Skip to content

Commit

Permalink
Add code points for PADDED variant of Falcon [skip ci] (#362)
Browse files Browse the repository at this point in the history 
* Update OIDs to reflect Falcon KAT changes

* Update "old" version string to reflect KAT mismatch
  • Loading branch information
@SWilson4
SWilson4 authored Mar 7, 2024
1 parent 8a6a1cd commit f08657b
Show file tree
Hide file tree
Showing 14 changed files with 641 additions and 140 deletions.
32 changes: 22 additions & 10 deletions ALGORITHMS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,11 +79,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
| p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65
| mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87
| p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87
| falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512
| p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512
| rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
| falcon1024 | 0xfeb1 |Yes| OQS_CODEPOINT_FALCON1024
| p521_falcon1024 | 0xfeb2 |Yes| OQS_CODEPOINT_P521_FALCON1024
| falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512
| p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512
| rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
| falconpadded512 | 0xfedc |Yes| OQS_CODEPOINT_FALCONPADDED512
| p256_falconpadded512 | 0xfedd |Yes| OQS_CODEPOINT_P256_FALCONPADDED512
| rsa3072_falconpadded512 | 0xfede |Yes| OQS_CODEPOINT_RSA3072_FALCONPADDED512
| falcon1024 | 0xfeda |Yes| OQS_CODEPOINT_FALCON1024
| p521_falcon1024 | 0xfedb |Yes| OQS_CODEPOINT_P521_FALCON1024
| falconpadded1024 | 0xfedf |Yes| OQS_CODEPOINT_FALCONPADDED1024
| p521_falconpadded1024 | 0xfee0 |Yes| OQS_CODEPOINT_P521_FALCONPADDED1024
| sphincssha2128fsimple | 0xfeb3 |Yes| OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE
| p256_sphincssha2128fsimple | 0xfeb4 |Yes| OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE
| rsa3072_sphincssha2128fsimple | 0xfeb5 |Yes| OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE
Expand Down Expand Up @@ -151,11 +156,16 @@ adapting the OIDs of all supported signature algorithms as per the table below.
| p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65
| mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87
| p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87
| falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512
| p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512
| rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512
| falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024
| p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024
| falcon512 | 1.3.9999.3.11 |Yes| OQS_OID_FALCON512
| p256_falcon512 | 1.3.9999.3.12 |Yes| OQS_OID_P256_FALCON512
| rsa3072_falcon512 | 1.3.9999.3.13 |Yes| OQS_OID_RSA3072_FALCON512
| falconpadded512 | 1.3.9999.3.16 |Yes| OQS_OID_FALCONPADDED512
| p256_falconpadded512 | 1.3.9999.3.17 |Yes| OQS_OID_P256_FALCONPADDED512
| rsa3072_falconpadded512 | 1.3.9999.3.18 |Yes| OQS_OID_RSA3072_FALCONPADDED512
| falcon1024 | 1.3.9999.3.14 |Yes| OQS_OID_FALCON1024
| p521_falcon1024 | 1.3.9999.3.15 |Yes| OQS_OID_P521_FALCON1024
| falconpadded1024 | 1.3.9999.3.19 |Yes| OQS_OID_FALCONPADDED1024
| p521_falconpadded1024 | 1.3.9999.3.20 |Yes| OQS_OID_P521_FALCONPADDED1024
| sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE
| p256_sphincssha2128fsimple | 1.3.9999.6.4.14 |Yes| OQS_OID_P256_SPHINCSSHA2128FSIMPLE
| rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 |Yes| OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE
Expand Down Expand Up @@ -259,7 +269,9 @@ By setting environment variables, oqs-provider can be configured to encode keys
|`OQS_ENCODING_DILITHIUM3`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
|`OQS_ENCODING_DILITHIUM5`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
|`OQS_ENCODING_FALCON512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCONPADDED512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCON1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCONPADDED1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2128FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2128SSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2192FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms:

- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\*
- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\*
- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\*
- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falconpadded512`\*, `p256_falconpadded512`\*, `rsa3072_falconpadded512`\*, `falcon1024`\*, `p521_falcon1024`\*, `falconpadded1024`\*, `p521_falconpadded1024`\*

- **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
- **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`
Expand Down
70 changes: 59 additions & 11 deletions oqs-template/generate.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -399,7 +399,7 @@ kem_nid_end: '0x0250'
kem_nid_hybrid_end: '0x2FFF'
# need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values

# Next free signature ID: 0xfed7
# Next free signature ID: 0xfee1
sigs:
# -
# iso (1)
Expand Down Expand Up @@ -581,20 +581,32 @@ sigs:
name: 'falcon512'
pretty_name: 'Falcon-512'
oqs_meth: 'OQS_SIG_alg_falcon_512'
oid: '1.3.9999.3.6'
code_point: '0xfeae'
oid: '1.3.9999.3.11'
code_point: '0xfed7'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.7',
'code_point': '0xfeaf'},
'oid': '1.3.9999.3.12',
'code_point': '0xfed8'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.8',
'code_point': '0xfeb0'}]
'oid': '1.3.9999.3.13',
'code_point': '0xfed9'}]
extra_nids:
old:
- implementation_version: PQClean Round 3 version labelled 20211101
nist-round: 3
oid: '1.3.9999.3.6'
code_point: '0xfeae'
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.7',
'code_point': '0xfeaf'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.8',
'code_point': '0xfeb0'}]
- implementation_version: NIST Round 3 submission
nist-round: 3
oid: '1.3.9999.3.1'
Expand All @@ -607,20 +619,44 @@ sigs:
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.3',
'code_point': '0xfe0d'}]
-
name: 'falconpadded512'
pretty_name: 'Falcon-padded-512'
oqs_meth: 'OQS_SIG_alg_falcon_padded_512'
oid: '1.3.9999.3.16'
code_point: '0xfedc'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.17',
'code_point': '0xfedd'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.18',
'code_point': '0xfede'}]
-
name: 'falcon1024'
pretty_name: 'Falcon-1024'
oqs_meth: 'OQS_SIG_alg_falcon_1024'
oid: '1.3.9999.3.9'
code_point: '0xfeb1'
oid: '1.3.9999.3.14'
code_point: '0xfeda'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.10',
'code_point': '0xfeb2'}]
'oid': '1.3.9999.3.15',
'code_point': '0xfedb'}]
extra_nids:
old:
- implementation_version: PQClean Round 3 version labelled 20211101
nist-round: 3
oid: '1.3.9999.3.9'
code_point: '0xfeb1'
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.10',
'code_point': '0xfeb2'}]
- implementation_version: NIST Round 3 submission
nist-round: 3
oid: '1.3.9999.3.4'
Expand All @@ -629,6 +665,18 @@ sigs:
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.5',
'code_point': '0xfe0f'}]
-
name: 'falconpadded1024'
pretty_name: 'Falcon-padded-1024'
oqs_meth: 'OQS_SIG_alg_falcon_padded_1024'
oid: '1.3.9999.3.19'
code_point: '0xfedf'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.20',
'code_point': '0xfee0'}]
-
family: 'SPHINCS-Haraka'
variants:
Expand Down
20 changes: 15 additions & 5 deletions oqs-template/oqs-sig-info.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,16 +14,26 @@
| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 |
| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 |
| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 |
| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 |
| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 |
| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 |
| falcon512 | 20211101 | 3 | 1 | 0xfed7 | 1.3.9999.3.11 |
| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfed8 | 1.3.9999.3.12 |
| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfed9 | 1.3.9999.3.13 |
| falcon512 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 |
| falcon512 **hybrid with** p256 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 |
| falcon512 **hybrid with** rsa3072 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 |
| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 |
| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 |
| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 |
| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 |
| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 |
| falconpadded512 | 20211101 | 3 | 1 | 0xfedc | 1.3.9999.3.16 |
| falconpadded512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfedd | 1.3.9999.3.17 |
| falconpadded512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfede | 1.3.9999.3.18 |
| falcon1024 | 20211101 | 3 | 5 | 0xfeda | 1.3.9999.3.14 |
| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfedb | 1.3.9999.3.15 |
| falcon1024 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 |
| falcon1024 **hybrid with** p521 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 |
| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 |
| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 |
| falconpadded1024 | 20211101 | 3 | 5 | 0xfedf | 1.3.9999.3.19 |
| falconpadded1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfee0 | 1.3.9999.3.20 |
| mldsa44 | ML-DSA-ipd | ipd | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 |
| mldsa44 **hybrid with** p256 | ML-DSA-ipd | ipd | 1 | 0xfed3 | 1.3.9999.7.1 |
| mldsa44 **hybrid with** rsa3072 | ML-DSA-ipd | ipd | 1 | 0xfed4 | 1.3.9999.7.2 |
Expand Down
17 changes: 17 additions & 0 deletions oqsprov/oqs_decode_der2key.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -725,10 +725,27 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx,
Expand Down
Loading

0 comments on commit f08657b

Please sign in to comment.