diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7a6f95f4..7aaeaf2d 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -70,7 +70,14 @@ jobs: working-directory: _build # Try brew install of head: If error message below appears, build and test passed successfully - name: brew install test - run: brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" + # try this only if brew'd liboqs knows about ML-KEM: + run: | + bash -c 'brew install liboqs && FIND_MLKEM=`brew info liboqs | grep files | awk "{print $1}"` + if [[ `echo $FIND_MLKEM | grep ML_KEM` ]]; then + brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation" + else + echo "ML-KEM not present in liboqs. Skipping test." + fi' working-directory: scripts - name: Retain oqsprovider.dylib uses: actions/upload-artifact@v3 diff --git a/.github/workflows/standalone.yml b/.github/workflows/standalone.yml index 6e27e626..39b01457 100644 --- a/.github/workflows/standalone.yml +++ b/.github/workflows/standalone.yml @@ -8,7 +8,7 @@ on: jobs: - macos_intel: + standalone_macos_intel: runs-on: macos-13 strategy: fail-fast: false @@ -17,12 +17,17 @@ jobs: run: brew install liboqs - name: Checkout oqsprovider code uses: actions/checkout@v2 - - name: Build oqsprovider - run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build - - name: Test oqsprovider - run: ctest --parallel 5 --test-dir _build + - name: Build and test oqsprovider + # try this only if brew'd liboqs knows about ML-KEM: + run: | + bash -c 'FIND_MLKEM=`brew info liboqs | grep files | awk "{print $1}"` + if [[ `echo $FIND_MLKEM | grep ML_KEM` ]]; then + cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build && ctest --parallel 5 --test-dir _build + else + echo "ML-KEM not present in liboqs. Skipping test." + fi' - linux_intel: + standalone_linux_intel: runs-on: ubuntu-latest strategy: fail-fast: false diff --git a/ALGORITHMS.md b/ALGORITHMS.md index 149568cb..6413425e 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -188,58 +188,58 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li |Algorithm name | default OID | environment variable | |---------------|:-----------------:|----------------------| -| frodo640aes | 1.3.9999.99.58 | OQS_OID_FRODO640AES -| p256_frodo640aes | 1.3.9999.99.57 | OQS_OID_P256_FRODO640AES -| x25519_frodo640aes | 1.3.9999.99.43 | OQS_OID_X25519_FRODO640AES -| frodo640shake | 1.3.9999.99.60 | OQS_OID_FRODO640SHAKE -| p256_frodo640shake | 1.3.9999.99.59 | OQS_OID_P256_FRODO640SHAKE -| x25519_frodo640shake | 1.3.9999.99.44 | OQS_OID_X25519_FRODO640SHAKE -| frodo976aes | 1.3.9999.99.62 | OQS_OID_FRODO976AES -| p384_frodo976aes | 1.3.9999.99.61 | OQS_OID_P384_FRODO976AES -| x448_frodo976aes | 1.3.9999.99.45 | OQS_OID_X448_FRODO976AES -| frodo976shake | 1.3.9999.99.64 | OQS_OID_FRODO976SHAKE -| p384_frodo976shake | 1.3.9999.99.63 | OQS_OID_P384_FRODO976SHAKE -| x448_frodo976shake | 1.3.9999.99.46 | OQS_OID_X448_FRODO976SHAKE -| frodo1344aes | 1.3.9999.99.66 | OQS_OID_FRODO1344AES -| p521_frodo1344aes | 1.3.9999.99.65 | OQS_OID_P521_FRODO1344AES -| frodo1344shake | 1.3.9999.99.68 | OQS_OID_FRODO1344SHAKE -| p521_frodo1344shake | 1.3.9999.99.67 | OQS_OID_P521_FRODO1344SHAKE -| kyber512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_KYBER512 -| p256_kyber512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_KYBER512 -| x25519_kyber512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_KYBER512 -| kyber768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_KYBER768 -| p384_kyber768 | 1.3.9999.99.69 | OQS_OID_P384_KYBER768 -| x448_kyber768 | 1.3.9999.99.47 | OQS_OID_X448_KYBER768 -| x25519_kyber768 | 1.3.9999.99.48 | OQS_OID_X25519_KYBER768 -| p256_kyber768 | 1.3.9999.99.49 | OQS_OID_P256_KYBER768 -| kyber1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_KYBER1024 -| p521_kyber1024 | 1.3.9999.99.70 | OQS_OID_P521_KYBER1024 +| frodo640aes | 1.3.9999.99.64 | OQS_OID_FRODO640AES +| p256_frodo640aes | 1.3.9999.99.63 | OQS_OID_P256_FRODO640AES +| x25519_frodo640aes | 1.3.9999.99.48 | OQS_OID_X25519_FRODO640AES +| frodo640shake | 1.3.9999.99.66 | OQS_OID_FRODO640SHAKE +| p256_frodo640shake | 1.3.9999.99.65 | OQS_OID_P256_FRODO640SHAKE +| x25519_frodo640shake | 1.3.9999.99.49 | OQS_OID_X25519_FRODO640SHAKE +| frodo976aes | 1.3.9999.99.68 | OQS_OID_FRODO976AES +| p384_frodo976aes | 1.3.9999.99.67 | OQS_OID_P384_FRODO976AES +| x448_frodo976aes | 1.3.9999.99.50 | OQS_OID_X448_FRODO976AES +| frodo976shake | 1.3.9999.99.70 | OQS_OID_FRODO976SHAKE +| p384_frodo976shake | 1.3.9999.99.69 | OQS_OID_P384_FRODO976SHAKE +| x448_frodo976shake | 1.3.9999.99.51 | OQS_OID_X448_FRODO976SHAKE +| frodo1344aes | 1.3.9999.99.72 | OQS_OID_FRODO1344AES +| p521_frodo1344aes | 1.3.9999.99.71 | OQS_OID_P521_FRODO1344AES +| frodo1344shake | 1.3.9999.99.74 | OQS_OID_FRODO1344SHAKE +| p521_frodo1344shake | 1.3.9999.99.73 | OQS_OID_P521_FRODO1344SHAKE +| kyber512 | 1.3.9999.99.76 | OQS_OID_KYBER512 +| p256_kyber512 | 1.3.9999.99.75 | OQS_OID_P256_KYBER512 +| x25519_kyber512 | 1.3.9999.99.52 | OQS_OID_X25519_KYBER512 +| kyber768 | 1.3.9999.99.78 | OQS_OID_KYBER768 +| p384_kyber768 | 1.3.9999.99.77 | OQS_OID_P384_KYBER768 +| x448_kyber768 | 1.3.9999.99.53 | OQS_OID_X448_KYBER768 +| x25519_kyber768 | 1.3.9999.99.54 | OQS_OID_X25519_KYBER768 +| p256_kyber768 | 1.3.9999.99.55 | OQS_OID_P256_KYBER768 +| kyber1024 | 1.3.9999.99.80 | OQS_OID_KYBER1024 +| p521_kyber1024 | 1.3.9999.99.79 | OQS_OID_P521_KYBER1024 | mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512 | p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512 | x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512 | mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768 -| p384_mlkem768 | 1.3.9999.99.71 | OQS_OID_P384_MLKEM768 -| x448_mlkem768 | 1.3.9999.99.50 | OQS_OID_X448_MLKEM768 -| x25519_mlkem768 | 1.3.9999.99.51 | OQS_OID_X25519_MLKEM768 -| p256_mlkem768 | 1.3.9999.99.52 | OQS_OID_P256_MLKEM768 +| p384_mlkem768 | 1.3.9999.99.81 | OQS_OID_P384_MLKEM768 +| x448_mlkem768 | 1.3.9999.99.56 | OQS_OID_X448_MLKEM768 +| x25519_mlkem768 | 1.3.9999.99.57 | OQS_OID_X25519_MLKEM768 +| p256_mlkem768 | 1.3.9999.99.58 | OQS_OID_P256_MLKEM768 | mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024 -| p521_mlkem1024 | 1.3.9999.99.72 | OQS_OID_P521_MLKEM1024 -| bikel1 | 1.3.9999.99.74 | OQS_OID_BIKEL1 -| p256_bikel1 | 1.3.9999.99.73 | OQS_OID_P256_BIKEL1 -| x25519_bikel1 | 1.3.9999.99.53 | OQS_OID_X25519_BIKEL1 -| bikel3 | 1.3.9999.99.76 | OQS_OID_BIKEL3 -| p384_bikel3 | 1.3.9999.99.75 | OQS_OID_P384_BIKEL3 -| x448_bikel3 | 1.3.9999.99.54 | OQS_OID_X448_BIKEL3 -| bikel5 | 1.3.9999.99.78 | OQS_OID_BIKEL5 -| p521_bikel5 | 1.3.9999.99.77 | OQS_OID_P521_BIKEL5 -| hqc128 | 1.3.9999.99.80 | OQS_OID_HQC128 -| p256_hqc128 | 1.3.9999.99.79 | OQS_OID_P256_HQC128 -| x25519_hqc128 | 1.3.9999.99.55 | OQS_OID_X25519_HQC128 -| hqc192 | 1.3.9999.99.82 | OQS_OID_HQC192 -| p384_hqc192 | 1.3.9999.99.81 | OQS_OID_P384_HQC192 -| x448_hqc192 | 1.3.9999.99.56 | OQS_OID_X448_HQC192 -| hqc256 | 1.3.9999.99.84 | OQS_OID_HQC256 -| p521_hqc256 | 1.3.9999.99.83 | OQS_OID_P521_HQC256 +| p521_mlkem1024 | 1.3.9999.99.82 | OQS_OID_P521_MLKEM1024 +| bikel1 | 1.3.9999.99.84 | OQS_OID_BIKEL1 +| p256_bikel1 | 1.3.9999.99.83 | OQS_OID_P256_BIKEL1 +| x25519_bikel1 | 1.3.9999.99.59 | OQS_OID_X25519_BIKEL1 +| bikel3 | 1.3.9999.99.86 | OQS_OID_BIKEL3 +| p384_bikel3 | 1.3.9999.99.85 | OQS_OID_P384_BIKEL3 +| x448_bikel3 | 1.3.9999.99.60 | OQS_OID_X448_BIKEL3 +| bikel5 | 1.3.9999.99.88 | OQS_OID_BIKEL5 +| p521_bikel5 | 1.3.9999.99.87 | OQS_OID_P521_BIKEL5 +| hqc128 | 1.3.9999.99.90 | OQS_OID_HQC128 +| p256_hqc128 | 1.3.9999.99.89 | OQS_OID_P256_HQC128 +| x25519_hqc128 | 1.3.9999.99.61 | OQS_OID_X25519_HQC128 +| hqc192 | 1.3.9999.99.92 | OQS_OID_HQC192 +| p384_hqc192 | 1.3.9999.99.91 | OQS_OID_P384_HQC192 +| x448_hqc192 | 1.3.9999.99.62 | OQS_OID_X448_HQC192 +| hqc256 | 1.3.9999.99.94 | OQS_OID_HQC256 +| p521_hqc256 | 1.3.9999.99.93 | OQS_OID_P521_HQC256 # Key Encodings diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 7069c82b..8ef717b5 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -85,14 +85,11 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber512' nid: '0x023A' - oid: '1.3.6.1.4.1.22554.5.6.1' nid_hybrid: '0x2F3A' - hybrid_oid: '1.3.6.1.4.1.22554.5.7.1' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: current: - hybrid_group: "x25519" - hybrid_oid: '1.3.6.1.4.1.22554.5.8.1' nid: '0x2F39' old: - implementation_version: NIST Round 2 submission @@ -110,7 +107,6 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber768' nid: '0x023C' - oid: '1.3.6.1.4.1.22554.5.6.2' nid_hybrid: '0x2F3C' extra_nids: current: @@ -133,7 +129,6 @@ kems: family: 'CRYSTALS-Kyber' name_group: 'kyber1024' nid: '0x023D' - oid: '1.3.6.1.4.1.22554.5.6.3' nid_hybrid: '0x2F3D' extra_nids: old: diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 9a6a2408..a29ac41f 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -57,57 +57,57 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { #ifdef OQS_KEM_ENCODERS - "1.3.9999.99.16", + "1.3.9999.99.17", "frodo640aes", - "1.3.9999.99.15", + "1.3.9999.99.16", "p256_frodo640aes", "1.3.9999.99.1", "x25519_frodo640aes", - "1.3.9999.99.18", + "1.3.9999.99.19", "frodo640shake", - "1.3.9999.99.17", + "1.3.9999.99.18", "p256_frodo640shake", "1.3.9999.99.2", "x25519_frodo640shake", - "1.3.9999.99.20", + "1.3.9999.99.21", "frodo976aes", - "1.3.9999.99.19", + "1.3.9999.99.20", "p384_frodo976aes", "1.3.9999.99.3", "x448_frodo976aes", - "1.3.9999.99.22", + "1.3.9999.99.23", "frodo976shake", - "1.3.9999.99.21", + "1.3.9999.99.22", "p384_frodo976shake", "1.3.9999.99.4", "x448_frodo976shake", - "1.3.9999.99.24", + "1.3.9999.99.25", "frodo1344aes", - "1.3.9999.99.23", + "1.3.9999.99.24", "p521_frodo1344aes", - "1.3.9999.99.26", + "1.3.9999.99.27", "frodo1344shake", - "1.3.9999.99.25", + "1.3.9999.99.26", "p521_frodo1344shake", - "1.3.6.1.4.1.22554.5.6.1", + "1.3.9999.99.29", "kyber512", - "1.3.6.1.4.1.22554.5.7.1", + "1.3.9999.99.28", "p256_kyber512", - "1.3.6.1.4.1.22554.5.8.1", + "1.3.9999.99.5", "x25519_kyber512", - "1.3.6.1.4.1.22554.5.6.2", + "1.3.9999.99.31", "kyber768", - "1.3.9999.99.27", + "1.3.9999.99.30", "p384_kyber768", - "1.3.9999.99.5", - "x448_kyber768", "1.3.9999.99.6", - "x25519_kyber768", + "x448_kyber768", "1.3.9999.99.7", + "x25519_kyber768", + "1.3.9999.99.8", "p256_kyber768", - "1.3.6.1.4.1.22554.5.6.3", + "1.3.9999.99.33", "kyber1024", - "1.3.9999.99.28", + "1.3.9999.99.32", "p521_kyber1024", "1.3.6.1.4.1.22554.5.6.1", "mlkem512", @@ -117,49 +117,49 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "x25519_mlkem512", "1.3.6.1.4.1.22554.5.6.2", "mlkem768", - "1.3.9999.99.29", + "1.3.9999.99.34", "p384_mlkem768", - "1.3.9999.99.8", - "x448_mlkem768", "1.3.9999.99.9", - "x25519_mlkem768", + "x448_mlkem768", "1.3.9999.99.10", + "x25519_mlkem768", + "1.3.9999.99.11", "p256_mlkem768", "1.3.6.1.4.1.22554.5.6.3", "mlkem1024", - "1.3.9999.99.30", + "1.3.9999.99.35", "p521_mlkem1024", - "1.3.9999.99.32", + "1.3.9999.99.37", "bikel1", - "1.3.9999.99.31", + "1.3.9999.99.36", "p256_bikel1", - "1.3.9999.99.11", + "1.3.9999.99.12", "x25519_bikel1", - "1.3.9999.99.34", + "1.3.9999.99.39", "bikel3", - "1.3.9999.99.33", + "1.3.9999.99.38", "p384_bikel3", - "1.3.9999.99.12", + "1.3.9999.99.13", "x448_bikel3", - "1.3.9999.99.36", + "1.3.9999.99.41", "bikel5", - "1.3.9999.99.35", + "1.3.9999.99.40", "p521_bikel5", - "1.3.9999.99.38", + "1.3.9999.99.43", "hqc128", - "1.3.9999.99.37", + "1.3.9999.99.42", "p256_hqc128", - "1.3.9999.99.13", + "1.3.9999.99.14", "x25519_hqc128", - "1.3.9999.99.40", + "1.3.9999.99.45", "hqc192", - "1.3.9999.99.39", + "1.3.9999.99.44", "p384_hqc192", - "1.3.9999.99.14", + "1.3.9999.99.15", "x448_hqc192", - "1.3.9999.99.42", + "1.3.9999.99.47", "hqc256", - "1.3.9999.99.41", + "1.3.9999.99.46", "p521_hqc256", #endif /* OQS_KEM_ENCODERS */