From 8a6a1cdd0aaa890735dceada81ecafd1926a589a Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Thu, 7 Mar 2024 12:46:39 +0100 Subject: [PATCH 1/2] Set Kyber OIDs (#368) * Fix OIDs for Kyber (r3) * fix comments in generate.sh [skip ci] * run clang-format --- ALGORITHMS.md | 94 +++++++++++++++++++-------------------- oqs-template/generate.sh | 9 +--- oqs-template/generate.yml | 3 ++ oqsprov/oqsprov.c | 39 ++++++++-------- 4 files changed, 71 insertions(+), 74 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index d6549213..3d17bf6d 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -189,59 +189,59 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li |Algorithm name | default OID | environment variable | |---------------|:-----------------:|----------------------| -| frodo640aes | 1.3.9999.99.64 | OQS_OID_FRODO640AES -| p256_frodo640aes | 1.3.9999.99.63 | OQS_OID_P256_FRODO640AES -| x25519_frodo640aes | 1.3.9999.99.48 | OQS_OID_X25519_FRODO640AES -| frodo640shake | 1.3.9999.99.66 | OQS_OID_FRODO640SHAKE -| p256_frodo640shake | 1.3.9999.99.65 | OQS_OID_P256_FRODO640SHAKE -| x25519_frodo640shake | 1.3.9999.99.49 | OQS_OID_X25519_FRODO640SHAKE -| frodo976aes | 1.3.9999.99.68 | OQS_OID_FRODO976AES -| p384_frodo976aes | 1.3.9999.99.67 | OQS_OID_P384_FRODO976AES -| x448_frodo976aes | 1.3.9999.99.50 | OQS_OID_X448_FRODO976AES -| frodo976shake | 1.3.9999.99.70 | OQS_OID_FRODO976SHAKE -| p384_frodo976shake | 1.3.9999.99.69 | OQS_OID_P384_FRODO976SHAKE -| x448_frodo976shake | 1.3.9999.99.51 | OQS_OID_X448_FRODO976SHAKE -| frodo1344aes | 1.3.9999.99.72 | OQS_OID_FRODO1344AES -| p521_frodo1344aes | 1.3.9999.99.71 | OQS_OID_P521_FRODO1344AES -| frodo1344shake | 1.3.9999.99.74 | OQS_OID_FRODO1344SHAKE -| p521_frodo1344shake | 1.3.9999.99.73 | OQS_OID_P521_FRODO1344SHAKE -| kyber512 | 1.3.9999.99.76 | OQS_OID_KYBER512 -| p256_kyber512 | 1.3.9999.99.75 | OQS_OID_P256_KYBER512 -| x25519_kyber512 | 1.3.9999.99.52 | OQS_OID_X25519_KYBER512 -| kyber768 | 1.3.9999.99.78 | OQS_OID_KYBER768 -| p384_kyber768 | 1.3.9999.99.77 | OQS_OID_P384_KYBER768 -| x448_kyber768 | 1.3.9999.99.53 | OQS_OID_X448_KYBER768 -| x25519_kyber768 | 1.3.9999.99.54 | OQS_OID_X25519_KYBER768 -| p256_kyber768 | 1.3.9999.99.55 | OQS_OID_P256_KYBER768 -| kyber1024 | 1.3.9999.99.80 | OQS_OID_KYBER1024 -| p521_kyber1024 | 1.3.9999.99.79 | OQS_OID_P521_KYBER1024 +| frodo640aes | 1.3.9999.99.61 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.60 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.45 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.63 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.62 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.46 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.65 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.64 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.47 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.67 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.66 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.48 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.69 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.68 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.71 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.70 | OQS_OID_P521_FRODO1344SHAKE +| kyber512 | 1.3.6.1.4.1.2.267.8.2.2 | OQS_OID_KYBER512 +| p256_kyber512 | 1.3.9999.99.72 | OQS_OID_P256_KYBER512 +| x25519_kyber512 | 1.3.9999.99.49 | OQS_OID_X25519_KYBER512 +| kyber768 | 1.3.6.1.4.1.2.267.8.3.3 | OQS_OID_KYBER768 +| p384_kyber768 | 1.3.9999.99.73 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.50 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.51 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.52 | OQS_OID_P256_KYBER768 +| kyber1024 | 1.3.6.1.4.1.2.267.8.4.4 | OQS_OID_KYBER1024 +| p521_kyber1024 | 1.3.9999.99.74 | OQS_OID_P521_KYBER1024 | mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512 | p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512 | x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512 | mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768 -| p384_mlkem768 | 1.3.9999.99.81 | OQS_OID_P384_MLKEM768 -| x448_mlkem768 | 1.3.9999.99.56 | OQS_OID_X448_MLKEM768 -| x25519_mlkem768 | 1.3.9999.99.57 | OQS_OID_X25519_MLKEM768 -| p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768 +| p384_mlkem768 | 1.3.9999.99.75 | OQS_OID_P384_MLKEM768 +| x448_mlkem768 | 1.3.9999.99.53 | OQS_OID_X448_MLKEM768 +| x25519_mlkem768 | 1.3.9999.99.54 | OQS_OID_X25519_MLKEM768 +| p256_mlkem768 | 1.3.9999.99.55 | OQS_OID_P256_MLKEM768 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 -| p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024 +| p521_mlkem1024 | 1.3.9999.99.76 | OQS_OID_P521_MLKEM1024 | p384_mlkem1024 | 1.3.6.1.4.1.42235.6 | OQS_OID_P384_MLKEM1024 -| bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1 -| p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1 -| x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1 -| bikel3 | 1.3.9999.99.86 | OQS_OID_BIKEL3 -| p384_bikel3 | 1.3.9999.99.85 | OQS_OID_P384_BIKEL3 -| x448_bikel3 | 1.3.9999.99.60 | OQS_OID_X448_BIKEL3 -| bikel5 | 1.3.9999.99.88 | OQS_OID_BIKEL5 -| p521_bikel5 | 1.3.9999.99.87 | OQS_OID_P521_BIKEL5 -| hqc128 | 1.3.9999.99.90 | OQS_OID_HQC128 -| p256_hqc128 | 1.3.9999.99.89 | OQS_OID_P256_HQC128 -| x25519_hqc128 | 1.3.9999.99.61 | OQS_OID_X25519_HQC128 -| hqc192 | 1.3.9999.99.92 | OQS_OID_HQC192 -| p384_hqc192 | 1.3.9999.99.91 | OQS_OID_P384_HQC192 -| x448_hqc192 | 1.3.9999.99.62 | OQS_OID_X448_HQC192 -| hqc256 | 1.3.9999.99.94 | OQS_OID_HQC256 -| p521_hqc256 | 1.3.9999.99.93 | OQS_OID_P521_HQC256 +| bikel1 | 1.3.9999.99.78 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.77 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.56 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.80 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.79 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.57 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.82 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.81 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.84 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.83 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.58 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.86 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.85 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.59 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.88 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.87 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/oqs-template/generate.sh b/oqs-template/generate.sh index 105c2aa9..5257e138 100755 --- a/oqs-template/generate.sh +++ b/oqs-template/generate.sh @@ -2,13 +2,8 @@ cd oqs-template -rm generate.yml - -# Step 1: Obtain current generate.yml from main: -wget -c https://raw.githubusercontent.com/open-quantum-safe/openssl/OQS-OpenSSL_1_1_1-stable/oqs-template/generate.yml - -# Step 2: Run the generator: +# Step 1: Run the generator: cd .. && python3 oqs-template/generate.py -# Step 3: Run clang-format. +# Step 2: Run clang-format. find . -type f -and '(' -name '*.h' -or -name '*.c' -or -name '*.inc' ')' | xargs "${CLANG_FORMAT:-clang-format}" -i diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 21536863..abdc27e7 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -85,6 +85,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber512' nid: '0x023A' + oid: '1.3.6.1.4.1.2.267.8.2.2' nid_hybrid: '0x2F3A' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: @@ -107,6 +108,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber768' nid: '0x023C' + oid: '1.3.6.1.4.1.2.267.8.3.3' nid_hybrid: '0x2F3C' extra_nids: current: @@ -129,6 +131,7 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber1024' nid: '0x023D' + oid: '1.3.6.1.4.1.2.267.8.4.4' nid_hybrid: '0x2F3D' extra_nids: old: diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index c68dded1..ec94af98 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -89,15 +89,15 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "frodo1344shake", "1.3.9999.99.26", "p521_frodo1344shake", - "1.3.9999.99.29", + "1.3.6.1.4.1.2.267.8.2.2", "kyber512", "1.3.9999.99.28", "p256_kyber512", "1.3.9999.99.5", "x25519_kyber512", - "1.3.9999.99.31", + "1.3.6.1.4.1.2.267.8.3.3", "kyber768", - "1.3.9999.99.30", + "1.3.9999.99.29", "p384_kyber768", "1.3.9999.99.6", "x448_kyber768", @@ -105,9 +105,9 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_kyber768", "1.3.9999.99.8", "p256_kyber768", - "1.3.9999.99.33", + "1.3.6.1.4.1.2.267.8.4.4", "kyber1024", - "1.3.9999.99.32", + "1.3.9999.99.30", "p521_kyber1024", "1.3.6.1.4.1.22554.5.6.1", "mlkem512", @@ -117,7 +117,7 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_mlkem512", "1.3.6.1.4.1.22554.5.6.2", "mlkem768", - "1.3.9999.99.34", + "1.3.9999.99.31", "p384_mlkem768", "1.3.9999.99.9", "x448_mlkem768", @@ -127,41 +127,41 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "p256_mlkem768", "1.3.6.1.4.1.22554.5.6.3", "mlkem1024", - "1.3.9999.99.35", + "1.3.9999.99.32", "p521_mlkem1024", "1.3.6.1.4.1.42235.6", "p384_mlkem1024", - "1.3.9999.99.37", + "1.3.9999.99.34", "bikel1", - "1.3.9999.99.36", + "1.3.9999.99.33", "p256_bikel1", "1.3.9999.99.12", "x25519_bikel1", - "1.3.9999.99.39", + "1.3.9999.99.36", "bikel3", - "1.3.9999.99.38", + "1.3.9999.99.35", "p384_bikel3", "1.3.9999.99.13", "x448_bikel3", - "1.3.9999.99.41", + "1.3.9999.99.38", "bikel5", - "1.3.9999.99.40", + "1.3.9999.99.37", "p521_bikel5", - "1.3.9999.99.43", + "1.3.9999.99.40", "hqc128", - "1.3.9999.99.42", + "1.3.9999.99.39", "p256_hqc128", "1.3.9999.99.14", "x25519_hqc128", - "1.3.9999.99.45", + "1.3.9999.99.42", "hqc192", - "1.3.9999.99.44", + "1.3.9999.99.41", "p384_hqc192", "1.3.9999.99.15", "x448_hqc192", - "1.3.9999.99.47", + "1.3.9999.99.44", "hqc256", - "1.3.9999.99.46", + "1.3.9999.99.43", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */ @@ -969,7 +969,6 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] #endif // clang-format on ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_FUNCTIONS_END - // ALG("x25519_sikep434", oqs_ecx_sikep434_keymgmt_functions), {NULL, NULL, NULL}}; static const OSSL_ALGORITHM oqsprovider_encoder[] = { From f08657b5ac5000c1f56c42dd16331e3306b9a7b2 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Thu, 7 Mar 2024 09:35:01 -0500 Subject: [PATCH 2/2] Add code points for PADDED variant of Falcon [skip ci] (#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch --- ALGORITHMS.md | 32 +++++-- README.md | 2 +- oqs-template/generate.yml | 70 +++++++++++--- oqs-template/oqs-sig-info.md | 20 +++- oqsprov/oqs_decode_der2key.c | 17 ++++ oqsprov/oqs_encode_key2any.c | 50 ++++++++++ oqsprov/oqs_kmgmt.c | 117 ++++++++++++++++++------ oqsprov/oqs_prov.h | 96 +++++++++++++++++++ oqsprov/oqsdecoders.inc | 24 +++++ oqsprov/oqsencoders.inc | 69 ++++++++++++++ oqsprov/oqsprov.c | 162 +++++++++++++++++++++++---------- oqsprov/oqsprov_capabilities.c | 106 +++++++++++++-------- oqsprov/oqsprov_keys.c | 12 ++- scripts/common.py | 4 +- 14 files changed, 641 insertions(+), 140 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 3d17bf6d..c45d83ce 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -79,11 +79,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65 | mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87 | p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87 -| falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512 -| p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512 -| rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 -| falcon1024 | 0xfeb1 |Yes| OQS_CODEPOINT_FALCON1024 -| p521_falcon1024 | 0xfeb2 |Yes| OQS_CODEPOINT_P521_FALCON1024 +| falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512 +| p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512 +| rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 +| falconpadded512 | 0xfedc |Yes| OQS_CODEPOINT_FALCONPADDED512 +| p256_falconpadded512 | 0xfedd |Yes| OQS_CODEPOINT_P256_FALCONPADDED512 +| rsa3072_falconpadded512 | 0xfede |Yes| OQS_CODEPOINT_RSA3072_FALCONPADDED512 +| falcon1024 | 0xfeda |Yes| OQS_CODEPOINT_FALCON1024 +| p521_falcon1024 | 0xfedb |Yes| OQS_CODEPOINT_P521_FALCON1024 +| falconpadded1024 | 0xfedf |Yes| OQS_CODEPOINT_FALCONPADDED1024 +| p521_falconpadded1024 | 0xfee0 |Yes| OQS_CODEPOINT_P521_FALCONPADDED1024 | sphincssha2128fsimple | 0xfeb3 |Yes| OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE | p256_sphincssha2128fsimple | 0xfeb4 |Yes| OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE | rsa3072_sphincssha2128fsimple | 0xfeb5 |Yes| OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE @@ -151,11 +156,16 @@ adapting the OIDs of all supported signature algorithms as per the table below. | p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65 | mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87 | p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87 -| falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 -| p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 -| rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 -| falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024 -| p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024 +| falcon512 | 1.3.9999.3.11 |Yes| OQS_OID_FALCON512 +| p256_falcon512 | 1.3.9999.3.12 |Yes| OQS_OID_P256_FALCON512 +| rsa3072_falcon512 | 1.3.9999.3.13 |Yes| OQS_OID_RSA3072_FALCON512 +| falconpadded512 | 1.3.9999.3.16 |Yes| OQS_OID_FALCONPADDED512 +| p256_falconpadded512 | 1.3.9999.3.17 |Yes| OQS_OID_P256_FALCONPADDED512 +| rsa3072_falconpadded512 | 1.3.9999.3.18 |Yes| OQS_OID_RSA3072_FALCONPADDED512 +| falcon1024 | 1.3.9999.3.14 |Yes| OQS_OID_FALCON1024 +| p521_falcon1024 | 1.3.9999.3.15 |Yes| OQS_OID_P521_FALCON1024 +| falconpadded1024 | 1.3.9999.3.19 |Yes| OQS_OID_FALCONPADDED1024 +| p521_falconpadded1024 | 1.3.9999.3.20 |Yes| OQS_OID_P521_FALCONPADDED1024 | sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE | p256_sphincssha2128fsimple | 1.3.9999.6.4.14 |Yes| OQS_OID_P256_SPHINCSSHA2128FSIMPLE | rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 |Yes| OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE @@ -259,7 +269,9 @@ By setting environment variables, oqs-provider can be configured to encode keys |`OQS_ENCODING_DILITHIUM3`|`draft-uni-qsckeys-dilithium-00/sk-pk`| |`OQS_ENCODING_DILITHIUM5`|`draft-uni-qsckeys-dilithium-00/sk-pk`| |`OQS_ENCODING_FALCON512`|`draft-uni-qsckeys-falcon-00/sk-pk`| +|`OQS_ENCODING_FALCONPADDED512`|`draft-uni-qsckeys-falcon-00/sk-pk`| |`OQS_ENCODING_FALCON1024`|`draft-uni-qsckeys-falcon-00/sk-pk`| +|`OQS_ENCODING_FALCONPADDED1024`|`draft-uni-qsckeys-falcon-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2128FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2128SSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| |`OQS_ENCODING_SPHINCSSHA2192FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`| diff --git a/README.md b/README.md index 8ba8852a..b6f5b086 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms: - **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\* - **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\* -- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\* +- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falconpadded512`\*, `p256_falconpadded512`\*, `rsa3072_falconpadded512`\*, `falcon1024`\*, `p521_falcon1024`\*, `falconpadded1024`\*, `p521_falconpadded1024`\* - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple` - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple` diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index abdc27e7..e9fcd9bb 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -399,7 +399,7 @@ kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values -# Next free signature ID: 0xfed7 +# Next free signature ID: 0xfee1 sigs: # - # iso (1) @@ -581,20 +581,32 @@ sigs: name: 'falcon512' pretty_name: 'Falcon-512' oqs_meth: 'OQS_SIG_alg_falcon_512' - oid: '1.3.9999.3.6' - code_point: '0xfeae' + oid: '1.3.9999.3.11' + code_point: '0xfed7' supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] enable: true mix_with: [{'name': 'p256', 'pretty_name': 'ECDSA p256', - 'oid': '1.3.9999.3.7', - 'code_point': '0xfeaf'}, + 'oid': '1.3.9999.3.12', + 'code_point': '0xfed8'}, {'name': 'rsa3072', 'pretty_name': 'RSA3072', - 'oid': '1.3.9999.3.8', - 'code_point': '0xfeb0'}] + 'oid': '1.3.9999.3.13', + 'code_point': '0xfed9'}] extra_nids: old: + - implementation_version: PQClean Round 3 version labelled 20211101 + nist-round: 3 + oid: '1.3.9999.3.6' + code_point: '0xfeae' + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.7', + 'code_point': '0xfeaf'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.8', + 'code_point': '0xfeb0'}] - implementation_version: NIST Round 3 submission nist-round: 3 oid: '1.3.9999.3.1' @@ -607,20 +619,44 @@ sigs: 'pretty_name': 'RSA3072', 'oid': '1.3.9999.3.3', 'code_point': '0xfe0d'}] + - + name: 'falconpadded512' + pretty_name: 'Falcon-padded-512' + oqs_meth: 'OQS_SIG_alg_falcon_padded_512' + oid: '1.3.9999.3.16' + code_point: '0xfedc' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.3.17', + 'code_point': '0xfedd'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.3.18', + 'code_point': '0xfede'}] - name: 'falcon1024' pretty_name: 'Falcon-1024' oqs_meth: 'OQS_SIG_alg_falcon_1024' - oid: '1.3.9999.3.9' - code_point: '0xfeb1' + oid: '1.3.9999.3.14' + code_point: '0xfeda' supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] enable: true mix_with: [{'name': 'p521', 'pretty_name': 'ECDSA p521', - 'oid': '1.3.9999.3.10', - 'code_point': '0xfeb2'}] + 'oid': '1.3.9999.3.15', + 'code_point': '0xfedb'}] extra_nids: old: + - implementation_version: PQClean Round 3 version labelled 20211101 + nist-round: 3 + oid: '1.3.9999.3.9' + code_point: '0xfeb1' + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.10', + 'code_point': '0xfeb2'}] - implementation_version: NIST Round 3 submission nist-round: 3 oid: '1.3.9999.3.4' @@ -629,6 +665,18 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.3.5', 'code_point': '0xfe0f'}] + - + name: 'falconpadded1024' + pretty_name: 'Falcon-padded-1024' + oqs_meth: 'OQS_SIG_alg_falcon_padded_1024' + oid: '1.3.9999.3.19' + code_point: '0xfedf' + supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk'] + enable: true + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.3.20', + 'code_point': '0xfee0'}] - family: 'SPHINCS-Haraka' variants: diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md index 15607003..e61a9824 100644 --- a/oqs-template/oqs-sig-info.md +++ b/oqs-template/oqs-sig-info.md @@ -14,16 +14,26 @@ | dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | | dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | | dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | -| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | -| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | -| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | +| falcon512 | 20211101 | 3 | 1 | 0xfed7 | 1.3.9999.3.11 | +| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfed8 | 1.3.9999.3.12 | +| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfed9 | 1.3.9999.3.13 | +| falcon512 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | +| falcon512 **hybrid with** p256 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | +| falcon512 **hybrid with** rsa3072 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | | falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | | falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | | falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | -| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | -| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | +| falconpadded512 | 20211101 | 3 | 1 | 0xfedc | 1.3.9999.3.16 | +| falconpadded512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfedd | 1.3.9999.3.17 | +| falconpadded512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfede | 1.3.9999.3.18 | +| falcon1024 | 20211101 | 3 | 5 | 0xfeda | 1.3.9999.3.14 | +| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfedb | 1.3.9999.3.15 | +| falcon1024 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | +| falcon1024 **hybrid with** p521 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | | falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | | falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | +| falconpadded1024 | 20211101 | 3 | 5 | 0xfedf | 1.3.9999.3.19 | +| falconpadded1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfee0 | 1.3.9999.3.20 | | mldsa44 | ML-DSA-ipd | ipd | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 | | mldsa44 **hybrid with** p256 | ML-DSA-ipd | ipd | 1 | 0xfed3 | 1.3.9999.7.1 | | mldsa44 **hybrid with** rsa3072 | ML-DSA-ipd | ipd | 1 | 0xfed4 | 1.3.9999.7.2 | diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c index ef2aeef4..ddaf6975 100644 --- a/oqsprov/oqs_decode_der2key.c +++ b/oqsprov/oqs_decode_der2key.c @@ -725,10 +725,27 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo); MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo); MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo); +MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, PrivateKeyInfo); +MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, + SubjectPublicKeyInfo); +MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx, + PrivateKeyInfo); +MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx, + SubjectPublicKeyInfo); MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, PrivateKeyInfo); MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx, diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c index 562ab648..b41c0f78 100644 --- a/oqsprov/oqs_encode_key2any.c +++ b/oqsprov/oqs_encode_key2any.c @@ -894,12 +894,27 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) #define rsa3072_falcon512_evp_type 0 #define rsa3072_falcon512_input_type "rsa3072_falcon512" #define rsa3072_falcon512_pem_type "rsa3072_falcon512" +#define falconpadded512_evp_type 0 +#define falconpadded512_input_type "falconpadded512" +#define falconpadded512_pem_type "falconpadded512" +#define p256_falconpadded512_evp_type 0 +#define p256_falconpadded512_input_type "p256_falconpadded512" +#define p256_falconpadded512_pem_type "p256_falconpadded512" +#define rsa3072_falconpadded512_evp_type 0 +#define rsa3072_falconpadded512_input_type "rsa3072_falconpadded512" +#define rsa3072_falconpadded512_pem_type "rsa3072_falconpadded512" #define falcon1024_evp_type 0 #define falcon1024_input_type "falcon1024" #define falcon1024_pem_type "falcon1024" #define p521_falcon1024_evp_type 0 #define p521_falcon1024_input_type "p521_falcon1024" #define p521_falcon1024_pem_type "p521_falcon1024" +#define falconpadded1024_evp_type 0 +#define falconpadded1024_input_type "falconpadded1024" +#define falconpadded1024_pem_type "falconpadded1024" +#define p521_falconpadded1024_evp_type 0 +#define p521_falconpadded1024_input_type "p521_falconpadded1024" +#define p521_falconpadded1024_pem_type "p521_falconpadded1024" #define sphincssha2128fsimple_evp_type 0 #define sphincssha2128fsimple_input_type "sphincssha2128fsimple" #define sphincssha2128fsimple_pem_type "sphincssha2128fsimple" @@ -2019,6 +2034,27 @@ MAKE_ENCODER(, rsa3072_falcon512, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, rsa3072_falcon512, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, rsa3072_falcon512); +MAKE_ENCODER(, falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falconpadded512); +MAKE_ENCODER(, p256_falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p256_falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p256_falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p256_falconpadded512); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, rsa3072_falconpadded512, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, rsa3072_falconpadded512); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, falcon1024, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, falcon1024, oqsx, PrivateKeyInfo, der); @@ -2033,6 +2069,20 @@ MAKE_ENCODER(, p521_falcon1024, oqsx, PrivateKeyInfo, pem); MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, der); MAKE_ENCODER(, p521_falcon1024, oqsx, SubjectPublicKeyInfo, pem); MAKE_TEXT_ENCODER(, p521_falcon1024); +MAKE_ENCODER(, falconpadded1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, falconpadded1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, falconpadded1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, falconpadded1024); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, EncryptedPrivateKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, EncryptedPrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, PrivateKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, PrivateKeyInfo, pem); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, SubjectPublicKeyInfo, der); +MAKE_ENCODER(, p521_falconpadded1024, oqsx, SubjectPublicKeyInfo, pem); +MAKE_TEXT_ENCODER(, p521_falconpadded1024); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(, sphincssha2128fsimple, oqsx, PrivateKeyInfo, der); diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 0949925d..a613a022 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -782,60 +782,120 @@ static void *rsa3072_falcon512_gen_init(void *provctx, int selection) return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 16); } +static void *falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_512, "falconpadded512", + KEY_TYPE_SIG, NULL, 128, 17); +} + +static void *falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "falconpadded512", 0, 128, 17); +} +static void *p256_falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_512, "p256_falconpadded512", + KEY_TYPE_HYB_SIG, NULL, 128, 18); +} + +static void *p256_falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "p256_falconpadded512", KEY_TYPE_HYB_SIG, 128, 18); +} +static void *rsa3072_falconpadded512_new_key(void *provctx) +{ + return oqsx_key_new( + PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_padded_512, + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, NULL, 128, 19); +} + +static void *rsa3072_falconpadded512_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_512, + "rsa3072_falconpadded512", KEY_TYPE_HYB_SIG, 128, 19); +} static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 17); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 20); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 17); + "falcon1024", 0, 256, 20); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 18); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 21); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 18); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 21); +} +static void *falconpadded1024_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_1024, "falconpadded1024", + KEY_TYPE_SIG, NULL, 256, 22); +} + +static void *falconpadded1024_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, + "falconpadded1024", 0, 256, 22); +} +static void *p521_falconpadded1024_new_key(void *provctx) +{ + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), + OQS_SIG_alg_falcon_padded_1024, "p521_falconpadded1024", + KEY_TYPE_HYB_SIG, NULL, 256, 23); +} + +static void *p521_falconpadded1024_gen_init(void *provctx, int selection) +{ + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_padded_1024, + "p521_falconpadded1024", KEY_TYPE_HYB_SIG, 256, 23); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 19); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 24); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 19); + "sphincssha2128fsimple", 0, 128, 24); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 20); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 25); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 20); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 25); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 21); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 26); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -843,39 +903,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 21); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 26); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 22); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 27); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 22); + "sphincssha2128ssimple", 0, 128, 27); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 23); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 23); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 28); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 24); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -883,66 +943,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 24); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 29); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 25); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 30); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 25); + "sphincssha2192fsimple", 0, 192, 30); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 26); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 31); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 26); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 31); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 27); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 32); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 27); + "sphincsshake128fsimple", 0, 128, 32); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 28); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 33); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 28); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 33); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 29); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 34); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -950,7 +1010,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 29); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 34); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END @@ -1119,8 +1179,13 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p521_mldsa87) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falcon512) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falcon512) +MAKE_SIG_KEYMGMT_FUNCTIONS(falconpadded512) +MAKE_SIG_KEYMGMT_FUNCTIONS(p256_falconpadded512) +MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_falconpadded512) MAKE_SIG_KEYMGMT_FUNCTIONS(falcon1024) MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falcon1024) +MAKE_SIG_KEYMGMT_FUNCTIONS(falconpadded1024) +MAKE_SIG_KEYMGMT_FUNCTIONS(p521_falconpadded1024) MAKE_SIG_KEYMGMT_FUNCTIONS(sphincssha2128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincssha2128fsimple) MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincssha2128fsimple) diff --git a/oqsprov/oqs_prov.h b/oqsprov/oqs_prov.h index b9caaa7c..847e6f65 100644 --- a/oqsprov/oqs_prov.h +++ b/oqsprov/oqs_prov.h @@ -1416,6 +1416,60 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_rsa3072_falcon512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p256_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_p256_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p256_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p256_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_rsa3072_falconpadded512_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_rsa3072_falconpadded512_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_rsa3072_falconpadded512_decoder_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1450,6 +1504,43 @@ extern const OSSL_DISPATCH oqs_PrivateKeyInfo_der_to_p521_falcon1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_SubjectPublicKeyInfo_der_to_p521_falcon1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_EncryptedPrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_falconpadded1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_PrivateKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_EncryptedPrivateKeyInfo_der_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_EncryptedPrivateKeyInfo_pem_encoder_functions + []; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_p521_falconpadded1024_to_text_encoder_functions[]; +extern const OSSL_DISPATCH + oqs_PrivateKeyInfo_der_to_p521_falconpadded1024_decoder_functions[]; +extern const OSSL_DISPATCH + oqs_SubjectPublicKeyInfo_der_to_p521_falconpadded1024_decoder_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_to_PrivateKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH @@ -1714,8 +1805,13 @@ extern const OSSL_DISPATCH oqs_p521_mldsa87_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_falcon512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_rsa3072_falcon512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p256_falconpadded512_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_rsa3072_falconpadded512_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_falcon1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p521_falcon1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_falconpadded1024_keymgmt_functions[]; +extern const OSSL_DISPATCH oqs_p521_falconpadded1024_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_sphincssha2128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH oqs_p256_sphincssha2128fsimple_keymgmt_functions[]; extern const OSSL_DISPATCH diff --git a/oqsprov/oqsdecoders.inc b/oqsprov/oqsdecoders.inc index a8e94d0e..2f6bc610 100644 --- a/oqsprov/oqsdecoders.inc +++ b/oqsprov/oqsdecoders.inc @@ -290,6 +290,20 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("rsa3072_falcon512", der, SubjectPublicKeyInfo, rsa3072_falcon512), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + DECODER_w_structure("falconpadded512", der, PrivateKeyInfo, + falconpadded512), + DECODER_w_structure("falconpadded512", der, SubjectPublicKeyInfo, + falconpadded512), + DECODER_w_structure("p256_falconpadded512", der, PrivateKeyInfo, + p256_falconpadded512), + DECODER_w_structure("p256_falconpadded512", der, SubjectPublicKeyInfo, + p256_falconpadded512), + DECODER_w_structure("rsa3072_falconpadded512", der, PrivateKeyInfo, + rsa3072_falconpadded512), + DECODER_w_structure("rsa3072_falconpadded512", der, SubjectPublicKeyInfo, + rsa3072_falconpadded512), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 DECODER_w_structure("falcon1024", der, PrivateKeyInfo, falcon1024), DECODER_w_structure("falcon1024", der, SubjectPublicKeyInfo, falcon1024), @@ -298,6 +312,16 @@ DECODER_w_structure("frodo640aes", der, PrivateKeyInfo, frodo640aes), DECODER_w_structure("p521_falcon1024", der, SubjectPublicKeyInfo, p521_falcon1024), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + DECODER_w_structure("falconpadded1024", der, PrivateKeyInfo, + falconpadded1024), + DECODER_w_structure("falconpadded1024", der, SubjectPublicKeyInfo, + falconpadded1024), + DECODER_w_structure("p521_falconpadded1024", der, PrivateKeyInfo, + p521_falconpadded1024), + DECODER_w_structure("p521_falconpadded1024", der, SubjectPublicKeyInfo, + p521_falconpadded1024), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple DECODER_w_structure("sphincssha2128fsimple", der, PrivateKeyInfo, sphincssha2128fsimple), diff --git a/oqsprov/oqsencoders.inc b/oqsprov/oqsencoders.inc index c40405f0..e60f81e3 100644 --- a/oqsprov/oqsencoders.inc +++ b/oqsprov/oqsencoders.inc @@ -848,6 +848,47 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("rsa3072_falcon512", rsa3072_falcon512), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + ENCODER_w_structure("falconpadded512", falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falconpadded512", falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falconpadded512", falconpadded512), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p256_falconpadded512", p256_falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p256_falconpadded512", p256_falconpadded512), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + PrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("rsa3072_falconpadded512", rsa3072_falconpadded512, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("rsa3072_falconpadded512", rsa3072_falconpadded512), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 ENCODER_w_structure("falcon1024", falcon1024, der, PrivateKeyInfo), ENCODER_w_structure("falcon1024", falcon1024, pem, PrivateKeyInfo), @@ -870,6 +911,34 @@ ENCODER_w_structure("frodo640aes", frodo640aes, der, PrivateKeyInfo), SubjectPublicKeyInfo), ENCODER_TEXT("p521_falcon1024", p521_falcon1024), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + PrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("falconpadded1024", falconpadded1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("falconpadded1024", falconpadded1024), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + PrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + PrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + EncryptedPrivateKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, der, + SubjectPublicKeyInfo), + ENCODER_w_structure("p521_falconpadded1024", p521_falconpadded1024, pem, + SubjectPublicKeyInfo), + ENCODER_TEXT("p521_falconpadded1024", p521_falconpadded1024), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple ENCODER_w_structure("sphincssha2128fsimple", sphincssha2128fsimple, der, PrivateKeyInfo), diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index ec94af98..64ca0256 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,9 +49,9 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 166 +# define OQS_OID_CNT 176 #else -# define OQS_OID_CNT 60 +# define OQS_OID_CNT 70 #endif const char *oqs_oid_alg_list[OQS_OID_CNT] = { @@ -194,16 +194,26 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mldsa87", "1.3.9999.7.4", "p521_mldsa87", - "1.3.9999.3.6", + "1.3.9999.3.11", "falcon512", - "1.3.9999.3.7", + "1.3.9999.3.12", "p256_falcon512", - "1.3.9999.3.8", + "1.3.9999.3.13", "rsa3072_falcon512", - "1.3.9999.3.9", + "1.3.9999.3.16", + "falconpadded512", + "1.3.9999.3.17", + "p256_falconpadded512", + "1.3.9999.3.18", + "rsa3072_falconpadded512", + "1.3.9999.3.14", "falcon1024", - "1.3.9999.3.10", + "1.3.9999.3.15", "p521_falcon1024", + "1.3.9999.3.19", + "falconpadded1024", + "1.3.9999.3.20", + "p521_falconpadded1024", "1.3.9999.6.4.13", "sphincssha2128fsimple", "1.3.9999.6.4.14", @@ -405,43 +415,58 @@ int oqs_patch_oids(void) if (getenv("OQS_OID_RSA3072_FALCON512")) oqs_oid_alg_list[32 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_FALCON512"); + if (getenv("OQS_OID_FALCONPADDED512")) + oqs_oid_alg_list[34 + OQS_KEMOID_CNT] + = getenv("OQS_OID_FALCONPADDED512"); + if (getenv("OQS_OID_P256_FALCONPADDED512")) + oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P256_FALCONPADDED512"); + if (getenv("OQS_OID_RSA3072_FALCONPADDED512")) + oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + = getenv("OQS_OID_RSA3072_FALCONPADDED512"); if (getenv("OQS_OID_FALCON1024")) - oqs_oid_alg_list[34 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); + oqs_oid_alg_list[40 + OQS_KEMOID_CNT] = getenv("OQS_OID_FALCON1024"); if (getenv("OQS_OID_P521_FALCON1024")) - oqs_oid_alg_list[36 + OQS_KEMOID_CNT] + oqs_oid_alg_list[42 + OQS_KEMOID_CNT] = getenv("OQS_OID_P521_FALCON1024"); + if (getenv("OQS_OID_FALCONPADDED1024")) + oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + = getenv("OQS_OID_FALCONPADDED1024"); + if (getenv("OQS_OID_P521_FALCONPADDED1024")) + oqs_oid_alg_list[46 + OQS_KEMOID_CNT] + = getenv("OQS_OID_P521_FALCONPADDED1024"); if (getenv("OQS_OID_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[38 + OQS_KEMOID_CNT] + oqs_oid_alg_list[48 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[40 + OQS_KEMOID_CNT] + oqs_oid_alg_list[50 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_oid_alg_list[42 + OQS_KEMOID_CNT] + oqs_oid_alg_list[52 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[44 + OQS_KEMOID_CNT] + oqs_oid_alg_list[54 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[46 + OQS_KEMOID_CNT] + oqs_oid_alg_list[56 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_oid_alg_list[48 + OQS_KEMOID_CNT] + oqs_oid_alg_list[58 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_OID_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[50 + OQS_KEMOID_CNT] + oqs_oid_alg_list[60 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE")) - oqs_oid_alg_list[52 + OQS_KEMOID_CNT] + oqs_oid_alg_list[62 + OQS_KEMOID_CNT] = getenv("OQS_OID_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[54 + OQS_KEMOID_CNT] + oqs_oid_alg_list[64 + OQS_KEMOID_CNT] = getenv("OQS_OID_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[56 + OQS_KEMOID_CNT] + oqs_oid_alg_list[66 + OQS_KEMOID_CNT] = getenv("OQS_OID_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_oid_alg_list[58 + OQS_KEMOID_CNT] + oqs_oid_alg_list[68 + OQS_KEMOID_CNT] = getenv("OQS_OID_RSA3072_SPHINCSSHAKE128FSIMPLE"); ///// OQS_TEMPLATE_FRAGMENT_OID_PATCHING_END return 1; @@ -528,80 +553,107 @@ int oqs_patch_encodings(void) if (getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME")) oqs_alg_encoding_list[33] = getenv("OQS_ENCODING_RSA3072_FALCON512_ALGNAME"); + if (getenv("OQS_ENCODING_FALCONPADDED512")) + oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCONPADDED512"); + if (getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[35] + = getenv("OQS_ENCODING_FALCONPADDED512_ALGNAME"); + if (getenv("OQS_ENCODING_P256_FALCONPADDED512")) + oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P256_FALCONPADDED512"); + if (getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[37] + = getenv("OQS_ENCODING_P256_FALCONPADDED512_ALGNAME"); + if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512")) + oqs_alg_encoding_list[38] + = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512"); + if (getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME")) + oqs_alg_encoding_list[39] + = getenv("OQS_ENCODING_RSA3072_FALCONPADDED512_ALGNAME"); if (getenv("OQS_ENCODING_FALCON1024")) - oqs_alg_encoding_list[34] = getenv("OQS_ENCODING_FALCON1024"); + oqs_alg_encoding_list[40] = getenv("OQS_ENCODING_FALCON1024"); if (getenv("OQS_ENCODING_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[35] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); + oqs_alg_encoding_list[41] = getenv("OQS_ENCODING_FALCON1024_ALGNAME"); if (getenv("OQS_ENCODING_P521_FALCON1024")) - oqs_alg_encoding_list[36] = getenv("OQS_ENCODING_P521_FALCON1024"); + oqs_alg_encoding_list[42] = getenv("OQS_ENCODING_P521_FALCON1024"); if (getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME")) - oqs_alg_encoding_list[37] + oqs_alg_encoding_list[43] = getenv("OQS_ENCODING_P521_FALCON1024_ALGNAME"); + if (getenv("OQS_ENCODING_FALCONPADDED1024")) + oqs_alg_encoding_list[44] = getenv("OQS_ENCODING_FALCONPADDED1024"); + if (getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME")) + oqs_alg_encoding_list[45] + = getenv("OQS_ENCODING_FALCONPADDED1024_ALGNAME"); + if (getenv("OQS_ENCODING_P521_FALCONPADDED1024")) + oqs_alg_encoding_list[46] + = getenv("OQS_ENCODING_P521_FALCONPADDED1024"); + if (getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME")) + oqs_alg_encoding_list[47] + = getenv("OQS_ENCODING_P521_FALCONPADDED1024_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[38] + oqs_alg_encoding_list[48] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[39] + oqs_alg_encoding_list[49] = getenv("OQS_ENCODING_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[40] + oqs_alg_encoding_list[50] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[41] + oqs_alg_encoding_list[51] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_alg_encoding_list[42] + oqs_alg_encoding_list[52] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[43] + oqs_alg_encoding_list[53] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[44] + oqs_alg_encoding_list[54] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[45] + oqs_alg_encoding_list[55] = getenv("OQS_ENCODING_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[46] + oqs_alg_encoding_list[56] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[47] + oqs_alg_encoding_list[57] = getenv("OQS_ENCODING_P256_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_alg_encoding_list[48] + oqs_alg_encoding_list[58] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME")) - oqs_alg_encoding_list[49] + oqs_alg_encoding_list[59] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHA2128SSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[50] + oqs_alg_encoding_list[60] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[51] + oqs_alg_encoding_list[61] = getenv("OQS_ENCODING_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE")) - oqs_alg_encoding_list[52] + oqs_alg_encoding_list[62] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE"); if (getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[53] + oqs_alg_encoding_list[63] = getenv("OQS_ENCODING_P384_SPHINCSSHA2192FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[54] + oqs_alg_encoding_list[64] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[55] + oqs_alg_encoding_list[65] = getenv("OQS_ENCODING_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[56] + oqs_alg_encoding_list[66] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[57] + oqs_alg_encoding_list[67] = getenv("OQS_ENCODING_P256_SPHINCSSHAKE128FSIMPLE_ALGNAME"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_alg_encoding_list[58] + oqs_alg_encoding_list[68] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE"); if (getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME")) - oqs_alg_encoding_list[59] + oqs_alg_encoding_list[69] = getenv("OQS_ENCODING_RSA3072_SPHINCSSHAKE128FSIMPLE_ALGNAME"); ///// OQS_TEMPLATE_FRAGMENT_ENCODING_PATCHING_END return 1; @@ -678,10 +730,19 @@ static const OSSL_ALGORITHM oqsprovider_signatures[] = { SIGALG("p256_falcon512", 128, oqs_signature_functions), SIGALG("rsa3072_falcon512", 128, oqs_signature_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + SIGALG("falconpadded512", 128, oqs_signature_functions), + SIGALG("p256_falconpadded512", 128, oqs_signature_functions), + SIGALG("rsa3072_falconpadded512", 128, oqs_signature_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_signature_functions), SIGALG("p521_falcon1024", 256, oqs_signature_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + SIGALG("falconpadded1024", 256, oqs_signature_functions), + SIGALG("p521_falconpadded1024", 256, oqs_signature_functions), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple SIGALG("sphincssha2128fsimple", 128, oqs_signature_functions), SIGALG("p256_sphincssha2128fsimple", 128, oqs_signature_functions), @@ -836,10 +897,19 @@ static const OSSL_ALGORITHM oqsprovider_keymgmt[] SIGALG("p256_falcon512", 128, oqs_p256_falcon512_keymgmt_functions), SIGALG("rsa3072_falcon512", 128, oqs_rsa3072_falcon512_keymgmt_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_512 + SIGALG("falconpadded512", 128, oqs_falconpadded512_keymgmt_functions), + SIGALG("p256_falconpadded512", 128, oqs_p256_falconpadded512_keymgmt_functions), + SIGALG("rsa3072_falconpadded512", 128, oqs_rsa3072_falconpadded512_keymgmt_functions), +#endif #ifdef OQS_ENABLE_SIG_falcon_1024 SIGALG("falcon1024", 256, oqs_falcon1024_keymgmt_functions), SIGALG("p521_falcon1024", 256, oqs_p521_falcon1024_keymgmt_functions), #endif +#ifdef OQS_ENABLE_SIG_falcon_padded_1024 + SIGALG("falconpadded1024", 256, oqs_falconpadded1024_keymgmt_functions), + SIGALG("p521_falconpadded1024", 256, oqs_p521_falconpadded1024_keymgmt_functions), +#endif #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple SIGALG("sphincssha2128fsimple", 128, oqs_sphincssha2128fsimple_keymgmt_functions), SIGALG("p256_sphincssha2128fsimple", 128, oqs_p256_sphincssha2128fsimple_keymgmt_functions), diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 2ffb4cc1..6f006225 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -272,14 +272,17 @@ static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { {0xfed3, 128, TLS1_3_VERSION, 0}, {0xfed4, 128, TLS1_3_VERSION, 0}, {0xfed1, 192, TLS1_3_VERSION, 0}, {0xfed5, 192, TLS1_3_VERSION, 0}, {0xfed2, 256, TLS1_3_VERSION, 0}, {0xfed6, 256, TLS1_3_VERSION, 0}, - {0xfeae, 128, TLS1_3_VERSION, 0}, {0xfeaf, 128, TLS1_3_VERSION, 0}, - {0xfeb0, 128, TLS1_3_VERSION, 0}, {0xfeb1, 256, TLS1_3_VERSION, 0}, - {0xfeb2, 256, TLS1_3_VERSION, 0}, {0xfeb3, 128, TLS1_3_VERSION, 0}, - {0xfeb4, 128, TLS1_3_VERSION, 0}, {0xfeb5, 128, TLS1_3_VERSION, 0}, - {0xfeb6, 128, TLS1_3_VERSION, 0}, {0xfeb7, 128, TLS1_3_VERSION, 0}, - {0xfeb8, 128, TLS1_3_VERSION, 0}, {0xfeb9, 192, TLS1_3_VERSION, 0}, - {0xfeba, 192, TLS1_3_VERSION, 0}, {0xfec2, 128, TLS1_3_VERSION, 0}, - {0xfec3, 128, TLS1_3_VERSION, 0}, {0xfec4, 128, TLS1_3_VERSION, 0}, + {0xfed7, 128, TLS1_3_VERSION, 0}, {0xfed8, 128, TLS1_3_VERSION, 0}, + {0xfed9, 128, TLS1_3_VERSION, 0}, {0xfedc, 128, TLS1_3_VERSION, 0}, + {0xfedd, 128, TLS1_3_VERSION, 0}, {0xfede, 128, TLS1_3_VERSION, 0}, + {0xfeda, 256, TLS1_3_VERSION, 0}, {0xfedb, 256, TLS1_3_VERSION, 0}, + {0xfedf, 256, TLS1_3_VERSION, 0}, {0xfee0, 256, TLS1_3_VERSION, 0}, + {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, + {0xfeb5, 128, TLS1_3_VERSION, 0}, {0xfeb6, 128, TLS1_3_VERSION, 0}, + {0xfeb7, 128, TLS1_3_VERSION, 0}, {0xfeb8, 128, TLS1_3_VERSION, 0}, + {0xfeb9, 192, TLS1_3_VERSION, 0}, {0xfeba, 192, TLS1_3_VERSION, 0}, + {0xfec2, 128, TLS1_3_VERSION, 0}, {0xfec3, 128, TLS1_3_VERSION, 0}, + {0xfec4, 128, TLS1_3_VERSION, 0}, ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_END }; @@ -473,44 +476,59 @@ int oqs_patch_codepoints() if (getenv("OQS_CODEPOINT_RSA3072_FALCON512")) oqs_sigalg_list[16].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCON512")); - if (getenv("OQS_CODEPOINT_FALCON1024")) + if (getenv("OQS_CODEPOINT_FALCONPADDED512")) oqs_sigalg_list[17].code_point + = atoi(getenv("OQS_CODEPOINT_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_P256_FALCONPADDED512")) + oqs_sigalg_list[18].code_point + = atoi(getenv("OQS_CODEPOINT_P256_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_RSA3072_FALCONPADDED512")) + oqs_sigalg_list[19].code_point + = atoi(getenv("OQS_CODEPOINT_RSA3072_FALCONPADDED512")); + if (getenv("OQS_CODEPOINT_FALCON1024")) + oqs_sigalg_list[20].code_point = atoi(getenv("OQS_CODEPOINT_FALCON1024")); if (getenv("OQS_CODEPOINT_P521_FALCON1024")) - oqs_sigalg_list[18].code_point + oqs_sigalg_list[21].code_point = atoi(getenv("OQS_CODEPOINT_P521_FALCON1024")); + if (getenv("OQS_CODEPOINT_FALCONPADDED1024")) + oqs_sigalg_list[22].code_point + = atoi(getenv("OQS_CODEPOINT_FALCONPADDED1024")); + if (getenv("OQS_CODEPOINT_P521_FALCONPADDED1024")) + oqs_sigalg_list[23].code_point + = atoi(getenv("OQS_CODEPOINT_P521_FALCONPADDED1024")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[19].code_point + oqs_sigalg_list[24].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[20].code_point + oqs_sigalg_list[25].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")) - oqs_sigalg_list[21].code_point + oqs_sigalg_list[26].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[22].code_point + oqs_sigalg_list[27].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[23].code_point + oqs_sigalg_list[28].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")) - oqs_sigalg_list[24].code_point + oqs_sigalg_list[29].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHA2128SSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[25].code_point + oqs_sigalg_list[30].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")) - oqs_sigalg_list[26].code_point + oqs_sigalg_list[31].code_point = atoi(getenv("OQS_CODEPOINT_P384_SPHINCSSHA2192FSIMPLE")); if (getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[27].code_point + oqs_sigalg_list[32].code_point = atoi(getenv("OQS_CODEPOINT_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[28].code_point + oqs_sigalg_list[33].code_point = atoi(getenv("OQS_CODEPOINT_P256_SPHINCSSHAKE128FSIMPLE")); if (getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")) - oqs_sigalg_list[29].code_point + oqs_sigalg_list[34].code_point = atoi(getenv("OQS_CODEPOINT_RSA3072_SPHINCSSHAKE128FSIMPLE")); ///// OQS_TEMPLATE_FRAGMENT_CODEPOINT_PATCHING_END return 1; @@ -590,49 +608,63 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { 13), # endif # ifdef OQS_ENABLE_SIG_falcon_512 - OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 14), + OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.11", 14), OQS_SIGALG_ENTRY(p256_falcon512, p256_falcon512, p256_falcon512, - "1.3.9999.3.7", 15), + "1.3.9999.3.12", 15), OQS_SIGALG_ENTRY(rsa3072_falcon512, rsa3072_falcon512, rsa3072_falcon512, - "1.3.9999.3.8", 16), + "1.3.9999.3.13", 16), +# endif +# ifdef OQS_ENABLE_SIG_falcon_padded_512 + OQS_SIGALG_ENTRY(falconpadded512, falconpadded512, falconpadded512, + "1.3.9999.3.16", 17), + OQS_SIGALG_ENTRY(p256_falconpadded512, p256_falconpadded512, + p256_falconpadded512, "1.3.9999.3.17", 18), + OQS_SIGALG_ENTRY(rsa3072_falconpadded512, rsa3072_falconpadded512, + rsa3072_falconpadded512, "1.3.9999.3.18", 19), # endif # ifdef OQS_ENABLE_SIG_falcon_1024 - OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.9", 17), + OQS_SIGALG_ENTRY(falcon1024, falcon1024, falcon1024, "1.3.9999.3.14", 20), OQS_SIGALG_ENTRY(p521_falcon1024, p521_falcon1024, p521_falcon1024, - "1.3.9999.3.10", 18), + "1.3.9999.3.15", 21), +# endif +# ifdef OQS_ENABLE_SIG_falcon_padded_1024 + OQS_SIGALG_ENTRY(falconpadded1024, falconpadded1024, falconpadded1024, + "1.3.9999.3.19", 22), + OQS_SIGALG_ENTRY(p521_falconpadded1024, p521_falconpadded1024, + p521_falconpadded1024, "1.3.9999.3.20", 23), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple OQS_SIGALG_ENTRY(sphincssha2128fsimple, sphincssha2128fsimple, - sphincssha2128fsimple, "1.3.9999.6.4.13", 19), + sphincssha2128fsimple, "1.3.9999.6.4.13", 24), OQS_SIGALG_ENTRY(p256_sphincssha2128fsimple, p256_sphincssha2128fsimple, - p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 20), + p256_sphincssha2128fsimple, "1.3.9999.6.4.14", 25), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128fsimple, rsa3072_sphincssha2128fsimple, - rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 21), + rsa3072_sphincssha2128fsimple, "1.3.9999.6.4.15", 26), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple OQS_SIGALG_ENTRY(sphincssha2128ssimple, sphincssha2128ssimple, - sphincssha2128ssimple, "1.3.9999.6.4.16", 22), + sphincssha2128ssimple, "1.3.9999.6.4.16", 27), OQS_SIGALG_ENTRY(p256_sphincssha2128ssimple, p256_sphincssha2128ssimple, - p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 23), + p256_sphincssha2128ssimple, "1.3.9999.6.4.17", 28), OQS_SIGALG_ENTRY(rsa3072_sphincssha2128ssimple, rsa3072_sphincssha2128ssimple, - rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 24), + rsa3072_sphincssha2128ssimple, "1.3.9999.6.4.18", 29), # endif # ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple OQS_SIGALG_ENTRY(sphincssha2192fsimple, sphincssha2192fsimple, - sphincssha2192fsimple, "1.3.9999.6.5.10", 25), + sphincssha2192fsimple, "1.3.9999.6.5.10", 30), OQS_SIGALG_ENTRY(p384_sphincssha2192fsimple, p384_sphincssha2192fsimple, - p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 26), + p384_sphincssha2192fsimple, "1.3.9999.6.5.11", 31), # endif # ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple OQS_SIGALG_ENTRY(sphincsshake128fsimple, sphincsshake128fsimple, - sphincsshake128fsimple, "1.3.9999.6.7.13", 27), + sphincsshake128fsimple, "1.3.9999.6.7.13", 32), OQS_SIGALG_ENTRY(p256_sphincsshake128fsimple, p256_sphincsshake128fsimple, - p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 28), + p256_sphincsshake128fsimple, "1.3.9999.6.7.14", 33), OQS_SIGALG_ENTRY(rsa3072_sphincsshake128fsimple, rsa3072_sphincsshake128fsimple, - rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 29), + rsa3072_sphincsshake128fsimple, "1.3.9999.6.7.15", 34), # endif ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_END }; diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 17b7169a..53e96a07 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,9 +54,9 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 83 +# define NID_TABLE_LEN 88 #else -# define NID_TABLE_LEN 30 +# define NID_TABLE_LEN 35 #endif static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { @@ -144,8 +144,16 @@ static oqs_nid_name_t nid_names[NID_TABLE_LEN] = { {0, "falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_SIG, 128}, {0, "p256_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, {0, "rsa3072_falcon512", OQS_SIG_alg_falcon_512, KEY_TYPE_HYB_SIG, 128}, + {0, "falconpadded512", OQS_SIG_alg_falcon_padded_512, KEY_TYPE_SIG, 128}, + {0, "p256_falconpadded512", OQS_SIG_alg_falcon_padded_512, KEY_TYPE_HYB_SIG, + 128}, + {0, "rsa3072_falconpadded512", OQS_SIG_alg_falcon_padded_512, + KEY_TYPE_HYB_SIG, 128}, {0, "falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_SIG, 256}, {0, "p521_falcon1024", OQS_SIG_alg_falcon_1024, KEY_TYPE_HYB_SIG, 256}, + {0, "falconpadded1024", OQS_SIG_alg_falcon_padded_1024, KEY_TYPE_SIG, 256}, + {0, "p521_falconpadded1024", OQS_SIG_alg_falcon_padded_1024, + KEY_TYPE_HYB_SIG, 256}, {0, "sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, KEY_TYPE_SIG, 128}, {0, "p256_sphincssha2128fsimple", OQS_SIG_alg_sphincs_sha2_128f_simple, diff --git a/scripts/common.py b/scripts/common.py index 0088bb31..70e66d2d 100644 --- a/scripts/common.py +++ b/scripts/common.py @@ -16,9 +16,9 @@ 'ecdsap256', 'rsa3072', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_START # post-quantum signatures - 'dilithium2','dilithium3','dilithium5','mldsa44','mldsa65','mldsa87','falcon512','falcon1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', + 'dilithium2','dilithium3','dilithium5','mldsa44','mldsa65','mldsa87','falcon512','falconpadded512','falcon1024','falconpadded1024','sphincssha2128fsimple','sphincssha2128ssimple','sphincssha2192fsimple','sphincsshake128fsimple', # post-quantum + classical signatures - 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p521_falcon1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', + 'p256_dilithium2','rsa3072_dilithium2','p384_dilithium3','p521_dilithium5','p256_mldsa44','rsa3072_mldsa44','p384_mldsa65','p521_mldsa87','p256_falcon512','rsa3072_falcon512','p256_falconpadded512','rsa3072_falconpadded512','p521_falcon1024','p521_falconpadded1024','p256_sphincssha2128fsimple','rsa3072_sphincssha2128fsimple','p256_sphincssha2128ssimple','rsa3072_sphincssha2128ssimple','p384_sphincssha2192fsimple','p256_sphincsshake128fsimple','rsa3072_sphincsshake128fsimple', ##### OQS_TEMPLATE_FRAGMENT_SIG_ALGS_END ]