diff --git a/README.md b/README.md index d6839cedf42a..f05de4e48165 100644 --- a/README.md +++ b/README.md @@ -71,8 +71,6 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512`, `kyber-512-90s-sha256`, `kyber-768-90s-sha384`, `kyber-1024-90s-sha512` - **NTRU**: `ntru-hps2048509-sha512`, `ntru-hps2048677-sha512`, `ntru-hps4096821-sha512`, `ntru-hps40961229-sha512`, `ntru-hrss701-sha512`, `ntru-hrss1373-sha512` - **NTRU-PRIME**: `ntruprime-ntrulpr653-sha256`, `ntruprime-sntrup653-sha256`, `ntruprime-ntrulpr761-sha384`, `ntruprime-sntrup761-sha384`, `ntruprime-ntrulpr857-sha384`, `ntruprime-sntrup857-sha384`, `ntruprime-ntrulpr1277-sha512`, `ntruprime-sntrup1277-sha512` -- **SIDH**: `sidh-p434-sha256`, `sidh-p434-compressed-sha256`, `sidh-p610-sha256`, `sidh-p610-compressed-sha256`, `sidh-p751-sha256`, `sidh-p751-compressed-sha256` -- **SIKE**: `sike-p434-sha256`, `sike-p434-compressed-sha256`, `sike-p610-sha256`, `sike-p610-compressed-sha256`, `sike-p751-sha256`, `sike-p751-compressed-sha256` - **Saber**: `saber-lightsaber-sha256`, `saber-saber-sha384`, `saber-firesaber-sha512` @@ -92,7 +90,7 @@ The following digital signature algorithms from liboqs are supported (assuming t - **Dilithium**: `dilithium2`, `dilithium3`\*, `dilithium5`, `dilithium2aes`\*, `dilithium3aes`, `dilithium5aes`\* - **Falcon**: `falcon512`\*, `falcon1024`\* - **Picnic**: `picnicL1FS`, `picnicL1UR`, `picnicL1full`\*, `picnicL3FS`\*, `picnicL3UR`, `picnicL3full`, `picnicL5FS`, `picnicL5UR`, `picnicL5full` -- **Rainbow**: `rainbowIclassic`, `rainbowIcircumzenithal`, `rainbowIcompressed`, `rainbowIIIclassic`, `rainbowIIIcircumzenithal`, `rainbowIIIcompressed`, `rainbowVclassic`, `rainbowVcircumzenithal`, `rainbowVcompressed` +- **Rainbow**: `rainbowIIIclassic`, `rainbowIIIcircumzenithal`, `rainbowIIIcompressed`, `rainbowVclassic`, `rainbowVcircumzenithal`, `rainbowVcompressed` - **SPHINCS**: `sphincsharaka128frobust`, `sphincsharaka128fsimple`\*, `sphincsharaka128srobust`, `sphincsharaka128ssimple`, `sphincssha256128frobust`, `sphincssha256128srobust`, `sphincssha256128fsimple`, `sphincssha256128ssimple`, `sphincsshake256128frobust`, `sphincsshake256128srobust`, `sphincsshake256128fsimple`, `sphincsshake256128ssimple`, `sphincsharaka192frobust`\*, `sphincsharaka192srobust`, `sphincsharaka192fsimple`, `sphincsharaka192ssimple`, `sphincssha256192frobust`, `sphincssha256192srobust`, `sphincssha256192fsimple`, `sphincssha256192ssimple`, `sphincsshake256192frobust`, `sphincsshake256192srobust`, `sphincsshake256192fsimple`, `sphincsshake256192ssimple`, `sphincsharaka256frobust`, `sphincsharaka256srobust`, `sphincsharaka256fsimple`, `sphincsharaka256ssimple`, `sphincssha256256frobust`, `sphincssha256256srobust`, `sphincssha256256fsimple`, `sphincssha256256ssimple`, `sphincsshake256256frobust`, `sphincsshake256256srobust`, `sphincsshake256256fsimple`, `sphincsshake256256ssimple` diff --git a/appveyor.yml b/appveyor.yml index 337fe0b24db4..d94ef6bbefe2 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -1,5 +1,8 @@ version: 1.0.{build} +# For RDP access be sure to set the environment variable APPVEYOR_RDP_PASSWORD +# (in AppVeyor project settings) + # TODO: Add MSVC support image: Visual Studio 2019 @@ -20,6 +23,10 @@ for: choco install -y strawberryperl SET "OPENSSL_ROOT_DIR=C:\OpenSSL-Win64" +# Uncomment to activate RDP debugging: +#init: +# - ps: iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1')) + build_script: - cmd: '%APPVEYOR_BUILD_FOLDER%\appveyor_build.bat' @@ -34,3 +41,7 @@ test_script: echo "%PATH%" set PATH=%cd%;c:\cygwin64\bin;%PATH% && echo %PATH% && python oqs-test/try_connection.py doone +# Uncomment to be able to log in and check results / debug via RDP at the end of build +#on_finish: +# - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1')) + diff --git a/appveyor_build.bat b/appveyor_build.bat index 448a7dbc0b4d..e180ca77f801 100644 --- a/appveyor_build.bat +++ b/appveyor_build.bat @@ -1,5 +1,5 @@ IF %COMPILER%==cygwin ( @echo on SET "PATH=C:\cywin64\bin;c:\cygwin64;%PATH%" - c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P zlib -P zlib-devel -P ninja -P cmake -P gcc -P make -P autoconf && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir build && cd build && cmake .. -GNinja -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=${APPVEYOR_BUILD_FOLDER}/oqs -DOQS_BUILD_ONLY_LIB=ON && ninja -v && ninja install && cd ${APPVEYOR_BUILD_FOLDER} && mkdir -p -m 0755 /var/empty && export LIBOQS_INSTALL=`pwd`/oqs && autoreconf && LDFLAGS=\"-Wl,--stack,20000000\" ./configure --without-openssl-header-check --with-liboqs-dir=`pwd`/oqs --with-libs=-lm && make && make install && TEST_SSH_UNSAFE_PERMISSIONS=1 make tests LTESTS=\"\" " + c:\cygwin64\bin\bash.exe -lc "export PPD=$OLDPWD && export LIBOQS_INSTALL=$PPD/oqs && env && pwd && setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P zlib -P zlib-devel -P ninja -P cmake -P gcc -P make -P autoconf && cd $PPD && openssl version && cygcheck -c && git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir build && cd build && cmake .. -GNinja -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALL -DOQS_BUILD_ONLY_LIB=ON && ninja -v && ninja install && cd ../.. && mkdir -p -m 0755 /var/empty && autoupdate && autoreconf && LDFLAGS=\"-Wl,--stack,20000000\" ./configure --without-openssl-header-check --with-liboqs-dir=$LIBOQS_INSTALL --with-libs=-lm && make && make install && TEST_SSH_UNSAFE_PERMISSIONS=1 make tests LTESTS=\"\" " ) diff --git a/kex.c b/kex.c index 288063bd073a..2ce6da96bb99 100644 --- a/kex.c +++ b/kex.c @@ -124,18 +124,6 @@ static const struct kexalg kexalgs[] = { { KEX_FRODOKEM_640_SHAKE_SHA256, KEX_KEM_FRODOKEM_640_SHAKE_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_FRODOKEM_976_SHAKE_SHA384, KEX_KEM_FRODOKEM_976_SHAKE_SHA384, 0, SSH_DIGEST_SHA384 }, { KEX_FRODOKEM_1344_SHAKE_SHA512, KEX_KEM_FRODOKEM_1344_SHAKE_SHA512, 0, SSH_DIGEST_SHA512 }, - { KEX_SIDH_P434_SHA256, KEX_KEM_SIDH_P434_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P434_COMPRESSED_SHA256, KEX_KEM_SIDH_P434_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P610_SHA256, KEX_KEM_SIDH_P610_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P610_COMPRESSED_SHA256, KEX_KEM_SIDH_P610_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P751_SHA256, KEX_KEM_SIDH_P751_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P751_COMPRESSED_SHA256, KEX_KEM_SIDH_P751_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P434_SHA256, KEX_KEM_SIKE_P434_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P434_COMPRESSED_SHA256, KEX_KEM_SIKE_P434_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P610_SHA256, KEX_KEM_SIKE_P610_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P610_COMPRESSED_SHA256, KEX_KEM_SIKE_P610_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P751_SHA256, KEX_KEM_SIKE_P751_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P751_COMPRESSED_SHA256, KEX_KEM_SIKE_P751_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_SABER_LIGHTSABER_SHA256, KEX_KEM_SABER_LIGHTSABER_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_SABER_SABER_SHA384, KEX_KEM_SABER_SABER_SHA384, 0, SSH_DIGEST_SHA384 }, { KEX_SABER_FIRESABER_SHA512, KEX_KEM_SABER_FIRESABER_SHA512, 0, SSH_DIGEST_SHA512 }, @@ -181,18 +169,6 @@ static const struct kexalg kexalgs[] = { { KEX_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 }, { KEX_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512, KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 }, - { KEX_SIDH_P434_ECDH_NISTP256_SHA256, KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256, KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P610_ECDH_NISTP384_SHA256, KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256, KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P751_ECDH_NISTP521_SHA256, KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 }, - { KEX_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256, KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P434_ECDH_NISTP256_SHA256, KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256, KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P610_ECDH_NISTP384_SHA256, KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256, KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P751_ECDH_NISTP521_SHA256, KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 }, - { KEX_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256, KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 }, { KEX_SABER_LIGHTSABER_ECDH_NISTP256_SHA256, KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, { KEX_SABER_SABER_ECDH_NISTP384_SHA384, KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 }, { KEX_SABER_FIRESABER_ECDH_NISTP521_SHA512, KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 }, diff --git a/kex.h b/kex.h index 6a1f8aaa286d..5c382226d54c 100644 --- a/kex.h +++ b/kex.h @@ -70,18 +70,6 @@ #define KEX_FRODOKEM_640_SHAKE_SHA256 "frodokem-640-shake-sha256" #define KEX_FRODOKEM_976_SHAKE_SHA384 "frodokem-976-shake-sha384" #define KEX_FRODOKEM_1344_SHAKE_SHA512 "frodokem-1344-shake-sha512" -#define KEX_SIDH_P434_SHA256 "sidh-p434-sha256" -#define KEX_SIDH_P434_COMPRESSED_SHA256 "sidh-p434-compressed-sha256" -#define KEX_SIDH_P610_SHA256 "sidh-p610-sha256" -#define KEX_SIDH_P610_COMPRESSED_SHA256 "sidh-p610-compressed-sha256" -#define KEX_SIDH_P751_SHA256 "sidh-p751-sha256" -#define KEX_SIDH_P751_COMPRESSED_SHA256 "sidh-p751-compressed-sha256" -#define KEX_SIKE_P434_SHA256 "sike-p434-sha256" -#define KEX_SIKE_P434_COMPRESSED_SHA256 "sike-p434-compressed-sha256" -#define KEX_SIKE_P610_SHA256 "sike-p610-sha256" -#define KEX_SIKE_P610_COMPRESSED_SHA256 "sike-p610-compressed-sha256" -#define KEX_SIKE_P751_SHA256 "sike-p751-sha256" -#define KEX_SIKE_P751_COMPRESSED_SHA256 "sike-p751-compressed-sha256" #define KEX_SABER_LIGHTSABER_SHA256 "saber-lightsaber-sha256" #define KEX_SABER_SABER_SHA384 "saber-saber-sha384" #define KEX_SABER_FIRESABER_SHA512 "saber-firesaber-sha512" @@ -128,18 +116,6 @@ #define KEX_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256 "ecdh-nistp256-frodokem-640-shake-sha256" #define KEX_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384 "ecdh-nistp384-frodokem-976-shake-sha384" #define KEX_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512 "ecdh-nistp521-frodokem-1344-shake-sha512" -#define KEX_SIDH_P434_ECDH_NISTP256_SHA256 "ecdh-nistp256-sidh-p434-sha256" -#define KEX_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256 "ecdh-nistp256-sidh-p434-compressed-sha256" -#define KEX_SIDH_P610_ECDH_NISTP384_SHA256 "ecdh-nistp384-sidh-p610-sha256" -#define KEX_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256 "ecdh-nistp384-sidh-p610-compressed-sha256" -#define KEX_SIDH_P751_ECDH_NISTP521_SHA256 "ecdh-nistp521-sidh-p751-sha256" -#define KEX_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256 "ecdh-nistp521-sidh-p751-compressed-sha256" -#define KEX_SIKE_P434_ECDH_NISTP256_SHA256 "ecdh-nistp256-sike-p434-sha256" -#define KEX_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256 "ecdh-nistp256-sike-p434-compressed-sha256" -#define KEX_SIKE_P610_ECDH_NISTP384_SHA256 "ecdh-nistp384-sike-p610-sha256" -#define KEX_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256 "ecdh-nistp384-sike-p610-compressed-sha256" -#define KEX_SIKE_P751_ECDH_NISTP521_SHA256 "ecdh-nistp521-sike-p751-sha256" -#define KEX_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256 "ecdh-nistp521-sike-p751-compressed-sha256" #define KEX_SABER_LIGHTSABER_ECDH_NISTP256_SHA256 "ecdh-nistp256-saber-lightsaber-sha256" #define KEX_SABER_SABER_ECDH_NISTP384_SHA384 "ecdh-nistp384-saber-saber-sha384" #define KEX_SABER_FIRESABER_ECDH_NISTP521_SHA512 "ecdh-nistp521-saber-firesaber-sha512" @@ -228,18 +204,6 @@ enum kex_exchange { KEX_KEM_FRODOKEM_640_SHAKE_SHA256, KEX_KEM_FRODOKEM_976_SHAKE_SHA384, KEX_KEM_FRODOKEM_1344_SHAKE_SHA512, - KEX_KEM_SIDH_P434_SHA256, - KEX_KEM_SIDH_P434_COMPRESSED_SHA256, - KEX_KEM_SIDH_P610_SHA256, - KEX_KEM_SIDH_P610_COMPRESSED_SHA256, - KEX_KEM_SIDH_P751_SHA256, - KEX_KEM_SIDH_P751_COMPRESSED_SHA256, - KEX_KEM_SIKE_P434_SHA256, - KEX_KEM_SIKE_P434_COMPRESSED_SHA256, - KEX_KEM_SIKE_P610_SHA256, - KEX_KEM_SIKE_P610_COMPRESSED_SHA256, - KEX_KEM_SIKE_P751_SHA256, - KEX_KEM_SIKE_P751_COMPRESSED_SHA256, KEX_KEM_SABER_LIGHTSABER_SHA256, KEX_KEM_SABER_SABER_SHA384, KEX_KEM_SABER_FIRESABER_SHA512, @@ -286,18 +250,6 @@ enum kex_exchange { KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512, - KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256, - KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256, - KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256, - KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256, - KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256, - KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256, - KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256, - KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256, - KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256, - KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256, - KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256, - KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256, KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256, KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384, KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512, @@ -495,54 +447,6 @@ int kex_kem_frodokem_976_shake_dec(struct kex *, const struct sshbuf *, struct int kex_kem_frodokem_1344_shake_keypair(struct kex *); int kex_kem_frodokem_1344_shake_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_frodokem_1344_shake_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p434 prototypes */ -int kex_kem_sidh_p434_keypair(struct kex *); -int kex_kem_sidh_p434_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p434_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p434_compressed prototypes */ -int kex_kem_sidh_p434_compressed_keypair(struct kex *); -int kex_kem_sidh_p434_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p434_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p610 prototypes */ -int kex_kem_sidh_p610_keypair(struct kex *); -int kex_kem_sidh_p610_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p610_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p610_compressed prototypes */ -int kex_kem_sidh_p610_compressed_keypair(struct kex *); -int kex_kem_sidh_p610_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p610_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p751 prototypes */ -int kex_kem_sidh_p751_keypair(struct kex *); -int kex_kem_sidh_p751_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p751_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p751_compressed prototypes */ -int kex_kem_sidh_p751_compressed_keypair(struct kex *); -int kex_kem_sidh_p751_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p751_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p434 prototypes */ -int kex_kem_sike_p434_keypair(struct kex *); -int kex_kem_sike_p434_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p434_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p434_compressed prototypes */ -int kex_kem_sike_p434_compressed_keypair(struct kex *); -int kex_kem_sike_p434_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p434_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p610 prototypes */ -int kex_kem_sike_p610_keypair(struct kex *); -int kex_kem_sike_p610_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p610_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p610_compressed prototypes */ -int kex_kem_sike_p610_compressed_keypair(struct kex *); -int kex_kem_sike_p610_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p610_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p751 prototypes */ -int kex_kem_sike_p751_keypair(struct kex *); -int kex_kem_sike_p751_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p751_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p751_compressed prototypes */ -int kex_kem_sike_p751_compressed_keypair(struct kex *); -int kex_kem_sike_p751_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p751_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **); /* saber_lightsaber prototypes */ int kex_kem_saber_lightsaber_keypair(struct kex *); int kex_kem_saber_lightsaber_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); @@ -721,54 +625,6 @@ int kex_kem_frodokem_976_shake_ecdh_nistp384_dec(struct kex *, const struct ssh int kex_kem_frodokem_1344_shake_ecdh_nistp521_keypair(struct kex *); int kex_kem_frodokem_1344_shake_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); int kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p434_nistp256 prototypes */ -int kex_kem_sidh_p434_ecdh_nistp256_keypair(struct kex *); -int kex_kem_sidh_p434_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p434_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p434_compressed_nistp256 prototypes */ -int kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(struct kex *); -int kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p610_nistp384 prototypes */ -int kex_kem_sidh_p610_ecdh_nistp384_keypair(struct kex *); -int kex_kem_sidh_p610_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p610_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p610_compressed_nistp384 prototypes */ -int kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(struct kex *); -int kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p751_nistp521 prototypes */ -int kex_kem_sidh_p751_ecdh_nistp521_keypair(struct kex *); -int kex_kem_sidh_p751_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p751_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sidh_p751_compressed_nistp521 prototypes */ -int kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(struct kex *); -int kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p434_nistp256 prototypes */ -int kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *); -int kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p434_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p434_compressed_nistp256 prototypes */ -int kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(struct kex *); -int kex_kem_sike_p434_compressed_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p434_compressed_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p610_nistp384 prototypes */ -int kex_kem_sike_p610_ecdh_nistp384_keypair(struct kex *); -int kex_kem_sike_p610_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p610_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p610_compressed_nistp384 prototypes */ -int kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(struct kex *); -int kex_kem_sike_p610_compressed_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p610_compressed_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p751_nistp521 prototypes */ -int kex_kem_sike_p751_ecdh_nistp521_keypair(struct kex *); -int kex_kem_sike_p751_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p751_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); -/* sike_p751_compressed_nistp521 prototypes */ -int kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(struct kex *); -int kex_kem_sike_p751_compressed_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -int kex_kem_sike_p751_compressed_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); /* saber_lightsaber_nistp256 prototypes */ int kex_kem_saber_lightsaber_ecdh_nistp256_keypair(struct kex *); int kex_kem_saber_lightsaber_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); diff --git a/kexgen.c b/kexgen.c index bb33eeec13de..e3f54f44022e 100644 --- a/kexgen.c +++ b/kexgen.c @@ -140,42 +140,6 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_FRODOKEM_1344_SHAKE_SHA512: r = kex_kem_frodokem_1344_shake_keypair(kex); break; - case KEX_KEM_SIDH_P434_SHA256: - r = kex_kem_sidh_p434_keypair(kex); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_SHA256: - r = kex_kem_sidh_p434_compressed_keypair(kex); - break; - case KEX_KEM_SIDH_P610_SHA256: - r = kex_kem_sidh_p610_keypair(kex); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_SHA256: - r = kex_kem_sidh_p610_compressed_keypair(kex); - break; - case KEX_KEM_SIDH_P751_SHA256: - r = kex_kem_sidh_p751_keypair(kex); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_SHA256: - r = kex_kem_sidh_p751_compressed_keypair(kex); - break; - case KEX_KEM_SIKE_P434_SHA256: - r = kex_kem_sike_p434_keypair(kex); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_SHA256: - r = kex_kem_sike_p434_compressed_keypair(kex); - break; - case KEX_KEM_SIKE_P610_SHA256: - r = kex_kem_sike_p610_keypair(kex); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_SHA256: - r = kex_kem_sike_p610_compressed_keypair(kex); - break; - case KEX_KEM_SIKE_P751_SHA256: - r = kex_kem_sike_p751_keypair(kex); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_SHA256: - r = kex_kem_sike_p751_compressed_keypair(kex); - break; case KEX_KEM_SABER_LIGHTSABER_SHA256: r = kex_kem_saber_lightsaber_keypair(kex); break; @@ -310,42 +274,6 @@ kex_gen_client(struct ssh *ssh) case KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512: r = kex_kem_frodokem_1344_shake_ecdh_nistp521_keypair(kex); break; - case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_ecdh_nistp256_keypair(kex); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(kex); - break; - case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_ecdh_nistp384_keypair(kex); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(kex); - break; - case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_ecdh_nistp521_keypair(kex); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(kex); - break; - case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_ecdh_nistp256_keypair(kex); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(kex); - break; - case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_ecdh_nistp384_keypair(kex); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(kex); - break; - case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_ecdh_nistp521_keypair(kex); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(kex); - break; case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256: r = kex_kem_saber_lightsaber_ecdh_nistp256_keypair(kex); break; @@ -554,42 +482,6 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_FRODOKEM_1344_SHAKE_SHA512: r = kex_kem_frodokem_1344_shake_dec(kex, server_blob, &shared_secret); break; - case KEX_KEM_SIDH_P434_SHA256: - r = kex_kem_sidh_p434_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_SHA256: - r = kex_kem_sidh_p434_compressed_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P610_SHA256: - r = kex_kem_sidh_p610_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_SHA256: - r = kex_kem_sidh_p610_compressed_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P751_SHA256: - r = kex_kem_sidh_p751_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_SHA256: - r = kex_kem_sidh_p751_compressed_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P434_SHA256: - r = kex_kem_sike_p434_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_SHA256: - r = kex_kem_sike_p434_compressed_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P610_SHA256: - r = kex_kem_sike_p610_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_SHA256: - r = kex_kem_sike_p610_compressed_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P751_SHA256: - r = kex_kem_sike_p751_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_SHA256: - r = kex_kem_sike_p751_compressed_dec(kex, server_blob, &shared_secret); - break; case KEX_KEM_SABER_LIGHTSABER_SHA256: r = kex_kem_saber_lightsaber_dec(kex, server_blob, &shared_secret); break; @@ -724,42 +616,6 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512: r = kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(kex, server_blob, &shared_secret); break; - case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_ecdh_nistp256_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_ecdh_nistp384_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_ecdh_nistp521_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_ecdh_nistp256_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_compressed_ecdh_nistp256_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_ecdh_nistp384_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_compressed_ecdh_nistp384_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_ecdh_nistp521_dec(kex, server_blob, &shared_secret); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_compressed_ecdh_nistp521_dec(kex, server_blob, &shared_secret); - break; case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256: r = kex_kem_saber_lightsaber_ecdh_nistp256_dec(kex, server_blob, &shared_secret); break; @@ -1025,54 +881,6 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_frodokem_1344_shake_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; - case KEX_KEM_SIDH_P434_SHA256: - r = kex_kem_sidh_p434_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_SHA256: - r = kex_kem_sidh_p434_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P610_SHA256: - r = kex_kem_sidh_p610_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_SHA256: - r = kex_kem_sidh_p610_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P751_SHA256: - r = kex_kem_sidh_p751_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_SHA256: - r = kex_kem_sidh_p751_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P434_SHA256: - r = kex_kem_sike_p434_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_SHA256: - r = kex_kem_sike_p434_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P610_SHA256: - r = kex_kem_sike_p610_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_SHA256: - r = kex_kem_sike_p610_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P751_SHA256: - r = kex_kem_sike_p751_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_SHA256: - r = kex_kem_sike_p751_compressed_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; case KEX_KEM_SABER_LIGHTSABER_SHA256: r = kex_kem_saber_lightsaber_enc(kex, client_pubkey, &server_pubkey, &shared_secret); @@ -1251,54 +1059,6 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_kem_frodokem_1344_shake_ecdh_nistp521_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; - case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_ecdh_nistp256_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_ecdh_nistp384_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_ecdh_nistp521_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_ecdh_nistp256_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256: - r = kex_kem_sike_p434_compressed_ecdh_nistp256_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_ecdh_nistp384_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256: - r = kex_kem_sike_p610_compressed_ecdh_nistp384_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_ecdh_nistp521_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; - case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256: - r = kex_kem_sike_p751_compressed_ecdh_nistp521_enc(kex, client_pubkey, - &server_pubkey, &shared_secret); - break; case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256: r = kex_kem_saber_lightsaber_ecdh_nistp256_enc(kex, client_pubkey, &server_pubkey, &shared_secret); diff --git a/kexoqs.c b/kexoqs.c index 447ed0f69a83..93439b6d3b69 100644 --- a/kexoqs.c +++ b/kexoqs.c @@ -403,486 +403,6 @@ int kex_kem_frodokem_1344_shake_dec(struct kex *kex, OQS_KEM_free(kem); return r; } -/*--------------------------------------------------- - * SIDH_P434 METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p434_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p434_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIDH_P434_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p434_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p434_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIDH_P610 METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p610_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p610_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIDH_P610_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p610_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p610_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIDH_P751 METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p751_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p751_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIDH_P751_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sidh_p751_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sidh_p751_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P434 METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p434_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p434_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P434_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p434_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p434_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P610 METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p610_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p610_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P610_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p610_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p610_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P751 METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p751_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p751_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------- - * SIKE_P751_COMPRESSED METHODS - *--------------------------------------------------- - */ -int kex_kem_sike_p751_compressed_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} -int kex_kem_sike_p751_compressed_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_compressed_dec(struct kex *kex, - const struct sshbuf *server_blob, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp); - OQS_KEM_free(kem); - return r; -} /*--------------------------------------------------- * SABER_LIGHTSABER METHODS *--------------------------------------------------- diff --git a/kexoqsecdh.c b/kexoqsecdh.c index 554488a4c855..13198cb39613 100644 --- a/kexoqsecdh.c +++ b/kexoqsecdh.c @@ -599,498 +599,6 @@ int kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(struct kex *kex, OQS_KEM_free(kem); return r; } -/*--------------------------------------------------------------- - * SIDH_P434_ECDH_NISTP256 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p434_ecdh_nistp256_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_ecdh_nistp256_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_ecdh_nistp256_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIDH_P434_COMPRESSED_ECDH_NISTP256 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIDH_P610_ECDH_NISTP384 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p610_ecdh_nistp384_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_ecdh_nistp384_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_ecdh_nistp384_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIDH_P610_COMPRESSED_ECDH_NISTP384 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIDH_P751_ECDH_NISTP521 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p751_ecdh_nistp521_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_ecdh_nistp521_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_ecdh_nistp521_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIDH_P751_COMPRESSED_ECDH_NISTP521 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P434_ECDH_NISTP256 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_ecdh_nistp256_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P434_COMPRESSED_ECDH_NISTP256 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_compressed_ecdh_nistp256_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p434_compressed_ecdh_nistp256_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P610_ECDH_NISTP384 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p610_ecdh_nistp384_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_ecdh_nistp384_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_ecdh_nistp384_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P610_COMPRESSED_ECDH_NISTP384 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_compressed_ecdh_nistp384_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p610_compressed_ecdh_nistp384_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P751_ECDH_NISTP521 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p751_ecdh_nistp521_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_ecdh_nistp521_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_ecdh_nistp521_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} -/*--------------------------------------------------------------- - * SIKE_P751_COMPRESSED_ECDH_NISTP521 METHODS - *--------------------------------------------------------------- - */ -int kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(struct kex *kex) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_keypair(kem, kex); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_compressed_ecdh_nistp521_enc(struct kex *kex, - const struct sshbuf *client_blob, - struct sshbuf **server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} - -int kex_kem_sike_p751_compressed_ecdh_nistp521_dec(struct kex *kex, - const struct sshbuf *server_blobp, - struct sshbuf **shared_secretp) -{ - OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed); - if (kem == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp); - OQS_KEM_free(kem); - return r; -} /*--------------------------------------------------------------- * SABER_LIGHTSABER_ECDH_NISTP256 METHODS *--------------------------------------------------------------- diff --git a/monitor.c b/monitor.c index 973e10fb105d..677766346733 100644 --- a/monitor.c +++ b/monitor.c @@ -1758,18 +1758,6 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server; kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server; @@ -1816,18 +1804,6 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server; diff --git a/myproposal.h b/myproposal.h index 30eb0242a78c..466259995ac8 100644 --- a/myproposal.h +++ b/myproposal.h @@ -51,30 +51,6 @@ "ecdh-nistp384-frodokem-976-shake-sha384," \ "frodokem-1344-shake-sha512," \ "ecdh-nistp521-frodokem-1344-shake-sha512," \ - "sidh-p434-sha256," \ - "ecdh-nistp256-sidh-p434-sha256," \ - "sidh-p434-compressed-sha256," \ - "ecdh-nistp256-sidh-p434-compressed-sha256," \ - "sidh-p610-sha256," \ - "ecdh-nistp384-sidh-p610-sha256," \ - "sidh-p610-compressed-sha256," \ - "ecdh-nistp384-sidh-p610-compressed-sha256," \ - "sidh-p751-sha256," \ - "ecdh-nistp521-sidh-p751-sha256," \ - "sidh-p751-compressed-sha256," \ - "ecdh-nistp521-sidh-p751-compressed-sha256," \ - "sike-p434-sha256," \ - "ecdh-nistp256-sike-p434-sha256," \ - "sike-p434-compressed-sha256," \ - "ecdh-nistp256-sike-p434-compressed-sha256," \ - "sike-p610-sha256," \ - "ecdh-nistp384-sike-p610-sha256," \ - "sike-p610-compressed-sha256," \ - "ecdh-nistp384-sike-p610-compressed-sha256," \ - "sike-p751-sha256," \ - "ecdh-nistp521-sike-p751-sha256," \ - "sike-p751-compressed-sha256," \ - "ecdh-nistp521-sike-p751-compressed-sha256," \ "saber-lightsaber-sha256," \ "ecdh-nistp256-saber-lightsaber-sha256," \ "saber-saber-sha384," \ diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index f03946f534fa..bc6d099945ee 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -48,102 +48,6 @@ kexs: - name: 'nistp521' openssl_nid: 'NID_secp521r1' - - - family: 'SIDH' - name: 'sidh_p434' - hash: 'sha256' - mix_with: - - - name: 'nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'SIDH' - name: 'sidh_p434_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'SIDH' - name: 'sidh_p610' - hash: 'sha256' - mix_with: - - - name: 'nistp384' - openssl_nid: 'NID_secp384r1' - - - family: 'SIDH' - name: 'sidh_p610_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp384' - openssl_nid: 'NID_secp384r1' - - - family: 'SIDH' - name: 'sidh_p751' - hash: 'sha256' - mix_with: - - - name: 'nistp521' - openssl_nid: 'NID_secp521r1' - - - family: 'SIDH' - name: 'sidh_p751_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp521' - openssl_nid: 'NID_secp521r1' - - - family: 'SIKE' - name: 'sike_p434' - hash: 'sha256' - mix_with: - - - name: 'nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'SIKE' - name: 'sike_p434_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'SIKE' - name: 'sike_p610' - hash: 'sha256' - mix_with: - - - name: 'nistp384' - openssl_nid: 'NID_secp384r1' - - - family: 'SIKE' - name: 'sike_p610_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp384' - openssl_nid: 'NID_secp384r1' - - - family: 'SIKE' - name: 'sike_p751' - hash: 'sha256' - mix_with: - - - name: 'nistp521' - openssl_nid: 'NID_secp521r1' - - - family: 'SIKE' - name: 'sike_p751_compressed' - hash: 'sha256' - mix_with: - - - name: 'nistp521' - openssl_nid: 'NID_secp521r1' - family: 'Saber' name: 'saber_lightsaber' @@ -611,39 +515,6 @@ sigs: - name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - - - family: 'Rainbow' - name: 'rainbow_I_classic' - level: 1 - mix_with: - - - name: 'rsa3072' - rsa: true - - - name: 'ecdsa_nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'Rainbow' - name: 'rainbow_I_circumzenithal' - level: 1 - mix_with: - - - name: 'rsa3072' - rsa: true - - - name: 'ecdsa_nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - - - family: 'Rainbow' - name: 'rainbow_I_compressed' - level: 1 - mix_with: - - - name: 'rsa3072' - rsa: true - - - name: 'ecdsa_nistp256' - openssl_nid: 'NID_X9_62_prime256v1' - family: 'Rainbow' name: 'rainbow_III_classic' diff --git a/oqs-test/try_connection.py b/oqs-test/try_connection.py index 08de8c4c0be0..b9109afd510d 100644 --- a/oqs-test/try_connection.py +++ b/oqs-test/try_connection.py @@ -24,30 +24,6 @@ "ecdh-nistp384-frodokem-976-shake-sha384", "frodokem-1344-shake-sha512", "ecdh-nistp521-frodokem-1344-shake-sha512", - "sidh-p434-sha256", - "ecdh-nistp256-sidh-p434-sha256", - "sidh-p434-compressed-sha256", - "ecdh-nistp256-sidh-p434-compressed-sha256", - "sidh-p610-sha256", - "ecdh-nistp384-sidh-p610-sha256", - "sidh-p610-compressed-sha256", - "ecdh-nistp384-sidh-p610-compressed-sha256", - "sidh-p751-sha256", - "ecdh-nistp521-sidh-p751-sha256", - "sidh-p751-compressed-sha256", - "ecdh-nistp521-sidh-p751-compressed-sha256", - "sike-p434-sha256", - "ecdh-nistp256-sike-p434-sha256", - "sike-p434-compressed-sha256", - "ecdh-nistp256-sike-p434-compressed-sha256", - "sike-p610-sha256", - "ecdh-nistp384-sike-p610-sha256", - "sike-p610-compressed-sha256", - "ecdh-nistp384-sike-p610-compressed-sha256", - "sike-p751-sha256", - "ecdh-nistp521-sike-p751-sha256", - "sike-p751-compressed-sha256", - "ecdh-nistp521-sike-p751-compressed-sha256", "saber-lightsaber-sha256", "ecdh-nistp256-saber-lightsaber-sha256", "saber-saber-sha384", diff --git a/ssh-keyscan.c b/ssh-keyscan.c index c9f45d69d54f..5e2b6e7796db 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -422,18 +422,6 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client; @@ -480,18 +468,6 @@ keygrab_ssh2(con *c) c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client; diff --git a/ssh_api.c b/ssh_api.c index 5bd8f9e29aaf..6452a1d8b7d5 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -126,18 +126,6 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server; @@ -184,18 +172,6 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server; @@ -262,18 +238,6 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client; @@ -320,18 +284,6 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client; diff --git a/sshconnect2.c b/sshconnect2.c index 4f38606a7ed5..9e5a2f8faac3 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -293,18 +293,6 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client; @@ -351,18 +339,6 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client; ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client; diff --git a/sshd.c b/sshd.c index b4402745d250..5ae429238662 100644 --- a/sshd.c +++ b/sshd.c @@ -2411,18 +2411,6 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server; kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server; @@ -2469,18 +2457,6 @@ do_ssh2_kex(struct ssh *ssh) kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server; kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server;