diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c index 853e53ed..7470a579 100644 --- a/oqsprov/oqs_kmgmt.c +++ b/oqsprov/oqs_kmgmt.c @@ -894,171 +894,126 @@ static void *p521_mldsa87_gen_init(void *provctx, int selection) "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 26); } -static void *mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "mldsa44", KEY_TYPE_SIG, NULL, 128, 27); -} - -static void *mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, "mldsa44", - 0, 128, 27); -} -static void *p256_mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 28); -} - -static void *p256_mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "p256_mldsa44", KEY_TYPE_HYB_SIG, 128, 28); -} -static void *rsa3072_mldsa44_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, NULL, 128, 29); -} - -static void *rsa3072_mldsa44_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_44, - "rsa3072_mldsa44", KEY_TYPE_HYB_SIG, 128, 29); -} -static void *mldsa65_new_key(void *provctx) -{ - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "mldsa65", KEY_TYPE_SIG, NULL, 192, 30); -} - -static void *mldsa65_gen_init(void *provctx, int selection) -{ - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, "mldsa65", - 0, 192, 30); -} -static void *p384_mldsa65_new_key(void *provctx) +static void *falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, NULL, 192, 31); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "falcon512", KEY_TYPE_SIG, NULL, 128, 27); } -static void *p384_mldsa65_gen_init(void *provctx, int selection) +static void *falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_65, - "p384_mldsa65", KEY_TYPE_HYB_SIG, 192, 31); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "falcon512", 0, 128, 27); } -static void *mldsa87_new_key(void *provctx) +static void *p256_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "mldsa87", KEY_TYPE_SIG, NULL, 256, 32); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 28); } -static void *mldsa87_gen_init(void *provctx, int selection) +static void *p256_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, "mldsa87", - 0, 256, 32); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 28); } -static void *p521_mldsa87_new_key(void *provctx) +static void *rsa3072_falcon512_new_key(void *provctx) { - return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, NULL, 256, 33); + return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 29); } -static void *p521_mldsa87_gen_init(void *provctx, int selection) +static void *rsa3072_falcon512_gen_init(void *provctx, int selection) { - return oqsx_gen_init(provctx, selection, OQS_SIG_alg_ml_dsa_87, - "p521_mldsa87", KEY_TYPE_HYB_SIG, 256, 33); + return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, + "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 29); } - -static void *falcon512_new_key(void *provctx) +static void *falcon512_p256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "falcon512", KEY_TYPE_SIG, NULL, 128, 34); + "falcon512_p256", KEY_TYPE_CMP_SIG, NULL, 128, 30); } -static void *falcon512_gen_init(void *provctx, int selection) +static void *falcon512_p256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "falcon512", 0, 128, 34); + "falcon512_p256", KEY_TYPE_CMP_SIG, 128, 30); } -static void *p256_falcon512_new_key(void *provctx) +static void *falcon512_bp256_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 35); + "falcon512_bp256", KEY_TYPE_CMP_SIG, NULL, 256, 31); } -static void *p256_falcon512_gen_init(void *provctx, int selection) +static void *falcon512_bp256_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "p256_falcon512", KEY_TYPE_HYB_SIG, 128, 35); + "falcon512_bp256", KEY_TYPE_CMP_SIG, 256, 31); } -static void *rsa3072_falcon512_new_key(void *provctx) +static void *falcon512_ed25519_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, NULL, 128, 36); + "falcon512_ed25519", KEY_TYPE_CMP_SIG, NULL, 128, 32); } -static void *rsa3072_falcon512_gen_init(void *provctx, int selection) +static void *falcon512_ed25519_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_512, - "rsa3072_falcon512", KEY_TYPE_HYB_SIG, 128, 36); + "falcon512_ed25519", KEY_TYPE_CMP_SIG, 128, 32); } static void *falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "falcon1024", KEY_TYPE_SIG, NULL, 256, 37); + "falcon1024", KEY_TYPE_SIG, NULL, 256, 33); } static void *falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "falcon1024", 0, 256, 37); + "falcon1024", 0, 256, 33); } static void *p521_falcon1024_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 38); + "p521_falcon1024", KEY_TYPE_HYB_SIG, NULL, 256, 34); } static void *p521_falcon1024_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_falcon_1024, - "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 38); + "p521_falcon1024", KEY_TYPE_HYB_SIG, 256, 34); } static void *sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 39); + "sphincssha2128fsimple", KEY_TYPE_SIG, NULL, 128, 35); } static void *sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "sphincssha2128fsimple", 0, 128, 39); + "sphincssha2128fsimple", 0, 128, 35); } static void *p256_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 40); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 36); } static void *p256_sphincssha2128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 40); + "p256_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 36); } static void *rsa3072_sphincssha2128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 41); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 37); } static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, @@ -1066,39 +1021,39 @@ static void *rsa3072_sphincssha2128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128f_simple, - "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 41); + "rsa3072_sphincssha2128fsimple", KEY_TYPE_HYB_SIG, 128, 37); } static void *sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 42); + "sphincssha2128ssimple", KEY_TYPE_SIG, NULL, 128, 38); } static void *sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "sphincssha2128ssimple", 0, 128, 42); + "sphincssha2128ssimple", 0, 128, 38); } static void *p256_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 43); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 39); } static void *p256_sphincssha2128ssimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 43); + "p256_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 39); } static void *rsa3072_sphincssha2128ssimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 44); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, NULL, 128, 40); } static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, @@ -1106,66 +1061,66 @@ static void *rsa3072_sphincssha2128ssimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_128s_simple, - "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 44); + "rsa3072_sphincssha2128ssimple", KEY_TYPE_HYB_SIG, 128, 40); } static void *sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 45); + "sphincssha2192fsimple", KEY_TYPE_SIG, NULL, 192, 41); } static void *sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "sphincssha2192fsimple", 0, 192, 45); + "sphincssha2192fsimple", 0, 192, 41); } static void *p384_sphincssha2192fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 46); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, NULL, 192, 42); } static void *p384_sphincssha2192fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_sha2_192f_simple, - "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 46); + "p384_sphincssha2192fsimple", KEY_TYPE_HYB_SIG, 192, 42); } static void *sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 47); + "sphincsshake128fsimple", KEY_TYPE_SIG, NULL, 128, 43); } static void *sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init(provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "sphincsshake128fsimple", 0, 128, 47); + "sphincsshake128fsimple", 0, 128, 43); } static void *p256_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 48); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 44); } static void *p256_sphincsshake128fsimple_gen_init(void *provctx, int selection) { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 48); + "p256_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 44); } static void *rsa3072_sphincsshake128fsimple_new_key(void *provctx) { return oqsx_key_new( PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 49); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, NULL, 128, 45); } static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, @@ -1173,7 +1128,7 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx, { return oqsx_gen_init( provctx, selection, OQS_SIG_alg_sphincs_shake_128f_simple, - "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 49); + "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 45); } ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 5bc18fdd..f86c98c6 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,7 +49,7 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #ifdef OQS_KEM_ENCODERS -# define OQS_OID_CNT 176 +# define OQS_OID_CNT 196 #else # define OQS_OID_CNT 92 #endif diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 9384a347..77f529f2 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -54,7 +54,7 @@ static int oqsx_key_recreate_classickey(OQSX_KEY *key, oqsx_key_op_t op); ///// OQS_TEMPLATE_FRAGMENT_OQSNAMES_START #ifdef OQS_KEM_ENCODERS -# define NID_TABLE_LEN 88 +# define NID_TABLE_LEN 98 #else # define NID_TABLE_LEN 46 #endif @@ -1124,7 +1124,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, for (i = 0; i < count; i++) { aType = sk_ASN1_TYPE_pop(sk); p8inf_internal = PKCS8_PRIV_KEY_INFO_new(); - nid = 1; + nid = 0; char *name; if ((name = get_cmpname(OBJ_obj2nid(palg->algorithm), count - 1 - i)) @@ -1160,8 +1160,11 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, for (int j = 0; j < OSSL_NELEM(nids_sig); j++) { if ((nids_sig[j].nid == nid) && (nids_sig[j].length_private_key > buflen)) { - EC_KEY *ec_pkey; - const unsigned char *buf3 = buf; + EVP_PKEY *ec_pkey; + OSSL_PARAM params[2]; + int include_pub = 1; + const unsigned char *buf3 + = aType->value.sequence->data; unsigned char *buf4, *buf5; if (buflen @@ -1175,20 +1178,26 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, sk_ASN1_TYPE_free(sk); return NULL; } - ec_pkey = EC_KEY_new_by_curve_name(nid); - ec_pkey = d2i_ECPrivateKey(&ec_pkey, &buf3, buflen); - EC_KEY_set_enc_flags(ec_pkey, 0); + ec_pkey = EVP_PKEY_new(); + d2i_PrivateKey(EVP_PKEY_EC, &ec_pkey, &buf3, + aType->value.sequence->length); + + params[0] = OSSL_PARAM_construct_int( + OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, + &include_pub); + params[1] = OSSL_PARAM_construct_end(); + EVP_PKEY_set_params(ec_pkey, params); + buf4 = OPENSSL_malloc( nids_sig[j].length_private_key); buf5 = buf4; - buflen = i2d_ECPrivateKey(ec_pkey, &buf5); + buflen = i2d_PrivateKey(ec_pkey, &buf5); aux += buflen; memcpy(concat_key + plen - 1 - aux, buf4, buflen); - nid = 0; // use as flag to not memcpy twice + EVP_PKEY_free(ec_pkey); OPENSSL_clear_free(buf4, buflen); - EC_KEY_free(ec_pkey); break; } } @@ -1204,7 +1213,7 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, key_diff = nids_sig[6].length_private_key - buflen; } - if (nid) { + if (!nid) { aux += buflen; memcpy(concat_key + plen - 1 - aux, buf, buflen); }