diff --git a/INSTALL b/INSTALL index 282feceb5..2f54ac188 100644 --- a/INSTALL +++ b/INSTALL @@ -221,8 +221,8 @@ - FALCON (signature scheme) - SPHINCS+ (signature scheme) - The following NIST Competition Round 3 finalist algorithms are supported, - but are deprecated and will be removed soon: + The following NIST Competition Round 3 finalist algorithms were supported, + but have been removed after 5.3.3 - SABER (KEM) - NTRU (KEM) diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index bcdb662e4..4373d196b 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -273,26 +273,12 @@ static struct group_info groups[] = { { WOLFSSL_FFDHE_6144, "FFDHE_6144" }, { WOLFSSL_FFDHE_8192, "FFDHE_8192" }, #ifdef HAVE_PQC - { WOLFSSL_NTRU_HPS_LEVEL1, "NTRU_HPS_LEVEL1" }, - { WOLFSSL_NTRU_HPS_LEVEL3, "NTRU_HPS_LEVEL3" }, - { WOLFSSL_NTRU_HPS_LEVEL5, "NTRU_HPS_LEVEL5" }, - { WOLFSSL_NTRU_HRSS_LEVEL3, "NTRU_HRSS_LEVEL3" }, - { WOLFSSL_SABER_LEVEL1, "SABER_LEVEL1" }, - { WOLFSSL_SABER_LEVEL3, "SABER_LEVEL3" }, - { WOLFSSL_SABER_LEVEL5, "SABER_LEVEL5" }, { WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" }, { WOLFSSL_KYBER_LEVEL3, "KYBER_LEVEL3" }, { WOLFSSL_KYBER_LEVEL5, "KYBER_LEVEL5" }, { WOLFSSL_KYBER_90S_LEVEL1, "KYBER_90S_LEVEL1" }, { WOLFSSL_KYBER_90S_LEVEL3, "KYBER_90S_LEVEL3" }, { WOLFSSL_KYBER_90S_LEVEL5, "KYBER_90S_LEVEL5" }, - { WOLFSSL_P256_NTRU_HPS_LEVEL1, "P256_NTRU_HPS_LEVEL1" }, - { WOLFSSL_P384_NTRU_HPS_LEVEL3, "P384_NTRU_HPS_LEVEL3" }, - { WOLFSSL_P521_NTRU_HPS_LEVEL5, "P521_NTRU_HPS_LEVEL5" }, - { WOLFSSL_P384_NTRU_HRSS_LEVEL3, "P384_NTRU_HRSS_LEVEL3" }, - { WOLFSSL_P256_SABER_LEVEL1, "P256_SABER_LEVEL1" }, - { WOLFSSL_P384_SABER_LEVEL3, "P384_SABER_LEVEL3" }, - { WOLFSSL_P521_SABER_LEVEL5, "P521_SABER_LEVEL5" }, { WOLFSSL_P256_KYBER_LEVEL1, "P256_KYBER_LEVEL1" }, { WOLFSSL_P384_KYBER_LEVEL3, "P384_KYBER_LEVEL3" }, { WOLFSSL_P521_KYBER_LEVEL5, "P521_KYBER_LEVEL5" }, diff --git a/examples/client/client.c b/examples/client/client.c index 2f82682f1..bf3a2fa6f 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -385,27 +385,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_LEVEL5") == 0) { group = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL1") == 0) { - group = WOLFSSL_NTRU_HPS_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL3") == 0) { - group = WOLFSSL_NTRU_HPS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL5") == 0) { - group = WOLFSSL_NTRU_HPS_LEVEL5; - } - else if (XSTRCMP(pqcAlg, "NTRU_HRSS_LEVEL3") == 0) { - group = WOLFSSL_NTRU_HRSS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL1") == 0) { - group = WOLFSSL_SABER_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL3") == 0) { - group = WOLFSSL_SABER_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL5") == 0) { - group = WOLFSSL_SABER_LEVEL5; - } else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL1") == 0) { group = WOLFSSL_KYBER_90S_LEVEL1; } @@ -415,27 +394,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL5") == 0) { group = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1") == 0) { - group = WOLFSSL_P256_NTRU_HPS_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3") == 0) { - group = WOLFSSL_P384_NTRU_HPS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5") == 0) { - group = WOLFSSL_P521_NTRU_HPS_LEVEL5; - } - else if (XSTRCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3") == 0) { - group = WOLFSSL_P384_NTRU_HRSS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P256_SABER_LEVEL1") == 0) { - group = WOLFSSL_P256_SABER_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_SABER_LEVEL3") == 0) { - group = WOLFSSL_P384_SABER_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_SABER_LEVEL5") == 0) { - group = WOLFSSL_P521_SABER_LEVEL5; - } else if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL1") == 0) { group = WOLFSSL_P256_KYBER_LEVEL1; } @@ -1308,12 +1266,8 @@ static const char* client_usage_msg[][70] = { #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n" " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n" - " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" - " P384_NTRU_HPS_LEVEL3, P521_NTRU_HPS_LEVEL5, P384_NTRU_HRSS_LEVEL3,\n" - " P256_SABER_LEVEL1, P384_SABER_LEVEL3, P521_SABER_LEVEL5, P256_KYBER_LEVEL1,\n" - " P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3,\n" - " P521_KYBER_90S_LEVEL5]\n", /* 70 */ + " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1,\n" + " P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 70 */ #endif #ifdef WOLFSSL_SRTP "--srtp (default is SRTP_AES128_CM_SHA1_80)\n", /* 71 */ @@ -1532,12 +1486,8 @@ static const char* client_usage_msg[][70] = { #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n" " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n" - " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" - " P384_NTRU_HPS_LEVEL3, P521_NTRU_HPS_LEVEL5, P384_NTRU_HRSS_LEVEL3,\n" - " P256_SABER_LEVEL1, P384_SABER_LEVEL3, P521_SABER_LEVEL5, P256_KYBER_LEVEL1,\n" - " P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3,\n" - " P521_KYBER_90S_LEVEL5]\n", /* 70 */ + " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5,\n" + " P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 70 */ #endif #ifdef WOLFSSL_SRTP "--srtp (デフォルトは SRTP_AES128_CM_SHA1_80)\n", /* 71 */ diff --git a/examples/server/server.c b/examples/server/server.c index 06dfc4f72..f63d51c29 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -707,27 +707,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_LEVEL5") == 0) { groups[count] = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL1") == 0) { - groups[count] = WOLFSSL_NTRU_HPS_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL3") == 0) { - groups[count] = WOLFSSL_NTRU_HPS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "NTRU_HPS_LEVEL5") == 0) { - groups[count] = WOLFSSL_NTRU_HPS_LEVEL5; - } - else if (XSTRCMP(pqcAlg, "NTRU_HRSS_LEVEL3") == 0) { - groups[count] = WOLFSSL_NTRU_HRSS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL1") == 0) { - groups[count] = WOLFSSL_SABER_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL3") == 0) { - groups[count] = WOLFSSL_SABER_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "SABER_LEVEL5") == 0) { - groups[count] = WOLFSSL_SABER_LEVEL5; - } else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL1") == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL1; } @@ -737,27 +716,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL5") == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1") == 0) { - groups[count] = WOLFSSL_P256_NTRU_HPS_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3") == 0) { - groups[count] = WOLFSSL_P384_NTRU_HPS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5") == 0) { - groups[count] = WOLFSSL_P521_NTRU_HPS_LEVEL5; - } - else if (XSTRCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3") == 0) { - groups[count] = WOLFSSL_P384_NTRU_HRSS_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P256_SABER_LEVEL1") == 0) { - groups[count] = WOLFSSL_P256_SABER_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_SABER_LEVEL3") == 0) { - groups[count] = WOLFSSL_P384_SABER_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_SABER_LEVEL5") == 0) { - groups[count] = WOLFSSL_P521_SABER_LEVEL5; - } else if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL1") == 0) { groups[count] = WOLFSSL_P256_KYBER_LEVEL1; } @@ -995,12 +953,8 @@ static const char* server_usage_msg[][65] = { #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n" " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n" - " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" - " P384_NTRU_HPS_LEVEL3, P521_NTRU_HPS_LEVEL5, P384_NTRU_HRSS_LEVEL3,\n" - " P256_SABER_LEVEL1, P384_SABER_LEVEL3, P521_SABER_LEVEL5, P256_KYBER_LEVEL1,\n" - " P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3,\n" - " P521_KYBER_90S_LEVEL5]\n", /* 60 */ + " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1,\n" + " P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 60 */ #endif #ifdef WOLFSSL_SRTP "--srtp (default is SRTP_AES128_CM_SHA1_80)\n", /* 61 */ @@ -1186,12 +1140,8 @@ static const char* server_usage_msg[][65] = { #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n" " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n" - " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" - " P384_NTRU_HPS_LEVEL3, P521_NTRU_HPS_LEVEL5, P384_NTRU_HRSS_LEVEL3,\n" - " P256_SABER_LEVEL1, P384_SABER_LEVEL3, P521_SABER_LEVEL5, P256_KYBER_LEVEL1,\n" - " P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3,\n" - " P521_KYBER_90S_LEVEL5]\n", /* 60 */ + " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5,\n" + " P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 60 */ #endif #ifdef WOLFSSL_SRTP "--srtp (デフォルトはSRTP_AES128_CM_SHA1_80)\n", /* 61 */ diff --git a/src/ssl.c b/src/ssl.c index 173d7e5e0..a3c09794d 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -246,23 +246,6 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { {XSTR_SIZEOF("KYBER_LEVEL3"), "KYBER_LEVEL3", WOLFSSL_KYBER_LEVEL3}, {XSTR_SIZEOF("KYBER_LEVEL5"), "KYBER_LEVEL5", WOLFSSL_KYBER_LEVEL5}, #ifdef HAVE_LIBOQS - {XSTR_SIZEOF("NTRU_HPS_LEVEL1"), "NTRU_HPS_LEVEL1", WOLFSSL_NTRU_HPS_LEVEL1}, - {XSTR_SIZEOF("NTRU_HPS_LEVEL3"), "NTRU_HPS_LEVEL3", WOLFSSL_NTRU_HPS_LEVEL3}, - {XSTR_SIZEOF("NTRU_HPS_LEVEL5"), "NTRU_HPS_LEVEL5", WOLFSSL_NTRU_HPS_LEVEL5}, - {XSTR_SIZEOF("NTRU_HRSS_LEVEL3"), "NTRU_HRSS_LEVEL3", WOLFSSL_NTRU_HRSS_LEVEL3}, - {XSTR_SIZEOF("SABER_LEVEL1"), "SABER_LEVEL1", WOLFSSL_SABER_LEVEL1}, - {XSTR_SIZEOF("SABER_LEVEL3"), "SABER_LEVEL3", WOLFSSL_SABER_LEVEL3}, - {XSTR_SIZEOF("SABER_LEVEL5"), "SABER_LEVEL5", WOLFSSL_SABER_LEVEL5}, - {XSTR_SIZEOF("KYBER_90S_LEVEL1"), "KYBER_90S_LEVEL1", WOLFSSL_KYBER_90S_LEVEL1}, - {XSTR_SIZEOF("KYBER_90S_LEVEL3"), "KYBER_90S_LEVEL3", WOLFSSL_KYBER_90S_LEVEL3}, - {XSTR_SIZEOF("KYBER_90S_LEVEL5"), "KYBER_90S_LEVEL5", WOLFSSL_KYBER_90S_LEVEL5}, - {XSTR_SIZEOF("P256_NTRU_HPS_LEVEL1"), "P256_NTRU_HPS_LEVEL1", WOLFSSL_P256_NTRU_HPS_LEVEL1}, - {XSTR_SIZEOF("P384_NTRU_HPS_LEVEL3"), "P384_NTRU_HPS_LEVEL3", WOLFSSL_P384_NTRU_HPS_LEVEL3}, - {XSTR_SIZEOF("P521_NTRU_HPS_LEVEL5"), "P521_NTRU_HPS_LEVEL5", WOLFSSL_P521_NTRU_HPS_LEVEL5}, - {XSTR_SIZEOF("P384_NTRU_HRSS_LEVEL3"), "P384_NTRU_HRSS_LEVEL3", WOLFSSL_P384_NTRU_HRSS_LEVEL3}, - {XSTR_SIZEOF("P256_SABER_LEVEL1"), "P256_SABER_LEVEL1", WOLFSSL_P256_SABER_LEVEL1}, - {XSTR_SIZEOF("P384_SABER_LEVEL3"), "P384_SABER_LEVEL3", WOLFSSL_P384_SABER_LEVEL3}, - {XSTR_SIZEOF("P521_SABER_LEVEL5"), "P521_SABER_LEVEL5", WOLFSSL_P521_SABER_LEVEL5}, {XSTR_SIZEOF("P256_KYBER_LEVEL1"), "P256_KYBER_LEVEL1", WOLFSSL_P256_KYBER_LEVEL1}, {XSTR_SIZEOF("P384_KYBER_LEVEL3"), "P384_KYBER_LEVEL3", WOLFSSL_P384_KYBER_LEVEL3}, {XSTR_SIZEOF("P521_KYBER_LEVEL5"), "P521_KYBER_LEVEL5", WOLFSSL_P521_KYBER_LEVEL5}, @@ -2945,26 +2928,9 @@ static int isValidCurveGroup(word16 name) case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: #ifdef HAVE_LIBOQS - case WOLFSSL_NTRU_HPS_LEVEL1: - case WOLFSSL_NTRU_HPS_LEVEL3: - case WOLFSSL_NTRU_HPS_LEVEL5: - case WOLFSSL_NTRU_HRSS_LEVEL3: - case WOLFSSL_SABER_LEVEL1: - case WOLFSSL_SABER_LEVEL3: - case WOLFSSL_SABER_LEVEL5: case WOLFSSL_KYBER_90S_LEVEL1: case WOLFSSL_KYBER_90S_LEVEL3: case WOLFSSL_KYBER_90S_LEVEL5: - case WOLFSSL_P256_NTRU_HPS_LEVEL1: - case WOLFSSL_P384_NTRU_HPS_LEVEL3: - case WOLFSSL_P521_NTRU_HPS_LEVEL5: - case WOLFSSL_P384_NTRU_HRSS_LEVEL3: - case WOLFSSL_P256_SABER_LEVEL1: - case WOLFSSL_P384_SABER_LEVEL3: - case WOLFSSL_P521_SABER_LEVEL5: - case WOLFSSL_P256_KYBER_LEVEL1: - case WOLFSSL_P384_KYBER_LEVEL3: - case WOLFSSL_P521_KYBER_LEVEL5: case WOLFSSL_P256_KYBER_90S_LEVEL1: case WOLFSSL_P384_KYBER_90S_LEVEL3: case WOLFSSL_P521_KYBER_90S_LEVEL5: @@ -21341,40 +21307,12 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) return "KYBER_LEVEL3"; case WOLFSSL_KYBER_LEVEL5: return "KYBER_LEVEL5"; - case WOLFSSL_NTRU_HPS_LEVEL1: - return "NTRU_HPS_LEVEL1"; - case WOLFSSL_NTRU_HPS_LEVEL3: - return "NTRU_HPS_LEVEL3"; - case WOLFSSL_NTRU_HPS_LEVEL5: - return "NTRU_HPS_LEVEL5"; - case WOLFSSL_NTRU_HRSS_LEVEL3: - return "NTRU_HRSS_LEVEL3"; - case WOLFSSL_SABER_LEVEL1: - return "SABER_LEVEL1"; - case WOLFSSL_SABER_LEVEL3: - return "SABER_LEVEL3"; - case WOLFSSL_SABER_LEVEL5: - return "SABER_LEVEL5"; case WOLFSSL_KYBER_90S_LEVEL1: return "KYBER_90S_LEVEL1"; case WOLFSSL_KYBER_90S_LEVEL3: return "KYBER_90S_LEVEL3"; case WOLFSSL_KYBER_90S_LEVEL5: return "KYBER_90S_LEVEL5"; - case WOLFSSL_P256_NTRU_HPS_LEVEL1: - return "P256_NTRU_HPS_LEVEL1"; - case WOLFSSL_P384_NTRU_HPS_LEVEL3: - return "P384_NTRU_HPS_LEVEL3"; - case WOLFSSL_P521_NTRU_HPS_LEVEL5: - return "P521_NTRU_HPS_LEVEL5"; - case WOLFSSL_P384_NTRU_HRSS_LEVEL3: - return "P384_NTRU_HRSS_LEVEL3"; - case WOLFSSL_P256_SABER_LEVEL1: - return "P256_SABER_LEVEL1"; - case WOLFSSL_P384_SABER_LEVEL3: - return "P384_SABER_LEVEL3"; - case WOLFSSL_P521_SABER_LEVEL5: - return "P521_SABER_LEVEL5"; case WOLFSSL_P256_KYBER_LEVEL1: return "P256_KYBER_LEVEL1"; case WOLFSSL_P384_KYBER_LEVEL3: diff --git a/src/tls.c b/src/tls.c index 0375b62d8..754fb88e7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -7138,13 +7138,6 @@ static const char* OQS_ID2name(int id) case WOLFSSL_KYBER_LEVEL1: return OQS_KEM_alg_kyber_512; case WOLFSSL_KYBER_LEVEL3: return OQS_KEM_alg_kyber_768; case WOLFSSL_KYBER_LEVEL5: return OQS_KEM_alg_kyber_1024; - case WOLFSSL_NTRU_HPS_LEVEL1: return OQS_KEM_alg_ntru_hps2048509; - case WOLFSSL_NTRU_HPS_LEVEL3: return OQS_KEM_alg_ntru_hps2048677; - case WOLFSSL_NTRU_HPS_LEVEL5: return OQS_KEM_alg_ntru_hps4096821; - case WOLFSSL_NTRU_HRSS_LEVEL3: return OQS_KEM_alg_ntru_hrss701; - case WOLFSSL_SABER_LEVEL1: return OQS_KEM_alg_saber_lightsaber; - case WOLFSSL_SABER_LEVEL3: return OQS_KEM_alg_saber_saber; - case WOLFSSL_SABER_LEVEL5: return OQS_KEM_alg_saber_firesaber; case WOLFSSL_KYBER_90S_LEVEL1: return OQS_KEM_alg_kyber_512_90s; case WOLFSSL_KYBER_90S_LEVEL3: return OQS_KEM_alg_kyber_768_90s; case WOLFSSL_KYBER_90S_LEVEL5: return OQS_KEM_alg_kyber_1024_90s; @@ -7161,20 +7154,6 @@ typedef struct PqcHybridMapping { } PqcHybridMapping; static const PqcHybridMapping pqc_hybrid_mapping[] = { - {.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .pqc = WOLFSSL_NTRU_HPS_LEVEL1}, - {.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .pqc = WOLFSSL_NTRU_HPS_LEVEL3}, - {.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .pqc = WOLFSSL_NTRU_HPS_LEVEL5}, - {.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .pqc = WOLFSSL_NTRU_HRSS_LEVEL3}, - {.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .pqc = WOLFSSL_SABER_LEVEL1}, - {.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .pqc = WOLFSSL_SABER_LEVEL3}, - {.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .pqc = WOLFSSL_SABER_LEVEL5}, {.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, .pqc = WOLFSSL_KYBER_LEVEL1}, {.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, @@ -9593,23 +9572,9 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: - case WOLFSSL_NTRU_HPS_LEVEL1: - case WOLFSSL_NTRU_HPS_LEVEL3: - case WOLFSSL_NTRU_HPS_LEVEL5: - case WOLFSSL_NTRU_HRSS_LEVEL3: - case WOLFSSL_SABER_LEVEL1: - case WOLFSSL_SABER_LEVEL3: - case WOLFSSL_SABER_LEVEL5: case WOLFSSL_KYBER_90S_LEVEL1: case WOLFSSL_KYBER_90S_LEVEL3: case WOLFSSL_KYBER_90S_LEVEL5: - case WOLFSSL_P256_NTRU_HPS_LEVEL1: - case WOLFSSL_P384_NTRU_HPS_LEVEL3: - case WOLFSSL_P521_NTRU_HPS_LEVEL5: - case WOLFSSL_P384_NTRU_HRSS_LEVEL3: - case WOLFSSL_P256_SABER_LEVEL1: - case WOLFSSL_P384_SABER_LEVEL3: - case WOLFSSL_P521_SABER_LEVEL5: case WOLFSSL_P256_KYBER_LEVEL1: case WOLFSSL_P384_KYBER_LEVEL3: case WOLFSSL_P521_KYBER_LEVEL5: @@ -9715,40 +9680,12 @@ static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_LEVEL3; if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_LEVEL5)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_NTRU_HPS_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_NTRU_HPS_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_NTRU_HPS_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_NTRU_HPS_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_NTRU_HPS_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_NTRU_HPS_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_NTRU_HRSS_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_NTRU_HRSS_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_SABER_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_SABER_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_SABER_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_SABER_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_SABER_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_SABER_LEVEL5; if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL1)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL1; if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL3)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL3; if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL5)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P256_NTRU_HPS_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_P256_NTRU_HPS_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_NTRU_HPS_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_P384_NTRU_HPS_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P521_NTRU_HPS_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_P521_NTRU_HPS_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_NTRU_HRSS_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_P384_NTRU_HRSS_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P256_SABER_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_P256_SABER_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_SABER_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_P384_SABER_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P521_SABER_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_P521_SABER_LEVEL5; if (TLSX_KeyShare_IsSupported(WOLFSSL_P256_KYBER_LEVEL1)) ssl->group[ssl->numGroups++] = WOLFSSL_P256_KYBER_LEVEL1; if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_KYBER_LEVEL3)) @@ -11801,27 +11738,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL5, ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_NTRU_HPS_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_NTRU_HPS_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_NTRU_HPS_LEVEL5, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_NTRU_HRSS_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SABER_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SABER_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SABER_LEVEL5, - ssl->heap); if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_90S_LEVEL1, ssl->heap); @@ -11831,27 +11747,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_90S_LEVEL5, ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_NTRU_HPS_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_NTRU_HPS_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_NTRU_HPS_LEVEL5, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_NTRU_HRSS_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_SABER_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_SABER_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_SABER_LEVEL5, - ssl->heap); if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_KYBER_LEVEL1, ssl->heap); diff --git a/tests/api.c b/tests/api.c index b077d707a..4af5bcff2 100644 --- a/tests/api.c +++ b/tests/api.c @@ -50957,9 +50957,7 @@ static int test_tls13_apis(void) #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) int groups[2] = { WOLFSSL_ECC_SECP256R1, #ifdef HAVE_PQC - #ifndef WOLFSSL_WC_KYBER - WOLFSSL_SABER_LEVEL3 - #else + #ifdef WOLFSSL_WC_KYBER WOLFSSL_KYBER_LEVEL1 #endif #else @@ -50983,9 +50981,7 @@ static int test_tls13_apis(void) #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 "P-256" #ifdef HAVE_PQC - #ifndef WOLFSSL_WC_KYBER - ":P256_SABER_LEVEL1" - #else + #ifdef WOLFSSL_WC_KYBER ":P256_KYBER_LEVEL1" #endif #endif diff --git a/tests/test-tls13-pq-2.conf b/tests/test-tls13-pq-2.conf index 60a1ada94..f896e91de 100644 --- a/tests/test-tls13-pq-2.conf +++ b/tests/test-tls13-pq-2.conf @@ -28,146 +28,6 @@ -l TLS13-AES256-GCM-SHA384 --pqc KYBER_90S_LEVEL5 -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HPS_LEVEL5 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HRSS_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc NTRU_HRSS_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc SABER_LEVEL5 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_NTRU_HPS_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_NTRU_HPS_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_NTRU_HPS_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_NTRU_HPS_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_NTRU_HPS_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_NTRU_HPS_LEVEL5 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_NTRU_HRSS_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_NTRU_HRSS_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_SABER_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_SABER_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_SABER_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_SABER_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_SABER_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_SABER_LEVEL5 - # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 36b955a15..437c75e38 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -453,18 +453,6 @@ static const char err_prefix[] = ""; #define BENCH_KYBER90S_LEVEL3_ENCAP 0x00000800 #define BENCH_KYBER90S_LEVEL5_KEYGEN 0x00001000 #define BENCH_KYBER90S_LEVEL5_ENCAP 0x00002000 -#define BENCH_SABER_LEVEL1_KEYGEN 0x00004000 -#define BENCH_SABER_LEVEL1_ENCAP 0x00008000 -#define BENCH_SABER_LEVEL3_KEYGEN 0x00010000 -#define BENCH_SABER_LEVEL3_ENCAP 0x00020000 -#define BENCH_SABER_LEVEL5_KEYGEN 0x00040000 -#define BENCH_SABER_LEVEL5_ENCAP 0x00080000 -#define BENCH_NTRUHPS_LEVEL1_KEYGEN 0x00100000 -#define BENCH_NTRUHPS_LEVEL1_ENCAP 0x00200000 -#define BENCH_NTRUHPS_LEVEL3_KEYGEN 0x00400000 -#define BENCH_NTRUHPS_LEVEL3_ENCAP 0x00800000 -#define BENCH_NTRUHPS_LEVEL5_KEYGEN 0x01000000 -#define BENCH_NTRUHPS_LEVEL5_ENCAP 0x02000000 #define BENCH_DILITHIUM_LEVEL2_SIGN 0x04000000 #define BENCH_DILITHIUM_LEVEL3_SIGN 0x08000000 #define BENCH_DILITHIUM_LEVEL5_SIGN 0x10000000 @@ -813,30 +801,6 @@ static const bench_pq_alg bench_pq_asym_opt[] = { OQS_KEM_alg_kyber_1024_90s}, { "-kyber90s_level5-ed", BENCH_KYBER90S_LEVEL5_ENCAP, OQS_KEM_alg_kyber_1024_90s }, - { "-saber_level1-kg", BENCH_SABER_LEVEL1_KEYGEN, - OQS_KEM_alg_saber_lightsaber }, - { "-saber_level1-ed", BENCH_SABER_LEVEL1_ENCAP, - OQS_KEM_alg_saber_lightsaber }, - { "-saber_level3-kg", BENCH_SABER_LEVEL3_KEYGEN, - OQS_KEM_alg_saber_saber }, - { "-saber_level3-ed", BENCH_SABER_LEVEL3_ENCAP, - OQS_KEM_alg_saber_saber }, - { "-saber_level5-kg", BENCH_SABER_LEVEL5_KEYGEN, - OQS_KEM_alg_saber_firesaber }, - { "-saber_level5-ed", BENCH_SABER_LEVEL5_ENCAP, - OQS_KEM_alg_saber_firesaber }, - { "-ntruHPS_level1-kg", BENCH_NTRUHPS_LEVEL1_KEYGEN, - OQS_KEM_alg_ntru_hps2048509 }, - { "-ntruHPS_level1-ed", BENCH_NTRUHPS_LEVEL1_ENCAP, - OQS_KEM_alg_ntru_hps2048509 }, - { "-ntruHPS_level3-kg", BENCH_NTRUHPS_LEVEL3_KEYGEN, - OQS_KEM_alg_ntru_hps2048677 }, - { "-ntruHPS_level3-ed", BENCH_NTRUHPS_LEVEL3_ENCAP, - OQS_KEM_alg_ntru_hps2048677 }, - { "-ntruHPS_level5-kg", BENCH_NTRUHPS_LEVEL5_KEYGEN, - OQS_KEM_alg_ntru_hps4096821 }, - { "-ntruHPS_level5-ed", BENCH_NTRUHPS_LEVEL5_ENCAP, - OQS_KEM_alg_ntru_hps4096821 }, #endif /* HAVE_LIBOQS */ { NULL, 0, NULL } }; @@ -2630,30 +2594,6 @@ static void* benchmarks_do(void* args) bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_ENCAP)) bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_KEYGEN)) - bench_pqcKemKeygen(BENCH_SABER_LEVEL1_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_ENCAP)) - bench_pqcKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_KEYGEN)) - bench_pqcKemKeygen(BENCH_SABER_LEVEL3_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_ENCAP)) - bench_pqcKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_KEYGEN)) - bench_pqcKemKeygen(BENCH_SABER_LEVEL5_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_ENCAP)) - bench_pqcKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_KEYGEN)) - bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_ENCAP)) - bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_KEYGEN)) - bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_ENCAP)) - bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_KEYGEN)) - bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_ENCAP)) - bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP); #ifdef HAVE_FALCON if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL1_SIGN)) bench_falconKeySign(1); diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 5c9113d04..91691b4d0 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3940,15 +3940,8 @@ enum { * algorithms have LEVEL2 and LEVEL4 because none of these submissions * included them. */ - WOLFSSL_PQC_MIN = 532, - WOLFSSL_PQC_SIMPLE_MIN = 532, - WOLFSSL_NTRU_HPS_LEVEL1 = 532, /* NTRU_HPS2048509 */ - WOLFSSL_NTRU_HPS_LEVEL3 = 533, /* NTRU_HPS2048677 */ - WOLFSSL_NTRU_HPS_LEVEL5 = 534, /* NTRU_HPS4096821 */ - WOLFSSL_NTRU_HRSS_LEVEL3 = 535, /* NTRU_HRSS701 */ - WOLFSSL_SABER_LEVEL1 = 536, /* LIGHTSABER */ - WOLFSSL_SABER_LEVEL3 = 537, /* SABER */ - WOLFSSL_SABER_LEVEL5 = 538, /* FIRESABER */ + WOLFSSL_PQC_MIN = 570, + WOLFSSL_PQC_SIMPLE_MIN = 570, WOLFSSL_KYBER_LEVEL1 = 570, /* KYBER_512 */ WOLFSSL_KYBER_LEVEL3 = 572, /* KYBER_768 */ WOLFSSL_KYBER_LEVEL5 = 573, /* KYBER_1024 */ @@ -3958,13 +3951,6 @@ enum { WOLFSSL_PQC_SIMPLE_MAX = 576, WOLFSSL_PQC_HYBRID_MIN = 12052, - WOLFSSL_P256_NTRU_HPS_LEVEL1 = 12052, - WOLFSSL_P384_NTRU_HPS_LEVEL3 = 12053, - WOLFSSL_P521_NTRU_HPS_LEVEL5 = 12054, - WOLFSSL_P384_NTRU_HRSS_LEVEL3 = 12055, - WOLFSSL_P256_SABER_LEVEL1 = 12056, - WOLFSSL_P384_SABER_LEVEL3 = 12057, - WOLFSSL_P521_SABER_LEVEL5 = 12058, WOLFSSL_P256_KYBER_LEVEL1 = 12090, WOLFSSL_P384_KYBER_LEVEL3 = 12092, WOLFSSL_P521_KYBER_LEVEL5 = 12093,