diff --git a/README.md b/README.md index cfb4402817ff..f4f24782f9d6 100644 --- a/README.md +++ b/README.md @@ -58,19 +58,22 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h - `oqsdefault` (see [here](https://github.com/open-quantum-safe/openssh-portable/wiki/Using-liboqs-supported-algorithms-in-the-fork) for what this denotes) - **BIKE**:`bike1-l1-cpa`, `bike1-l3-cpa`, `bike1-l1-fo`, `bike2-l3-fo` - **Classic McEliece**: `classic-mceliece-348864`, `classic-mceliece-348864f`, `classic-mceliece-460896`, `classic-mceliece-460896f`, `classic-mceliece-6688128`, `classic-mceliece-6688128f`, `classic-mceliece-6960119`, `classic-mceliece-6960119f`, `classic-mceliece-8192128`, `classic-mceliece-8192128f` -- **FrodoKEM**:`frodo-640-aes`, `frodo-976-aes` +- **FrodoKEM**:`frodo-640-aes`, `frodo-640-shake`, `frodo-976-aes`, `frodo-976-shake`, `frodo-1344-aes`, `frodo-1344-shake` +- **HQC**: `hqc-128-1-cca2`, `hqc-192-1-cca2`, `hqc-192-2-cca2`, `hqc-256-1-cca2`†, `hqc-256-2-cca2`†, `hqc-256-3-cca2`† - **Kyber**:`kyber-512`, `kyber-768`, `kyber-1024`, `kyber-512-90s`, `kyber-768-90s`, `kyber-1024-90s` - **NewHope**:`newhope-512`, `newhope-1024` - **NTRU**:`ntru-hps-2048-509`, `ntru-hps-2048-677` - **Saber**:`saber-lightsaber`, `saber-saber`, `saber-firesaber` - **SIDH**:`sidh-p434`, `sidh-p503`, `sidh-p610`, `sidh-p751`, `sidh-p434-compressed`, `sidh-p503-compressed`, `sidh-p610-compressed`, `sidh-p751-compressed` - **SIKE**:`sike-p434`, `sike-p503`, `sike-p610`, `sike-p751`, `sike-p434-compressed`, `sike-p503-compressed`, `sike-p610-compressed`, `sike-p751-compressed` -- **ThreeBears**:`babybear`, `mamabear`, `papabear`, `babybear_ephem`, `mamabear_ephem`, `papabear_ephem` +- **ThreeBears**:`babybear`, `mamabear`, `papabear`, `babybear-ephem`, `mamabear-ephem`, `papabear-ephem` The following hybrid algorithms are supported; they combine a quantum-safe algorithm listed above with ECDH that uses NIST's P384 curve: - `ecdh-nistp384-`, where ```` is any one of the algorithms listed above. +Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. + #### Digital Signature The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only L1 signature and all **Rainbow** variants are enabled by default, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-for://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation). diff --git a/configure.ac b/configure.ac index 31c9d463674e..93347a7b6ea6 100644 --- a/configure.ac +++ b/configure.ac @@ -3713,6 +3713,20 @@ if test "x$with_liboqs" = "xyes" ; then ], [AC_MSG_RESULT([no]) ]) + AC_MSG_CHECKING([for libOQS HQC support]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include + ]], [[ + #if defined(OQS_ENABLE_KEM_HQC) || (defined(OQS_ENABLE_KEM_hqc_128_1_cca2) && defined(OQS_ENABLE_KEM_hqc_192_1_cca2) && defined(OQS_ENABLE_KEM_hqc_192_2_cca2) && defined(OQS_ENABLE_KEM_hqc_256_1_cca2) && defined(OQS_ENABLE_KEM_hqc_256_2_cca2) && defined(OQS_ENABLE_KEM_hqc_256_3_cca2)) + #else + #error "HQC is not supported" + #endif + ]])], + [ AC_MSG_RESULT([yes]) + AC_DEFINE([HAVE_HQC], [1], [Define to 1 if LibOQS library is compiled with support for HQC]) + ], [AC_MSG_RESULT([no]) + ]) + AC_MSG_CHECKING([for libOQS DILITHIUM support]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ diff --git a/kex.c b/kex.c index 9fc486ffbea9..a58664937d7d 100644 --- a/kex.c +++ b/kex.c @@ -181,6 +181,14 @@ static const struct kexalg kexalgs[] = { HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_PAPABEAR_SHA384) HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_PAPABEAR_EPHEM_SHA384) #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_128_1_CCA2_SHA384) + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_192_1_CCA2_SHA384) + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_192_2_CCA2_SHA384) + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_256_1_CCA2_SHA384) + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_256_2_CCA2_SHA384) + HYBRID_ECDH_OQS_KEX(KEX_ECDH_NISTP384_HQC_256_3_CCA2_SHA384) +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_HYBRID_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_HYBRID_KEX) */ # ifdef OPENSSL_HAS_NISTP521 @@ -269,6 +277,14 @@ static const struct kexalg kexalgs[] = { PQ_OQS_KEX(KEX_PAPABEAR_SHA384) PQ_OQS_KEX(KEX_PAPABEAR_EPHEM_SHA384) #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + PQ_OQS_KEX(KEX_HQC_128_1_CCA2_SHA384) + PQ_OQS_KEX(KEX_HQC_192_1_CCA2_SHA384) + PQ_OQS_KEX(KEX_HQC_192_2_CCA2_SHA384) + PQ_OQS_KEX(KEX_HQC_256_1_CCA2_SHA384) + PQ_OQS_KEX(KEX_HQC_256_2_CCA2_SHA384) + PQ_OQS_KEX(KEX_HQC_256_3_CCA2_SHA384) +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_PQ_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_PQ_KEX) */ #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) diff --git a/kex.h b/kex.h index 12323c84d1ab..b40743243318 100644 --- a/kex.h +++ b/kex.h @@ -128,6 +128,12 @@ #define KEX_MAMABEAR_EPHEM_SHA384 PQ_OQS_KEX_SUFFIX("mamabear-ephem-sha384") #define KEX_PAPABEAR_SHA384 PQ_OQS_KEX_SUFFIX("papabear-sha384") #define KEX_PAPABEAR_EPHEM_SHA384 PQ_OQS_KEX_SUFFIX("papabear-ephem-sha384") +#define KEX_HQC_128_1_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-128-1-cca2-sha384") +#define KEX_HQC_192_1_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-192-1-cca2-sha384") +#define KEX_HQC_192_2_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-192-2-cca2-sha384") +#define KEX_HQC_256_1_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-256-1-cca2-sha384") +#define KEX_HQC_256_2_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-256-2-cca2-sha384") +#define KEX_HQC_256_3_CCA2_SHA384 PQ_OQS_KEX_SUFFIX("hqc-256-3-cca2-sha384") ///// OQS_TEMPLATE_FRAGMENT_DEFINE_PQ_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_PQ_KEX) */ @@ -193,6 +199,12 @@ #define KEX_ECDH_NISTP384_MAMABEAR_EPHEM_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-mamabear-ephem-sha384") #define KEX_ECDH_NISTP384_PAPABEAR_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-papabear-sha384") #define KEX_ECDH_NISTP384_PAPABEAR_EPHEM_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-papabear-ephem-sha384") +#define KEX_ECDH_NISTP384_HQC_128_1_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-128-1-cca2-sha384") +#define KEX_ECDH_NISTP384_HQC_192_1_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-192-1-cca2-sha384") +#define KEX_ECDH_NISTP384_HQC_192_2_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-192-2-cca2-sha384") +#define KEX_ECDH_NISTP384_HQC_256_1_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-1-cca2-sha384") +#define KEX_ECDH_NISTP384_HQC_256_2_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-2-cca2-sha384") +#define KEX_ECDH_NISTP384_HQC_256_3_CCA2_SHA384 HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-3-cca2-sha384") ///// OQS_TEMPLATE_FRAGMENT_DEFINE_HYBRID_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_HYBRID_KEX) */ diff --git a/kexoqs.c b/kexoqs.c index 62cd507b6469..57d3c882264a 100644 --- a/kexoqs.c +++ b/kexoqs.c @@ -177,6 +177,20 @@ static const OQS_ALG oqs_alg_mapping[] = { {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-papabear-ephem-sha384"), OQS_KEM_alg_threebears_papabear_ephem, SSH2_MSG_HY_ECDH_THREEBEARS_INIT, SSH2_MSG_HY_ECDH_THREEBEARS_REPLY}, #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-128-1-cca2-sha384"), OQS_KEM_alg_hqc_128_1_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-192-1-cca2-sha384"), OQS_KEM_alg_hqc_192_1_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-192-2-cca2-sha384"), OQS_KEM_alg_hqc_192_2_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-1-cca2-sha384"), OQS_KEM_alg_hqc_256_1_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-2-cca2-sha384"), OQS_KEM_alg_hqc_256_2_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, + {HYBRID_ECDH_OQS_KEX_SUFFIX("ecdh-nistp384-hqc-256-3-cca2-sha384"), OQS_KEM_alg_hqc_256_3_cca2, + SSH2_MSG_HY_ECDH_HQC_INIT, SSH2_MSG_HY_ECDH_HQC_REPLY}, +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_HYBRID_KEXS_END #endif /* defined(OPENSSL_HAS_ECC) && defined(WITH_HYBRID_KEX) */ /* PQ-only key exchange methods */ @@ -318,6 +332,20 @@ static const OQS_ALG oqs_alg_mapping[] = { {PQ_OQS_KEX_SUFFIX("papabear-ephem-sha384"), OQS_KEM_alg_threebears_papabear_ephem, SSH2_MSG_PQ_THREEBEARS_INIT, SSH2_MSG_PQ_THREEBEARS_REPLY}, #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + {PQ_OQS_KEX_SUFFIX("hqc-128-1-cca2-sha384"), OQS_KEM_alg_hqc_128_1_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, + {PQ_OQS_KEX_SUFFIX("hqc-192-1-cca2-sha384"), OQS_KEM_alg_hqc_192_1_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, + {PQ_OQS_KEX_SUFFIX("hqc-192-2-cca2-sha384"), OQS_KEM_alg_hqc_192_2_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, + {PQ_OQS_KEX_SUFFIX("hqc-256-1-cca2-sha384"), OQS_KEM_alg_hqc_256_1_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, + {PQ_OQS_KEX_SUFFIX("hqc-256-2-cca2-sha384"), OQS_KEM_alg_hqc_256_2_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, + {PQ_OQS_KEX_SUFFIX("hqc-256-3-cca2-sha384"), OQS_KEM_alg_hqc_256_3_cca2, + SSH2_MSG_PQ_HQC_INIT, SSH2_MSG_PQ_HQC_REPLY}, +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_PQ_KEXS_END #endif /* WITH_PQ_KEX */ {NULL,NULL,0,0} /* End of list */ diff --git a/myproposal.h b/myproposal.h index 26fa0c9d99f6..02020a085380 100644 --- a/myproposal.h +++ b/myproposal.h @@ -138,6 +138,17 @@ #else #define KEX_PQ_METHOD_THREEBEARS "" #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC +#define KEX_PQ_METHOD_HQC \ + PQ_OQS_KEX_METHOD("hqc-128-1-cca2-sha384") \ + PQ_OQS_KEX_METHOD("hqc-192-1-cca2-sha384") \ + PQ_OQS_KEX_METHOD("hqc-192-2-cca2-sha384") \ + PQ_OQS_KEX_METHOD("hqc-256-1-cca2-sha384") \ + PQ_OQS_KEX_METHOD("hqc-256-2-cca2-sha384") \ + PQ_OQS_KEX_METHOD("hqc-256-3-cca2-sha384") +#else +#define KEX_PQ_METHOD_HQC "" +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_PQ_KEXS_END #else /* defined(WITH_OQS) && defined(WITH_PQ_KEX) */ ///// OQS_TEMPLATE_FRAGMENT_UNDEFINE_PQ_KEXS_START @@ -151,6 +162,7 @@ #define KEX_PQ_METHOD_SIDH "" #define KEX_PQ_METHOD_SIKE "" #define KEX_PQ_METHOD_THREEBEARS "" +#define KEX_PQ_METHOD_HQC "" ///// OQS_TEMPLATE_FRAGMENT_UNDEFINE_PQ_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_PQ_KEX) */ @@ -166,7 +178,8 @@ KEX_PQ_METHOD_SABER \ KEX_PQ_METHOD_SIDH \ KEX_PQ_METHOD_SIKE \ - KEX_PQ_METHOD_THREEBEARS + KEX_PQ_METHOD_THREEBEARS \ + KEX_PQ_METHOD_HQC ///// OQS_TEMPLATE_FRAGMENT_LIST_PQ_KEXS_END #ifdef OPENSSL_HAS_ECC @@ -280,6 +293,17 @@ #else #define KEX_HYBRID_METHOD_THREEBEARS "" #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC +#define KEX_HYBRID_METHOD_HQC \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-128-1-cca2-sha384") \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-192-1-cca2-sha384") \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-192-2-cca2-sha384") \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-256-1-cca2-sha384") \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-256-2-cca2-sha384") \ + HYBRID_ECDH_OQS_METHOD("ecdh-nistp384-hqc-256-3-cca2-sha384") +#else +#define KEX_HYBRID_METHOD_HQC "" +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DEFINE_HYBRID_KEXS_END #else /* defined(WITH_OQS) && defined(WITH_HYBRID_KEX) */ ///// OQS_TEMPLATE_FRAGMENT_UNDEFINE_HYBRID_KEXS_START @@ -293,6 +317,7 @@ #define KEX_HYBRID_METHOD_SIDH "" #define KEX_HYBRID_METHOD_SIKE "" #define KEX_HYBRID_METHOD_THREEBEARS "" +#define KEX_HYBRID_METHOD_HQC "" ///// OQS_TEMPLATE_FRAGMENT_UNDEFINE_HYBRID_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_HYBRID_KEX) */ @@ -308,7 +333,8 @@ KEX_HYBRID_METHOD_SABER \ KEX_HYBRID_METHOD_SIDH \ KEX_HYBRID_METHOD_SIKE \ - KEX_HYBRID_METHOD_THREEBEARS + KEX_HYBRID_METHOD_THREEBEARS \ + KEX_HYBRID_METHOD_HQC ///// OQS_TEMPLATE_FRAGMENT_LIST_HYBRID_KEXS_END #ifdef OPENSSL_HAS_NISTP521 diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 709d268a5dd0..0da0646ca65b 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -591,3 +591,24 @@ kems: - name: "PAPABEAR_EPHEM" oqs_meth: "OQS_KEM_alg_threebears_papabear_ephem" + - + family: "HQC" + variants: + - + name: "HQC_128_1_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_128_1_cca2' + - + name: "HQC_192_1_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_192_1_cca2' + - + name: "HQC_192_2_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_192_2_cca2' + - + name: "HQC_256_1_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_256_1_cca2' + - + name: "HQC_256_2_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_256_2_cca2' + - + name: "HQC_256_3_CCA2" + oqs_meth: 'OQS_KEM_alg_hqc_256_3_cca2' diff --git a/oqs-test/test_openssh.py b/oqs-test/test_openssh.py index 440260a8fffe..6afd8a2d0f82 100644 --- a/oqs-test/test_openssh.py +++ b/oqs-test/test_openssh.py @@ -18,9 +18,9 @@ kex_algs = [ ##### OQS_TEMPLATE_FRAGMENT_LIST_KEXS_START # post-quantum only kex - 'bike1-l1-cpa-sha384@openquantumsafe.org','bike1-l3-cpa-sha384@openquantumsafe.org','bike1-l1-fo-sha384@openquantumsafe.org','bike1-l3-fo-sha384@openquantumsafe.org','classic-mceliece-348864-sha384@openquantumsafe.org','classic-mceliece-348864f-sha384@openquantumsafe.org','classic-mceliece-460896-sha384@openquantumsafe.org','classic-mceliece-460896f-sha384@openquantumsafe.org','classic-mceliece-6688128-sha384@openquantumsafe.org','classic-mceliece-6688128f-sha384@openquantumsafe.org','classic-mceliece-6960119-sha384@openquantumsafe.org','classic-mceliece-6960119f-sha384@openquantumsafe.org','classic-mceliece-8192128-sha384@openquantumsafe.org','classic-mceliece-8192128f-sha384@openquantumsafe.org','frodo-640-aes-sha384@openquantumsafe.org','frodo-640-shake-sha384@openquantumsafe.org','frodo-976-aes-sha384@openquantumsafe.org','frodo-976-shake-sha384@openquantumsafe.org','frodo-1344-aes-sha384@openquantumsafe.org','frodo-1344-shake-sha384@openquantumsafe.org','kyber-512-sha384@openquantumsafe.org','kyber-768-sha384@openquantumsafe.org','kyber-1024-sha384@openquantumsafe.org','kyber-512-90s-sha384@openquantumsafe.org','kyber-768-90s-sha384@openquantumsafe.org','kyber-1024-90s-sha384@openquantumsafe.org','newhope-512-sha384@openquantumsafe.org','newhope-1024-sha384@openquantumsafe.org','ntru-hps-2048-509-sha384@openquantumsafe.org','ntru-hps-2048-677-sha384@openquantumsafe.org','ntru-hrss-701-sha384@openquantumsafe.org','ntru-hps-4096-821-sha384@openquantumsafe.org','saber-lightsaber-sha384@openquantumsafe.org','saber-saber-sha384@openquantumsafe.org','saber-firesaber-sha384@openquantumsafe.org','sidh-p434-sha384@openquantumsafe.org','sidh-p503-sha384@openquantumsafe.org','sidh-p610-sha384@openquantumsafe.org','sidh-p751-sha384@openquantumsafe.org','sidh-p434-compressed-sha384@openquantumsafe.org','sidh-p503-compressed-sha384@openquantumsafe.org','sidh-p610-compressed-sha384@openquantumsafe.org','sidh-p751-compressed-sha384@openquantumsafe.org','sike-p434-sha384@openquantumsafe.org','sike-p503-sha384@openquantumsafe.org','sike-p610-sha384@openquantumsafe.org','sike-p751-sha384@openquantumsafe.org','-sha384@openquantumsafe.org','sike-p503-compressed-sha384@openquantumsafe.org','sike-p610-compressed-sha384@openquantumsafe.org','sike-p751-compressed-sha384@openquantumsafe.org','babybear-sha384@openquantumsafe.org','babybear-ephem-sha384@openquantumsafe.org','mamabear-sha384@openquantumsafe.org','mamabear-ephem-sha384@openquantumsafe.org','papabear-sha384@openquantumsafe.org','papabear-ephem-sha384@openquantumsafe.org', + 'bike1-l1-cpa-sha384@openquantumsafe.org','bike1-l3-cpa-sha384@openquantumsafe.org','bike1-l1-fo-sha384@openquantumsafe.org','bike1-l3-fo-sha384@openquantumsafe.org','classic-mceliece-348864-sha384@openquantumsafe.org','classic-mceliece-348864f-sha384@openquantumsafe.org','classic-mceliece-460896-sha384@openquantumsafe.org','classic-mceliece-460896f-sha384@openquantumsafe.org','classic-mceliece-6688128-sha384@openquantumsafe.org','classic-mceliece-6688128f-sha384@openquantumsafe.org','classic-mceliece-6960119-sha384@openquantumsafe.org','classic-mceliece-6960119f-sha384@openquantumsafe.org','classic-mceliece-8192128-sha384@openquantumsafe.org','classic-mceliece-8192128f-sha384@openquantumsafe.org','frodo-640-aes-sha384@openquantumsafe.org','frodo-640-shake-sha384@openquantumsafe.org','frodo-976-aes-sha384@openquantumsafe.org','frodo-976-shake-sha384@openquantumsafe.org','frodo-1344-aes-sha384@openquantumsafe.org','frodo-1344-shake-sha384@openquantumsafe.org','kyber-512-sha384@openquantumsafe.org','kyber-768-sha384@openquantumsafe.org','kyber-1024-sha384@openquantumsafe.org','kyber-512-90s-sha384@openquantumsafe.org','kyber-768-90s-sha384@openquantumsafe.org','kyber-1024-90s-sha384@openquantumsafe.org','newhope-512-sha384@openquantumsafe.org','newhope-1024-sha384@openquantumsafe.org','ntru-hps-2048-509-sha384@openquantumsafe.org','ntru-hps-2048-677-sha384@openquantumsafe.org','ntru-hrss-701-sha384@openquantumsafe.org','ntru-hps-4096-821-sha384@openquantumsafe.org','saber-lightsaber-sha384@openquantumsafe.org','saber-saber-sha384@openquantumsafe.org','saber-firesaber-sha384@openquantumsafe.org','sidh-p434-sha384@openquantumsafe.org','sidh-p503-sha384@openquantumsafe.org','sidh-p610-sha384@openquantumsafe.org','sidh-p751-sha384@openquantumsafe.org','sidh-p434-compressed-sha384@openquantumsafe.org','sidh-p503-compressed-sha384@openquantumsafe.org','sidh-p610-compressed-sha384@openquantumsafe.org','sidh-p751-compressed-sha384@openquantumsafe.org','sike-p434-sha384@openquantumsafe.org','sike-p503-sha384@openquantumsafe.org','sike-p610-sha384@openquantumsafe.org','sike-p751-sha384@openquantumsafe.org','-sha384@openquantumsafe.org','sike-p503-compressed-sha384@openquantumsafe.org','sike-p610-compressed-sha384@openquantumsafe.org','sike-p751-compressed-sha384@openquantumsafe.org','babybear-sha384@openquantumsafe.org','babybear-ephem-sha384@openquantumsafe.org','mamabear-sha384@openquantumsafe.org','mamabear-ephem-sha384@openquantumsafe.org','papabear-sha384@openquantumsafe.org','papabear-ephem-sha384@openquantumsafe.org','hqc-128-1-cca2-sha384@openquantumsafe.org','hqc-192-1-cca2-sha384@openquantumsafe.org','hqc-192-2-cca2-sha384@openquantumsafe.org','hqc-256-1-cca2-sha384@openquantumsafe.org','hqc-256-2-cca2-sha384@openquantumsafe.org','hqc-256-3-cca2-sha384@openquantumsafe.org', # hybrid kex - 'ecdh-nistp384-bike1-l1-cpa-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l3-cpa-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l1-fo-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l3-fo-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-348864-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-348864f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-460896-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-460896f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6688128-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6688128f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6960119-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6960119f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-8192128-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-8192128f-sha384@openquantumsafe.org','ecdh-nistp384-frodo-640-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-640-shake-sha384@openquantumsafe.org','ecdh-nistp384-frodo-976-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-976-shake-sha384@openquantumsafe.org','ecdh-nistp384-frodo-1344-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-1344-shake-sha384@openquantumsafe.org','ecdh-nistp384-kyber-512-sha384@openquantumsafe.org','ecdh-nistp384-kyber-768-sha384@openquantumsafe.org','ecdh-nistp384-kyber-1024-sha384@openquantumsafe.org','ecdh-nistp384-kyber-512-90s-sha384@openquantumsafe.org','ecdh-nistp384-kyber-768-90s-sha384@openquantumsafe.org','ecdh-nistp384-kyber-1024-90s-sha384@openquantumsafe.org','ecdh-nistp384-newhope-512-sha384@openquantumsafe.org','ecdh-nistp384-newhope-1024-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-2048-509-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-2048-677-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hrss-701-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-4096-821-sha384@openquantumsafe.org','ecdh-nistp384-saber-lightsaber-sha384@openquantumsafe.org','ecdh-nistp384-saber-saber-sha384@openquantumsafe.org','ecdh-nistp384-saber-firesaber-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p434-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p503-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p610-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p751-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p434-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p503-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p610-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p751-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p434-sha384@openquantumsafe.org','ecdh-nistp384-sike-p503-sha384@openquantumsafe.org','ecdh-nistp384-sike-p610-sha384@openquantumsafe.org','ecdh-nistp384-sike-p751-sha384@openquantumsafe.org','ecdh-nistp384--sha384@openquantumsafe.org','ecdh-nistp384-sike-p503-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p610-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p751-compressed-sha384@openquantumsafe.org','ecdh-nistp384-babybear-sha384@openquantumsafe.org','ecdh-nistp384-babybear-ephem-sha384@openquantumsafe.org','ecdh-nistp384-mamabear-sha384@openquantumsafe.org','ecdh-nistp384-mamabear-ephem-sha384@openquantumsafe.org','ecdh-nistp384-papabear-sha384@openquantumsafe.org','ecdh-nistp384-papabear-ephem-sha384@openquantumsafe.org', + 'ecdh-nistp384-bike1-l1-cpa-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l3-cpa-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l1-fo-sha384@openquantumsafe.org','ecdh-nistp384-bike1-l3-fo-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-348864-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-348864f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-460896-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-460896f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6688128-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6688128f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6960119-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-6960119f-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-8192128-sha384@openquantumsafe.org','ecdh-nistp384-classic-mceliece-8192128f-sha384@openquantumsafe.org','ecdh-nistp384-frodo-640-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-640-shake-sha384@openquantumsafe.org','ecdh-nistp384-frodo-976-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-976-shake-sha384@openquantumsafe.org','ecdh-nistp384-frodo-1344-aes-sha384@openquantumsafe.org','ecdh-nistp384-frodo-1344-shake-sha384@openquantumsafe.org','ecdh-nistp384-kyber-512-sha384@openquantumsafe.org','ecdh-nistp384-kyber-768-sha384@openquantumsafe.org','ecdh-nistp384-kyber-1024-sha384@openquantumsafe.org','ecdh-nistp384-kyber-512-90s-sha384@openquantumsafe.org','ecdh-nistp384-kyber-768-90s-sha384@openquantumsafe.org','ecdh-nistp384-kyber-1024-90s-sha384@openquantumsafe.org','ecdh-nistp384-newhope-512-sha384@openquantumsafe.org','ecdh-nistp384-newhope-1024-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-2048-509-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-2048-677-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hrss-701-sha384@openquantumsafe.org','ecdh-nistp384-ntru-hps-4096-821-sha384@openquantumsafe.org','ecdh-nistp384-saber-lightsaber-sha384@openquantumsafe.org','ecdh-nistp384-saber-saber-sha384@openquantumsafe.org','ecdh-nistp384-saber-firesaber-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p434-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p503-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p610-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p751-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p434-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p503-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p610-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sidh-p751-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p434-sha384@openquantumsafe.org','ecdh-nistp384-sike-p503-sha384@openquantumsafe.org','ecdh-nistp384-sike-p610-sha384@openquantumsafe.org','ecdh-nistp384-sike-p751-sha384@openquantumsafe.org','ecdh-nistp384--sha384@openquantumsafe.org','ecdh-nistp384-sike-p503-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p610-compressed-sha384@openquantumsafe.org','ecdh-nistp384-sike-p751-compressed-sha384@openquantumsafe.org','ecdh-nistp384-babybear-sha384@openquantumsafe.org','ecdh-nistp384-babybear-ephem-sha384@openquantumsafe.org','ecdh-nistp384-mamabear-sha384@openquantumsafe.org','ecdh-nistp384-mamabear-ephem-sha384@openquantumsafe.org','ecdh-nistp384-papabear-sha384@openquantumsafe.org','ecdh-nistp384-papabear-ephem-sha384@openquantumsafe.org','ecdh-nistp384-hqc-128-1-cca2-sha384@openquantumsafe.org','ecdh-nistp384-hqc-192-1-cca2-sha384@openquantumsafe.org','ecdh-nistp384-hqc-192-2-cca2-sha384@openquantumsafe.org','ecdh-nistp384-hqc-256-1-cca2-sha384@openquantumsafe.org','ecdh-nistp384-hqc-256-2-cca2-sha384@openquantumsafe.org','ecdh-nistp384-hqc-256-3-cca2-sha384@openquantumsafe.org', ##### OQS_TEMPLATE_FRAGMENT_LIST_KEXS_END ] diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index ffb19c75c94d..a2744218035c 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -276,6 +276,14 @@ kex_tests(void) do_kex(KEX_ECDH_NISTP384_PAPABEAR_SHA384); do_kex(KEX_ECDH_NISTP384_PAPABEAR_EPHEM_SHA384); #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + do_kex(KEX_ECDH_NISTP384_HQC_128_1_CCA2_SHA384); + do_kex(KEX_ECDH_NISTP384_HQC_192_1_CCA2_SHA384); + do_kex(KEX_ECDH_NISTP384_HQC_192_2_CCA2_SHA384); + do_kex(KEX_ECDH_NISTP384_HQC_256_1_CCA2_SHA384); + do_kex(KEX_ECDH_NISTP384_HQC_256_2_CCA2_SHA384); + do_kex(KEX_ECDH_NISTP384_HQC_256_3_CCA2_SHA384); +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DO_HYBRID_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_HYBRID_KEX) */ #endif /* OPENSSL_HAS_ECC */ @@ -363,6 +371,14 @@ kex_tests(void) do_kex(KEX_PAPABEAR_SHA384); do_kex(KEX_PAPABEAR_EPHEM_SHA384); #endif /* HAVE_THREEBEARS */ +#ifdef HAVE_HQC + do_kex(KEX_HQC_128_1_CCA2_SHA384); + do_kex(KEX_HQC_192_1_CCA2_SHA384); + do_kex(KEX_HQC_192_2_CCA2_SHA384); + do_kex(KEX_HQC_256_1_CCA2_SHA384); + do_kex(KEX_HQC_256_2_CCA2_SHA384); + do_kex(KEX_HQC_256_3_CCA2_SHA384); +#endif /* HAVE_HQC */ ///// OQS_TEMPLATE_FRAGMENT_DO_PQ_KEXS_END #endif /* defined(WITH_OQS) && defined(WITH_PQ_KEX) */ } diff --git a/ssh2.h b/ssh2.h index d644e0137e8b..1ca89226e62a 100644 --- a/ssh2.h +++ b/ssh2.h @@ -140,6 +140,9 @@ #define SSH2_MSG_PQ_THREEBEARS_INIT 30 #define SSH2_MSG_PQ_THREEBEARS_REPLY 31 + +#define SSH2_MSG_PQ_HQC_INIT 30 +#define SSH2_MSG_PQ_HQC_REPLY 31 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_PQ_KEX_MARKERS_END /* hybrid */ @@ -176,6 +179,9 @@ #define SSH2_MSG_HY_ECDH_THREEBEARS_INIT 30 #define SSH2_MSG_HY_ECDH_THREEBEARS_REPLY 31 + +#define SSH2_MSG_HY_ECDH_HQC_INIT 30 +#define SSH2_MSG_HY_ECDH_HQC_REPLY 31 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_HYBRID_KEX_MARKERS_END /* user authentication: generic */