Add MAYO

Signed-off-by: Basil Hess <[email protected]>
open-quantum-safe · May 14, 2024 · cf69ef1 · cf69ef1
1 parent 6ae3eca
commit cf69ef1
Show file tree

Hide file tree

Showing 15 changed files with 492 additions and 9 deletions.
diff --git a/ALGORITHMS.md b/ALGORITHMS.md
@@ -117,6 +117,12 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p521_sphincsshake256fsimple | 0xfecd |No| OQS_CODEPOINT_P521_SPHINCSSHAKE256FSIMPLE
 | sphincsshake256ssimple | 0xfece |No| OQS_CODEPOINT_SPHINCSSHAKE256SSIMPLE
 | p521_sphincsshake256ssimple | 0xfecf |No| OQS_CODEPOINT_P521_SPHINCSSHAKE256SSIMPLE
+| mayo_1 | 0xfeee |Yes| OQS_CODEPOINT_MAYO_1
+| p256_mayo_1 | 0xfef1 |Yes| OQS_CODEPOINT_P256_MAYO_1
+| mayo_2 | 0xfeef |Yes| OQS_CODEPOINT_MAYO_2
+| p256_mayo_2 | 0xfef2 |Yes| OQS_CODEPOINT_P256_MAYO_2
+| mayo_3 | 0xfef0 |Yes| OQS_CODEPOINT_MAYO_3
+| p384_mayo_3 | 0xfef3 |Yes| OQS_CODEPOINT_P384_MAYO_3
 <!--- OQS_TEMPLATE_FRAGMENT_IDS_END -->
 
 Changing code points
@@ -207,6 +213,12 @@ adapting the OIDs of all supported signature algorithms as per the table below.
 | p521_sphincsshake256fsimple | 1.3.9999.6.9.11 |No| OQS_OID_P521_SPHINCSSHAKE256FSIMPLE
 | sphincsshake256ssimple | 1.3.9999.6.9.12 |No| OQS_OID_SPHINCSSHAKE256SSIMPLE
 | p521_sphincsshake256ssimple | 1.3.9999.6.9.13 |No| OQS_OID_P521_SPHINCSSHAKE256SSIMPLE
+| mayo_1 | 1.3.9999.8.1.1 |Yes| OQS_OID_MAYO_1
+| p256_mayo_1 | 1.3.9999.8.1.2 |Yes| OQS_OID_P256_MAYO_1
+| mayo_2 | 1.3.9999.8.2.1 |Yes| OQS_OID_MAYO_2
+| p256_mayo_2 | 1.3.9999.8.2.2 |Yes| OQS_OID_P256_MAYO_2
+| mayo_3 | 1.3.9999.8.3.1 |Yes| OQS_OID_MAYO_3
+| p384_mayo_3 | 1.3.9999.8.3.2 |Yes| OQS_OID_P384_MAYO_3
 
 If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following list is also available:
 

diff --git a/README.md b/README.md
@@ -51,6 +51,7 @@ This implementation makes available the following quantum safe algorithms:
 
 - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
 - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`
+- **MAYO**:`mayo_1`\*, `p256_mayo_1`\*, `mayo_2`\*, `p256_mayo_2`\*, `mayo_3`\*, `p384_mayo_3`\*
 
 <!--- OQS_TEMPLATE_FRAGMENT_ALGS_END -->
 

diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
@@ -399,7 +399,7 @@ kem_nid_end: '0x0250'
 kem_nid_hybrid_end: '0x2FFF'
 # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values
 
-# Next free signature ID: 0xfeee
+# Next free signature ID: 0xfef4
 sigs:
   # -
     # iso (1)
@@ -1469,5 +1469,39 @@ sigs:
                           'pretty_name': 'ECDSA p521',
                           'oid': '1.3.9999.6.9.8',
                           'code_point': '0xfe95'}]
-
-
+  -
+    family: 'MAYO'
+    variants:
+      -
+        name: 'mayo_1'
+        pretty_name: 'MAYO_1'
+        oqs_meth: 'OQS_SIG_alg_mayo_1'
+        oid: '1.3.9999.8.1.1'
+        code_point: '0xfeee'
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.8.1.2',
+                    'code_point': '0xfef1'}]
+      -
+        name: 'mayo_2'
+        pretty_name: 'MAYO_2'
+        oqs_meth: 'OQS_SIG_alg_mayo_2'
+        oid: '1.3.9999.8.2.1'
+        code_point: '0xfeef'
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.8.2.2',
+                    'code_point': '0xfef2'}]
+      -
+        name: 'mayo_3'
+        pretty_name: 'MAYO_3'
+        oqs_meth: 'OQS_SIG_alg_mayo_3'
+        oid: '1.3.9999.8.3.1'
+        code_point: '0xfef0'
+        enable: true
+        mix_with: [{'name': 'p384',
+                    'pretty_name': 'ECDSA p384',
+                    'oid': '1.3.9999.8.3.2',
+                    'code_point': '0xfef3'}]
diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md
@@ -34,6 +34,12 @@
 | falcon1024 **hybrid with** p521                   | NIST Round 3 submission                       | 3            |                    5 | 0xfe0f       | 1.3.9999.3.5             |
 | falconpadded1024                                  | 20211101                                      | 3            |                    5 | 0xfedf       | 1.3.9999.3.19            |
 | falconpadded1024 **hybrid with** p521             | 20211101                                      | 3            |                    5 | 0xfee0       | 1.3.9999.3.20            |
+| mayo_1                                            | https://eprint.iacr.org/2023/1683             | 1            |                    1 | 0xfeee       | 1.3.9999.8.1.1           |
+| mayo_1 **hybrid with** p256                       | https://eprint.iacr.org/2023/1683             | 1            |                    1 | 0xfef1       | 1.3.9999.8.1.2           |
+| mayo_2                                            | https://eprint.iacr.org/2023/1683             | 1            |                    1 | 0xfeef       | 1.3.9999.8.2.1           |
+| mayo_2 **hybrid with** p256                       | https://eprint.iacr.org/2023/1683             | 1            |                    1 | 0xfef2       | 1.3.9999.8.2.2           |
+| mayo_3                                            | https://eprint.iacr.org/2023/1683             | 1            |                    3 | 0xfef0       | 1.3.9999.8.3.1           |
+| mayo_3 **hybrid with** p384                       | https://eprint.iacr.org/2023/1683             | 1            |                    3 | 0xfef3       | 1.3.9999.8.3.2           |
 | mldsa44                                           | ML-DSA-ipd                                    | ipd          |                    1 | 0xfed0       | 1.3.6.1.4.1.2.267.12.4.4 |
 | mldsa44 **hybrid with** p256                      | ML-DSA-ipd                                    | ipd          |                    1 | 0xfed3       | 1.3.9999.7.1             |
 | mldsa44 **hybrid with** rsa3072                   | ML-DSA-ipd                                    | ipd          |                    1 | 0xfed4       | 1.3.9999.7.2             |

diff --git a/oqsprov/oqs_decode_der2key.c b/oqsprov/oqs_decode_der2key.c
@@ -816,4 +816,16 @@ MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple,
              oqsx, PrivateKeyInfo);
 MAKE_DECODER(, "rsa3072_sphincsshake128fsimple", rsa3072_sphincsshake128fsimple,
              oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "mayo_1", mayo_1, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "mayo_1", mayo_1, oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "p256_mayo_1", p256_mayo_1, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "p256_mayo_1", p256_mayo_1, oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "mayo_2", mayo_2, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "mayo_2", mayo_2, oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "p256_mayo_2", p256_mayo_2, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "p256_mayo_2", p256_mayo_2, oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "mayo_3", mayo_3, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "mayo_3", mayo_3, oqsx, SubjectPublicKeyInfo);
+MAKE_DECODER(, "p384_mayo_3", p384_mayo_3, oqsx, PrivateKeyInfo);
+MAKE_DECODER(, "p384_mayo_3", p384_mayo_3, oqsx, SubjectPublicKeyInfo);
 ///// OQS_TEMPLATE_FRAGMENT_DECODER_MAKE_END
diff --git a/oqsprov/oqs_encode_key2any.c b/oqsprov/oqs_encode_key2any.c
@@ -1271,6 +1271,24 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)
 #define rsa3072_sphincsshake128fsimple_input_type \
     "rsa3072_sphincsshake128fsimple"
 #define rsa3072_sphincsshake128fsimple_pem_type "rsa3072_sphincsshake128fsimple"
+#define mayo_1_evp_type                         0
+#define mayo_1_input_type                       "mayo_1"
+#define mayo_1_pem_type                         "mayo_1"
+#define p256_mayo_1_evp_type                    0
+#define p256_mayo_1_input_type                  "p256_mayo_1"
+#define p256_mayo_1_pem_type                    "p256_mayo_1"
+#define mayo_2_evp_type                         0
+#define mayo_2_input_type                       "mayo_2"
+#define mayo_2_pem_type                         "mayo_2"
+#define p256_mayo_2_evp_type                    0
+#define p256_mayo_2_input_type                  "p256_mayo_2"
+#define p256_mayo_2_pem_type                    "p256_mayo_2"
+#define mayo_3_evp_type                         0
+#define mayo_3_input_type                       "mayo_3"
+#define mayo_3_pem_type                         "mayo_3"
+#define p384_mayo_3_evp_type                    0
+#define p384_mayo_3_input_type                  "p384_mayo_3"
+#define p384_mayo_3_pem_type                    "p384_mayo_3"
 ///// OQS_TEMPLATE_FRAGMENT_ENCODER_DEFINES_END
 
 /* ---------------------------------------------------------------------- */
@@ -2650,4 +2668,46 @@ MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, PrivateKeyInfo, pem);
 MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, der);
 MAKE_ENCODER(, rsa3072_sphincsshake128fsimple, oqsx, SubjectPublicKeyInfo, pem);
 MAKE_TEXT_ENCODER(, rsa3072_sphincsshake128fsimple);
+MAKE_ENCODER(, mayo_1, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_1, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_1, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_1, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_1, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, mayo_1, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, mayo_1);
+MAKE_ENCODER(, p256_mayo_1, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_1, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, p256_mayo_1, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_1, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, p256_mayo_1, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_1, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, p256_mayo_1);
+MAKE_ENCODER(, mayo_2, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_2, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_2, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_2, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_2, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, mayo_2, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, mayo_2);
+MAKE_ENCODER(, p256_mayo_2, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_2, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, p256_mayo_2, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_2, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, p256_mayo_2, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, p256_mayo_2, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, p256_mayo_2);
+MAKE_ENCODER(, mayo_3, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_3, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_3, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, mayo_3, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, mayo_3, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, mayo_3, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, mayo_3);
+MAKE_ENCODER(, p384_mayo_3, oqsx, EncryptedPrivateKeyInfo, der);
+MAKE_ENCODER(, p384_mayo_3, oqsx, EncryptedPrivateKeyInfo, pem);
+MAKE_ENCODER(, p384_mayo_3, oqsx, PrivateKeyInfo, der);
+MAKE_ENCODER(, p384_mayo_3, oqsx, PrivateKeyInfo, pem);
+MAKE_ENCODER(, p384_mayo_3, oqsx, SubjectPublicKeyInfo, der);
+MAKE_ENCODER(, p384_mayo_3, oqsx, SubjectPublicKeyInfo, pem);
+MAKE_TEXT_ENCODER(, p384_mayo_3);
 ///// OQS_TEMPLATE_FRAGMENT_ENCODER_MAKE_END
diff --git a/oqsprov/oqs_kmgmt.c b/oqsprov/oqs_kmgmt.c
@@ -1254,6 +1254,73 @@ static void *rsa3072_sphincsshake128fsimple_gen_init(void *provctx,
         "rsa3072_sphincsshake128fsimple", KEY_TYPE_HYB_SIG, 128, 47);
 }
 
+static void *mayo_1_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_1,
+                        "mayo_1", KEY_TYPE_SIG, NULL, 128, 48);
+}
+
+static void *mayo_1_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_1, "mayo_1", 0,
+                         128, 48);
+}
+static void *p256_mayo_1_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_1,
+                        "p256_mayo_1", KEY_TYPE_HYB_SIG, NULL, 128, 49);
+}
+
+static void *p256_mayo_1_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_1, "p256_mayo_1",
+                         KEY_TYPE_HYB_SIG, 128, 49);
+}
+static void *mayo_2_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_2,
+                        "mayo_2", KEY_TYPE_SIG, NULL, 128, 50);
+}
+
+static void *mayo_2_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_2, "mayo_2", 0,
+                         128, 50);
+}
+static void *p256_mayo_2_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_2,
+                        "p256_mayo_2", KEY_TYPE_HYB_SIG, NULL, 128, 51);
+}
+
+static void *p256_mayo_2_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_2, "p256_mayo_2",
+                         KEY_TYPE_HYB_SIG, 128, 51);
+}
+static void *mayo_3_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_3,
+                        "mayo_3", KEY_TYPE_SIG, NULL, 192, 52);
+}
+
+static void *mayo_3_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_3, "mayo_3", 0,
+                         192, 52);
+}
+static void *p384_mayo_3_new_key(void *provctx)
+{
+    return oqsx_key_new(PROV_OQS_LIBCTX_OF(provctx), OQS_SIG_alg_mayo_3,
+                        "p384_mayo_3", KEY_TYPE_HYB_SIG, NULL, 192, 53);
+}
+
+static void *p384_mayo_3_gen_init(void *provctx, int selection)
+{
+    return oqsx_gen_init(provctx, selection, OQS_SIG_alg_mayo_3, "p384_mayo_3",
+                         KEY_TYPE_HYB_SIG, 192, 53);
+}
+
 ///// OQS_TEMPLATE_FRAGMENT_KEYMGMT_CONSTRUCTORS_END
 
 #define MAKE_SIG_KEYMGMT_FUNCTIONS(alg)                                       \
@@ -1451,6 +1518,12 @@ MAKE_SIG_KEYMGMT_FUNCTIONS(p384_sphincssha2192fsimple)
 MAKE_SIG_KEYMGMT_FUNCTIONS(sphincsshake128fsimple)
 MAKE_SIG_KEYMGMT_FUNCTIONS(p256_sphincsshake128fsimple)
 MAKE_SIG_KEYMGMT_FUNCTIONS(rsa3072_sphincsshake128fsimple)
+MAKE_SIG_KEYMGMT_FUNCTIONS(mayo_1)
+MAKE_SIG_KEYMGMT_FUNCTIONS(p256_mayo_1)
+MAKE_SIG_KEYMGMT_FUNCTIONS(mayo_2)
+MAKE_SIG_KEYMGMT_FUNCTIONS(p256_mayo_2)
+MAKE_SIG_KEYMGMT_FUNCTIONS(mayo_3)
+MAKE_SIG_KEYMGMT_FUNCTIONS(p384_mayo_3)
 
 MAKE_KEM_KEYMGMT_FUNCTIONS(frodo640aes, OQS_KEM_alg_frodokem_640_aes, 128)