2int(in[2 * i]); temp = temp * 16; temp += OPENSSL_hexchar2int(in[2 * i + 1]); From f07a8218d501f5bc1cc0b12933713abeaa5e03e9 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 7 Mar 2024 16:16:46 -0600 Subject: [PATCH 158/160] buflen isnt always oqsxkey->privkeylen_cmp --- oqsprov/oqs_encode_key2any.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 6313aa62..7affdaa7 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -820,8 +820,7 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); } else { - memcpy(buf, oqsxkey->comp_privkey[i], - oqsxkey->privkeylen_cmp[i]); + memcpy(buf, oqsxkey->comp_privkey[i], buflen); } if (nid == EVP_PKEY_EC) { From 2950737cc543b82ab2868b36f0722d1e97b6664b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 12 Mar 2024 13:22:15 -0500 Subject: [PATCH 159/160] implemented suggested changes and useful comments --- oqsprov/oqs_encode_key2any.c | 58 +++++++++++++++++++++++------- oqsprov/oqs_sig.c | 37 +++++++++++++++---- oqsprov/oqsprov.c | 17 ++++++--- oqsprov/oqsprov_keys.c | 70 ++++++++++++++++++++++-------------- 4 files changed, 132 insertions(+), 50 deletions(-) diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 7affdaa7..b06e6138 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -766,7 +766,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(temp); OPENSSL_free(templen); PKCS8_PRIV_KEY_INFO_free(p8inf_internal); - OPENSSL_free(name); return -1; } @@ -813,6 +812,30 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) } buf = OPENSSL_secure_malloc(buflen); + if (buf == NULL) { + for (int j = 0; j <= i; j++) { + OPENSSL_cleanse(aString[j]->data, aString[j]->length); + ASN1_OCTET_STRING_free(aString[j]); + OPENSSL_cleanse(aType[j]->value.sequence->data, + aType[j]->value.sequence->length); + if (j < i) + OPENSSL_clear_free(temp[j], templen[j]); + } + + if (sk_ASN1_TYPE_num(sk) != -1) + sk_ASN1_TYPE_pop_free(sk, &ASN1_TYPE_free); + else + ASN1_TYPE_free(aType[i]); + + OPENSSL_free(aType); + OPENSSL_free(aString); + OPENSSL_free(temp); + OPENSSL_free(templen); + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + OPENSSL_free(name); + ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); + return -1; + } if (get_oqsname_fromtls(name) != 0) { // include pubkey in privkey for PQC memcpy(buf, oqsxkey->comp_privkey[i], @@ -820,10 +843,12 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) memcpy(buf + oqsxkey->privkeylen_cmp[i], oqsxkey->comp_pubkey[i], oqsxkey->pubkeylen_cmp[i]); } else { - memcpy(buf, oqsxkey->comp_privkey[i], buflen); + memcpy(buf, oqsxkey->comp_privkey[i], + buflen); // buflen for classical (RSA) might be different + // from oqsxkey->privkeylen_cmp[ } - if (nid == EVP_PKEY_EC) { + if (nid == EVP_PKEY_EC) { // add the curve OID with the ECPubkey OID version = V_ASN1_OBJECT; pval = OBJ_nid2obj( oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); @@ -847,14 +872,22 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(aString); OPENSSL_free(temp); OPENSSL_free(templen); - OPENSSL_cleanse(buf, buflen); - PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + OPENSSL_cleanse( + buf, + buflen); // buf is part of p8inf_internal so we cant free + // now, we cleanse it to remove pkey from memory + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); // this also free buf return -1; } - templen[i] = i2d_PKCS8_PRIV_KEY_INFO(p8inf_internal, &temp[i]); - ASN1_STRING_set(aString[i], temp[i], templen[i]); - ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, aString[i]); + templen[i] = i2d_PKCS8_PRIV_KEY_INFO( + p8inf_internal, + &temp[i]); // create the privkey info for each individual key + ASN1_STRING_set(aString[i], temp[i], + templen[i]); // add privkey info as ASN1_STRING + ASN1_TYPE_set1(aType[i], V_ASN1_SEQUENCE, + aString[i]); // add the ASN1_STRING into a ANS1_TYPE + // so it can be added into the stack if (!sk_ASN1_TYPE_push(sk, aType[i])) { for (int j = 0; j <= i; j++) { @@ -871,8 +904,11 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) OPENSSL_free(aString); OPENSSL_free(temp); OPENSSL_free(templen); - OPENSSL_cleanse(buf, buflen); - PKCS8_PRIV_KEY_INFO_free(p8inf_internal); + OPENSSL_cleanse( + buf, + buflen); // buf is part of p8inf_internal so we cant free + // now, we cleanse it to remove pkey from memory + PKCS8_PRIV_KEY_INFO_free(p8inf_internal); // this also free buf return -1; } OPENSSL_free(name); @@ -1694,7 +1730,6 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) for (i = 0; i < okey->numkeys; i++) { if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; } @@ -1760,7 +1795,6 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) for (i = 0; i < okey->numkeys; i++) { if ((name = get_cmpname(OBJ_sn2nid(okey->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_KEY); return 0; } diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c index f8144b39..ba7e56bf 100644 --- a/oqsprov/oqs_sig.c +++ b/oqsprov/oqs_sig.c @@ -215,7 +215,7 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig, } // this list need to be in order of the last number on the OID from the -// composite +// composite, the len of each value is COMPOSITE_OID_PREFIX_LEN static const unsigned char *composite_OID_prefix[] = { "060B6086480186FA6B50080101", // mldsa44_pss2048 // id-MLDSA44-RSA2048-PSS-SHA256 @@ -251,6 +251,7 @@ static const unsigned char *composite_OID_prefix[] = { }; +/*put the chars on in into memory on out*/ void composite_prefix_conversion(char *out, const unsigned char *in) { int temp; @@ -389,13 +390,19 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, if (is_composite) { unsigned char *buf; - CompositeSignature *compsig = CompositeSignature_new(); int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); int comp_idx = get_composite_idx(get_oqsalg_idx(nid)); + if (comp_idx == -1) + goto endsign; const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; char *final_tbs; - size_t final_tbslen = COMPOSITE_OID_PREFIX_LEN / 2; + CompositeSignature *compsig = CompositeSignature_new(); + size_t final_tbslen + = COMPOSITE_OID_PREFIX_LEN + / 2; // COMPOSITE_OID_PREFIX_LEN stores the size of the *char, but + // the prefix will be on memory, so each 2 chars will + // translate into one byte int aux = 0; unsigned char *tbs_hash; @@ -405,7 +412,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, char *upcase_name; if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); + CompositeSignature_free(compsig); goto endsign; } upcase_name = get_oqsname_fromtls(name); @@ -433,6 +440,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, break; default: ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); goto endsign; } final_tbs = OPENSSL_malloc(final_tbslen); @@ -446,7 +454,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, char *name; if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); goto endsign; } @@ -458,6 +467,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, final_tbslen, oqsxkey->comp_privkey[i]) != OQS_SUCCESS) { ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -481,6 +492,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, final_tbs, final_tbslen) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); EVP_MD_CTX_free(evp_ctx); OPENSSL_free(buf); @@ -493,6 +506,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, == NULL || (EVP_PKEY_sign_init(classical_ctx_sign) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -509,6 +524,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, EVP_sha256()) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -520,6 +537,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, RSA_PKCS1_PADDING) <= 0) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -544,6 +563,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, digest, digest_len) <= 0)) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -553,6 +574,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen, ->evp_info->length_signature) { /* sig is bigger than expected */ ERR_raise(ERR_LIB_USER, OQSPROV_R_BUFFER_LENGTH_WRONG); + CompositeSignature_free(compsig); + OPENSSL_free(final_tbs); OPENSSL_free(name); OPENSSL_free(buf); goto endsign; @@ -696,6 +719,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, int i; int nid = OBJ_sn2nid(oqsxkey->tls_name); int comp_idx = get_composite_idx(get_oqsalg_idx(nid)); + if (comp_idx == -1) + goto endverify; unsigned char *buf; size_t buf_len; const unsigned char *oid_prefix = composite_OID_prefix[comp_idx - 1]; @@ -716,7 +741,6 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, char *upcase_name; if ((name = get_cmpname(nid, i)) == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_FATAL); - OPENSSL_free(name); CompositeSignature_free(compsig); goto endverify; } @@ -766,7 +790,6 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig, char *name; if ((name = get_cmpname(nid, i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR); CompositeSignature_free(compsig); OPENSSL_free(final_tbs); diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 1bea5463..ef494b93 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -8,6 +8,7 @@ */ #include "oqs_prov.h" +#include #include #include #include @@ -1172,10 +1173,12 @@ static const OSSL_ALGORITHM oqsprovider_decoder[] = { // get the last number on the composite OID int get_composite_idx(int idx) { - char *token, *s; - int i, len, count = 0; + char *s; + int i, len, ret = -1, count = 0; - s = oqs_oid_alg_list[idx * 2]; + if (2 * idx > OQS_OID_CNT) + return 0; + s = (char *)oqs_oid_alg_list[idx * 2]; len = strlen(s); for (i = 0; i < len; i++) { @@ -1183,10 +1186,14 @@ int get_composite_idx(int idx) count += 1; } if (count == 8) { // 8 dots in composite OID - return atoi(s + i + 1); + errno = 0; + ret = strtol(s + i + 1, NULL, 10); + if (errno == ERANGE) + ret = -1; + break; } } - return 0; + return ret; } static const OSSL_PARAM *oqsprovider_gettable_params(void *provctx) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 311bd33b..25e99503 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -668,7 +668,6 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err_key_op; } @@ -710,8 +709,9 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); + OPENSSL_secure_clear_free(temp_priv, temp_priv_len); + OPENSSL_secure_clear_free(temp_pub, temp_pub_len); goto err_key_op; } if (get_oqsname_fromtls(name) == 0) { // classical key @@ -876,7 +876,6 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } @@ -918,7 +917,6 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op) char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto rec_err; } @@ -1081,27 +1079,33 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, return NULL; } else { count = sk_ASN1_TYPE_num(sk); - concat_key = OPENSSL_zalloc(plen); + concat_key + = OPENSSL_zalloc(plen); // concat_key is allocated with plen, + // which is the max value for pubkey aux = 0; for (i = 0; i < count; i++) { - aType = sk_ASN1_TYPE_pop(sk); + aType + = sk_ASN1_TYPE_pop(sk); // this remove in FILO order, but we + // need this in the opposite order buf = aType->value.sequence->data; buflen = aType->value.sequence->length; aux += buflen; - memcpy(concat_key + plen - 1 - aux, buf, buflen); + memcpy(concat_key + plen - 1 - aux, buf, + buflen); // fill concat_key starting at the end ASN1_TYPE_free(aType); } - p = OPENSSL_memdup(concat_key + plen - 1 - aux, aux); + p = OPENSSL_memdup(concat_key + plen - 1 - aux, + aux); // copy used memory on concat_key to p OPENSSL_clear_free(concat_key, plen); - plen = aux; + plen = aux; // update plen value sk_ASN1_TYPE_free(sk); } } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) - OPENSSL_clear_free(p, plen); + OPENSSL_clear_free((void *)p, plen); return oqsx; } @@ -1115,7 +1119,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, const X509_ALGOR *palg; STACK_OF(ASN1_TYPE) *sk = NULL; ASN1_TYPE *aType = NULL; - unsigned char *concat_key, *buf; + unsigned char *concat_key; + const unsigned char *buf; int count, aux, i, buflen, key_diff = 0; if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) @@ -1146,14 +1151,15 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, aux = 0; for (i = 0; i < count; i++) { - aType = sk_ASN1_TYPE_pop(sk); + aType + = sk_ASN1_TYPE_pop(sk); // this remove in FILO order, but we + // need this in the opposite order p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); nid = 0; char *name; if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) == NULL) { - OPENSSL_free(name); ASN1_TYPE_free(aType); OPENSSL_clear_free(concat_key, plen); PKCS8_PRIV_KEY_INFO_free(p8inf_internal); @@ -1184,7 +1190,10 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, nid = OBJ_obj2nid(palg_internal->parameter->value.object); for (j = 0; j < OSSL_NELEM(nids_sig); j++) { if ((nids_sig[j].nid == nid) - && (nids_sig[j].length_private_key > buflen)) { + && (nids_sig[j].length_private_key + > buflen)) { // check if the curve is the same + // and if the key len is smaller + // than the max key size EVP_PKEY *ec_pkey; OSSL_PARAM params[3]; int include_pub = 1; @@ -1194,8 +1203,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (buflen != nids_sig[j].kex_length_secret - + 7) { // no ECParameter and no - // Pubkey + + 7) { // no OPTIONAL ECParameter and no + // OPTIONAL Pubkey OPENSSL_free(name); ASN1_TYPE_free(aType); PKCS8_PRIV_KEY_INFO_free(p8inf_internal); @@ -1204,25 +1213,34 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, return NULL; } ec_pkey = EVP_PKEY_new(); - d2i_PrivateKey(EVP_PKEY_EC, &ec_pkey, &buf3, - aType->value.sequence->length); + d2i_PrivateKey( + EVP_PKEY_EC, &ec_pkey, &buf3, + aType->value.sequence + ->length); // create a new EVP_PKEY using ec + // priv key + // set parameters for the new priv key format params[0] = OSSL_PARAM_construct_int( OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, - &include_pub); + &include_pub); // add pubkey to priv key params[1] = OSSL_PARAM_construct_utf8_string( OSSL_PKEY_PARAM_EC_ENCODING, - OSSL_PKEY_EC_ENCODING_GROUP, 0); + OSSL_PKEY_EC_ENCODING_GROUP, + 0); // add ECParam to the priv key params[2] = OSSL_PARAM_construct_end(); EVP_PKEY_set_params(ec_pkey, params); buf4 = OPENSSL_malloc( nids_sig[j].length_private_key); buf5 = buf4; - buflen = i2d_PrivateKey(ec_pkey, &buf5); + buflen = i2d_PrivateKey( + ec_pkey, + &buf5); // encode priv key including parameters aux += buflen; - memcpy(concat_key + plen - 1 - aux, buf4, buflen); + memcpy( + concat_key + plen - 1 - aux, buf4, + buflen); // fill concat_key starting at the end EVP_PKEY_free(ec_pkey); OPENSSL_clear_free(buf4, buflen); @@ -1246,7 +1264,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (!nid) { aux += buflen; - memcpy(concat_key + plen - 1 - aux, buf, buflen); + memcpy(concat_key + plen - 1 - aux, buf, + buflen); // fill concat_key starting at the end } OPENSSL_free(name); @@ -1265,7 +1284,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { ASN1_OCTET_STRING_free(oct); } else { - OPENSSL_clear_free(p, plen); + OPENSSL_clear_free((void *)p, + plen); // for COMPOSITE p include both privkey } return oqsx; } @@ -1441,7 +1461,6 @@ OQSX_KEY *oqsx_key_new(OSSL_LIB_CTX *libctx, char *oqs_name, char *tls_name, for (i = 0; i < ret->numkeys; i++) { char *name; if ((name = get_cmpname(OBJ_sn2nid(tls_name), i)) == NULL) { - OPENSSL_free(name); ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); goto err; } @@ -1805,7 +1824,6 @@ int oqsx_key_gen(OQSX_KEY *key) for (i = 0; i < key->numkeys; i++) { char *name; if ((name = get_cmpname(OBJ_sn2nid(key->tls_name), i)) == NULL) { - OPENSSL_free(name); ON_ERR_GOTO(ret, err_gen); } if (get_oqsname_fromtls(name) == 0) { From 045c411f4e59dc7cd9ab66a9ba00387a13b8fb55 Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Tue, 12 Mar 2024 14:30:33 -0500 Subject: [PATCH 160/160] fix casting --- oqsprov/oqsprov_keys.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 25e99503..23e95267 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1105,7 +1105,7 @@ OQSX_KEY *oqsx_key_from_x509pubkey(const X509_PUBKEY *xpk, OSSL_LIB_CTX *libctx, } oqsx = oqsx_key_op(palg, p, plen, KEY_OP_PUBLIC, libctx, propq); if (get_keytype(OBJ_obj2nid(palg->algorithm)) == KEY_TYPE_CMP_SIG) - OPENSSL_clear_free((void *)p, plen); + OPENSSL_clear_free((unsigned char *)p, plen); return oqsx; } @@ -1284,7 +1284,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { ASN1_OCTET_STRING_free(oct); } else { - OPENSSL_clear_free((void *)p, + OPENSSL_clear_free((unsigned char *)p, plen); // for COMPOSITE p include both privkey } return oqsx;