Unable to create x25519_kyber768 key and cert

[vkosuri]

+ export OSSL_MODULES=/opt/ossl3/lib64/ossl-modules/
+ OSSL_MODULES=/opt/ossl3/lib64/ossl-modules/
+ export OPENSSL_CONF=/opt/ossl3/ssl/openssl.cnf
+ OPENSSL_CONF=/opt/ossl3/ssl/openssl.cnf
+ export OPENSSL_APP=/opt/ossl3/bin/openssl
+ OPENSSL_APP=/opt/ossl3/bin/openssl
+ /opt/ossl3/bin/openssl list -providers
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.2.1
    status: active
  oqsprovider
    name: OpenSSL OQS Provider
    version: 0.5.3
    status: active
+ /opt/ossl3/bin/openssl list -signature-algorithms
  { 1.2.840.113549.1.1.1, 2.5.8.1.1, RSA, rsaEncryption } @ default
  { 1.2.840.10040.4.1, 1.2.840.10040.4.3, 1.3.14.3.2.12, 1.3.14.3.2.13, 1.3.14.3.2.27, DSA, DSA-old, DSA-SHA, DSA-SHA1, DSA-SHA1-old, dsaEncryption, dsaEncryption-old, dsaWithSHA, dsaWithSHA1, dsaWithSHA1-old } @ default
  { 1.3.101.112, ED25519 } @ default
  { 1.3.101.113, ED448 } @ default
  { 1.2.156.10197.1.301, SM2 } @ default
  ECDSA @ default
  HMAC @ default
  SIPHASH @ default
  POLY1305 @ default
  CMAC @ default
  dilithium2 @ oqsprovider
  p256_dilithium2 @ oqsprovider
  rsa3072_dilithium2 @ oqsprovider
  dilithium3 @ oqsprovider
  p384_dilithium3 @ oqsprovider
  dilithium5 @ oqsprovider
  p521_dilithium5 @ oqsprovider
  falcon512 @ oqsprovider
  p256_falcon512 @ oqsprovider
  rsa3072_falcon512 @ oqsprovider
  falcon1024 @ oqsprovider
  p521_falcon1024 @ oqsprovider
  sphincssha2128fsimple @ oqsprovider
  p256_sphincssha2128fsimple @ oqsprovider
  rsa3072_sphincssha2128fsimple @ oqsprovider
  sphincssha2128ssimple @ oqsprovider
  p256_sphincssha2128ssimple @ oqsprovider
  rsa3072_sphincssha2128ssimple @ oqsprovider
  sphincssha2192fsimple @ oqsprovider
  p384_sphincssha2192fsimple @ oqsprovider
  sphincsshake128fsimple @ oqsprovider
  p256_sphincsshake128fsimple @ oqsprovider
  rsa3072_sphincsshake128fsimple @ oqsprovider
root@f6d2292b0f29:/optbuild# cd /opt

root@f6d2292b0f29:/opt/tmp# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes
0012D91AE27F0000:error:1D800065:ENCODER routines:OSSL_ENCODER_to_bio:reason(101):crypto/encode_decode/encoder_lib.c:55:No encoders were found. For standard encoders you need at least one of the default or base providers available. Did you forget to load them?
0012D91AE27F0000:error:04800073:PEM routines:do_pk8pkey:error converting private key:crypto/pem/pem_pk8.c:133:

# Again I tried with provider path also it did not worked for me

root@f6d2292b0f29:/opt/tmp# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes -provider default -provider oqsprovider
00721087D57F0000:error:1D800065:ENCODER routines:OSSL_ENCODER_to_bio:reason(101):crypto/encode_decode/encoder_lib.c:55:No encoders were found. For standard encoders you need at least one of the default or base providers available. Did you forget to load them?
00721087D57F0000:error:04800073:PEM routines:do_pk8pkey:error converting private key:crypto/pem/pem_pk8.c:133:

root@f6d2292b0f29:/opt/tmp# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes -provider default -provider oqsprovider -provider-path /opt/ossl3/lib64/
engines-3/      libcrypto.a     libcrypto.so.3  libssl.so       ossl-modules/
lib/            libcrypto.so    libssl.a        libssl.so.3     pkgconfig/
root@f6d2292b0f29:/opt/tmp# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes -provider default -provider oqsprovider -provider-path /opt/ossl3/lib64/ossl-modules/
legacy.so       oqsprovider.so
root@f6d2292b0f29:/opt/tmp# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes -provider default -provider oqsprovider -provider-path /opt/ossl3/lib64/ossl-modules/
007211C76B7F0000:error:1D800065:ENCODER routines:OSSL_ENCODER_to_bio:reason(101):crypto/encode_decode/encoder_lib.c:55:No encoders were found. For standard encoders you need at least one of the default or base providers available. Did you forget to load them?
007211C76B7F0000:error:04800073:PEM routines:do_pk8pkey:error converting private key:crypto/pem/pem_pk8.c:133:
root@f6d2292b0f29:/opt/tmp#

And openssl.cnf

root@f6d2292b0f29:/opt/tmp# cat /opt/ossl3/ssl/openssl.cnf
#
# OpenSSL example configuration file.
# See doc/man5/config.pod for more info.
#
# This is mostly being used for generation of certificate requests,
# but may be used for auto loading of providers

# Note that you can include other files from the main configuration
# file using the .include directive.
#.include filename

# This definition stops the following lines choking if HOME isn't
# defined.
HOME           = .
DEFAULT_GROUPS = X25519:P256:x25519_kyber768

[openssl_init]
providers = provider_sect
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
Groups = $ENV::DEFAULT_GROUPS

# List of providers to load
[provider_sect]
default = default_sect
oqsprovider = oqsprovider_sect
# The fips section name should match the section name inside the
# included fipsmodule.cnf.
# fips = fips_sect

# If no providers are activated explicitly, the default one is activated implicitly.
# See man 7 OSSL_PROVIDER-default for more details.
#
# If you add a section explicitly activating any other provider(s), you most
# probably need to explicitly activate the default provider, otherwise it
# becomes unavailable in openssl.  As a consequence applications depending on
# OpenSSL may not work correctly which could lead to significant system
# problems including inability to remotely access the system.
[default_sect]
activate = 1
[oqsprovider_sect]
activate = 1

# activate = 1

[baentsch]

Please provide a reproducible error run using the template in https://github.com/open-quantum-safe/oqs-provider/issues/new?assignees=&labels=bug&projects=&template=bug_report.md&title= . In this case, be sure to use the pre-built docker image so we can exclude built-time issues on your end.

[vkosuri]

I have converted Docker environment into a shell script https://gist.github.com/vkosuri/09a7e66a745d6cf3933e76100e5e729e to install everything, The reason I am not creating an issue still I am not clear about key creation.

The repo are cloned below as <URL> <branch>

repos=(
    "https://github.com/openssl/openssl.git openssl-3.2"
    "https://github.com/open-quantum-safe/liboqs 0.9.1"
    "https://github.com/open-quantum-safe/oqs-provider.git 0.5.3"
)

After that I am trying to create x25519_kyber768 it failed with digital envelope routines:do_sigver_init:operation not supported for this keytype:crypto/evp/m_sigver.c:300:

The oqslib built with -DOQS_MINIMAL_BUILD="KEM_kyber_768;SIG_dilithium_3" does x25519_kyber768 require another set of signature algorithms?

OpenSSL 3.2.1-dev  (Library: OpenSSL 3.2.1-dev )
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.2.1
    status: active
  oqsprovider
    name: OpenSSL OQS Provider
    version: 0.5.3
    status: active


root@f6d2292b0f29:/optbuild# export OSSL_MODULES=/opt/ossl32/lib64/ossl-modules/
root@f6d2292b0f29:/optbuild# export OPENSSL_CONF=/opt/ossl32/ssl/openssl.cnf
root@f6d2292b0f29:/optbuild# export OPENSSL_APP=/opt/ossl32/bin/openssl

root@f6d2292b0f29:/optbuild# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes
-----
00E22E7C1A7F0000:error:03000096:digital envelope routines:do_sigver_init:operation not supported for this keytype:crypto/evp/m_sigver.c:300:
root@f6d2292b0f29:/optbuild#

After some searching, I have found some suggestions to use a legacy provider as in this post https://stackoverflow.com/a/69699772/358458 still no luck

root@f6d2292b0f29:/optbuild# export NODE_OPTIONS=--openssl-legacy-provider

root@f6d2292b0f29:/optbuild# $OPENSSL_APP req -x509 -new -newkey x25519_kyber768 -keyout x25519_kyber768_rootCA.key -out x25519_kyber768_rootCA.crt -subj "/CN=test CA" -nodes
-----
008241B0E27F0000:error:03000096:digital envelope routines:do_sigver_init:operation not supported for this keytype:crypto/evp/m_sigver.c:300:
root@f6d2292b0f29:/optbuild#

And I tried to create a key through ecparam, it's saying unknown key

root@f6d2292b0f29:/optbuild# $OPENSSL_APP ecparam -name x25519_kyber768 -genkey -noout -out /opt/certs/xk.pem
unable to generate key

root@f6d2292b0f29:/optbuild# $OPENSSL_APP ecparam -list_curves
  secp112r1 : SECG/WTLS curve over a 112 bit prime field
  secp112r2 : SECG curve over a 112 bit prime field
  secp128r1 : SECG curve over a 128 bit prime field
  secp128r2 : SECG curve over a 128 bit prime field
  secp160k1 : SECG curve over a 160 bit prime field
  secp160r1 : SECG curve over a 160 bit prime field
  secp160r2 : SECG/WTLS curve over a 160 bit prime field
  secp192k1 : SECG curve over a 192 bit prime field
  secp224k1 : SECG curve over a 224 bit prime field
  secp224r1 : NIST/SECG curve over a 224 bit prime field
  secp256k1 : SECG curve over a 256 bit prime field
  secp384r1 : NIST/SECG curve over a 384 bit prime field
  secp521r1 : NIST/SECG curve over a 521 bit prime field
  prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
  prime192v2: X9.62 curve over a 192 bit prime field
  prime192v3: X9.62 curve over a 192 bit prime field
  prime239v1: X9.62 curve over a 239 bit prime field
  prime239v2: X9.62 curve over a 239 bit prime field
  prime239v3: X9.62 curve over a 239 bit prime field
  prime256v1: X9.62/SECG curve over a 256 bit prime field
  sect113r1 : SECG curve over a 113 bit binary field
  sect113r2 : SECG curve over a 113 bit binary field
  sect131r1 : SECG/WTLS curve over a 131 bit binary field
  sect131r2 : SECG curve over a 131 bit binary field
  sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
  sect163r1 : SECG curve over a 163 bit binary field
  sect163r2 : NIST/SECG curve over a 163 bit binary field
  sect193r1 : SECG curve over a 193 bit binary field
  sect193r2 : SECG curve over a 193 bit binary field
  sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
  sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
  sect239k1 : SECG curve over a 239 bit binary field
  sect283k1 : NIST/SECG curve over a 283 bit binary field
  sect283r1 : NIST/SECG curve over a 283 bit binary field
  sect409k1 : NIST/SECG curve over a 409 bit binary field
  sect409r1 : NIST/SECG curve over a 409 bit binary field
  sect571k1 : NIST/SECG curve over a 571 bit binary field
  sect571r1 : NIST/SECG curve over a 571 bit binary field
  c2pnb163v1: X9.62 curve over a 163 bit binary field
  c2pnb163v2: X9.62 curve over a 163 bit binary field
  c2pnb163v3: X9.62 curve over a 163 bit binary field
  c2pnb176v1: X9.62 curve over a 176 bit binary field
  c2tnb191v1: X9.62 curve over a 191 bit binary field
  c2tnb191v2: X9.62 curve over a 191 bit binary field
  c2tnb191v3: X9.62 curve over a 191 bit binary field
  c2pnb208w1: X9.62 curve over a 208 bit binary field
  c2tnb239v1: X9.62 curve over a 239 bit binary field
  c2tnb239v2: X9.62 curve over a 239 bit binary field
  c2tnb239v3: X9.62 curve over a 239 bit binary field
  c2pnb272w1: X9.62 curve over a 272 bit binary field
  c2pnb304w1: X9.62 curve over a 304 bit binary field
  c2tnb359v1: X9.62 curve over a 359 bit binary field
  c2pnb368w1: X9.62 curve over a 368 bit binary field
  c2tnb431r1: X9.62 curve over a 431 bit binary field
  wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
  wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
  wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
  wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
  wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
  wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
  wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
  wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
  wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
  wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
  wap-wsg-idm-ecid-wtls12: WTLS curve over a 224 bit prime field
  Oakley-EC2N-3:
	IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
	Not suitable for ECDSA.
	Questionable extension field!
  Oakley-EC2N-4:
	IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
	Not suitable for ECDSA.
	Questionable extension field!
  brainpoolP160r1: RFC 5639 curve over a 160 bit prime field
  brainpoolP160t1: RFC 5639 curve over a 160 bit prime field
  brainpoolP192r1: RFC 5639 curve over a 192 bit prime field
  brainpoolP192t1: RFC 5639 curve over a 192 bit prime field
  brainpoolP224r1: RFC 5639 curve over a 224 bit prime field
  brainpoolP224t1: RFC 5639 curve over a 224 bit prime field
  brainpoolP256r1: RFC 5639 curve over a 256 bit prime field
  brainpoolP256t1: RFC 5639 curve over a 256 bit prime field
  brainpoolP320r1: RFC 5639 curve over a 320 bit prime field
  brainpoolP320t1: RFC 5639 curve over a 320 bit prime field
  brainpoolP384r1: RFC 5639 curve over a 384 bit prime field
  brainpoolP384t1: RFC 5639 curve over a 384 bit prime field
  brainpoolP512r1: RFC 5639 curve over a 512 bit prime field
  brainpoolP512t1: RFC 5639 curve over a 512 bit prime field
  SM2       : SM2 curve over a 256 bit prime field
root@f6d2292b0f29:/optbuild#

[baentsch]

And I tried to create a key through ecparam, it's saying unknown key

Well, that's absolutely pointless: PQ keys are surely no EC keys. I still am not clear what you try to achieve: "x25519_kyber768" is no signature algorithm, so errors in signature functions are logical consequences.

I have converted Docker environment into a shell script https://gist.github.com/vkosuri/09a7e66a745d6cf3933e76100e5e729e to install everything

Again, please run your commands in our docker environment and point to problems there so we can reproduce. I do not have time to learn (and possibly debug) even more build environments than we already support.

[vkosuri]

Again, please run your commands in our docker environment and point to problems there so we can reproduce. I do not have time to learn (and possibly debug) even more build environments than we already support.

kosuri@kosuri:~/github.com/oqs-demos/openssl3$ docker run -it oqs-ossl3
Test server started for KEM kyber768 at port 4433
/ # Using default temp DH parameters
ACCEPT
/ # ps
PID   USER     TIME  COMMAND
    1 root      0:00 {serverstart.sh} /bin/sh /opt/openssl32/bin/serverstart.sh
    8 root      0:00 openssl s_server -cert /opt/test/server.crt -key /opt/test/server.key -groups kyber768 -www -tls1_3 -accept localhost:4433
    9 root      0:00 sh
   10 root      0:00 ps
/ # openssl genpkey -algorithm x25519_kyber768 -out private.pem
Error writing key(s)
48EBE5F19F7F0000:error:1D800065:ENCODER routines:OSSL_ENCODER_to_bio:reason(101):crypto/encode_decode/encoder_lib.c:55:No encoders were found. For standard encoders you need at least one of the default or base providers available. Did you forget to load them?
48EBE5F19F7F0000:error:04800073:PEM routines:do_pk8pkey:error converting private key:crypto/pem/pem_pk8.c:133:
/ # openssl list -providers
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.3.0
    status: active
  oqsprovider
    name: OpenSSL OQS Provider
    version: 0.5.3-dev
    status: active
/ # which openssl
/opt/openssl32/bin/openssl
/ #

The reason I am using my environment I can able to create a key, can't create a cert due to a sign issue

# I can create private using x25519_kyber768
root@f6d2292b0f29:/optbuild# $OPENSSL_APP genpkey -algorithm x25519_kyber768 -out private.pem

# where I am trying to create a certificate, where the signature is not supported

root@f6d2292b0f29:/optbuild# $OPENSSL_APP req -new -x509 -key private.pem -out cert.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:HYD
Locality Name (eg, city) []:HYD
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ssl
Organizational Unit Name (eg, section) []:dev
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:[email protected]
00524040A47F0000:error:03000096:digital envelope routines:do_sigver_init:operation not supported for this keytype:crypto/evp/m_sigver.c:300:

[baentsch]

This is expected: You cannot sign with a KEM. Setting "OQS_KEM_ENCODERS" only enables encoding/decoding of KEM (private&public) keys.

[vkosuri]

thanks, I am writing a speed test application for x25519_kyber768. if yes, I need private bytes and public bytes how to get those

Related issue https://github.com/orgs/open-quantum-safe/discussions/1672#discussioncomment-8208510

[baentsch]

a speed test application for x25519_kyber768

Please specify the operations you want to measure the speed of. Please also state why the answer in https://github.com/orgs/open-quantum-safe/discussions/1672#discussioncomment-8208510 is not fulfilling your need.

[vkosuri]

Please specify the operations you want to measure the speed of.

Key generation

Please also state why the answer in https://github.com/orgs/open-quantum-safe/discussions/1672#discussioncomment-8208510 is not fulfilling your need.

The handshake tests is not specifically testing key generation process.

[baentsch]

Key generation

Did you already check the baseline, incl. keygen tests then (be sure to select only Kyber to see the results of interest to you)? Or anything wrong with those?