From 2242b254f25e0f2afa12cd2145767c33d5bef4f9 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Tue, 30 Jan 2024 16:22:44 +0100 Subject: [PATCH] enable alias for SIGS & enable ML-DSA (non-ipd-alias) --- .CMake/alg_support.cmake | 3 + docs/algorithms/kem/bike.md | 10 +-- docs/algorithms/kem/classic_mceliece.md | 24 ++--- docs/algorithms/kem/frodokem.md | 16 ++-- docs/algorithms/kem/hqc.md | 10 +-- docs/algorithms/kem/kyber.md | 10 +-- docs/algorithms/kem/ml_kem.md | 10 +-- docs/algorithms/kem/ntruprime.md | 6 +- docs/algorithms/sig/dilithium.md | 10 +-- docs/algorithms/sig/falcon.md | 8 +- docs/algorithms/sig/ml_dsa.md | 10 +-- docs/algorithms/sig/ml_dsa.yml | 3 + docs/algorithms/sig/sphincs.md | 28 +++--- .../add_enable_by_alg.fragment | 3 + .../copy_from_upstream/copy_from_upstream.py | 2 + .../copy_from_upstream/copy_from_upstream.yml | 6 ++ .../add_alg_enable_defines.fragment | 3 + .../src/sig/family/sig_family.h | 12 ++- .../src/sig/family/sig_scheme.c | 27 ++++++ .../src/sig/sig.c/alg_identifier.fragment | 7 +- .../src/sig/sig.c/enabled_case.fragment | 12 ++- .../src/sig/sig.c/new_case.fragment | 12 ++- .../src/sig/sig.h/alg_identifier.fragment | 7 +- .../src/sig/sig.h/algs_length.fragment | 3 +- .../combine_message_signature.fragment | 2 +- scripts/update_docs_from_yaml.py | 4 + src/oqsconfig.h.cmake | 3 + src/sig/dilithium/sig_dilithium.h | 6 +- src/sig/falcon/sig_falcon.h | 4 +- src/sig/ml_dsa/sig_ml_dsa.h | 33 ++++++- src/sig/ml_dsa/sig_ml_dsa_44_ipd.c | 24 +++++ src/sig/ml_dsa/sig_ml_dsa_65_ipd.c | 24 +++++ src/sig/ml_dsa/sig_ml_dsa_87_ipd.c | 24 +++++ src/sig/sig.c | 90 ++++++++++++++++++- src/sig/sig.h | 9 +- src/sig/sphincs/sig_sphincs.h | 24 ++--- tests/KATs/sig/kats.json | 3 + tests/constant_time/kem/passes.json | 3 + tests/constant_time/sig/passes.json | 3 + tests/kat_sig.c | 6 +- tests/test_alg_info.py | 2 +- tests/test_vectors.sh | 6 +- 42 files changed, 399 insertions(+), 113 deletions(-) diff --git a/.CMake/alg_support.cmake b/.CMake/alg_support.cmake index 4841ab718e..c7b1beda9c 100644 --- a/.CMake/alg_support.cmake +++ b/.CMake/alg_support.cmake @@ -301,6 +301,7 @@ endif() option(OQS_ENABLE_SIG_ML_DSA "Enable ml_dsa algorithm family" ON) cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44_ipd "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) +cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44 "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux") if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS)) cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44_ipd_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_44_ipd" OFF) @@ -308,6 +309,7 @@ endif() endif() cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65_ipd "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) +cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65 "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux") if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS)) cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65_ipd_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_65_ipd" OFF) @@ -315,6 +317,7 @@ endif() endif() cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87_ipd "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) +cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87 "" ON "OQS_ENABLE_SIG_ML_DSA" OFF) if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux") if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS)) cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87_ipd_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_87_ipd" OFF) diff --git a/docs/algorithms/kem/bike.md b/docs/algorithms/kem/bike.md index bbb2ebdc71..9aeca5b1f0 100644 --- a/docs/algorithms/kem/bike.md +++ b/docs/algorithms/kem/bike.md @@ -13,11 +13,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| BIKE-L1 | IND-CPA | 1 | 1541 | 5223 | 1573 | 32 | -| BIKE-L3 | IND-CPA | 3 | 3083 | 10105 | 3115 | 32 | -| BIKE-L5 | IND-CPA | 5 | 5122 | 16494 | 5154 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| BIKE-L1 | NA | IND-CPA | 1 | 1541 | 5223 | 1573 | 32 | +| BIKE-L3 | NA | IND-CPA | 3 | 3083 | 10105 | 3115 | 32 | +| BIKE-L5 | NA | IND-CPA | 5 | 5122 | 16494 | 5154 | 32 | ## BIKE-L1 implementation characteristics diff --git a/docs/algorithms/kem/classic_mceliece.md b/docs/algorithms/kem/classic_mceliece.md index 29ba093075..68840c4b00 100644 --- a/docs/algorithms/kem/classic_mceliece.md +++ b/docs/algorithms/kem/classic_mceliece.md @@ -18,18 +18,18 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:-------------------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| Classic-McEliece-348864 | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | -| Classic-McEliece-348864f | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | -| Classic-McEliece-460896 | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | -| Classic-McEliece-460896f | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | -| Classic-McEliece-6688128 | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | -| Classic-McEliece-6688128f | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | -| Classic-McEliece-6960119 | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | -| Classic-McEliece-6960119f | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | -| Classic-McEliece-8192128 | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | -| Classic-McEliece-8192128f | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:-------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| Classic-McEliece-348864 | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | +| Classic-McEliece-348864f | NA | IND-CCA2 | 1 | 261120 | 6492 | 96 | 32 | +| Classic-McEliece-460896 | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | +| Classic-McEliece-460896f | NA | IND-CCA2 | 3 | 524160 | 13608 | 156 | 32 | +| Classic-McEliece-6688128 | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | +| Classic-McEliece-6688128f | NA | IND-CCA2 | 5 | 1044992 | 13932 | 208 | 32 | +| Classic-McEliece-6960119 | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | +| Classic-McEliece-6960119f | NA | IND-CCA2 | 5 | 1047319 | 13948 | 194 | 32 | +| Classic-McEliece-8192128 | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | +| Classic-McEliece-8192128f | NA | IND-CCA2 | 5 | 1357824 | 14120 | 208 | 32 | ## Classic-McEliece-348864 implementation characteristics diff --git a/docs/algorithms/kem/frodokem.md b/docs/algorithms/kem/frodokem.md index fbf5366b04..07f216a5a5 100644 --- a/docs/algorithms/kem/frodokem.md +++ b/docs/algorithms/kem/frodokem.md @@ -12,14 +12,14 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:-------------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| FrodoKEM-640-AES | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | -| FrodoKEM-640-SHAKE | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | -| FrodoKEM-976-AES | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | -| FrodoKEM-976-SHAKE | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | -| FrodoKEM-1344-AES | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | -| FrodoKEM-1344-SHAKE | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:-------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| FrodoKEM-640-AES | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | +| FrodoKEM-640-SHAKE | NA | IND-CCA2 | 1 | 9616 | 19888 | 9720 | 16 | +| FrodoKEM-976-AES | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | +| FrodoKEM-976-SHAKE | NA | IND-CCA2 | 3 | 15632 | 31296 | 15744 | 24 | +| FrodoKEM-1344-AES | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | +| FrodoKEM-1344-SHAKE | NA | IND-CCA2 | 5 | 21520 | 43088 | 21632 | 32 | ## FrodoKEM-640-AES implementation characteristics diff --git a/docs/algorithms/kem/hqc.md b/docs/algorithms/kem/hqc.md index 84dab7f6c5..58d0834815 100644 --- a/docs/algorithms/kem/hqc.md +++ b/docs/algorithms/kem/hqc.md @@ -14,11 +14,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| HQC-128 | IND-CCA2 | 1 | 2249 | 2305 | 4433 | 64 | -| HQC-192 | IND-CCA2 | 3 | 4522 | 4586 | 8978 | 64 | -| HQC-256 | IND-CCA2 | 5 | 7245 | 7317 | 14421 | 64 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| HQC-128 | NA | IND-CCA2 | 1 | 2249 | 2305 | 4433 | 64 | +| HQC-192 | NA | IND-CCA2 | 3 | 4522 | 4586 | 8978 | 64 | +| HQC-256 | NA | IND-CCA2 | 5 | 7245 | 7317 | 14421 | 64 | ## HQC-128 implementation characteristics diff --git a/docs/algorithms/kem/kyber.md b/docs/algorithms/kem/kyber.md index 9f2ad1f85d..a75c144a2d 100644 --- a/docs/algorithms/kem/kyber.md +++ b/docs/algorithms/kem/kyber.md @@ -17,11 +17,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| Kyber512 | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | -| Kyber768 | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | -| Kyber1024 | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| Kyber512 | NA | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | +| Kyber768 | NA | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | +| Kyber1024 | NA | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | ## Kyber512 implementation characteristics diff --git a/docs/algorithms/kem/ml_kem.md b/docs/algorithms/kem/ml_kem.md index fc0bf8adae..92d1a5b4bd 100644 --- a/docs/algorithms/kem/ml_kem.md +++ b/docs/algorithms/kem/ml_kem.md @@ -13,11 +13,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| ML-KEM-512-ipd | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | -| ML-KEM-768-ipd | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | -| ML-KEM-1024-ipd | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| ML-KEM-512-ipd | ML-KEM-512 | IND-CCA2 | 1 | 800 | 1632 | 768 | 32 | +| ML-KEM-768-ipd | ML-KEM-768 | IND-CCA2 | 3 | 1184 | 2400 | 1088 | 32 | +| ML-KEM-1024-ipd | ML-KEM-1024 | IND-CCA2 | 5 | 1568 | 3168 | 1568 | 32 | ## ML-KEM-512-ipd implementation characteristics diff --git a/docs/algorithms/kem/ntruprime.md b/docs/algorithms/kem/ntruprime.md index 07a7ca899d..5ff56716ff 100644 --- a/docs/algorithms/kem/ntruprime.md +++ b/docs/algorithms/kem/ntruprime.md @@ -14,9 +14,9 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| -| sntrup761 | IND-CCA2 | 2 | 1158 | 1763 | 1039 | 32 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:| +| sntrup761 | NA | IND-CCA2 | 2 | 1158 | 1763 | 1039 | 32 | ## sntrup761 implementation characteristics diff --git a/docs/algorithms/sig/dilithium.md b/docs/algorithms/sig/dilithium.md index cd4ecb7336..d26daa2854 100644 --- a/docs/algorithms/sig/dilithium.md +++ b/docs/algorithms/sig/dilithium.md @@ -17,11 +17,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| -| Dilithium2 | EUF-CMA | 2 | 1312 | 2528 | 2420 | -| Dilithium3 | EUF-CMA | 3 | 1952 | 4000 | 3293 | -| Dilithium5 | EUF-CMA | 5 | 2592 | 4864 | 4595 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| +| Dilithium2 | NA | EUF-CMA | 2 | 1312 | 2528 | 2420 | +| Dilithium3 | NA | EUF-CMA | 3 | 1952 | 4000 | 3293 | +| Dilithium5 | NA | EUF-CMA | 5 | 2592 | 4864 | 4595 | ## Dilithium2 implementation characteristics diff --git a/docs/algorithms/sig/falcon.md b/docs/algorithms/sig/falcon.md index 1221110624..df05809687 100644 --- a/docs/algorithms/sig/falcon.md +++ b/docs/algorithms/sig/falcon.md @@ -13,10 +13,10 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| -| Falcon-512 | EUF-CMA | 1 | 897 | 1281 | 666 | -| Falcon-1024 | EUF-CMA | 5 | 1793 | 2305 | 1280 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| +| Falcon-512 | NA | EUF-CMA | 1 | 897 | 1281 | 666 | +| Falcon-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1280 | ## Falcon-512 implementation characteristics diff --git a/docs/algorithms/sig/ml_dsa.md b/docs/algorithms/sig/ml_dsa.md index 479b75d2e3..ab2b43488e 100644 --- a/docs/algorithms/sig/ml_dsa.md +++ b/docs/algorithms/sig/ml_dsa.md @@ -13,11 +13,11 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | -|:---------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| -| ML-DSA-44-ipd | EUF-CMA | 2 | 1312 | 2560 | 2420 | -| ML-DSA-65-ipd | EUF-CMA | 3 | 1952 | 4032 | 3309 | -| ML-DSA-87-ipd | EUF-CMA | 5 | 2592 | 4896 | 4627 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | +|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| +| ML-DSA-44-ipd | ML-DSA-44 | EUF-CMA | 2 | 1312 | 2560 | 2420 | +| ML-DSA-65-ipd | ML-DSA-65 | EUF-CMA | 3 | 1952 | 4032 | 3309 | +| ML-DSA-87-ipd | ML-DSA-87 | EUF-CMA | 5 | 2592 | 4896 | 4627 | ## ML-DSA-44-ipd implementation characteristics diff --git a/docs/algorithms/sig/ml_dsa.yml b/docs/algorithms/sig/ml_dsa.yml index 33b1a3e1ef..c936883588 100644 --- a/docs/algorithms/sig/ml_dsa.yml +++ b/docs/algorithms/sig/ml_dsa.yml @@ -20,6 +20,7 @@ primary-upstream: spdx-license-identifier: CC0-1.0 or Apache-2.0 parameter-sets: - name: ML-DSA-44-ipd + alias: ML-DSA-44 claimed-nist-level: 2 claimed-security: EUF-CMA length-public-key: 1312 @@ -51,6 +52,7 @@ parameter-sets: no-secret-dependent-branching-checked-by-valgrind: true large-stack-usage: false - name: ML-DSA-65-ipd + alias: ML-DSA-65 claimed-nist-level: 3 claimed-security: EUF-CMA length-public-key: 1952 @@ -82,6 +84,7 @@ parameter-sets: no-secret-dependent-branching-checked-by-valgrind: true large-stack-usage: false - name: ML-DSA-87-ipd + alias: ML-DSA-87 claimed-nist-level: 5 claimed-security: EUF-CMA length-public-key: 2592 diff --git a/docs/algorithms/sig/sphincs.md b/docs/algorithms/sig/sphincs.md index 0295433d2c..b689b4ec21 100644 --- a/docs/algorithms/sig/sphincs.md +++ b/docs/algorithms/sig/sphincs.md @@ -17,20 +17,20 @@ ## Parameter set summary -| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | -|:--------------------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| -| SPHINCS+-SHA2-128f-simple | EUF-CMA | 1 | 32 | 64 | 17088 | -| SPHINCS+-SHA2-128s-simple | EUF-CMA | 1 | 32 | 64 | 7856 | -| SPHINCS+-SHA2-192f-simple | EUF-CMA | 3 | 48 | 96 | 35664 | -| SPHINCS+-SHA2-192s-simple | EUF-CMA | 3 | 48 | 96 | 16224 | -| SPHINCS+-SHA2-256f-simple | EUF-CMA | 5 | 64 | 128 | 49856 | -| SPHINCS+-SHA2-256s-simple | EUF-CMA | 5 | 64 | 128 | 29792 | -| SPHINCS+-SHAKE-128f-simple | EUF-CMA | 1 | 32 | 64 | 17088 | -| SPHINCS+-SHAKE-128s-simple | EUF-CMA | 1 | 32 | 64 | 7856 | -| SPHINCS+-SHAKE-192f-simple | EUF-CMA | 3 | 48 | 96 | 35664 | -| SPHINCS+-SHAKE-192s-simple | EUF-CMA | 3 | 48 | 96 | 16224 | -| SPHINCS+-SHAKE-256f-simple | EUF-CMA | 5 | 64 | 128 | 49856 | -| SPHINCS+-SHAKE-256s-simple | EUF-CMA | 5 | 64 | 128 | 29792 | +| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | +|:--------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| +| SPHINCS+-SHA2-128f-simple | NA | EUF-CMA | 1 | 32 | 64 | 17088 | +| SPHINCS+-SHA2-128s-simple | NA | EUF-CMA | 1 | 32 | 64 | 7856 | +| SPHINCS+-SHA2-192f-simple | NA | EUF-CMA | 3 | 48 | 96 | 35664 | +| SPHINCS+-SHA2-192s-simple | NA | EUF-CMA | 3 | 48 | 96 | 16224 | +| SPHINCS+-SHA2-256f-simple | NA | EUF-CMA | 5 | 64 | 128 | 49856 | +| SPHINCS+-SHA2-256s-simple | NA | EUF-CMA | 5 | 64 | 128 | 29792 | +| SPHINCS+-SHAKE-128f-simple | NA | EUF-CMA | 1 | 32 | 64 | 17088 | +| SPHINCS+-SHAKE-128s-simple | NA | EUF-CMA | 1 | 32 | 64 | 7856 | +| SPHINCS+-SHAKE-192f-simple | NA | EUF-CMA | 3 | 48 | 96 | 35664 | +| SPHINCS+-SHAKE-192s-simple | NA | EUF-CMA | 3 | 48 | 96 | 16224 | +| SPHINCS+-SHAKE-256f-simple | NA | EUF-CMA | 5 | 64 | 128 | 49856 | +| SPHINCS+-SHAKE-256s-simple | NA | EUF-CMA | 5 | 64 | 128 | 29792 | ## SPHINCS+-SHA2-128f-simple implementation characteristics diff --git a/scripts/copy_from_upstream/.CMake/alg_support.cmake/add_enable_by_alg.fragment b/scripts/copy_from_upstream/.CMake/alg_support.cmake/add_enable_by_alg.fragment index f5054b061e..cb3b7d15dd 100644 --- a/scripts/copy_from_upstream/.CMake/alg_support.cmake/add_enable_by_alg.fragment +++ b/scripts/copy_from_upstream/.CMake/alg_support.cmake/add_enable_by_alg.fragment @@ -40,6 +40,9 @@ endif() option(OQS_ENABLE_SIG_{{ family['name']|upper }} "Enable {{ family['name'] }} algorithm family" ON) {%- for scheme in family['schemes'] %} cmake_dependent_option(OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['scheme'] }} "" ON "OQS_ENABLE_SIG_{{ family['name']|upper }}" OFF) +{%- if 'alias_scheme' in scheme %} +cmake_dependent_option(OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['alias_scheme'] }} "" ON "OQS_ENABLE_SIG_{{ family['name']|upper }}" OFF) +{%- endif -%} {%- for impl in scheme['metadata']['implementations'] if impl['name'] != family['default_implementation'] and impl['supported_platforms'] -%} {%- for platform in impl['supported_platforms'] if platform['architecture'] == 'x86_64' %} {% if platform['operating_systems'] %}if(CMAKE_SYSTEM_NAME MATCHES "{{ platform['operating_systems']|join('|') }}") diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py index aacc58d253..80d93cb8ef 100755 --- a/scripts/copy_from_upstream/copy_from_upstream.py +++ b/scripts/copy_from_upstream/copy_from_upstream.py @@ -560,6 +560,8 @@ def process_families(instructions, basedir, with_kat, with_generator): print("Adding new KAT for %s" % (scheme['pretty_name_full'])) pass kats['sig'][scheme['pretty_name_full']] = scheme['metadata']['nistkat-sha256'] + if 'alias_pretty_name_full' in scheme: + kats['sig'][scheme['alias_pretty_name_full']] = scheme['metadata']['nistkat-sha256'] if with_generator: generator( diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index 6d4b5ca8ad..f55b8798ba 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -195,16 +195,22 @@ sigs: pqclean_scheme: ml-dsa-44-ipd pretty_name_full: ML-DSA-44-ipd signed_msg_order: sig_then_msg + alias_scheme: "44" + alias_pretty_name_full: ML-DSA-44 - scheme: "65_ipd" pqclean_scheme: ml-dsa-65-ipd pretty_name_full: ML-DSA-65-ipd signed_msg_order: sig_then_msg + alias_scheme: "65" + alias_pretty_name_full: ML-DSA-65 - scheme: "87_ipd" pqclean_scheme: ml-dsa-87-ipd pretty_name_full: ML-DSA-87-ipd signed_msg_order: sig_then_msg + alias_scheme: "87" + alias_pretty_name_full: ML-DSA-87 - name: falcon default_implementation: clean diff --git a/scripts/copy_from_upstream/src/oqsconfig.h.cmake/add_alg_enable_defines.fragment b/scripts/copy_from_upstream/src/oqsconfig.h.cmake/add_alg_enable_defines.fragment index 3f1e04eae7..2bc517ac22 100644 --- a/scripts/copy_from_upstream/src/oqsconfig.h.cmake/add_alg_enable_defines.fragment +++ b/scripts/copy_from_upstream/src/oqsconfig.h.cmake/add_alg_enable_defines.fragment @@ -17,6 +17,9 @@ #cmakedefine OQS_ENABLE_SIG_{{ family['name']|upper }} 1 {%- for scheme in family['schemes'] %} #cmakedefine OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['scheme'] }} 1 +{%- if 'alias_scheme' in scheme %} +#cmakedefine OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['alias_scheme'] }} 1 +{%- endif -%} {%- for impl in scheme['metadata']['implementations'] if impl['name'] != family['default_implementation'] %} #cmakedefine OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['scheme'] }}_{{ impl['name'] }} 1 {%- endfor -%} diff --git a/scripts/copy_from_upstream/src/sig/family/sig_family.h b/scripts/copy_from_upstream/src/sig/family/sig_family.h index 2af20417ca..b17d621635 100644 --- a/scripts/copy_from_upstream/src/sig/family/sig_family.h +++ b/scripts/copy_from_upstream/src/sig/family/sig_family.h @@ -6,7 +6,7 @@ #include {% for scheme in schemes -%} -#ifdef OQS_ENABLE_SIG_{{ family }}_{{ scheme['scheme'] }} +#if defined(OQS_ENABLE_SIG_{{ family }}_{{ scheme['scheme'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_SIG_{{ family }}_{{ scheme['alias_scheme'] }}){%- endif %} #define OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_public_key {{ scheme['metadata']['length-public-key'] }} #define OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_secret_key {{ scheme['metadata']['length-secret-key'] }} #define OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_signature {{ scheme['metadata']['length-signature'] }} @@ -15,6 +15,16 @@ OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_new(void); OQS_API OQS_STATUS OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); +{% if 'alias_scheme' in scheme %} +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_length_public_key OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_public_key +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_length_secret_key OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_secret_key +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_length_ciphertext OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_length_shared_secret OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret +OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_new(void); +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_keypair OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_keypair +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_encaps OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_encaps +#define OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_decaps OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_decaps +{% endif -%} #endif {% endfor -%} diff --git a/scripts/copy_from_upstream/src/sig/family/sig_scheme.c b/scripts/copy_from_upstream/src/sig/family/sig_scheme.c index 5b8927a83c..928ef3d65f 100644 --- a/scripts/copy_from_upstream/src/sig/family/sig_scheme.c +++ b/scripts/copy_from_upstream/src/sig/family/sig_scheme.c @@ -30,6 +30,33 @@ OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_new(void) { return sig; } +{%- if 'alias_scheme' in scheme %} + +/** Alias */ +OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) { + + OQS_SIG *sig = malloc(sizeof(OQS_SIG)); + if (sig == NULL) { + return NULL; + } + sig->method_name = OQS_SIG_alg_{{ family }}_{{ scheme['alias_scheme'] }}; + sig->alg_version = "{{ scheme['metadata']['implementations'][0]['version'] }}"; + + sig->claimed_nist_level = {{ scheme['metadata']['claimed-nist-level'] }}; + sig->euf_cma = {{ scheme['metadata']['euf_cma'] }}; + + sig->length_public_key = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_public_key; + sig->length_secret_key = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_secret_key; + sig->length_signature = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_length_signature; + + sig->keypair = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_keypair; + sig->sign = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_sign; + sig->verify = OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_verify; + + return sig; +} +{%- endif -%} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == scheme['default_implementation'] %} {%- if impl['signature_keypair'] %} diff --git a/scripts/copy_from_upstream/src/sig/sig.c/alg_identifier.fragment b/scripts/copy_from_upstream/src/sig/sig.c/alg_identifier.fragment index 3b4e54ad29..87d9c6fa5f 100644 --- a/scripts/copy_from_upstream/src/sig/sig.c/alg_identifier.fragment +++ b/scripts/copy_from_upstream/src/sig/sig.c/alg_identifier.fragment @@ -1,3 +1,6 @@ {% for family in instructions['sigs'] %}{% for scheme in family['schemes'] %} - OQS_SIG_alg_{{ family['name'] }}_{{ scheme['scheme'] }},{% endfor %}{% endfor %} - \ No newline at end of file + OQS_SIG_alg_{{ family['name'] }}_{{ scheme['scheme'] }}, +{%- if 'alias_scheme' in scheme %} + OQS_SIG_alg_{{ family['name'] }}_{{ scheme['alias_scheme'] }}, +{%- endif -%} +{% endfor %}{% endfor %} diff --git a/scripts/copy_from_upstream/src/sig/sig.c/enabled_case.fragment b/scripts/copy_from_upstream/src/sig/sig.c/enabled_case.fragment index c85d08adff..8ff702c3f9 100644 --- a/scripts/copy_from_upstream/src/sig/sig.c/enabled_case.fragment +++ b/scripts/copy_from_upstream/src/sig/sig.c/enabled_case.fragment @@ -4,5 +4,13 @@ return 1; #else return 0; -#endif{% endfor %}{% endfor %} - +#endif +{% if 'alias_scheme' in scheme %} + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_{{ family['name'] }}_{{ scheme['alias_scheme'] }})) { +#ifdef OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['alias_scheme'] }} + return 1; +#else + return 0; +#endif +{% endif -%} +{% endfor %}{% endfor %} \ No newline at end of file diff --git a/scripts/copy_from_upstream/src/sig/sig.c/new_case.fragment b/scripts/copy_from_upstream/src/sig/sig.c/new_case.fragment index e874f8e14f..2600f9b35d 100644 --- a/scripts/copy_from_upstream/src/sig/sig.c/new_case.fragment +++ b/scripts/copy_from_upstream/src/sig/sig.c/new_case.fragment @@ -4,5 +4,13 @@ return OQS_SIG_{{ family['name'] }}_{{ scheme['scheme'] }}_new(); #else return NULL; -#endif{% endfor %}{% endfor %} - +#endif +{% if 'alias_scheme' in scheme %} + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_{{ family['name'] }}_{{ scheme['alias_scheme'] }})) { +#ifdef OQS_ENABLE_SIG_{{ family['name'] }}_{{ scheme['alias_scheme'] }} + return OQS_SIG_{{ family['name'] }}_{{ scheme['alias_scheme'] }}_new(); +#else + return NULL; +#endif +{% endif -%} +{% endfor %}{% endfor %} diff --git a/scripts/copy_from_upstream/src/sig/sig.h/alg_identifier.fragment b/scripts/copy_from_upstream/src/sig/sig.h/alg_identifier.fragment index dc940087b3..9de830f9ab 100644 --- a/scripts/copy_from_upstream/src/sig/sig.h/alg_identifier.fragment +++ b/scripts/copy_from_upstream/src/sig/sig.h/alg_identifier.fragment @@ -1,4 +1,9 @@ {% for family in instructions['sigs'] %}{% for scheme in family['schemes'] %} /** Algorithm identifier for {{ scheme['pretty_name_full'] }} */ -#define OQS_SIG_alg_{{ family['name'] }}_{{ scheme['scheme'] }} "{{ scheme['pretty_name_full'] }}"{% endfor %}{% endfor %} +#define OQS_SIG_alg_{{ family['name'] }}_{{ scheme['scheme'] }} "{{ scheme['pretty_name_full'] }}" +{%- if 'alias_scheme' in scheme %} +/** Algorithm identifier for {{ scheme['alias_pretty_name_full'] }} SIG. */ +#define OQS_SIG_alg_{{ family['name'] }}_{{ scheme['alias_scheme'] }} "{{ scheme['alias_pretty_name_full'] }}" +{%- endif -%} +{% endfor %}{% endfor %} diff --git a/scripts/copy_from_upstream/src/sig/sig.h/algs_length.fragment b/scripts/copy_from_upstream/src/sig/sig.h/algs_length.fragment index ea35d7ab55..0ac7133145 100644 --- a/scripts/copy_from_upstream/src/sig/sig.h/algs_length.fragment +++ b/scripts/copy_from_upstream/src/sig/sig.h/algs_length.fragment @@ -1,4 +1,5 @@ {% set unary %}{% for family in instructions['sigs'] %}{% for scheme in family['schemes'] %}1{% endfor %}{% endfor %}{% endset %} +{% set unary_alias %}{% for family in instructions['sigs'] %}{% for scheme in family['schemes'] if 'alias_scheme' in scheme %}2{% endfor %}{% endfor %}{% endset %} /** Number of algorithm identifiers above. */ -#define OQS_SIG_algs_length {{ unary|length }} +#define OQS_SIG_algs_length {{ unary|length + unary_alias|length }} diff --git a/scripts/copy_from_upstream/tests/kat_sig.c/combine_message_signature.fragment b/scripts/copy_from_upstream/tests/kat_sig.c/combine_message_signature.fragment index c76d13512a..25609f254e 100644 --- a/scripts/copy_from_upstream/tests/kat_sig.c/combine_message_signature.fragment +++ b/scripts/copy_from_upstream/tests/kat_sig.c/combine_message_signature.fragment @@ -1,5 +1,5 @@ {% for family in instructions['sigs'] %}{% for scheme in family['schemes'] %} - } else if (0 == strcmp(sig->method_name, "{{ scheme['pretty_name_full'] }}")) { + } else if (0 == strcmp(sig->method_name, "{{ scheme['pretty_name_full'] }}"){%- if 'alias_scheme' in scheme %} || 0 == strcmp(sig->method_name, "{{ scheme['alias_pretty_name_full'] }}"){%- endif -%}) { {%- if scheme['signed_msg_order'] == 'sig_then_msg' %} // signed_msg = signature || msg *signed_msg_len = signature_len + msg_len; diff --git a/scripts/update_docs_from_yaml.py b/scripts/update_docs_from_yaml.py index 96a4b1887c..478ba8ddeb 100644 --- a/scripts/update_docs_from_yaml.py +++ b/scripts/update_docs_from_yaml.py @@ -62,6 +62,7 @@ def do_it(liboqs_root): out_md.write('\n## Parameter set summary\n\n') table = [['Parameter set', + 'Parameter set alias', 'Security model', 'Claimed NIST Level', 'Public key size (bytes)', @@ -70,6 +71,7 @@ def do_it(liboqs_root): 'Shared secret size (bytes)']] for parameter_set in kem_yaml['parameter-sets']: table.append([parameter_set['name'], + parameter_set['alias'] if 'alias' in parameter_set else "NA", parameter_set['claimed-security'], parameter_set['claimed-nist-level'], parameter_set['length-public-key'], @@ -186,6 +188,7 @@ def do_it(liboqs_root): out_md.write('\n## Parameter set summary\n\n') table = [['Parameter set', + 'Parameter set alias', 'Security model', 'Claimed NIST Level', 'Public key size (bytes)', @@ -193,6 +196,7 @@ def do_it(liboqs_root): 'Signature size (bytes)']] for parameter_set in sig_yaml['parameter-sets']: table.append([parameter_set['name'].replace('_', '\_'), + parameter_set['alias'] if 'alias' in parameter_set else "NA", parameter_set['claimed-security'], parameter_set['claimed-nist-level'], parameter_set['length-public-key'], diff --git a/src/oqsconfig.h.cmake b/src/oqsconfig.h.cmake index e7cadea4bc..dd05a27cc6 100644 --- a/src/oqsconfig.h.cmake +++ b/src/oqsconfig.h.cmake @@ -133,10 +133,13 @@ #cmakedefine OQS_ENABLE_SIG_ML_DSA 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_44_ipd 1 +#cmakedefine OQS_ENABLE_SIG_ml_dsa_44 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_44_ipd_avx2 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_65_ipd 1 +#cmakedefine OQS_ENABLE_SIG_ml_dsa_65 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_65_ipd_avx2 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_87_ipd 1 +#cmakedefine OQS_ENABLE_SIG_ml_dsa_87 1 #cmakedefine OQS_ENABLE_SIG_ml_dsa_87_ipd_avx2 1 #cmakedefine OQS_ENABLE_SIG_FALCON 1 diff --git a/src/sig/dilithium/sig_dilithium.h b/src/sig/dilithium/sig_dilithium.h index b63ea73b4b..2e24f58fe8 100644 --- a/src/sig/dilithium/sig_dilithium.h +++ b/src/sig/dilithium/sig_dilithium.h @@ -5,7 +5,7 @@ #include -#ifdef OQS_ENABLE_SIG_dilithium_2 +#if defined(OQS_ENABLE_SIG_dilithium_2) #define OQS_SIG_dilithium_2_length_public_key 1312 #define OQS_SIG_dilithium_2_length_secret_key 2528 #define OQS_SIG_dilithium_2_length_signature 2420 @@ -16,7 +16,7 @@ OQS_API OQS_STATUS OQS_SIG_dilithium_2_sign(uint8_t *signature, size_t *signatur OQS_API OQS_STATUS OQS_SIG_dilithium_2_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_dilithium_3 +#if defined(OQS_ENABLE_SIG_dilithium_3) #define OQS_SIG_dilithium_3_length_public_key 1952 #define OQS_SIG_dilithium_3_length_secret_key 4000 #define OQS_SIG_dilithium_3_length_signature 3293 @@ -27,7 +27,7 @@ OQS_API OQS_STATUS OQS_SIG_dilithium_3_sign(uint8_t *signature, size_t *signatur OQS_API OQS_STATUS OQS_SIG_dilithium_3_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_dilithium_5 +#if defined(OQS_ENABLE_SIG_dilithium_5) #define OQS_SIG_dilithium_5_length_public_key 2592 #define OQS_SIG_dilithium_5_length_secret_key 4864 #define OQS_SIG_dilithium_5_length_signature 4595 diff --git a/src/sig/falcon/sig_falcon.h b/src/sig/falcon/sig_falcon.h index 95b1d2bcfc..dfd43e88be 100644 --- a/src/sig/falcon/sig_falcon.h +++ b/src/sig/falcon/sig_falcon.h @@ -5,7 +5,7 @@ #include -#ifdef OQS_ENABLE_SIG_falcon_512 +#if defined(OQS_ENABLE_SIG_falcon_512) #define OQS_SIG_falcon_512_length_public_key 897 #define OQS_SIG_falcon_512_length_secret_key 1281 #define OQS_SIG_falcon_512_length_signature 666 @@ -16,7 +16,7 @@ OQS_API OQS_STATUS OQS_SIG_falcon_512_sign(uint8_t *signature, size_t *signature OQS_API OQS_STATUS OQS_SIG_falcon_512_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_falcon_1024 +#if defined(OQS_ENABLE_SIG_falcon_1024) #define OQS_SIG_falcon_1024_length_public_key 1793 #define OQS_SIG_falcon_1024_length_secret_key 2305 #define OQS_SIG_falcon_1024_length_signature 1280 diff --git a/src/sig/ml_dsa/sig_ml_dsa.h b/src/sig/ml_dsa/sig_ml_dsa.h index be69ee5d64..e4b94a7902 100644 --- a/src/sig/ml_dsa/sig_ml_dsa.h +++ b/src/sig/ml_dsa/sig_ml_dsa.h @@ -5,7 +5,7 @@ #include -#ifdef OQS_ENABLE_SIG_ml_dsa_44_ipd +#if defined(OQS_ENABLE_SIG_ml_dsa_44_ipd) || defined(OQS_ENABLE_SIG_ml_dsa_44) #define OQS_SIG_ml_dsa_44_ipd_length_public_key 1312 #define OQS_SIG_ml_dsa_44_ipd_length_secret_key 2560 #define OQS_SIG_ml_dsa_44_ipd_length_signature 2420 @@ -14,9 +14,18 @@ OQS_SIG *OQS_SIG_ml_dsa_44_ipd_new(void); OQS_API OQS_STATUS OQS_SIG_ml_dsa_44_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_44_ipd_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_44_ipd_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); + +#define OQS_SIG_ml_dsa_44_length_public_key OQS_SIG_ml_dsa_44_ipd_length_public_key +#define OQS_SIG_ml_dsa_44_length_secret_key OQS_SIG_ml_dsa_44_ipd_length_secret_key +#define OQS_SIG_ml_dsa_44_length_ciphertext OQS_SIG_ml_dsa_44_ipd_length_ciphertext +#define OQS_SIG_ml_dsa_44_length_shared_secret OQS_SIG_ml_dsa_44_ipd_length_shared_secret +OQS_SIG *OQS_SIG_ml_dsa_44_new(void); +#define OQS_SIG_ml_dsa_44_keypair OQS_SIG_ml_dsa_44_ipd_keypair +#define OQS_SIG_ml_dsa_44_encaps OQS_SIG_ml_dsa_44_ipd_encaps +#define OQS_SIG_ml_dsa_44_decaps OQS_SIG_ml_dsa_44_ipd_decaps #endif -#ifdef OQS_ENABLE_SIG_ml_dsa_65_ipd +#if defined(OQS_ENABLE_SIG_ml_dsa_65_ipd) || defined(OQS_ENABLE_SIG_ml_dsa_65) #define OQS_SIG_ml_dsa_65_ipd_length_public_key 1952 #define OQS_SIG_ml_dsa_65_ipd_length_secret_key 4032 #define OQS_SIG_ml_dsa_65_ipd_length_signature 3309 @@ -25,9 +34,18 @@ OQS_SIG *OQS_SIG_ml_dsa_65_ipd_new(void); OQS_API OQS_STATUS OQS_SIG_ml_dsa_65_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_65_ipd_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_65_ipd_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); + +#define OQS_SIG_ml_dsa_65_length_public_key OQS_SIG_ml_dsa_65_ipd_length_public_key +#define OQS_SIG_ml_dsa_65_length_secret_key OQS_SIG_ml_dsa_65_ipd_length_secret_key +#define OQS_SIG_ml_dsa_65_length_ciphertext OQS_SIG_ml_dsa_65_ipd_length_ciphertext +#define OQS_SIG_ml_dsa_65_length_shared_secret OQS_SIG_ml_dsa_65_ipd_length_shared_secret +OQS_SIG *OQS_SIG_ml_dsa_65_new(void); +#define OQS_SIG_ml_dsa_65_keypair OQS_SIG_ml_dsa_65_ipd_keypair +#define OQS_SIG_ml_dsa_65_encaps OQS_SIG_ml_dsa_65_ipd_encaps +#define OQS_SIG_ml_dsa_65_decaps OQS_SIG_ml_dsa_65_ipd_decaps #endif -#ifdef OQS_ENABLE_SIG_ml_dsa_87_ipd +#if defined(OQS_ENABLE_SIG_ml_dsa_87_ipd) || defined(OQS_ENABLE_SIG_ml_dsa_87) #define OQS_SIG_ml_dsa_87_ipd_length_public_key 2592 #define OQS_SIG_ml_dsa_87_ipd_length_secret_key 4896 #define OQS_SIG_ml_dsa_87_ipd_length_signature 4627 @@ -36,6 +54,15 @@ OQS_SIG *OQS_SIG_ml_dsa_87_ipd_new(void); OQS_API OQS_STATUS OQS_SIG_ml_dsa_87_ipd_keypair(uint8_t *public_key, uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_87_ipd_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key); OQS_API OQS_STATUS OQS_SIG_ml_dsa_87_ipd_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); + +#define OQS_SIG_ml_dsa_87_length_public_key OQS_SIG_ml_dsa_87_ipd_length_public_key +#define OQS_SIG_ml_dsa_87_length_secret_key OQS_SIG_ml_dsa_87_ipd_length_secret_key +#define OQS_SIG_ml_dsa_87_length_ciphertext OQS_SIG_ml_dsa_87_ipd_length_ciphertext +#define OQS_SIG_ml_dsa_87_length_shared_secret OQS_SIG_ml_dsa_87_ipd_length_shared_secret +OQS_SIG *OQS_SIG_ml_dsa_87_new(void); +#define OQS_SIG_ml_dsa_87_keypair OQS_SIG_ml_dsa_87_ipd_keypair +#define OQS_SIG_ml_dsa_87_encaps OQS_SIG_ml_dsa_87_ipd_encaps +#define OQS_SIG_ml_dsa_87_decaps OQS_SIG_ml_dsa_87_ipd_decaps #endif #endif diff --git a/src/sig/ml_dsa/sig_ml_dsa_44_ipd.c b/src/sig/ml_dsa/sig_ml_dsa_44_ipd.c index 7a45eb12f1..62130cfe0a 100644 --- a/src/sig/ml_dsa/sig_ml_dsa_44_ipd.c +++ b/src/sig/ml_dsa/sig_ml_dsa_44_ipd.c @@ -29,6 +29,30 @@ OQS_SIG *OQS_SIG_ml_dsa_44_ipd_new(void) { return sig; } +/** Alias */ +OQS_SIG *OQS_SIG_ml_dsa_44_new(void) { + + OQS_SIG *sig = malloc(sizeof(OQS_SIG)); + if (sig == NULL) { + return NULL; + } + sig->method_name = OQS_SIG_alg_ml_dsa_44; + sig->alg_version = "https://github.com/pq-crystals/dilithium/tree/standard"; + + sig->claimed_nist_level = 2; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_ml_dsa_44_ipd_length_public_key; + sig->length_secret_key = OQS_SIG_ml_dsa_44_ipd_length_secret_key; + sig->length_signature = OQS_SIG_ml_dsa_44_ipd_length_signature; + + sig->keypair = OQS_SIG_ml_dsa_44_ipd_keypair; + sig->sign = OQS_SIG_ml_dsa_44_ipd_sign; + sig->verify = OQS_SIG_ml_dsa_44_ipd_verify; + + return sig; +} + extern int pqcrystals_ml_dsa_44_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_ml_dsa_44_ipd_ref_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk); extern int pqcrystals_ml_dsa_44_ipd_ref_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk); diff --git a/src/sig/ml_dsa/sig_ml_dsa_65_ipd.c b/src/sig/ml_dsa/sig_ml_dsa_65_ipd.c index d6892e51a6..142d20db01 100644 --- a/src/sig/ml_dsa/sig_ml_dsa_65_ipd.c +++ b/src/sig/ml_dsa/sig_ml_dsa_65_ipd.c @@ -29,6 +29,30 @@ OQS_SIG *OQS_SIG_ml_dsa_65_ipd_new(void) { return sig; } +/** Alias */ +OQS_SIG *OQS_SIG_ml_dsa_65_new(void) { + + OQS_SIG *sig = malloc(sizeof(OQS_SIG)); + if (sig == NULL) { + return NULL; + } + sig->method_name = OQS_SIG_alg_ml_dsa_65; + sig->alg_version = "https://github.com/pq-crystals/dilithium/tree/standard"; + + sig->claimed_nist_level = 3; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_ml_dsa_65_ipd_length_public_key; + sig->length_secret_key = OQS_SIG_ml_dsa_65_ipd_length_secret_key; + sig->length_signature = OQS_SIG_ml_dsa_65_ipd_length_signature; + + sig->keypair = OQS_SIG_ml_dsa_65_ipd_keypair; + sig->sign = OQS_SIG_ml_dsa_65_ipd_sign; + sig->verify = OQS_SIG_ml_dsa_65_ipd_verify; + + return sig; +} + extern int pqcrystals_ml_dsa_65_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_ml_dsa_65_ipd_ref_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk); extern int pqcrystals_ml_dsa_65_ipd_ref_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk); diff --git a/src/sig/ml_dsa/sig_ml_dsa_87_ipd.c b/src/sig/ml_dsa/sig_ml_dsa_87_ipd.c index 54cd819412..2bd6542e5f 100644 --- a/src/sig/ml_dsa/sig_ml_dsa_87_ipd.c +++ b/src/sig/ml_dsa/sig_ml_dsa_87_ipd.c @@ -29,6 +29,30 @@ OQS_SIG *OQS_SIG_ml_dsa_87_ipd_new(void) { return sig; } +/** Alias */ +OQS_SIG *OQS_SIG_ml_dsa_87_new(void) { + + OQS_SIG *sig = malloc(sizeof(OQS_SIG)); + if (sig == NULL) { + return NULL; + } + sig->method_name = OQS_SIG_alg_ml_dsa_87; + sig->alg_version = "https://github.com/pq-crystals/dilithium/tree/standard"; + + sig->claimed_nist_level = 5; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_ml_dsa_87_ipd_length_public_key; + sig->length_secret_key = OQS_SIG_ml_dsa_87_ipd_length_secret_key; + sig->length_signature = OQS_SIG_ml_dsa_87_ipd_length_signature; + + sig->keypair = OQS_SIG_ml_dsa_87_ipd_keypair; + sig->sign = OQS_SIG_ml_dsa_87_ipd_sign; + sig->verify = OQS_SIG_ml_dsa_87_ipd_verify; + + return sig; +} + extern int pqcrystals_ml_dsa_87_ipd_ref_keypair(uint8_t *pk, uint8_t *sk); extern int pqcrystals_ml_dsa_87_ipd_ref_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk); extern int pqcrystals_ml_dsa_87_ipd_ref_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk); diff --git a/src/sig/sig.c b/src/sig/sig.c index 3604823b3d..b953af7562 100644 --- a/src/sig/sig.c +++ b/src/sig/sig.c @@ -19,8 +19,11 @@ OQS_API const char *OQS_SIG_alg_identifier(size_t i) { OQS_SIG_alg_dilithium_3, OQS_SIG_alg_dilithium_5, OQS_SIG_alg_ml_dsa_44_ipd, + OQS_SIG_alg_ml_dsa_44, OQS_SIG_alg_ml_dsa_65_ipd, + OQS_SIG_alg_ml_dsa_65, OQS_SIG_alg_ml_dsa_87_ipd, + OQS_SIG_alg_ml_dsa_87, OQS_SIG_alg_falcon_512, OQS_SIG_alg_falcon_1024, OQS_SIG_alg_sphincs_sha2_128f_simple, @@ -34,8 +37,7 @@ OQS_API const char *OQS_SIG_alg_identifier(size_t i) { OQS_SIG_alg_sphincs_shake_192f_simple, OQS_SIG_alg_sphincs_shake_192s_simple, OQS_SIG_alg_sphincs_shake_256f_simple, - OQS_SIG_alg_sphincs_shake_256s_simple, - ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALG_IDENTIFIER_END + OQS_SIG_alg_sphincs_shake_256s_simple,///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALG_IDENTIFIER_END }; if (i >= OQS_SIG_algs_length) { return NULL; @@ -60,121 +62,161 @@ OQS_API int OQS_SIG_alg_is_enabled(const char *method_name) { #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_dilithium_3)) { #ifdef OQS_ENABLE_SIG_dilithium_3 return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_dilithium_5)) { #ifdef OQS_ENABLE_SIG_dilithium_5 return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_44_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_44_ipd return 1; #else return 0; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_44)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + return 1; +#else + return 0; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_65_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_65_ipd return 1; #else return 0; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_65)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + return 1; +#else + return 0; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_87_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_87_ipd return 1; #else return 0; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_87)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + return 1; +#else + return 0; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_falcon_512)) { #ifdef OQS_ENABLE_SIG_falcon_512 return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_falcon_1024)) { #ifdef OQS_ENABLE_SIG_falcon_1024 return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_128f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_128s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_192f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_192s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_192s_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_256f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_256f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_256s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_256s_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_128f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_128s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_128s_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_192f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_192f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_192s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_192s_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_256f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_256f_simple return 1; #else return 0; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_256s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_256s_simple return 1; #else return 0; #endif - ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ENABLED_CASE_END +///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ENABLED_CASE_END } else { return 0; } @@ -192,121 +234,161 @@ OQS_API OQS_SIG *OQS_SIG_new(const char *method_name) { #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_dilithium_3)) { #ifdef OQS_ENABLE_SIG_dilithium_3 return OQS_SIG_dilithium_3_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_dilithium_5)) { #ifdef OQS_ENABLE_SIG_dilithium_5 return OQS_SIG_dilithium_5_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_44_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_44_ipd return OQS_SIG_ml_dsa_44_ipd_new(); #else return NULL; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_44)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_44 + return OQS_SIG_ml_dsa_44_new(); +#else + return NULL; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_65_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_65_ipd return OQS_SIG_ml_dsa_65_ipd_new(); #else return NULL; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_65)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_65 + return OQS_SIG_ml_dsa_65_new(); +#else + return NULL; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_87_ipd)) { #ifdef OQS_ENABLE_SIG_ml_dsa_87_ipd return OQS_SIG_ml_dsa_87_ipd_new(); #else return NULL; #endif + + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_ml_dsa_87)) { +#ifdef OQS_ENABLE_SIG_ml_dsa_87 + return OQS_SIG_ml_dsa_87_new(); +#else + return NULL; +#endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_falcon_512)) { #ifdef OQS_ENABLE_SIG_falcon_512 return OQS_SIG_falcon_512_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_falcon_1024)) { #ifdef OQS_ENABLE_SIG_falcon_1024 return OQS_SIG_falcon_1024_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_128f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple return OQS_SIG_sphincs_sha2_128f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_128s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple return OQS_SIG_sphincs_sha2_128s_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_192f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple return OQS_SIG_sphincs_sha2_192f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_192s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_192s_simple return OQS_SIG_sphincs_sha2_192s_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_256f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_256f_simple return OQS_SIG_sphincs_sha2_256f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_sha2_256s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_sha2_256s_simple return OQS_SIG_sphincs_sha2_256s_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_128f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple return OQS_SIG_sphincs_shake_128f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_128s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_128s_simple return OQS_SIG_sphincs_shake_128s_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_192f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_192f_simple return OQS_SIG_sphincs_shake_192f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_192s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_192s_simple return OQS_SIG_sphincs_shake_192s_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_256f_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_256f_simple return OQS_SIG_sphincs_shake_256f_simple_new(); #else return NULL; #endif + } else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_shake_256s_simple)) { #ifdef OQS_ENABLE_SIG_sphincs_shake_256s_simple return OQS_SIG_sphincs_shake_256s_simple_new(); #else return NULL; #endif - ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_NEW_CASE_END +///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_NEW_CASE_END // EDIT-WHEN-ADDING-SIG } else { return NULL; diff --git a/src/sig/sig.h b/src/sig/sig.h index 438bf4dd18..97a40cd88f 100644 --- a/src/sig/sig.h +++ b/src/sig/sig.h @@ -40,10 +40,16 @@ extern "C" { #define OQS_SIG_alg_dilithium_5 "Dilithium5" /** Algorithm identifier for ML-DSA-44-ipd */ #define OQS_SIG_alg_ml_dsa_44_ipd "ML-DSA-44-ipd" +/** Algorithm identifier for ML-DSA-44 SIG. */ +#define OQS_SIG_alg_ml_dsa_44 "ML-DSA-44" /** Algorithm identifier for ML-DSA-65-ipd */ #define OQS_SIG_alg_ml_dsa_65_ipd "ML-DSA-65-ipd" +/** Algorithm identifier for ML-DSA-65 SIG. */ +#define OQS_SIG_alg_ml_dsa_65 "ML-DSA-65" /** Algorithm identifier for ML-DSA-87-ipd */ #define OQS_SIG_alg_ml_dsa_87_ipd "ML-DSA-87-ipd" +/** Algorithm identifier for ML-DSA-87 SIG. */ +#define OQS_SIG_alg_ml_dsa_87 "ML-DSA-87" /** Algorithm identifier for Falcon-512 */ #define OQS_SIG_alg_falcon_512 "Falcon-512" /** Algorithm identifier for Falcon-1024 */ @@ -75,8 +81,9 @@ extern "C" { ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALG_IDENTIFIER_END // EDIT-WHEN-ADDING-SIG ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALGS_LENGTH_START + /** Number of algorithm identifiers above. */ -#define OQS_SIG_algs_length 20 +#define OQS_SIG_algs_length 23 ///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALGS_LENGTH_END /** diff --git a/src/sig/sphincs/sig_sphincs.h b/src/sig/sphincs/sig_sphincs.h index 34a7381cde..a717a636ed 100644 --- a/src/sig/sphincs/sig_sphincs.h +++ b/src/sig/sphincs/sig_sphincs.h @@ -5,7 +5,7 @@ #include -#ifdef OQS_ENABLE_SIG_sphincs_sha2_128f_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_128f_simple) #define OQS_SIG_sphincs_sha2_128f_simple_length_public_key 32 #define OQS_SIG_sphincs_sha2_128f_simple_length_secret_key 64 #define OQS_SIG_sphincs_sha2_128f_simple_length_signature 17088 @@ -16,7 +16,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_128f_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_128f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_128s_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_128s_simple) #define OQS_SIG_sphincs_sha2_128s_simple_length_public_key 32 #define OQS_SIG_sphincs_sha2_128s_simple_length_secret_key 64 #define OQS_SIG_sphincs_sha2_128s_simple_length_signature 7856 @@ -27,7 +27,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_128s_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_128s_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_192f_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_192f_simple) #define OQS_SIG_sphincs_sha2_192f_simple_length_public_key 48 #define OQS_SIG_sphincs_sha2_192f_simple_length_secret_key 96 #define OQS_SIG_sphincs_sha2_192f_simple_length_signature 35664 @@ -38,7 +38,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_192f_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_192f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_192s_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_192s_simple) #define OQS_SIG_sphincs_sha2_192s_simple_length_public_key 48 #define OQS_SIG_sphincs_sha2_192s_simple_length_secret_key 96 #define OQS_SIG_sphincs_sha2_192s_simple_length_signature 16224 @@ -49,7 +49,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_192s_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_192s_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_256f_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_256f_simple) #define OQS_SIG_sphincs_sha2_256f_simple_length_public_key 64 #define OQS_SIG_sphincs_sha2_256f_simple_length_secret_key 128 #define OQS_SIG_sphincs_sha2_256f_simple_length_signature 49856 @@ -60,7 +60,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_256f_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_256f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_sha2_256s_simple +#if defined(OQS_ENABLE_SIG_sphincs_sha2_256s_simple) #define OQS_SIG_sphincs_sha2_256s_simple_length_public_key 64 #define OQS_SIG_sphincs_sha2_256s_simple_length_secret_key 128 #define OQS_SIG_sphincs_sha2_256s_simple_length_signature 29792 @@ -71,7 +71,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_256s_simple_sign(uint8_t *signature, siz OQS_API OQS_STATUS OQS_SIG_sphincs_sha2_256s_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_128f_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_128f_simple) #define OQS_SIG_sphincs_shake_128f_simple_length_public_key 32 #define OQS_SIG_sphincs_shake_128f_simple_length_secret_key 64 #define OQS_SIG_sphincs_shake_128f_simple_length_signature 17088 @@ -82,7 +82,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_shake_128f_simple_sign(uint8_t *signature, si OQS_API OQS_STATUS OQS_SIG_sphincs_shake_128f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_128s_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_128s_simple) #define OQS_SIG_sphincs_shake_128s_simple_length_public_key 32 #define OQS_SIG_sphincs_shake_128s_simple_length_secret_key 64 #define OQS_SIG_sphincs_shake_128s_simple_length_signature 7856 @@ -93,7 +93,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_shake_128s_simple_sign(uint8_t *signature, si OQS_API OQS_STATUS OQS_SIG_sphincs_shake_128s_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_192f_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_192f_simple) #define OQS_SIG_sphincs_shake_192f_simple_length_public_key 48 #define OQS_SIG_sphincs_shake_192f_simple_length_secret_key 96 #define OQS_SIG_sphincs_shake_192f_simple_length_signature 35664 @@ -104,7 +104,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_shake_192f_simple_sign(uint8_t *signature, si OQS_API OQS_STATUS OQS_SIG_sphincs_shake_192f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_192s_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_192s_simple) #define OQS_SIG_sphincs_shake_192s_simple_length_public_key 48 #define OQS_SIG_sphincs_shake_192s_simple_length_secret_key 96 #define OQS_SIG_sphincs_shake_192s_simple_length_signature 16224 @@ -115,7 +115,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_shake_192s_simple_sign(uint8_t *signature, si OQS_API OQS_STATUS OQS_SIG_sphincs_shake_192s_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_256f_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_256f_simple) #define OQS_SIG_sphincs_shake_256f_simple_length_public_key 64 #define OQS_SIG_sphincs_shake_256f_simple_length_secret_key 128 #define OQS_SIG_sphincs_shake_256f_simple_length_signature 49856 @@ -126,7 +126,7 @@ OQS_API OQS_STATUS OQS_SIG_sphincs_shake_256f_simple_sign(uint8_t *signature, si OQS_API OQS_STATUS OQS_SIG_sphincs_shake_256f_simple_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key); #endif -#ifdef OQS_ENABLE_SIG_sphincs_shake_256s_simple +#if defined(OQS_ENABLE_SIG_sphincs_shake_256s_simple) #define OQS_SIG_sphincs_shake_256s_simple_length_public_key 64 #define OQS_SIG_sphincs_shake_256s_simple_length_secret_key 128 #define OQS_SIG_sphincs_shake_256s_simple_length_signature 29792 diff --git a/tests/KATs/sig/kats.json b/tests/KATs/sig/kats.json index cdecce7315..96fe3ea456 100644 --- a/tests/KATs/sig/kats.json +++ b/tests/KATs/sig/kats.json @@ -4,8 +4,11 @@ "Dilithium5": "3f6e58603a38be57cf08d79b01fcfd0ccc1129a09e14a6122c6fe22c906ddc3b", "Falcon-1024": "e699d88eb214fef30597385f40814baeb84ac505d5f05f5c257b0726fc4530b8", "Falcon-512": "da27fe8a462de7307ddf1f9b00072a457d9c5b14e838c148fbe2662094b9a2ca", + "ML-DSA-44": "e6f3ec4dc0b02dd3bcbbc6b105190e1890ca0bb3f802e2b571f0d70f3993a2e1", "ML-DSA-44-ipd": "e6f3ec4dc0b02dd3bcbbc6b105190e1890ca0bb3f802e2b571f0d70f3993a2e1", + "ML-DSA-65": "7225c4531086d88c9b7fa18101b0f78dda2d38df88812c65ddc1ae94fe3c01a7", "ML-DSA-65-ipd": "7225c4531086d88c9b7fa18101b0f78dda2d38df88812c65ddc1ae94fe3c01a7", + "ML-DSA-87": "f5cb5ed44a261a4118f9cfd5d55b4210939cb5b8531968a10c37060551a8927f", "ML-DSA-87-ipd": "f5cb5ed44a261a4118f9cfd5d55b4210939cb5b8531968a10c37060551a8927f", "SPHINCS+-SHA2-128f-simple": "cd1e13db3a56c0a6b3486a7b12bcddfda50cf5d1e4d14d3113e6456e969b8114", "SPHINCS+-SHA2-128s-simple": "08c2e0f08bd96f50d065ca0ced04874c709d192864bfeaccb6daa4bfa9c58a28", diff --git a/tests/constant_time/kem/passes.json b/tests/constant_time/kem/passes.json index 0e7959214e..64f56c8ead 100644 --- a/tests/constant_time/kem/passes.json +++ b/tests/constant_time/kem/passes.json @@ -27,5 +27,8 @@ "ML-KEM-512-ipd": ["ml_kem"], "ML-KEM-768-ipd": ["ml_kem"], "ML-KEM-1024-ipd": ["ml_kem"], + "ML-KEM-512": ["ml_kem"], + "ML-KEM-768": ["ml_kem"], + "ML-KEM-1024": ["ml_kem"], "sntrup761": ["sntrup"] } diff --git a/tests/constant_time/sig/passes.json b/tests/constant_time/sig/passes.json index 8645bbaac8..fee99dcfcb 100644 --- a/tests/constant_time/sig/passes.json +++ b/tests/constant_time/sig/passes.json @@ -8,6 +8,9 @@ "ML-DSA-44-ipd": ["ml_dsa", "ml_dsa-avx2"], "ML-DSA-65-ipd": ["ml_dsa", "ml_dsa-avx2"], "ML-DSA-87-ipd": ["ml_dsa", "ml_dsa-avx2"], + "ML-DSA-44": ["ml_dsa", "ml_dsa-avx2"], + "ML-DSA-65": ["ml_dsa", "ml_dsa-avx2"], + "ML-DSA-87": ["ml_dsa", "ml_dsa-avx2"], "SPHINCS+-SHA2-128f-robust": ["sphincs", "sphincs-sha2-avx2"], "SPHINCS+-SHA2-128f-simple": ["sphincs", "sphincs-sha2-avx2"], "SPHINCS+-SHA2-128s-robust": ["sphincs", "sphincs-sha2-avx2"], diff --git a/tests/kat_sig.c b/tests/kat_sig.c index 1d4896d5f6..26d25623dc 100644 --- a/tests/kat_sig.c +++ b/tests/kat_sig.c @@ -81,7 +81,7 @@ OQS_STATUS combine_message_signature(uint8_t **signed_msg, size_t *signed_msg_le memcpy(*signed_msg, signature, signature_len); memcpy(*signed_msg + signature_len, msg, msg_len); return OQS_SUCCESS; - } else if (0 == strcmp(sig->method_name, "ML-DSA-44-ipd")) { + } else if (0 == strcmp(sig->method_name, "ML-DSA-44-ipd") || 0 == strcmp(sig->method_name, "ML-DSA-44")) { // signed_msg = signature || msg *signed_msg_len = signature_len + msg_len; *signed_msg = malloc(*signed_msg_len); @@ -91,7 +91,7 @@ OQS_STATUS combine_message_signature(uint8_t **signed_msg, size_t *signed_msg_le memcpy(*signed_msg, signature, signature_len); memcpy(*signed_msg + signature_len, msg, msg_len); return OQS_SUCCESS; - } else if (0 == strcmp(sig->method_name, "ML-DSA-65-ipd")) { + } else if (0 == strcmp(sig->method_name, "ML-DSA-65-ipd") || 0 == strcmp(sig->method_name, "ML-DSA-65")) { // signed_msg = signature || msg *signed_msg_len = signature_len + msg_len; *signed_msg = malloc(*signed_msg_len); @@ -101,7 +101,7 @@ OQS_STATUS combine_message_signature(uint8_t **signed_msg, size_t *signed_msg_le memcpy(*signed_msg, signature, signature_len); memcpy(*signed_msg + signature_len, msg, msg_len); return OQS_SUCCESS; - } else if (0 == strcmp(sig->method_name, "ML-DSA-87-ipd")) { + } else if (0 == strcmp(sig->method_name, "ML-DSA-87-ipd") || 0 == strcmp(sig->method_name, "ML-DSA-87")) { // signed_msg = signature || msg *signed_msg_len = signature_len + msg_len; *signed_msg = malloc(*signed_msg_len); diff --git a/tests/test_alg_info.py b/tests/test_alg_info.py index d7546b7fb3..bbe30c4b39 100644 --- a/tests/test_alg_info.py +++ b/tests/test_alg_info.py @@ -52,7 +52,7 @@ def test_alg_info_sig(sig_name): # find the parameter set in the datasheet foundit = False for parameter_set in datasheet['parameter-sets']: - if parameter_set['name'] == sig_name: + if parameter_set['name'] == sig_name or ('alias' in parameter_set and parameter_set['alias'] == sig_name): foundit = True # check that the values match assert(alg_info['claimed-nist-level'] == parameter_set['claimed-nist-level']) diff --git a/tests/test_vectors.sh b/tests/test_vectors.sh index 2a5fa8e4b3..e74523457d 100755 --- a/tests/test_vectors.sh +++ b/tests/test_vectors.sh @@ -7,7 +7,7 @@ else build_dir="${OQS_BUILD_DIR}" fi -if [ "$1" = "ML-DSA-44-ipd" ]; then +if [[ "$1" = "ML-DSA-44-ipd" || "$1" = "ML-DSA-44" ]]; then file=tests/PQC_Intermediate_Values/ML-DSA-44.txt scheme_name=ML-DSA-44-ipd @@ -17,7 +17,7 @@ if [ "$1" = "ML-DSA-44-ipd" ]; then exit 1 fi -elif [ "$1" = "ML-DSA-65-ipd" ]; then +elif [[ "$1" = "ML-DSA-65-ipd" || "$1" = "ML-DSA-65" ]]; then file=tests/PQC_Intermediate_Values/ML-DSA-65.txt scheme_name=ML-DSA-65-ipd @@ -27,7 +27,7 @@ elif [ "$1" = "ML-DSA-65-ipd" ]; then exit 1 fi -elif [ "$1" = "ML-DSA-87-ipd" ]; then +elif [[ "$1" = "ML-DSA-87-ipd" || "$1" = "ML-DSA-87" ]]; then file=tests/PQC_Intermediate_Values/ML-DSA-87.txt scheme_name=ML-DSA-87-ipd