forked from openssh/openssh-portable
-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Syncing with new liboqs algorithm list. (#143)
- Loading branch information
Showing
29 changed files
with
206 additions
and
1,160 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -67,7 +67,7 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h | |
| - **ClassicMcEliece**: `classic-mceliece-348864-sha256`, `classic-mceliece-348864f-sha256`, `classic-mceliece-460896-sha512`, `classic-mceliece-460896f-sha512`, `classic-mceliece-6688128-sha512`, `classic-mceliece-6688128f-sha512`, `classic-mceliece-6960119-sha512`, `classic-mceliece-6960119f-sha512`, `classic-mceliece-8192128-sha512`, `classic-mceliece-8192128f-sha512` | ||
| - **FrodoKEM**: `frodokem-640-aes-sha256`, `frodokem-976-aes-sha384`, `frodokem-1344-aes-sha512`, `frodokem-640-shake-sha256`, `frodokem-976-shake-sha384`, `frodokem-1344-shake-sha512` | ||
| - **HQC**: `hqc-128-sha256`, `hqc-192-sha384`, `hqc-256-sha512`† | ||
| - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512`, `kyber-512-90s-sha256`, `kyber-768-90s-sha384`, `kyber-1024-90s-sha512` | ||
| - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512` | ||
| <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END --> | ||
|
|
||
| The following hybrid algorithms are made available: | ||
|
|
@@ -77,7 +77,7 @@ The following hybrid algorithms are made available: | |
| - **ClassicMcEliece**: `ecdh-nistp256-classic-mceliece-348864r3-sha256@openquantumsafe.org` `ecdh-nistp256-classic-mceliece-348864fr3-sha256@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896r3-sha512@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896fr3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128r3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128fr3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119r3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119fr3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128r3-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128fr3-sha512@openquantumsafe.org` | ||
| - **FrodoKEM**: `[email protected]` `[email protected]` `[email protected]` `[email protected]` `[email protected]` `[email protected]` | ||
| - **HQC**: `[email protected]` `[email protected]` `[email protected]` | ||
| - **Kyber**: `[email protected]` `[email protected]` `[email protected]` `[email protected]` `[email protected]` `[email protected]` | ||
| - **Kyber**: `[email protected]` `[email protected]` `[email protected]` | ||
| <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_HYBRID_KEXS_END --> | ||
|
|
||
| Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. For example, McEliece require building `oqs-openssh` with a large(r) stack provision than is default: Adding `LDFLAGS="-Wl,--stack,20000000"` to [the `./configure` command below](#step-2-build-the-fork) is required to allow cygwin-based testing to pass. | ||
|
|
@@ -87,9 +87,9 @@ Note that algorithms marked with a dagger (†) have large stack usage and may c | |
| The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only select L3 signature variants are enabled by default. In general, algorithms that are enabled by default are marked with an asterisk, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation). | ||
|
|
||
| <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_START --> | ||
| - **Dilithium**: `dilithium2`\*, `dilithium3`\*, `dilithium5`\*, `dilithium2aes`, `dilithium3aes`, `dilithium5aes` | ||
| - **Dilithium**: `dilithium2`\*, `dilithium3`\*, `dilithium5`\* | ||
| - **Falcon**: `falcon512`\*, `falcon1024`\* | ||
| - **SPHINCS**: `sphincsharaka128frobust`, `sphincsharaka128fsimple`\*, `sphincsharaka128srobust`, `sphincsharaka128ssimple`, `sphincssha256128frobust`, `sphincssha256128srobust`, `sphincssha256128fsimple`\*, `sphincssha256128ssimple`, `sphincsshake256128frobust`, `sphincsshake256128srobust`, `sphincsshake256128fsimple`, `sphincsshake256128ssimple`, `sphincsharaka192frobust`, `sphincsharaka192srobust`, `sphincsharaka192fsimple`, `sphincsharaka192ssimple`, `sphincssha256192frobust`, `sphincssha256192srobust`\*, `sphincssha256192fsimple`, `sphincssha256192ssimple`, `sphincsshake256192frobust`, `sphincsshake256192srobust`, `sphincsshake256192fsimple`, `sphincsshake256192ssimple`, `sphincsharaka256frobust`, `sphincsharaka256srobust`, `sphincsharaka256fsimple`, `sphincsharaka256ssimple`, `sphincssha256256frobust`, `sphincssha256256srobust`, `sphincssha256256fsimple`\*, `sphincssha256256ssimple`, `sphincsshake256256frobust`, `sphincsshake256256srobust`, `sphincsshake256256fsimple`, `sphincsshake256256ssimple` | ||
| - **SPHINCS**: `sphincssha2128fsimple`\*, `sphincssha2128ssimple`, `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincssha2256fsimple`\*, `sphincssha2256ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple` | ||
| <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END --> | ||
|
|
||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -73,9 +73,6 @@ | |
| #define KEX_KYBER_512_SHA256 "kyber-512-sha256" | ||
| #define KEX_KYBER_768_SHA384 "kyber-768-sha384" | ||
| #define KEX_KYBER_1024_SHA512 "kyber-1024-sha512" | ||
| #define KEX_KYBER_512_90S_SHA256 "kyber-512-90s-sha256" | ||
| #define KEX_KYBER_768_90S_SHA384 "kyber-768-90s-sha384" | ||
| #define KEX_KYBER_1024_90S_SHA512 "kyber-1024-90s-sha512" | ||
| #define KEX_BIKE_L1_SHA512 "bike-l1-sha512" | ||
| #define KEX_BIKE_L3_SHA512 "bike-l3-sha512" | ||
| #define KEX_CLASSIC_MCELIECE_348864_SHA256 "classic-mceliece-348864-sha256" | ||
|
|
@@ -102,9 +99,6 @@ | |
| #define KEX_KYBER_512_ECDH_NISTP256_SHA256 "[email protected]" | ||
| #define KEX_KYBER_768_ECDH_NISTP384_SHA384 "[email protected]" | ||
| #define KEX_KYBER_1024_ECDH_NISTP521_SHA512 "[email protected]" | ||
| #define KEX_KYBER_512_90S_ECDH_NISTP256_SHA256 "[email protected]" | ||
| #define KEX_KYBER_768_90S_ECDH_NISTP384_SHA384 "[email protected]" | ||
| #define KEX_KYBER_1024_90S_ECDH_NISTP521_SHA512 "[email protected]" | ||
| #define KEX_BIKE_L1_ECDH_NISTP256_SHA512 "[email protected]" | ||
| #define KEX_BIKE_L3_ECDH_NISTP384_SHA512 "[email protected]" | ||
| #define KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256 "ecdh-nistp256-classic-mceliece-348864r3-sha256@openquantumsafe.org" | ||
|
|
@@ -173,9 +167,6 @@ enum kex_exchange { | |
| KEX_KEM_KYBER_512_SHA256, | ||
| KEX_KEM_KYBER_768_SHA384, | ||
| KEX_KEM_KYBER_1024_SHA512, | ||
| KEX_KEM_KYBER_512_90S_SHA256, | ||
| KEX_KEM_KYBER_768_90S_SHA384, | ||
| KEX_KEM_KYBER_1024_90S_SHA512, | ||
| KEX_KEM_BIKE_L1_SHA512, | ||
| KEX_KEM_BIKE_L3_SHA512, | ||
| KEX_KEM_CLASSIC_MCELIECE_348864_SHA256, | ||
|
|
@@ -202,9 +193,6 @@ enum kex_exchange { | |
| KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256, | ||
| KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384, | ||
| KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512, | ||
| KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256, | ||
| KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384, | ||
| KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512, | ||
| KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512, | ||
| KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512, | ||
| KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, | ||
|
|
@@ -391,18 +379,6 @@ int kex_kem_kyber_768_dec(struct kex *, const struct sshbuf *, struct sshbuf ** | |
| int kex_kem_kyber_1024_keypair(struct kex *); | ||
| int kex_kem_kyber_1024_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_1024_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_512_90s prototypes */ | ||
| int kex_kem_kyber_512_90s_keypair(struct kex *); | ||
| int kex_kem_kyber_512_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_512_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_768_90s prototypes */ | ||
| int kex_kem_kyber_768_90s_keypair(struct kex *); | ||
| int kex_kem_kyber_768_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_768_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_1024_90s prototypes */ | ||
| int kex_kem_kyber_1024_90s_keypair(struct kex *); | ||
| int kex_kem_kyber_1024_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_1024_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* bike_l1 prototypes */ | ||
| int kex_kem_bike_l1_keypair(struct kex *); | ||
| int kex_kem_bike_l1_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
|
|
@@ -501,18 +477,6 @@ int kex_kem_kyber_768_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, st | |
| int kex_kem_kyber_1024_ecdh_nistp521_keypair(struct kex *); | ||
| int kex_kem_kyber_1024_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_1024_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_512_90s_nistp256 prototypes */ | ||
| int kex_kem_kyber_512_90s_ecdh_nistp256_keypair(struct kex *); | ||
| int kex_kem_kyber_512_90s_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_512_90s_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_768_90s_nistp384 prototypes */ | ||
| int kex_kem_kyber_768_90s_ecdh_nistp384_keypair(struct kex *); | ||
| int kex_kem_kyber_768_90s_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_768_90s_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* kyber_1024_90s_nistp521 prototypes */ | ||
| int kex_kem_kyber_1024_90s_ecdh_nistp521_keypair(struct kex *); | ||
| int kex_kem_kyber_1024_90s_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
| int kex_kem_kyber_1024_90s_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
| /* bike_l1_nistp256 prototypes */ | ||
| int kex_kem_bike_l1_ecdh_nistp256_keypair(struct kex *); | ||
| int kex_kem_bike_l1_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.