Merge branch 'upstream/main'

EntrustCorporation · Mar 7, 2024 · 2e416d5 · 2e416d5
2 parents 3d790e5 + f08657b
commit 2e416d5
Show file tree

Hide file tree

Showing 15 changed files with 743 additions and 208 deletions.
diff --git a/ALGORITHMS.md b/ALGORITHMS.md
@@ -79,11 +79,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65
 | mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87
 | p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87
-| falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512
-| p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512
-| rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
-| falcon1024 | 0xfeb1 |Yes| OQS_CODEPOINT_FALCON1024
-| p521_falcon1024 | 0xfeb2 |Yes| OQS_CODEPOINT_P521_FALCON1024
+| falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512
+| p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512
+| rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
+| falconpadded512 | 0xfedc |Yes| OQS_CODEPOINT_FALCONPADDED512
+| p256_falconpadded512 | 0xfedd |Yes| OQS_CODEPOINT_P256_FALCONPADDED512
+| rsa3072_falconpadded512 | 0xfede |Yes| OQS_CODEPOINT_RSA3072_FALCONPADDED512
+| falcon1024 | 0xfeda |Yes| OQS_CODEPOINT_FALCON1024
+| p521_falcon1024 | 0xfedb |Yes| OQS_CODEPOINT_P521_FALCON1024
+| falconpadded1024 | 0xfedf |Yes| OQS_CODEPOINT_FALCONPADDED1024
+| p521_falconpadded1024 | 0xfee0 |Yes| OQS_CODEPOINT_P521_FALCONPADDED1024
 | sphincssha2128fsimple | 0xfeb3 |Yes| OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE
 | p256_sphincssha2128fsimple | 0xfeb4 |Yes| OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE
 | rsa3072_sphincssha2128fsimple | 0xfeb5 |Yes| OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE
@@ -164,11 +169,16 @@ adapting the OIDs of all supported signature algorithms as per the table below.
 | mldsa87_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_MLDSA87_p384
 | mldsa87_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_MLDSA87_bp384
 | mldsa87_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_MLDSA87_ed448
-| falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512
-| p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512
-| rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512
-| falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024
-| p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024
+| falcon512 | 1.3.9999.3.11 |Yes| OQS_OID_FALCON512
+| p256_falcon512 | 1.3.9999.3.12 |Yes| OQS_OID_P256_FALCON512
+| rsa3072_falcon512 | 1.3.9999.3.13 |Yes| OQS_OID_RSA3072_FALCON512
+| falconpadded512 | 1.3.9999.3.16 |Yes| OQS_OID_FALCONPADDED512
+| p256_falconpadded512 | 1.3.9999.3.17 |Yes| OQS_OID_P256_FALCONPADDED512
+| rsa3072_falconpadded512 | 1.3.9999.3.18 |Yes| OQS_OID_RSA3072_FALCONPADDED512
+| falcon1024 | 1.3.9999.3.14 |Yes| OQS_OID_FALCON1024
+| p521_falcon1024 | 1.3.9999.3.15 |Yes| OQS_OID_P521_FALCON1024
+| falconpadded1024 | 1.3.9999.3.19 |Yes| OQS_OID_FALCONPADDED1024
+| p521_falconpadded1024 | 1.3.9999.3.20 |Yes| OQS_OID_P521_FALCONPADDED1024
 | sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE
 | p256_sphincssha2128fsimple | 1.3.9999.6.4.14 |Yes| OQS_OID_P256_SPHINCSSHA2128FSIMPLE
 | rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 |Yes| OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE
@@ -202,59 +212,59 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li
 
 |Algorithm name |    default OID    | environment variable |
 |---------------|:-----------------:|----------------------|
-| frodo640aes | 1.3.9999.99.64 | OQS_OID_FRODO640AES
-| p256_frodo640aes | 1.3.9999.99.63 | OQS_OID_P256_FRODO640AES
-| x25519_frodo640aes | 1.3.9999.99.48 | OQS_OID_X25519_FRODO640AES
-| frodo640shake | 1.3.9999.99.66 | OQS_OID_FRODO640SHAKE
-| p256_frodo640shake | 1.3.9999.99.65 | OQS_OID_P256_FRODO640SHAKE
-| x25519_frodo640shake | 1.3.9999.99.49 | OQS_OID_X25519_FRODO640SHAKE
-| frodo976aes | 1.3.9999.99.68 | OQS_OID_FRODO976AES
-| p384_frodo976aes | 1.3.9999.99.67 | OQS_OID_P384_FRODO976AES
-| x448_frodo976aes | 1.3.9999.99.50 | OQS_OID_X448_FRODO976AES
-| frodo976shake | 1.3.9999.99.70 | OQS_OID_FRODO976SHAKE
-| p384_frodo976shake | 1.3.9999.99.69 | OQS_OID_P384_FRODO976SHAKE
-| x448_frodo976shake | 1.3.9999.99.51 | OQS_OID_X448_FRODO976SHAKE
-| frodo1344aes | 1.3.9999.99.72 | OQS_OID_FRODO1344AES
-| p521_frodo1344aes | 1.3.9999.99.71 | OQS_OID_P521_FRODO1344AES
-| frodo1344shake | 1.3.9999.99.74 | OQS_OID_FRODO1344SHAKE
-| p521_frodo1344shake | 1.3.9999.99.73 | OQS_OID_P521_FRODO1344SHAKE
-| kyber512 | 1.3.9999.99.76 | OQS_OID_KYBER512
-| p256_kyber512 | 1.3.9999.99.75 | OQS_OID_P256_KYBER512
-| x25519_kyber512 | 1.3.9999.99.52 | OQS_OID_X25519_KYBER512
-| kyber768 | 1.3.9999.99.78 | OQS_OID_KYBER768
-| p384_kyber768 | 1.3.9999.99.77 | OQS_OID_P384_KYBER768
-| x448_kyber768 | 1.3.9999.99.53 | OQS_OID_X448_KYBER768
-| x25519_kyber768 | 1.3.9999.99.54 | OQS_OID_X25519_KYBER768
-| p256_kyber768 | 1.3.9999.99.55 | OQS_OID_P256_KYBER768
-| kyber1024 | 1.3.9999.99.80 | OQS_OID_KYBER1024
-| p521_kyber1024 | 1.3.9999.99.79 | OQS_OID_P521_KYBER1024
+| frodo640aes | 1.3.9999.99.61 | OQS_OID_FRODO640AES
+| p256_frodo640aes | 1.3.9999.99.60 | OQS_OID_P256_FRODO640AES
+| x25519_frodo640aes | 1.3.9999.99.45 | OQS_OID_X25519_FRODO640AES
+| frodo640shake | 1.3.9999.99.63 | OQS_OID_FRODO640SHAKE
+| p256_frodo640shake | 1.3.9999.99.62 | OQS_OID_P256_FRODO640SHAKE
+| x25519_frodo640shake | 1.3.9999.99.46 | OQS_OID_X25519_FRODO640SHAKE
+| frodo976aes | 1.3.9999.99.65 | OQS_OID_FRODO976AES
+| p384_frodo976aes | 1.3.9999.99.64 | OQS_OID_P384_FRODO976AES
+| x448_frodo976aes | 1.3.9999.99.47 | OQS_OID_X448_FRODO976AES
+| frodo976shake | 1.3.9999.99.67 | OQS_OID_FRODO976SHAKE
+| p384_frodo976shake | 1.3.9999.99.66 | OQS_OID_P384_FRODO976SHAKE
+| x448_frodo976shake | 1.3.9999.99.48 | OQS_OID_X448_FRODO976SHAKE
+| frodo1344aes | 1.3.9999.99.69 | OQS_OID_FRODO1344AES
+| p521_frodo1344aes | 1.3.9999.99.68 | OQS_OID_P521_FRODO1344AES
+| frodo1344shake | 1.3.9999.99.71 | OQS_OID_FRODO1344SHAKE
+| p521_frodo1344shake | 1.3.9999.99.70 | OQS_OID_P521_FRODO1344SHAKE
+| kyber512 | 1.3.6.1.4.1.2.267.8.2.2 | OQS_OID_KYBER512
+| p256_kyber512 | 1.3.9999.99.72 | OQS_OID_P256_KYBER512
+| x25519_kyber512 | 1.3.9999.99.49 | OQS_OID_X25519_KYBER512
+| kyber768 | 1.3.6.1.4.1.2.267.8.3.3 | OQS_OID_KYBER768
+| p384_kyber768 | 1.3.9999.99.73 | OQS_OID_P384_KYBER768
+| x448_kyber768 | 1.3.9999.99.50 | OQS_OID_X448_KYBER768
+| x25519_kyber768 | 1.3.9999.99.51 | OQS_OID_X25519_KYBER768
+| p256_kyber768 | 1.3.9999.99.52 | OQS_OID_P256_KYBER768
+| kyber1024 | 1.3.6.1.4.1.2.267.8.4.4 | OQS_OID_KYBER1024
+| p521_kyber1024 | 1.3.9999.99.74 | OQS_OID_P521_KYBER1024
 | mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512
 | p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512
 | x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512
 | mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768
-| p384_mlkem768 | 1.3.9999.99.81 | OQS_OID_P384_MLKEM768
-| x448_mlkem768 | 1.3.9999.99.56 | OQS_OID_X448_MLKEM768
-| x25519_mlkem768 | 1.3.9999.99.57 | OQS_OID_X25519_MLKEM768
-| p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768
+| p384_mlkem768 | 1.3.9999.99.75 | OQS_OID_P384_MLKEM768
+| x448_mlkem768 | 1.3.9999.99.53 | OQS_OID_X448_MLKEM768
+| x25519_mlkem768 | 1.3.9999.99.54 | OQS_OID_X25519_MLKEM768
+| p256_mlkem768 | 1.3.9999.99.55 | OQS_OID_P256_MLKEM768
 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024
-| p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024
+| p521_mlkem1024 | 1.3.9999.99.76 | OQS_OID_P521_MLKEM1024
 | p384_mlkem1024 | 1.3.6.1.4.1.42235.6 | OQS_OID_P384_MLKEM1024
-| bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1
-| p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1
-| x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1
-| bikel3 | 1.3.9999.99.86 | OQS_OID_BIKEL3
-| p384_bikel3 | 1.3.9999.99.85 | OQS_OID_P384_BIKEL3
-| x448_bikel3 | 1.3.9999.99.60 | OQS_OID_X448_BIKEL3
-| bikel5 | 1.3.9999.99.88 | OQS_OID_BIKEL5
-| p521_bikel5 | 1.3.9999.99.87 | OQS_OID_P521_BIKEL5
-| hqc128 | 1.3.9999.99.90 | OQS_OID_HQC128
-| p256_hqc128 | 1.3.9999.99.89 | OQS_OID_P256_HQC128
-| x25519_hqc128 | 1.3.9999.99.61 | OQS_OID_X25519_HQC128
-| hqc192 | 1.3.9999.99.92 | OQS_OID_HQC192
-| p384_hqc192 | 1.3.9999.99.91 | OQS_OID_P384_HQC192
-| x448_hqc192 | 1.3.9999.99.62 | OQS_OID_X448_HQC192
-| hqc256 | 1.3.9999.99.94 | OQS_OID_HQC256
-| p521_hqc256 | 1.3.9999.99.93 | OQS_OID_P521_HQC256
+| bikel1 | 1.3.9999.99.78 | OQS_OID_BIKEL1
+| p256_bikel1 | 1.3.9999.99.77 | OQS_OID_P256_BIKEL1
+| x25519_bikel1 | 1.3.9999.99.56 | OQS_OID_X25519_BIKEL1
+| bikel3 | 1.3.9999.99.80 | OQS_OID_BIKEL3
+| p384_bikel3 | 1.3.9999.99.79 | OQS_OID_P384_BIKEL3
+| x448_bikel3 | 1.3.9999.99.57 | OQS_OID_X448_BIKEL3
+| bikel5 | 1.3.9999.99.82 | OQS_OID_BIKEL5
+| p521_bikel5 | 1.3.9999.99.81 | OQS_OID_P521_BIKEL5
+| hqc128 | 1.3.9999.99.84 | OQS_OID_HQC128
+| p256_hqc128 | 1.3.9999.99.83 | OQS_OID_P256_HQC128
+| x25519_hqc128 | 1.3.9999.99.58 | OQS_OID_X25519_HQC128
+| hqc192 | 1.3.9999.99.86 | OQS_OID_HQC192
+| p384_hqc192 | 1.3.9999.99.85 | OQS_OID_P384_HQC192
+| x448_hqc192 | 1.3.9999.99.59 | OQS_OID_X448_HQC192
+| hqc256 | 1.3.9999.99.88 | OQS_OID_HQC256
+| p521_hqc256 | 1.3.9999.99.87 | OQS_OID_P521_HQC256
 <!--- OQS_TEMPLATE_FRAGMENT_OIDS_END -->
 
 # Key Encodings
@@ -272,7 +282,9 @@ By setting environment variables, oqs-provider can be configured to encode keys
 |`OQS_ENCODING_DILITHIUM3`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
 |`OQS_ENCODING_DILITHIUM5`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
 |`OQS_ENCODING_FALCON512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
+|`OQS_ENCODING_FALCONPADDED512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
 |`OQS_ENCODING_FALCON1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
+|`OQS_ENCODING_FALCONPADDED1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
 |`OQS_ENCODING_SPHINCSSHA2128FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
 |`OQS_ENCODING_SPHINCSSHA2128SSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
 |`OQS_ENCODING_SPHINCSSHA2192FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|

diff --git a/README.md b/README.md
@@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms:
 
 - **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\*
 - **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa44_pss2048`\*, `mldsa44_rsa2048`\*, `mldsa44_ed25519`\*, `mldsa44_p256`\*, `mldsa44_bp256`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa65_pss3072`\*, `mldsa65_rsa3072`\*, `mldsa65_p256`\*, `mldsa65_bp256`\*, `mldsa65_ed25519`\*, `mldsa87`\*, `p521_mldsa87`\*, `mldsa87_p384`\*, `mldsa87_bp384`\*, `mldsa87_ed448`\*
-- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\*
+- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falconpadded512`\*, `p256_falconpadded512`\*, `rsa3072_falconpadded512`\*, `falcon1024`\*, `p521_falcon1024`\*, `falconpadded1024`\*, `p521_falconpadded1024`\*
 
 - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
 - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`

diff --git a/oqs-template/generate.sh b/oqs-template/generate.sh
@@ -2,13 +2,8 @@
 
 cd oqs-template
 
-rm generate.yml
-
-# Step 1: Obtain current generate.yml from main:
-wget -c https://raw.githubusercontent.com/open-quantum-safe/openssl/OQS-OpenSSL_1_1_1-stable/oqs-template/generate.yml
-
-# Step 2: Run the generator:
+# Step 1: Run the generator:
 cd .. && python3 oqs-template/generate.py
 
-# Step 3: Run clang-format.
+# Step 2: Run clang-format.
 find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs "${CLANG_FORMAT:-clang-format}" -i
diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
@@ -85,6 +85,7 @@ kems:
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber512'
     nid: '0x023A'
+    oid: '1.3.6.1.4.1.2.267.8.2.2'
     nid_hybrid: '0x2F3A'
     oqs_alg: 'OQS_KEM_alg_kyber_512'
     extra_nids:
@@ -107,6 +108,7 @@ kems:
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber768'
     nid: '0x023C'
+    oid: '1.3.6.1.4.1.2.267.8.3.3'
     nid_hybrid: '0x2F3C'
     extra_nids:
       current:
@@ -129,6 +131,7 @@ kems:
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber1024'
     nid: '0x023D'
+    oid: '1.3.6.1.4.1.2.267.8.4.4'
     nid_hybrid: '0x2F3D'
     extra_nids:
       old:
@@ -396,7 +399,7 @@ kem_nid_end: '0x0250'
 kem_nid_hybrid_end: '0x2FFF'
 # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values
 
-# Next free signature ID: 0xfed7
+# Next free signature ID: 0xfee1
 sigs:
   # -
     # iso (1)
@@ -648,20 +651,32 @@ sigs:
         name: 'falcon512'
         pretty_name: 'Falcon-512'
         oqs_meth: 'OQS_SIG_alg_falcon_512'
-        oid: '1.3.9999.3.6'
-        code_point: '0xfeae'
+        oid: '1.3.9999.3.11'
+        code_point: '0xfed7'
         supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
         enable: true
         mix_with: [{'name': 'p256',
                     'pretty_name': 'ECDSA p256',
-                    'oid': '1.3.9999.3.7',
-                    'code_point': '0xfeaf'},
+                    'oid': '1.3.9999.3.12',
+                    'code_point': '0xfed8'},
                    {'name': 'rsa3072',
                     'pretty_name': 'RSA3072',
-                    'oid': '1.3.9999.3.8',
-                    'code_point': '0xfeb0'}]
+                    'oid': '1.3.9999.3.13',
+                    'code_point': '0xfed9'}]
         extra_nids:
           old:
+            - implementation_version: PQClean Round 3 version labelled 20211101
+              nist-round: 3
+              oid: '1.3.9999.3.6'
+              code_point: '0xfeae'
+              mix_with: [{'name': 'p256',
+                          'pretty_name': 'ECDSA p256',
+                          'oid': '1.3.9999.3.7',
+                          'code_point': '0xfeaf'},
+                         {'name': 'rsa3072',
+                          'pretty_name': 'RSA3072',
+                          'oid': '1.3.9999.3.8',
+                          'code_point': '0xfeb0'}]
             - implementation_version: NIST Round 3 submission
               nist-round: 3
               oid: '1.3.9999.3.1'
@@ -674,20 +689,44 @@ sigs:
                           'pretty_name': 'RSA3072',
                           'oid': '1.3.9999.3.3',
                           'code_point': '0xfe0d'}]
+      -
+        name: 'falconpadded512'
+        pretty_name: 'Falcon-padded-512'
+        oqs_meth: 'OQS_SIG_alg_falcon_padded_512'
+        oid: '1.3.9999.3.16'
+        code_point: '0xfedc'
+        supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.3.17',
+                    'code_point': '0xfedd'},
+                   {'name': 'rsa3072',
+                    'pretty_name': 'RSA3072',
+                    'oid': '1.3.9999.3.18',
+                    'code_point': '0xfede'}]
       -
         name: 'falcon1024'
         pretty_name: 'Falcon-1024'
         oqs_meth: 'OQS_SIG_alg_falcon_1024'
-        oid: '1.3.9999.3.9'
-        code_point: '0xfeb1'
+        oid: '1.3.9999.3.14'
+        code_point: '0xfeda'
         supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
         enable: true
         mix_with: [{'name': 'p521',
                     'pretty_name': 'ECDSA p521',
-                    'oid': '1.3.9999.3.10',
-                    'code_point': '0xfeb2'}]
+                    'oid': '1.3.9999.3.15',
+                    'code_point': '0xfedb'}]
         extra_nids:
           old:
+            - implementation_version: PQClean Round 3 version labelled 20211101
+              nist-round: 3
+              oid: '1.3.9999.3.9'
+              code_point: '0xfeb1'
+              mix_with: [{'name': 'p521',
+                          'pretty_name': 'ECDSA p521',
+                          'oid': '1.3.9999.3.10',
+                          'code_point': '0xfeb2'}]
             - implementation_version: NIST Round 3 submission
               nist-round: 3
               oid: '1.3.9999.3.4'
@@ -696,6 +735,18 @@ sigs:
                           'pretty_name': 'ECDSA p521',
                           'oid': '1.3.9999.3.5',
                           'code_point': '0xfe0f'}]
+      -
+        name: 'falconpadded1024'
+        pretty_name: 'Falcon-padded-1024'
+        oqs_meth: 'OQS_SIG_alg_falcon_padded_1024'
+        oid: '1.3.9999.3.19'
+        code_point: '0xfedf'
+        supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
+        enable: true
+        mix_with: [{'name': 'p521',
+                    'pretty_name': 'ECDSA p521',
+                    'oid': '1.3.9999.3.20',
+                    'code_point': '0xfee0'}]
   -
     family: 'SPHINCS-Haraka'
     variants: