-
Notifications
You must be signed in to change notification settings - Fork 834
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rename sphincs algs to follow upstream #6576
Conversation
Can one of the admins verify this patch? |
I cannot compile with cmake (passing |
Hi @iyanmv , Thank you so much for creating this pull request. I must admit to having lost track of liboqs updates. Its great news that they have had a new release. Can I ask you about your project and what you are doing with wolfSSL and liboqs? I've had a look at your changes and they look fine to me! Before we can continue with the process, we will need you sign a contributor agreement. Would you be willing to read over and sign the contributor agreement? If so, please send a message to [email protected] requesting to become a wolfSSL contributor. Please also reference this PR in your message to [email protected] Warm regards, Anthony |
By the way, I don't think wolfSSL library's cmake infrastructure supports |
Oh, my colleague has corrected me. We do have it in there. I apologize for misleading you. |
Hi @anhu
I'm running some benchmarks using the NIST PQC candidates, and I learned about wolfSSL from this paper. I was curious so I wanted to try to replicate some of their results.
Alright! I will send the email now. |
Hi @iyanmv , Ah, yes, I know the authors of that paper quite well. You might be interested in our integration with the PQM4 library on STM32. You can have a look here: https://github.com/wolfSSL/wolfssl-examples/tree/master/pq/stm32 If visuals are better for you, please have a look at this YouTube video that talk about it in depth: https://www.youtube.com/watch?v=OK6MKXYiVBY Warm regards, Anthony |
@iyanmv has been approved as a wolfSSL contributor |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have tested this change and it works great!!
Oooh. Just ran
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
verification failures. See previous comments.
|
I think verification fails because the keys saved and defined in certs_test.h that are used for the benchmark are incompatible with the latest implementation of SPHINCS+ by the PQClean, which was updated in this PR in liboqs. If you point me in the right direction (maybe you have a script to generate those keys?) I can update I quickly tried replacing one with this small program: #include<oqs/oqs.h>
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key, OQS_SIG *sig)
{
if (sig != NULL) {
OQS_MEM_secure_free(secret_key, sig->length_secret_key);
}
OQS_MEM_insecure_free(public_key);
OQS_SIG_free(sig);
}
int create_keys(const char *method_name)
{
OQS_SIG *sig = NULL;
uint8_t *public_key = NULL;
uint8_t *secret_key = NULL;
OQS_STATUS rc;
sig = OQS_SIG_new(method_name);
if (sig == NULL) {
fprintf(stderr, "OQS_SIG_new failed!\n");
return OQS_ERROR;
}
public_key = malloc(sig->length_public_key);
secret_key = malloc(sig->length_secret_key);
if ((public_key == NULL) || (secret_key == NULL)) {
fprintf(stderr, "ERROR: malloc failed!\n");
cleanup_heap(public_key, secret_key, sig);
return OQS_ERROR;
}
rc = OQS_SIG_keypair(sig, public_key, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_keypair failed!\n");
cleanup_heap(public_key, secret_key, sig);
return OQS_ERROR;
}
printf("Key:\n");
for (size_t i=0; i<sig->length_secret_key; ++i) {
printf("0x%02X, ", secret_key[i]);
}
for (size_t i=0; i<sig->length_public_key; ++i) {
printf("0x%02X, ", public_key[i]);
}
printf("\n");
printf("%s keypair generation succeeded!\n", method_name);
cleanup_heap(public_key, secret_key, sig);
return OQS_SUCCESS;
}
int main()
{
OQS_STATUS ret;
ret = create_keys("SPHINCS+-SHAKE-128f-simple");
if (ret != OQS_SUCCESS) {
fprintf(stderr, "ERROR!\n");
return EXIT_FAILURE;
}
return EXIT_SUCCESS;
} But now I get a |
Oh, I think I understood now. I will include new keys in this PR in a bit. |
Why aren't there any methods in the WOLFSSL_API
int wc_sphincs_generate_key(sphincs_key* key); (Sorry if this is a stupid question, I'm not familiar with wolfSSL. Are users supposed to generate keys with other libraries?) |
Hi @iyanmv ,
Its not a stupid question at all. Generally, for signature schemes we use OQS's fork of OpenSSL to generate the certificates. Please see this script: https://github.com/wolfSSL/osp/blob/master/oqs/generate_sphincs_chains.sh The main reason is that no one has requested generation as a feature yet. Warm regards, Anthony |
Oh! That would have been so useful. I guess I did a similar thing, but using OpenSSL 3 and the oqs-provider instead of the OQS OpenSSL 1.1.1 fork. But I also had to manually enable some algs and re-run the
I see. I have implemented a quick function in this branch. If you think it makes sense, I can open a new PR and work on it after we are done with this. I don't think it would take a lot of time. Also, I guess it would help me to get more familiar with wolfSSL. Cheers |
Thank you for this: It was a copy and paste failure on my part! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Took it for a spin and things look good to me!! Can you please squash all your commits and then do a force push? After that I will assign to one more member of our engineering team for final review and merge.
This also adds new keys for SPHINCS+. The reason is that SPHINCS+ was updated to 3.1 in liboqs (open-quantum-safe/liboqs/pull/1420), and old keys are incompatible with the new implementation. Keys were generated using the oqs-provider for OpenSSL 3 openssl genpkey \ -provider default -provider oqsprovider \ -algorithm sphincsshake128fsimple \ -outform der \ -out bench_sphincs_fast_level1_key.der And certs_test.h was updated using xxd xxd -i -c 10 -u bench_sphincs_fast_level1_key.der This was repeated for the 6 variants of SPHINCS+ that wolfSSL supports.
wolfssl/certs_test.h
Outdated
0xCC, 0xF4, 0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D, | ||
0xC2, 0x9E, 0xD1, 0xB4, 0x12 | ||
0X30, 0X71, 0X02, 0X01, 0X00, 0X30, 0X08, 0X06, 0X06, 0X2B, | ||
0XCE, 0X0F, 0X06, 0X07, 0X0D, 0X04, 0X62, 0X04, 0X60, 0XD8, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did these keys change? Seems like a change to Shake would not require the test keys to change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To be honest, I have no idea. But I can replicate the issue using liboqs
0.7.2 to generate some keys, and then trying to verify with liboqs
0.8.0.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. @anhu please review the reason for the test key change.
OK to test |
Apparently there was a change/update to the round 3 submission. |
@anhu I forgot to squash the last commit with the suggested change. Should I do it or wait until checks are completed? |
@iyanmv , I think no action is required from you. a single extra commit is fine. |
Retest this please |
Our liboqs CI test is failing now. @anhu or @bandi13 seems like we will need to update the liboqs version in our CI to get this to pass then merge?
|
Jenkins retest this please. |
Regarding this. Is this tested in the CI pipeline? If so, how is it done? I'm trying to run this (basically just the PKGBUILD from Arch Linux modified with build() {
local cmake_options=(
-DCMAKE_INSTALL_PREFIX=/usr
-DCMAKE_BUILD_TYPE=None
-DWOLFSSL_CURVE25519=ON
-DWOLFSSL_CURVE448=ON
-DWOLFSSL_ED25519=ON
-DWOLFSSL_ED448=ON
-DWOLFSSL_REPRODUCIBLE_BUILD=ON
-DWOLFSSL_OQS=ON
-DWARNING_C_FLAGS="$CFLAGS"
-Wno-dev
-B build
-S $_pkgname-$pkgver-stable
)
cmake "${cmake_options[@]}"
cmake --build build --verbose
} But I get multiple undefined reference errors.
|
I think some logic is missing in diff --git a/cmake/functions.cmake b/cmake/functions.cmake
index e77991ea1..f0fc48c2e 100644
--- a/cmake/functions.cmake
+++ b/cmake/functions.cmake
@@ -195,6 +195,9 @@ function(generate_build_flags)
endif()
if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
set(BUILD_FALCON "yes" PARENT_SCOPE)
+ set(BUILD_SPHINCS "yes" PARENT_SCOPE)
+ set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
+ set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
endif()
set(BUILD_INLINE ${WOLFSSL_INLINE} PARENT_SCOPE)
if(WOLFSSL_OCSP OR WOLFSSL_USER_SETTINGS)
@@ -804,6 +807,18 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/falcon.c)
endif()
+ if(BUILD_SPHINCS)
+ list(APPEND LIB_SOURCES wolfcrypt/src/sphincs.c)
+ endif()
+
+ if(BUILD_DILITHIUM)
+ list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
+ endif()
+
+ if(BUILD_EXT_KYBER)
+ list(APPEND LIB_SOURCES wolfcrypt/src/ext_kyber.c)
+ endif()
+
if(BUILD_LIBZ)
list(APPEND LIB_SOURCES wolfcrypt/src/compress.c)
endif()
|
@iyanmv , Ha! You beat me to it. I just noticed that the list of files being built did not include the post-quantum algorithm files. Anthony |
wolfSSLGH-5407 already included falcon.c, but now we also add sphincs.c, dilithium.c and ext_kyber.c to avoid undefined reference errors.
Sure! Will do in a minute. |
Description
liboqs 0.8 renamed sphincs-shake256-X to sphincs-shake-X.
Testing
I tried to compile wolfSSL with
--with-liboqs
and it failed. After these changes, it compiles again.Checklist