From c7e054a7a76dfe035562f1cb4ea469036d21f1d4 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Fri, 25 Jul 2025 13:27:26 -0400 Subject: [PATCH 1/2] Rename ML-KEM hybrids to match IETF Draft. --- INSTALL | 10 +- examples/benchmark/tls_bench.c | 16 ++-- examples/client/client.c | 61 +++++++----- examples/server/server.c | 61 +++++++----- src/internal.c | 16 ++-- src/ssl.c | 112 +++++++++++----------- src/tls.c | 130 +++++++++++++------------- tests/test-dtls13-pq-hybrid-frag.conf | 24 ++--- tests/test-tls13-pq-hybrid.conf | 32 +++---- wolfssl/ssl.h | 16 ++-- 10 files changed, 250 insertions(+), 228 deletions(-) diff --git a/INSTALL b/INSTALL index 4176fb063..ca9df34eb 100644 --- a/INSTALL +++ b/INSTALL @@ -208,13 +208,13 @@ For a quick start, you can run the client and server like this: - $ ./examples/server/server -v 4 --pqc P521_ML_KEM_1024 - $ ./examples/client/client -v 4 --pqc P521_ML_KEM_1024 + $ ./examples/server/server -v 4 --pqc SecP521r1MLKEM1024 + $ ./examples/client/client -v 4 --pqc SecP521r1MLKEM1024 Look for the following line in the output of the server and client: ``` - Using Post-Quantum KEM: P521_ML_KEM_1024 + Using Post-Quantum KEM: SecP521r1MLKEM1024 ``` For authentication, you can generate a certificate chain using the Open @@ -236,13 +236,13 @@ -A certs/mldsa87_root_cert.pem \ -c certs/mldsa44_entity_cert.pem \ -k certs/mldsa44_entity_key.pem \ - --pqc P521_ML_KEM_1024 + --pqc SecP521r1MLKEM1024 $ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \ -A certs/mldsa44_root_cert.pem \ -c certs/mldsa87_entity_cert.pem \ -k certs/mldsa87_entity_key.pem \ - --pqc P521_ML_KEM_1024 + --pqc SecP521r1MLKEM1024 Congratulations! You have just achieved a fully quantum-safe TLS 1.3 connection! diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index ecde30c5d..c191b2782 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -296,14 +296,14 @@ static struct group_info groups[] = { { WOLFSSL_ML_KEM_512, "ML_KEM_512" }, { WOLFSSL_ML_KEM_768, "ML_KEM_768" }, { WOLFSSL_ML_KEM_1024, "ML_KEM_1024" }, - { WOLFSSL_P256_ML_KEM_512, "P256_ML_KEM_512" }, - { WOLFSSL_P384_ML_KEM_768, "P384_ML_KEM_768" }, - { WOLFSSL_P256_ML_KEM_768, "P256_ML_KEM_768" }, - { WOLFSSL_P521_ML_KEM_1024, "P521_ML_KEM_1024" }, - { WOLFSSL_P384_ML_KEM_1024, "P384_ML_KEM_1024" }, - { WOLFSSL_X25519_ML_KEM_512, "X25519_ML_KEM_512" }, - { WOLFSSL_X448_ML_KEM_768, "X448_ML_KEM_768" }, - { WOLFSSL_X25519_ML_KEM_768, "X25519_ML_KEM_768" }, + { WOLFSSL_SECP256R1MLKEM512, "SecP256r1MLKEM512" }, + { WOLFSSL_SECP384R1MLKEM768, "SecP384r1MLKEM768" }, + { WOLFSSL_SECP256R1MLKEM768, "SecP256r1MLKEM768" }, + { WOLFSSL_SECP521R1MLKEM1024, "SecP521r1MLKEM1024" }, + { WOLFSSL_SECP384R1MLKEM1024, "SecP384r1MLKEM1024" }, + { WOLFSSL_X25519MLKEM512, "X25519MLKEM512" }, + { WOLFSSL_X448MLKEM768, "X448MLKEM768" }, + { WOLFSSL_X25519MLKEM768, "X25519MLKEM768" }, #endif #ifdef WOLFSSL_MLKEM_KYBER { WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" }, diff --git a/examples/client/client.c b/examples/client/client.c index 578508dc6..1c0b3bb8a 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -422,44 +422,44 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else #endif #ifndef WOLFSSL_NO_ML_KEM_512 - if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) { - group = WOLFSSL_P256_ML_KEM_512; + if (XSTRCMP(pqcAlg, "SecP256r1MLKEM512") == 0) { + group = WOLFSSL_SECP256R1MLKEM512; } else #endif #ifndef WOLFSSL_NO_ML_KEM_768 - if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) { - group = WOLFSSL_P384_ML_KEM_768; + if (XSTRCMP(pqcAlg, "SecP384r1MLKEM768") == 0) { + group = WOLFSSL_SECP384R1MLKEM768; } - else if (XSTRCMP(pqcAlg, "P256_ML_KEM_768") == 0) { - group = WOLFSSL_P256_ML_KEM_768; + else if (XSTRCMP(pqcAlg, "SecP256r1MLKEM768") == 0) { + group = WOLFSSL_SECP256R1MLKEM768; } else #endif #ifndef WOLFSSL_NO_ML_KEM_1024 - if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) { - group = WOLFSSL_P521_ML_KEM_1024; + if (XSTRCMP(pqcAlg, "SecP521r1MLKEM1024") == 0) { + group = WOLFSSL_SECP521R1MLKEM1024; } - else if (XSTRCMP(pqcAlg, "P384_ML_KEM_1024") == 0) { - group = WOLFSSL_P384_ML_KEM_1024; + else if (XSTRCMP(pqcAlg, "SecP384r1MLKEM1024") == 0) { + group = WOLFSSL_SECP384R1MLKEM1024; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) - if (XSTRCMP(pqcAlg, "X25519_ML_KEM_512") == 0) { - group = WOLFSSL_X25519_ML_KEM_512; + if (XSTRCMP(pqcAlg, "X25519MLKEM512") == 0) { + group = WOLFSSL_X25519MLKEM512; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) - if (XSTRCMP(pqcAlg, "X25519_ML_KEM_768") == 0) { - group = WOLFSSL_X25519_ML_KEM_768; + if (XSTRCMP(pqcAlg, "X25519MLKEM768") == 0) { + group = WOLFSSL_X25519MLKEM768; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) - if (XSTRCMP(pqcAlg, "X448_ML_KEM_768") == 0) { - group = WOLFSSL_X448_ML_KEM_768; + if (XSTRCMP(pqcAlg, "X448MLKEM768") == 0) { + group = WOLFSSL_X448MLKEM768; } else #endif @@ -1421,12 +1421,16 @@ static const char* client_usage_msg[][78] = { #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only:\n" #ifndef WOLFSSL_NO_ML_KEM - " ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," - "\n" - " P384_ML_KEM_768, P256_ML_KEM_768, P521_ML_KEM_1024,\n" - " P384_ML_KEM_1024, X25519_ML_KEM_512, " - "X25519_ML_KEM_768,\n" - " X448_ML_KEM_768\n" + " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n" + " SecP256r1MLKEM512,\n" + " SecP384r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP256r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP384r1MLKEM1024,\n" + " X25519MLKEM512,\n" + " X25519MLKEM768,\n" + " X448MLKEM768\n" #endif #ifdef WOLFSSL_MLKEM_KYBER " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " @@ -1675,9 +1679,16 @@ static const char* client_usage_msg[][78] = { #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ:\n" #ifndef WOLFSSL_NO_ML_KEM - " ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," - "\n" - " P384_ML_KEM_768, P521_ML_KEM_1024\n" + " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n" + " SecP256r1MLKEM512,\n" + " SecP384r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP256r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP384r1MLKEM1024,\n" + " X25519MLKEM512,\n" + " X25519MLKEM768,\n" + " X448MLKEM768\n" #endif #ifdef WOLFSSL_MLKEM_KYBER " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " diff --git a/examples/server/server.c b/examples/server/server.c index ab672cc8b..d2e4ceb89 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -735,44 +735,44 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else #endif #ifndef WOLFSSL_NO_ML_KEM_512 - if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) { - groups[count] = WOLFSSL_P256_ML_KEM_512; + if (XSTRCMP(pqcAlg, "SecP256r1MLKEM512") == 0) { + groups[count] = WOLFSSL_SECP256R1MLKEM512; } else #endif #ifndef WOLFSSL_NO_ML_KEM_768 - if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) { - groups[count] = WOLFSSL_P384_ML_KEM_768; + if (XSTRCMP(pqcAlg, "SecP384r1MLKEM768") == 0) { + groups[count] = WOLFSSL_SECP384R1MLKEM768; } - else if (XSTRCMP(pqcAlg, "P256_ML_KEM_768") == 0) { - groups[count] = WOLFSSL_P256_ML_KEM_768; + else if (XSTRCMP(pqcAlg, "SecP256r1MLKEM768") == 0) { + groups[count] = WOLFSSL_SECP256R1MLKEM768; } else #endif #ifndef WOLFSSL_NO_ML_KEM_1024 - if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) { - groups[count] = WOLFSSL_P521_ML_KEM_1024; + if (XSTRCMP(pqcAlg, "SecP521r1MLKEM1024") == 0) { + groups[count] = WOLFSSL_SECP521R1MLKEM1024; } - else if (XSTRCMP(pqcAlg, "P384_ML_KEM_1024") == 0) { - groups[count] = WOLFSSL_P384_ML_KEM_1024; + else if (XSTRCMP(pqcAlg, "SecP384r1MLKEM1024") == 0) { + groups[count] = WOLFSSL_SECP384R1MLKEM1024; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) - if (XSTRCMP(pqcAlg, "X25519_ML_KEM_512") == 0) { - groups[count] = WOLFSSL_X25519_ML_KEM_512; + if (XSTRCMP(pqcAlg, "X25519MLKEM512") == 0) { + groups[count] = WOLFSSL_X25519MLKEM512; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) - if (XSTRCMP(pqcAlg, "X25519_ML_KEM_768") == 0) { - groups[count] = WOLFSSL_X25519_ML_KEM_768; + if (XSTRCMP(pqcAlg, "X25519MLKEM768") == 0) { + groups[count] = WOLFSSL_X25519MLKEM768; } else #endif #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) - if (XSTRCMP(pqcAlg, "X448_ML_KEM_768") == 0) { - groups[count] = WOLFSSL_X448_ML_KEM_768; + if (XSTRCMP(pqcAlg, "X448MLKEM768") == 0) { + groups[count] = WOLFSSL_X448MLKEM768; } else #endif @@ -1070,12 +1070,16 @@ static const char* server_usage_msg[][66] = { #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only:\n" #ifndef WOLFSSL_NO_ML_KEM - " ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," - "\n" - " P384_ML_KEM_768, P256_ML_KEM_768, P521_ML_KEM_1024,\n" - " P384_ML_KEM_1024, X25519_ML_KEM_512, " - "X25519_ML_KEM_768,\n" - " X448_ML_KEM_768\n" + " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n" + " SecP256r1MLKEM512,\n" + " SecP384r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP256r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP384r1MLKEM1024,\n" + " X25519MLKEM512,\n" + " X25519MLKEM768,\n" + " X448MLKEM768\n" #endif #ifdef WOLFSSL_MLKEM_KYBER " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " @@ -1282,9 +1286,16 @@ static const char* server_usage_msg[][66] = { #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ:\n" #ifndef WOLFSSL_NO_ML_KEM - " ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," - "\n" - " P384_ML_KEM_768, P521_ML_KEM_1024\n" + " ML_KEM_512, ML_KEM_768, ML_KEM_1024," + " SecP256r1MLKEM512,\n" + " SecP384r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP256r1MLKEM768,\n" + " SecP521r1MLKEM1024,\n" + " SecP384r1MLKEM1024,\n" + " X25519MLKEM512,\n" + " X25519MLKEM768,\n" + " X448MLKEM768\n" #endif #ifdef WOLFSSL_MLKEM_KYBER " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " diff --git a/src/internal.c b/src/internal.c index d2e53dccb..5d6cd160d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -35414,14 +35414,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, { switch (group) { #ifndef WOLFSSL_NO_ML_KEM - case WOLFSSL_P256_ML_KEM_768: - case WOLFSSL_X25519_ML_KEM_768: - case WOLFSSL_P384_ML_KEM_1024: - case WOLFSSL_P256_ML_KEM_512: - case WOLFSSL_P384_ML_KEM_768: - case WOLFSSL_P521_ML_KEM_1024: - case WOLFSSL_X25519_ML_KEM_512: - case WOLFSSL_X448_ML_KEM_768: + case WOLFSSL_SECP256R1MLKEM768: + case WOLFSSL_X25519MLKEM768: + case WOLFSSL_SECP384R1MLKEM1024: + case WOLFSSL_SECP256R1MLKEM512: + case WOLFSSL_SECP384R1MLKEM768: + case WOLFSSL_SECP521R1MLKEM1024: + case WOLFSSL_X25519MLKEM512: + case WOLFSSL_X448MLKEM768: #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS case WOLFSSL_P256_ML_KEM_512_OLD: case WOLFSSL_P384_ML_KEM_768_OLD: diff --git a/src/ssl.c b/src/ssl.c index 14725f509..5f05649ea 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3715,14 +3715,14 @@ static int isValidCurveGroup(word16 name) case WOLFSSL_ML_KEM_768: case WOLFSSL_ML_KEM_1024: #if defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS) - case WOLFSSL_P256_ML_KEM_512: - case WOLFSSL_P384_ML_KEM_768: - case WOLFSSL_P521_ML_KEM_1024: - case WOLFSSL_P384_ML_KEM_1024: - case WOLFSSL_X25519_ML_KEM_512: - case WOLFSSL_X448_ML_KEM_768: - case WOLFSSL_X25519_ML_KEM_768: - case WOLFSSL_P256_ML_KEM_768: + case WOLFSSL_SECP256R1MLKEM512: + case WOLFSSL_SECP384R1MLKEM768: + case WOLFSSL_SECP521R1MLKEM1024: + case WOLFSSL_SECP384R1MLKEM1024: + case WOLFSSL_X25519MLKEM512: + case WOLFSSL_X448MLKEM768: + case WOLFSSL_X25519MLKEM768: + case WOLFSSL_SECP256R1MLKEM768: #endif #endif /* !WOLFSSL_NO_ML_KEM */ #ifdef WOLFSSL_MLKEM_KYBER @@ -15616,48 +15616,48 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) #ifndef WOLFSSL_NO_ML_KEM_512 case WOLFSSL_ML_KEM_512: return "ML_KEM_512"; - case WOLFSSL_P256_ML_KEM_512: - return "P256_ML_KEM_512"; + case WOLFSSL_SECP256R1MLKEM512: + return "SecP256r1MLKEM512"; #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS case WOLFSSL_P256_ML_KEM_512_OLD: return "P256_ML_KEM_512_OLD"; #endif #ifdef HAVE_CURVE25519 - case WOLFSSL_X25519_ML_KEM_512: - return "X25519_ML_KEM_512"; + case WOLFSSL_X25519MLKEM512: + return "X25519MLKEM512"; #endif #endif #ifndef WOLFSSL_NO_ML_KEM_768 case WOLFSSL_ML_KEM_768: return "ML_KEM_768"; - case WOLFSSL_P384_ML_KEM_768: - return "P384_ML_KEM_768"; + case WOLFSSL_SECP384R1MLKEM768: + return "SecP384r1MLKEM768"; #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS case WOLFSSL_P384_ML_KEM_768_OLD: return "P384_ML_KEM_768_OLD"; #endif - case WOLFSSL_P256_ML_KEM_768: - return "P256_ML_KEM_768"; + case WOLFSSL_SECP256R1MLKEM768: + return "SecP256r1MLKEM768"; #ifdef HAVE_CURVE25519 - case WOLFSSL_X25519_ML_KEM_768: - return "X25519_ML_KEM_768"; + case WOLFSSL_X25519MLKEM768: + return "X25519MLKEM768"; #endif #ifdef HAVE_CURVE448 - case WOLFSSL_X448_ML_KEM_768: - return "X448_ML_KEM_768"; + case WOLFSSL_X448MLKEM768: + return "X448MLKEM768"; #endif #endif #ifndef WOLFSSL_NO_ML_KEM_1024 case WOLFSSL_ML_KEM_1024: return "ML_KEM_1024"; - case WOLFSSL_P521_ML_KEM_1024: - return "P521_ML_KEM_1024"; + case WOLFSSL_SECP521R1MLKEM1024: + return "SecP521r1MLKEM1024"; #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS case WOLFSSL_P521_ML_KEM_1024_OLD: return "P521_ML_KEM_1024_OLD"; #endif - case WOLFSSL_P384_ML_KEM_1024: - return "P384_ML_KEM_1024"; + case WOLFSSL_SECP384R1MLKEM1024: + return "SecP384r1MLKEM1024"; #endif #elif defined(HAVE_LIBOQS) case WOLFSSL_ML_KEM_512: @@ -15666,25 +15666,25 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) return "ML_KEM_768"; case WOLFSSL_ML_KEM_1024: return "ML_KEM_1024"; - case WOLFSSL_P256_ML_KEM_512: - return "P256_ML_KEM_512"; - case WOLFSSL_P384_ML_KEM_768: - return "P384_ML_KEM_768"; - case WOLFSSL_P256_ML_KEM_768: - return "P256_ML_KEM_768"; - case WOLFSSL_P521_ML_KEM_1024: - return "P521_ML_KEM_1024"; - case WOLFSSL_P384_ML_KEM_1024: - return "P384_ML_KEM_1024"; + case WOLFSSL_SECP256R1MLKEM512: + return "SecP256r1MLKEM512"; + case WOLFSSL_SECP384R1MLKEM768: + return "SecP384r1MLKEM768"; + case WOLFSSL_SECP256R1MLKEM768: + return "SecP256r1MLKEM768"; + case WOLFSSL_SECP521R1MLKEM1024: + return "SecP521r1MLKEM1024"; + case WOLFSSL_SECP384R1MLKEM1024: + return "SecP384r1MLKEM1024"; #ifdef HAVE_CURVE25519 - case WOLFSSL_X25519_ML_KEM_512: - return "X25519_ML_KEM_512"; - case WOLFSSL_X25519_ML_KEM_768: - return "X25519_ML_KEM_768"; + case WOLFSSL_X25519MLKEM512: + return "X25519MLKEM512"; + case WOLFSSL_X25519MLKEM768: + return "X25519MLKEM768"; #endif #ifdef HAVE_CURVE448 - case WOLFSSL_X448_ML_KEM_768: - return "X448_ML_KEM_768"; + case WOLFSSL_X448MLKEM768: + return "X448MLKEM768"; #endif #endif /* WOLFSSL_WC_MLKEM */ #endif /* WOLFSSL_NO_ML_KEM */ @@ -23260,22 +23260,22 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { {CURVE_NAME("ML_KEM_768"), WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768}, {CURVE_NAME("ML_KEM_1024"), WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024}, #if (defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS)) && defined(HAVE_ECC) - {CURVE_NAME("P256_ML_KEM_512"), WOLFSSL_P256_ML_KEM_512, - WOLFSSL_P256_ML_KEM_512}, - {CURVE_NAME("P384_ML_KEM_768"), WOLFSSL_P384_ML_KEM_768, - WOLFSSL_P384_ML_KEM_768}, - {CURVE_NAME("P256_ML_KEM_768"), WOLFSSL_P256_ML_KEM_768, - WOLFSSL_P256_ML_KEM_768}, - {CURVE_NAME("P521_ML_KEM_1024"), WOLFSSL_P521_ML_KEM_1024, - WOLFSSL_P521_ML_KEM_1024}, - {CURVE_NAME("P384_ML_KEM_1024"), WOLFSSL_P384_ML_KEM_1024, - WOLFSSL_P384_ML_KEM_1024}, - {CURVE_NAME("X25519_ML_KEM_512"), WOLFSSL_X25519_ML_KEM_512, - WOLFSSL_X25519_ML_KEM_512}, - {CURVE_NAME("X448_ML_KEM_768"), WOLFSSL_X448_ML_KEM_768, - WOLFSSL_X448_ML_KEM_768}, - {CURVE_NAME("X25519_ML_KEM_768"), WOLFSSL_X25519_ML_KEM_768, - WOLFSSL_X25519_ML_KEM_768}, + {CURVE_NAME("SecP256r1MLKEM512"), WOLFSSL_SECP256R1MLKEM512, + WOLFSSL_SECP256R1MLKEM512}, + {CURVE_NAME("SecP384r1MLKEM768"), WOLFSSL_SECP384R1MLKEM768, + WOLFSSL_SECP384R1MLKEM768}, + {CURVE_NAME("SecP256r1MLKEM768"), WOLFSSL_SECP256R1MLKEM768, + WOLFSSL_SECP256R1MLKEM768}, + {CURVE_NAME("SecP521r1MLKEM1024"), WOLFSSL_SECP521R1MLKEM1024, + WOLFSSL_SECP521R1MLKEM1024}, + {CURVE_NAME("SecP384r1MLKEM1024"), WOLFSSL_SECP384R1MLKEM1024, + WOLFSSL_SECP384R1MLKEM1024}, + {CURVE_NAME("X25519MLKEM512"), WOLFSSL_X25519MLKEM512, + WOLFSSL_X25519MLKEM512}, + {CURVE_NAME("X448MLKEM768"), WOLFSSL_X448MLKEM768, + WOLFSSL_X448MLKEM768}, + {CURVE_NAME("X25519MLKEM768"), WOLFSSL_X25519MLKEM768, + WOLFSSL_X25519MLKEM768}, #endif #endif /* !WOLFSSL_NO_ML_KEM */ #ifdef WOLFSSL_MLKEM_KYBER diff --git a/src/tls.c b/src/tls.c index 2f13d558b..8bb77f025 100644 --- a/src/tls.c +++ b/src/tls.c @@ -4580,26 +4580,26 @@ static int TLSX_IsGroupSupported(int namedGroup) #ifdef WOLFSSL_WC_MLKEM #ifndef WOLFSSL_NO_ML_KEM_512 case WOLFSSL_ML_KEM_512: - case WOLFSSL_P256_ML_KEM_512: + case WOLFSSL_SECP256R1MLKEM512: #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 - case WOLFSSL_X25519_ML_KEM_512: + case WOLFSSL_X25519MLKEM512: #endif #endif #ifndef WOLFSSL_NO_ML_KEM_768 case WOLFSSL_ML_KEM_768: - case WOLFSSL_P384_ML_KEM_768: - case WOLFSSL_P256_ML_KEM_768: + case WOLFSSL_SECP384R1MLKEM768: + case WOLFSSL_SECP256R1MLKEM768: #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 - case WOLFSSL_X25519_ML_KEM_768: + case WOLFSSL_X25519MLKEM768: #endif #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 - case WOLFSSL_X448_ML_KEM_768: + case WOLFSSL_X448MLKEM768: #endif #endif #ifndef WOLFSSL_NO_ML_KEM_1024 case WOLFSSL_ML_KEM_1024: - case WOLFSSL_P521_ML_KEM_1024: - case WOLFSSL_P384_ML_KEM_1024: + case WOLFSSL_SECP521R1MLKEM1024: + case WOLFSSL_SECP384R1MLKEM1024: break; #endif #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS @@ -4626,14 +4626,14 @@ static int TLSX_IsGroupSupported(int namedGroup) break; } - case WOLFSSL_P256_ML_KEM_512: - case WOLFSSL_P384_ML_KEM_768: - case WOLFSSL_P256_ML_KEM_768: - case WOLFSSL_P521_ML_KEM_1024: - case WOLFSSL_P384_ML_KEM_1024: - case WOLFSSL_X25519_ML_KEM_512: - case WOLFSSL_X448_ML_KEM_768: - case WOLFSSL_X25519_ML_KEM_768: + case WOLFSSL_SECP256R1MLKEM512: + case WOLFSSL_SECP384R1MLKEM768: + case WOLFSSL_SECP256R1MLKEM768: + case WOLFSSL_SECP521R1MLKEM1024: + case WOLFSSL_SECP384R1MLKEM1024: + case WOLFSSL_X25519MLKEM512: + case WOLFSSL_X448MLKEM768: + case WOLFSSL_X25519MLKEM768: { int ret; int id; @@ -5884,15 +5884,15 @@ int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, void* heap) if (ret != 0) return ret; #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS - if (name == WOLFSSL_P256_ML_KEM_512) { + if (name == WOLFSSL_SECP256R1MLKEM512) { ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, WOLFSSL_P256_ML_KEM_512_OLD, heap); } - else if (name == WOLFSSL_P384_ML_KEM_768) { + else if (name == WOLFSSL_SECP384R1MLKEM768) { ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, WOLFSSL_P384_ML_KEM_768_OLD, heap); } - else if (name == WOLFSSL_P521_ML_KEM_1024) { + else if (name == WOLFSSL_SECP521R1MLKEM1024) { ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, WOLFSSL_P521_ML_KEM_1024_OLD, heap); } @@ -8465,22 +8465,22 @@ typedef struct PqcHybridMapping { static const PqcHybridMapping pqc_hybrid_mapping[] = { #ifndef WOLFSSL_NO_ML_KEM - {WOLFSSL_P256_ML_KEM_512, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0}, - {WOLFSSL_P384_ML_KEM_768, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0}, - {WOLFSSL_P256_ML_KEM_768, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_768, 0}, - {WOLFSSL_P521_ML_KEM_1024, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0}, - {WOLFSSL_P384_ML_KEM_1024, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_1024, 0}, + {WOLFSSL_SECP256R1MLKEM512, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0}, + {WOLFSSL_SECP384R1MLKEM768, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0}, + {WOLFSSL_SECP256R1MLKEM768, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_768, 0}, + {WOLFSSL_SECP521R1MLKEM1024, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0}, + {WOLFSSL_SECP384R1MLKEM1024, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_1024, 0}, #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS {WOLFSSL_P256_ML_KEM_512_OLD, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0}, {WOLFSSL_P384_ML_KEM_768_OLD, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0}, {WOLFSSL_P521_ML_KEM_1024_OLD, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0}, #endif #ifdef HAVE_CURVE25519 - {WOLFSSL_X25519_ML_KEM_512, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_512, 1}, - {WOLFSSL_X25519_ML_KEM_768, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_768, 1}, + {WOLFSSL_X25519MLKEM512, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_512, 1}, + {WOLFSSL_X25519MLKEM768, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_768, 1}, #endif #ifdef HAVE_CURVE448 - {WOLFSSL_X448_ML_KEM_768, WOLFSSL_ECC_X448, WOLFSSL_ML_KEM_768, 1}, + {WOLFSSL_X448MLKEM768, WOLFSSL_ECC_X448, WOLFSSL_ML_KEM_768, 1}, #endif #endif /* WOLFSSL_NO_ML_KEM */ #ifdef WOLFSSL_MLKEM_KYBER @@ -10603,11 +10603,11 @@ int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group, word16 len, byte* data, while (keyShareEntry != NULL) { #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS if ((group == WOLFSSL_P256_ML_KEM_512_OLD && - keyShareEntry->group == WOLFSSL_P256_ML_KEM_512) || + keyShareEntry->group == WOLFSSL_SECP256R1MLKEM512) || (group == WOLFSSL_P384_ML_KEM_768_OLD && - keyShareEntry->group == WOLFSSL_P384_ML_KEM_768) || + keyShareEntry->group == WOLFSSL_SECP384R1MLKEM768) || (group == WOLFSSL_P521_ML_KEM_1024_OLD && - keyShareEntry->group == WOLFSSL_P521_ML_KEM_1024)) { + keyShareEntry->group == WOLFSSL_SECP521R1MLKEM1024)) { keyShareEntry->group = group; break; } @@ -10734,43 +10734,43 @@ static const word16 preferredGroup[] = { #ifdef WOLFSSL_WC_MLKEM #ifndef WOLFSSL_NO_ML_KEM_512 WOLFSSL_ML_KEM_512, - WOLFSSL_P256_ML_KEM_512, + WOLFSSL_SECP256R1MLKEM512, #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 - WOLFSSL_X25519_ML_KEM_512, + WOLFSSL_X25519MLKEM512, #endif #endif #ifndef WOLFSSL_NO_ML_KEM_768 WOLFSSL_ML_KEM_768, - WOLFSSL_P384_ML_KEM_768, - WOLFSSL_P256_ML_KEM_768, + WOLFSSL_SECP384R1MLKEM768, + WOLFSSL_SECP256R1MLKEM768, #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 - WOLFSSL_X25519_ML_KEM_768, + WOLFSSL_X25519MLKEM768, #endif #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 - WOLFSSL_X448_ML_KEM_768, + WOLFSSL_X448MLKEM768, #endif #endif #ifndef WOLFSSL_NO_ML_KEM_1024 WOLFSSL_ML_KEM_1024, - WOLFSSL_P521_ML_KEM_1024, - WOLFSSL_P384_ML_KEM_1024, + WOLFSSL_SECP521R1MLKEM1024, + WOLFSSL_SECP384R1MLKEM1024, #endif #elif defined(HAVE_LIBOQS) /* These require a runtime call to TLSX_IsGroupSupported to use */ WOLFSSL_ML_KEM_512, WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_1024, - WOLFSSL_P256_ML_KEM_512, - WOLFSSL_P384_ML_KEM_768, - WOLFSSL_P256_ML_KEM_768, - WOLFSSL_P521_ML_KEM_1024, - WOLFSSL_P384_ML_KEM_1024, + WOLFSSL_SECP256R1MLKEM512, + WOLFSSL_SECP384R1MLKEM768, + WOLFSSL_SECP256R1MLKEM768, + WOLFSSL_SECP521R1MLKEM1024, + WOLFSSL_SECP384R1MLKEM1024, #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 - WOLFSSL_X25519_ML_KEM_512, - WOLFSSL_X25519_ML_KEM_768, + WOLFSSL_X25519MLKEM512, + WOLFSSL_X25519MLKEM768, #endif #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 - WOLFSSL_X448_ML_KEM_768, + WOLFSSL_X448MLKEM768, #endif #endif #endif /* !WOLFSSL_NO_ML_KEM */ @@ -10853,11 +10853,11 @@ static int TLSX_KeyShare_GroupRank(const WOLFSSL* ssl, int group) for (i = 0; i < numGroups; i++) { #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS if ((group == WOLFSSL_P256_ML_KEM_512_OLD && - groups[i] == WOLFSSL_P256_ML_KEM_512) || + groups[i] == WOLFSSL_SECP256R1MLKEM512) || (group == WOLFSSL_P384_ML_KEM_768_OLD && - groups[i] == WOLFSSL_P384_ML_KEM_768) || + groups[i] == WOLFSSL_SECP384R1MLKEM768) || (group == WOLFSSL_P521_ML_KEM_1024_OLD && - groups[i] == WOLFSSL_P521_ML_KEM_1024)) { + groups[i] == WOLFSSL_SECP521R1MLKEM1024)) { return i; } #endif @@ -14462,11 +14462,11 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_512, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_512, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM512, ssl->heap); #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_512, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM512, ssl->heap); #endif #endif @@ -14475,19 +14475,19 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_768, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM768, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM768, ssl->heap); #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM768, ssl->heap); #endif #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448MLKEM768, ssl->heap); #endif #endif @@ -14496,10 +14496,10 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_ML_KEM_1024, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP521R1MLKEM1024, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_1024, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM1024, ssl->heap); #endif #elif defined(HAVE_LIBOQS) @@ -14511,31 +14511,31 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_512, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM512, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM768, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM768, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_ML_KEM_1024, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP521R1MLKEM1024, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_1024, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM1024, ssl->heap); #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_512, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM512, ssl->heap); if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM768, ssl->heap); #endif #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448_ML_KEM_768, + ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448MLKEM768, ssl->heap); #endif #endif /* HAVE_LIBOQS */ diff --git a/tests/test-dtls13-pq-hybrid-frag.conf b/tests/test-dtls13-pq-hybrid-frag.conf index c9edc6907..267468887 100644 --- a/tests/test-dtls13-pq-hybrid-frag.conf +++ b/tests/test-dtls13-pq-hybrid-frag.conf @@ -2,73 +2,73 @@ -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_768 +--pqc SecP384r1MLKEM768 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_768 +--pqc SecP384r1MLKEM768 # server DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_768 +--pqc SecP256r1MLKEM768 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_768 +--pqc SecP256r1MLKEM768 # server DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P521_ML_KEM_1024 +--pqc SecP521r1MLKEM1024 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P521_ML_KEM_1024 +--pqc SecP521r1MLKEM1024 # server DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_1024 +--pqc SecP384r1MLKEM1024 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_1024 +--pqc SecP384r1MLKEM1024 # server DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_768 +--pqc X25519MLKEM768 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_768 +--pqc X25519MLKEM768 # server DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X448_ML_KEM_768 +--pqc X448MLKEM768 # client DTLSv1.3 with post-quantum hybrid group -u -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X448_ML_KEM_768 +--pqc X448MLKEM768 # server DTLSv1.3 with post-quantum hybrid group -u diff --git a/tests/test-tls13-pq-hybrid.conf b/tests/test-tls13-pq-hybrid.conf index 242cd3089..76c8e5769 100644 --- a/tests/test-tls13-pq-hybrid.conf +++ b/tests/test-tls13-pq-hybrid.conf @@ -1,82 +1,82 @@ # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_512 +--pqc SecP256r1MLKEM512 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_512 +--pqc SecP256r1MLKEM512 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_768 +--pqc SecP384r1MLKEM768 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_768 +--pqc SecP384r1MLKEM768 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_768 +--pqc SecP256r1MLKEM768 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P256_ML_KEM_768 +--pqc SecP256r1MLKEM768 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P521_ML_KEM_1024 +--pqc SecP521r1MLKEM1024 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P521_ML_KEM_1024 +--pqc SecP521r1MLKEM1024 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_1024 +--pqc SecP384r1MLKEM1024 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc P384_ML_KEM_1024 +--pqc SecP384r1MLKEM1024 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_512 +--pqc X25519MLKEM512 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_512 +--pqc X25519MLKEM512 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_768 +--pqc X25519MLKEM768 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X25519_ML_KEM_768 +--pqc X25519MLKEM768 # server TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X448_ML_KEM_768 +--pqc X448MLKEM768 # client TLSv1.3 with post-quantum hybrid group -v 4 -l TLS13-AES256-GCM-SHA384 ---pqc X448_ML_KEM_768 +--pqc X448MLKEM768 # server TLSv1.3 with post-quantum hybrid group -v 4 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 3e6865b41..9d3c814ca 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -4618,9 +4618,9 @@ enum { * https://github.com/post-quantum-cryptography/ * draft-kwiatkowski-tls-ecdhe-mlkem/ */ - WOLFSSL_P256_ML_KEM_768 = 4587, - WOLFSSL_X25519_ML_KEM_768 = 4588, - WOLFSSL_P384_ML_KEM_1024 = 4589, + WOLFSSL_SECP256R1MLKEM768 = 4587, + WOLFSSL_X25519MLKEM768 = 4588, + WOLFSSL_SECP384R1MLKEM1024 = 4589, /* Taken from OQS's openssl provider, see: * https://github.com/open-quantum-safe/oqs-provider/blob/main/oqs-template/ @@ -4631,11 +4631,11 @@ enum { WOLFSSL_P384_ML_KEM_768_OLD = 12104, WOLFSSL_P521_ML_KEM_1024_OLD = 12105, #endif - WOLFSSL_P256_ML_KEM_512 = 12107, - WOLFSSL_P384_ML_KEM_768 = 12108, - WOLFSSL_P521_ML_KEM_1024 = 12109, - WOLFSSL_X25519_ML_KEM_512 = 12214, - WOLFSSL_X448_ML_KEM_768 = 12215, + WOLFSSL_SECP256R1MLKEM512 = 12107, + WOLFSSL_SECP384R1MLKEM768 = 12108, + WOLFSSL_SECP521R1MLKEM1024 = 12109, + WOLFSSL_X25519MLKEM512 = 12214, + WOLFSSL_X448MLKEM768 = 12215, #endif /* WOLFSSL_NO_ML_KEM */ #endif /* HAVE_PQC */ WOLF_ENUM_DUMMY_LAST_ELEMENT(SSL_H) From 6f66f4fda3a39547370713fab6fdf8b2250471c6 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 30 Jul 2025 16:34:27 -0400 Subject: [PATCH 2/2] Use correct string in the unit tests. --- tests/api.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/api.c b/tests/api.c index e7b2cc223..21d3a7190 100644 --- a/tests/api.c +++ b/tests/api.c @@ -49521,11 +49521,11 @@ static int test_tls13_apis(void) #endif #else #ifndef WOLFSSL_NO_KYBER512 - ":P256_ML_KEM_512" + ":SecP256r1MLKEM512" #elif !defined(WOLFSSL_NO_KYBER768) - ":P256_ML_KEM_768" + ":SecP384r1MLKEM768" #else - ":P256_ML_KEM_1024" + ":SecP521r1MLKEM1024" #endif #endif #endif