Skip to content

Commit

Permalink
Add composite signatures to sigalg list & add code points. (#386)
Browse files Browse the repository at this point in the history 
Adds templates to generate oqs_sigalg_list entries and code points for composite signatures.

Fixes #381.

Signed-off-by: Basil Hess <[email protected]>
  • Loading branch information
@bhess
bhess authored Apr 7, 2024
1 parent 8183adb commit 50b8ed5
Show file tree
Hide file tree
Showing 5 changed files with 171 additions and 76 deletions.
41 changes: 27 additions & 14 deletions oqs-template/generate.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -399,7 +399,7 @@ kem_nid_end: '0x0250'
kem_nid_hybrid_end: '0x2FFF'
# need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values

# Next free signature ID: 0xfee1
# Next free signature ID: 0xfeee
sigs:
# -
# iso (1)
Expand Down Expand Up @@ -569,23 +569,28 @@ sigs:
composite: [{'name': 'pss2048',
'pretty_name': 'RSA PSS 2048',
'security': '112',
'oid': '2.16.840.1.114027.80.8.1.1'},
'oid': '2.16.840.1.114027.80.8.1.1',
'code_point': '0xfee1'},
{'name': 'rsa2048',
'pretty_name': 'RSA2028',
'security': '112',
'oid': '2.16.840.1.114027.80.8.1.2'},
'oid': '2.16.840.1.114027.80.8.1.2',
'code_point': '0xfee2'},
{'name': 'ed25519',
'pretty_name': 'ED25519',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.3'},
'oid': '2.16.840.1.114027.80.8.1.3',
'code_point': '0xfee3'},
{'name': 'p256',
'pretty_name': 'ECDSA p256',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.4'},
'oid': '2.16.840.1.114027.80.8.1.4',
'code_point': '0xfee4'},
{'name': 'bp256',
'pretty_name': 'ECDSA brainpoolP256r1',
'security': '256',
'oid': '2.16.840.1.114027.80.8.1.5'}]
'oid': '2.16.840.1.114027.80.8.1.5',
'code_point': '0xfee5'}]
-
name: 'mldsa65'
pretty_name: 'ML-DSA-65'
Expand All @@ -600,23 +605,28 @@ sigs:
composite: [{'name': 'pss3072',
'pretty_name': 'RSA PSS 3072',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.6'},
'oid': '2.16.840.1.114027.80.8.1.6',
'code_point': '0xfee6'},
{'name': 'rsa3072',
'pretty_name': 'RSA 3072',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.7'},
'oid': '2.16.840.1.114027.80.8.1.7',
'code_point': '0xfee7'},
{'name': 'p256',
'pretty_name': 'ECDSA p256',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.8'},
'oid': '2.16.840.1.114027.80.8.1.8',
'code_point': '0xfee8'},
{'name': 'bp256',
'pretty_name': 'ECDSA brainpoolP256r1',
'security': '256',
'oid': '2.16.840.1.114027.80.8.1.9'},
'oid': '2.16.840.1.114027.80.8.1.9',
'code_point': '0xfee9'},
{'name': 'ed25519',
'pretty_name': 'ED25519',
'security': '128',
'oid': '2.16.840.1.114027.80.8.1.10'}]
'oid': '2.16.840.1.114027.80.8.1.10',
'code_point': '0xfeea'}]
-
name: 'mldsa87'
pretty_name: 'ML-DSA-87'
Expand All @@ -631,15 +641,18 @@ sigs:
composite: [{'name': 'p384',
'pretty_name': 'ECDSA p384',
'security': '192',
'oid': '2.16.840.1.114027.80.8.1.11'},
'oid': '2.16.840.1.114027.80.8.1.11',
'code_point': '0xfeeb'},
{'name': 'bp384',
'pretty_name': 'ECDSA brainpoolP384r1',
'security': '384',
'oid': '2.16.840.1.114027.80.8.1.12'},
'oid': '2.16.840.1.114027.80.8.1.12',
'code_point': '0xfeec'},
{'name': 'ed448',
'pretty_name': 'ED448',
'security': '192',
'oid': '2.16.840.1.114027.80.8.1.13'}]
'oid': '2.16.840.1.114027.80.8.1.13',
'code_point': '0xfeed'}]
-
# iso (1)
# identified-organization (3)
Expand Down
4 changes: 4 additions & 0 deletions oqs-template/oqsprov/oqsprov_capabilities.c/codepoint_patching.fragment
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@
{%- set cnt.val = cnt.val + 1 %}
if (getenv("OQS_CODEPOINT_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}")) oqs_sigalg_list[{{ cnt.val }}].code_point = atoi(getenv("OQS_CODEPOINT_{{ classical_alg['name']|upper }}_{{variant['name']|upper}}"));
{%- endfor %}
{%- for classical_alg in variant['composite'] %}
{%- set cnt.val = cnt.val + 1 %}
if (getenv("OQS_CODEPOINT_{{variant['name']|upper}}_{{ classical_alg['name']|upper }}")) oqs_sigalg_list[{{ cnt.val }}].code_point = atoi(getenv("OQS_CODEPOINT_{{variant['name']|upper}}_{{ classical_alg['name']|upper }}"));
{%- endfor %}
{%- endfor %}
{%- endfor %}

3 changes: 3 additions & 0 deletions oqs-template/oqsprov/oqsprov_capabilities.c/sigalg_assignments.fragment
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
{%- for variant in sig['variants'] %}
{ {{ variant['code_point'] }}, {{variant['security']}}, TLS1_3_VERSION, 0 },
{%- for classical_alg in variant['mix_with'] %}
{ {{ classical_alg['code_point'] }}, {{ variant['security'] }}, TLS1_3_VERSION, 0 },
{%- endfor %}
{%- for classical_alg in variant['composite'] %}
{ {{ classical_alg['code_point'] }}, {{ variant['security'] }}, TLS1_3_VERSION, 0 },
{%- endfor %}
{%- endfor %}
Expand Down
4 changes: 4 additions & 0 deletions oqs-template/oqsprov/oqsprov_capabilities.c/sigalg_names.fragment
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@
{%- set cnt.val = cnt.val + 1 %}
OQS_SIGALG_ENTRY({{ classical_alg['name'] }}_{{variant['name']}}, {{ classical_alg['name'] }}_{{variant['name']}}, {{ classical_alg['name'] }}_{{variant['name']}}, "{{ classical_alg['oid'] }}", {{ cnt.val }}),
{%- endfor %}
{%- for classical_alg in variant['composite'] %}
{%- set cnt.val = cnt.val + 1 %}
OQS_SIGALG_ENTRY({{variant['name']}}_{{ classical_alg['name'] }}, {{variant['name']}}_{{ classical_alg['name'] }}, {{variant['name']}}_{{ classical_alg['name'] }}, "{{ classical_alg['oid'] }}", {{ cnt.val }}),
{%- endfor %}
#endif
{%- endfor %}
{%- endfor %}
Expand Down
Loading

0 comments on commit 50b8ed5

Please sign in to comment.