wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-04 05:04:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9033 from anhu/mlkem-hybrid-draft-names-wolfssl

Browse Source 
Rename ML-KEM hybrids to match IETF Draft.
This commit is contained in:
JacobBarthelmeh
2025-08-01 10:21:54 -06:00
committed by GitHub
parent 65e7f2c40f 6f66f4fda3
commit 0392ee009f
11 changed files with 253 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
INSTALL
View File

@@ -208,13 +208,13 @@
For a quick start, you can run the client and server like this: For a quick start, you can run the client and server like this:
$ ./examples/server/server -v 4 --pqc P521_ML_KEM_1024 $ ./examples/server/server -v 4 --pqc SecP521r1MLKEM1024
$ ./examples/client/client -v 4 --pqc P521_ML_KEM_1024 $ ./examples/client/client -v 4 --pqc SecP521r1MLKEM1024
Look for the following line in the output of the server and client: Look for the following line in the output of the server and client:
``` ```
Using Post-Quantum KEM: P521_ML_KEM_1024 Using Post-Quantum KEM: SecP521r1MLKEM1024
``` ```
For authentication, you can generate a certificate chain using the Open For authentication, you can generate a certificate chain using the Open
@@ -236,13 +236,13 @@
-A certs/mldsa87_root_cert.pem \ -A certs/mldsa87_root_cert.pem \
-c certs/mldsa44_entity_cert.pem \ -c certs/mldsa44_entity_cert.pem \
-k certs/mldsa44_entity_key.pem \ -k certs/mldsa44_entity_key.pem \
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
$ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \ $ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
-A certs/mldsa44_root_cert.pem \ -A certs/mldsa44_root_cert.pem \
-c certs/mldsa87_entity_cert.pem \ -c certs/mldsa87_entity_cert.pem \
-k certs/mldsa87_entity_key.pem \ -k certs/mldsa87_entity_key.pem \
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
Congratulations! You have just achieved a fully quantum-safe TLS 1.3 Congratulations! You have just achieved a fully quantum-safe TLS 1.3
connection! connection!

16
examples/benchmark/tls_bench.c
View File

@@ -296,14 +296,14 @@ static struct group_info groups[] = {
{ WOLFSSL_ML_KEM_512, "ML_KEM_512" }, { WOLFSSL_ML_KEM_512, "ML_KEM_512" },
{ WOLFSSL_ML_KEM_768, "ML_KEM_768" }, { WOLFSSL_ML_KEM_768, "ML_KEM_768" },
{ WOLFSSL_ML_KEM_1024, "ML_KEM_1024" }, { WOLFSSL_ML_KEM_1024, "ML_KEM_1024" },
{ WOLFSSL_P256_ML_KEM_512, "P256_ML_KEM_512" }, { WOLFSSL_SECP256R1MLKEM512, "SecP256r1MLKEM512" },
{ WOLFSSL_P384_ML_KEM_768, "P384_ML_KEM_768" }, { WOLFSSL_SECP384R1MLKEM768, "SecP384r1MLKEM768" },
{ WOLFSSL_P256_ML_KEM_768, "P256_ML_KEM_768" }, { WOLFSSL_SECP256R1MLKEM768, "SecP256r1MLKEM768" },
{ WOLFSSL_P521_ML_KEM_1024, "P521_ML_KEM_1024" }, { WOLFSSL_SECP521R1MLKEM1024, "SecP521r1MLKEM1024" },
{ WOLFSSL_P384_ML_KEM_1024, "P384_ML_KEM_1024" }, { WOLFSSL_SECP384R1MLKEM1024, "SecP384r1MLKEM1024" },
{ WOLFSSL_X25519_ML_KEM_512, "X25519_ML_KEM_512" }, { WOLFSSL_X25519MLKEM512, "X25519MLKEM512" },
{ WOLFSSL_X448_ML_KEM_768, "X448_ML_KEM_768" }, { WOLFSSL_X448MLKEM768, "X448MLKEM768" },
{ WOLFSSL_X25519_ML_KEM_768, "X25519_ML_KEM_768" }, { WOLFSSL_X25519MLKEM768, "X25519MLKEM768" },
#endif #endif
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
{ WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" }, { WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" },

61
examples/client/client.c
View File

@@ -422,44 +422,44 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_512 #ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) { if (XSTRCMP(pqcAlg, "SecP256r1MLKEM512") == 0) {
group = WOLFSSL_P256_ML_KEM_512; group = WOLFSSL_SECP256R1MLKEM512;
} }
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_768 #ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "SecP384r1MLKEM768") == 0) {
group = WOLFSSL_P384_ML_KEM_768; group = WOLFSSL_SECP384R1MLKEM768;
} }
else if (XSTRCMP(pqcAlg, "P256_ML_KEM_768") == 0) { else if (XSTRCMP(pqcAlg, "SecP256r1MLKEM768") == 0) {
group = WOLFSSL_P256_ML_KEM_768; group = WOLFSSL_SECP256R1MLKEM768;
} }
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_1024 #ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) { if (XSTRCMP(pqcAlg, "SecP521r1MLKEM1024") == 0) {
group = WOLFSSL_P521_ML_KEM_1024; group = WOLFSSL_SECP521R1MLKEM1024;
} }
else if (XSTRCMP(pqcAlg, "P384_ML_KEM_1024") == 0) { else if (XSTRCMP(pqcAlg, "SecP384r1MLKEM1024") == 0) {
group = WOLFSSL_P384_ML_KEM_1024; group = WOLFSSL_SECP384R1MLKEM1024;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) #if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519)
if (XSTRCMP(pqcAlg, "X25519_ML_KEM_512") == 0) { if (XSTRCMP(pqcAlg, "X25519MLKEM512") == 0) {
group = WOLFSSL_X25519_ML_KEM_512; group = WOLFSSL_X25519MLKEM512;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519)
if (XSTRCMP(pqcAlg, "X25519_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "X25519MLKEM768") == 0) {
group = WOLFSSL_X25519_ML_KEM_768; group = WOLFSSL_X25519MLKEM768;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448)
if (XSTRCMP(pqcAlg, "X448_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "X448MLKEM768") == 0) {
group = WOLFSSL_X448_ML_KEM_768; group = WOLFSSL_X448MLKEM768;
} }
else else
#endif #endif
@@ -1421,12 +1421,16 @@ static const char* client_usage_msg[][78] = {
#ifdef HAVE_PQC #ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only:\n" "--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
"\n" " SecP256r1MLKEM512,\n"
" P384_ML_KEM_768, P256_ML_KEM_768, P521_ML_KEM_1024,\n" " SecP384r1MLKEM768,\n"
" P384_ML_KEM_1024, X25519_ML_KEM_512, " " SecP521r1MLKEM1024,\n"
"X25519_ML_KEM_768,\n" " SecP256r1MLKEM768,\n"
" X448_ML_KEM_768\n" " SecP521r1MLKEM1024,\n"
" SecP384r1MLKEM1024,\n"
" X25519MLKEM512,\n"
" X25519MLKEM768,\n"
" X448MLKEM768\n"
#endif #endif
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
@@ -1675,9 +1679,16 @@ static const char* client_usage_msg[][78] = {
#ifdef HAVE_PQC #ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n" "--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
"\n" " SecP256r1MLKEM512,\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n" " SecP384r1MLKEM768,\n"
" SecP521r1MLKEM1024,\n"
" SecP256r1MLKEM768,\n"
" SecP521r1MLKEM1024,\n"
" SecP384r1MLKEM1024,\n"
" X25519MLKEM512,\n"
" X25519MLKEM768,\n"
" X448MLKEM768\n"
#endif #endif
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "

61
examples/server/server.c
View File

@@ -735,44 +735,44 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_512 #ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) { if (XSTRCMP(pqcAlg, "SecP256r1MLKEM512") == 0) {
groups[count] = WOLFSSL_P256_ML_KEM_512; groups[count] = WOLFSSL_SECP256R1MLKEM512;
} }
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_768 #ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "SecP384r1MLKEM768") == 0) {
groups[count] = WOLFSSL_P384_ML_KEM_768; groups[count] = WOLFSSL_SECP384R1MLKEM768;
} }
else if (XSTRCMP(pqcAlg, "P256_ML_KEM_768") == 0) { else if (XSTRCMP(pqcAlg, "SecP256r1MLKEM768") == 0) {
groups[count] = WOLFSSL_P256_ML_KEM_768; groups[count] = WOLFSSL_SECP256R1MLKEM768;
} }
else else
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_1024 #ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) { if (XSTRCMP(pqcAlg, "SecP521r1MLKEM1024") == 0) {
groups[count] = WOLFSSL_P521_ML_KEM_1024; groups[count] = WOLFSSL_SECP521R1MLKEM1024;
} }
else if (XSTRCMP(pqcAlg, "P384_ML_KEM_1024") == 0) { else if (XSTRCMP(pqcAlg, "SecP384r1MLKEM1024") == 0) {
groups[count] = WOLFSSL_P384_ML_KEM_1024; groups[count] = WOLFSSL_SECP384R1MLKEM1024;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) #if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519)
if (XSTRCMP(pqcAlg, "X25519_ML_KEM_512") == 0) { if (XSTRCMP(pqcAlg, "X25519MLKEM512") == 0) {
groups[count] = WOLFSSL_X25519_ML_KEM_512; groups[count] = WOLFSSL_X25519MLKEM512;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519)
if (XSTRCMP(pqcAlg, "X25519_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "X25519MLKEM768") == 0) {
groups[count] = WOLFSSL_X25519_ML_KEM_768; groups[count] = WOLFSSL_X25519MLKEM768;
} }
else else
#endif #endif
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448)
if (XSTRCMP(pqcAlg, "X448_ML_KEM_768") == 0) { if (XSTRCMP(pqcAlg, "X448MLKEM768") == 0) {
groups[count] = WOLFSSL_X448_ML_KEM_768; groups[count] = WOLFSSL_X448MLKEM768;
} }
else else
#endif #endif
@@ -1070,12 +1070,16 @@ static const char* server_usage_msg[][66] = {
#ifdef HAVE_PQC #ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only:\n" "--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," " ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
"\n" " SecP256r1MLKEM512,\n"
" P384_ML_KEM_768, P256_ML_KEM_768, P521_ML_KEM_1024,\n" " SecP384r1MLKEM768,\n"
" P384_ML_KEM_1024, X25519_ML_KEM_512, " " SecP521r1MLKEM1024,\n"
"X25519_ML_KEM_768,\n" " SecP256r1MLKEM768,\n"
" X448_ML_KEM_768\n" " SecP521r1MLKEM1024,\n"
" SecP384r1MLKEM1024,\n"
" X25519MLKEM512,\n"
" X25519MLKEM768,\n"
" X448MLKEM768\n"
#endif #endif
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
@@ -1282,9 +1286,16 @@ static const char* server_usage_msg[][66] = {
#ifdef HAVE_PQC #ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n" "--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512," " ML_KEM_512, ML_KEM_768, ML_KEM_1024,"
"\n" " SecP256r1MLKEM512,\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n" " SecP384r1MLKEM768,\n"
" SecP521r1MLKEM1024,\n"
" SecP256r1MLKEM768,\n"
" SecP521r1MLKEM1024,\n"
" SecP384r1MLKEM1024,\n"
" X25519MLKEM512,\n"
" X25519MLKEM768,\n"
" X448MLKEM768\n"
#endif #endif
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, " " KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "

16
src/internal.c
View File

@@ -35414,14 +35414,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
{ {
switch (group) { switch (group) {
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
case WOLFSSL_P256_ML_KEM_512_OLD: case WOLFSSL_P256_ML_KEM_512_OLD:
case WOLFSSL_P384_ML_KEM_768_OLD: case WOLFSSL_P384_ML_KEM_768_OLD:

112
src/ssl.c
View File

@@ -3715,14 +3715,14 @@ static int isValidCurveGroup(word16 name)
case WOLFSSL_ML_KEM_768: case WOLFSSL_ML_KEM_768:
case WOLFSSL_ML_KEM_1024: case WOLFSSL_ML_KEM_1024:
#if defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS) #if defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS)
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
#endif #endif
#endif /* !WOLFSSL_NO_ML_KEM */ #endif /* !WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
@@ -15616,48 +15616,48 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
#ifndef WOLFSSL_NO_ML_KEM_512 #ifndef WOLFSSL_NO_ML_KEM_512
case WOLFSSL_ML_KEM_512: case WOLFSSL_ML_KEM_512:
return "ML_KEM_512"; return "ML_KEM_512";
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
return "P256_ML_KEM_512"; return "SecP256r1MLKEM512";
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
case WOLFSSL_P256_ML_KEM_512_OLD: case WOLFSSL_P256_ML_KEM_512_OLD:
return "P256_ML_KEM_512_OLD"; return "P256_ML_KEM_512_OLD";
#endif #endif
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
return "X25519_ML_KEM_512"; return "X25519MLKEM512";
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_768 #ifndef WOLFSSL_NO_ML_KEM_768
case WOLFSSL_ML_KEM_768: case WOLFSSL_ML_KEM_768:
return "ML_KEM_768"; return "ML_KEM_768";
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
return "P384_ML_KEM_768"; return "SecP384r1MLKEM768";
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
case WOLFSSL_P384_ML_KEM_768_OLD: case WOLFSSL_P384_ML_KEM_768_OLD:
return "P384_ML_KEM_768_OLD"; return "P384_ML_KEM_768_OLD";
#endif #endif
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
return "P256_ML_KEM_768"; return "SecP256r1MLKEM768";
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
return "X25519_ML_KEM_768"; return "X25519MLKEM768";
#endif #endif
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
return "X448_ML_KEM_768"; return "X448MLKEM768";
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_1024 #ifndef WOLFSSL_NO_ML_KEM_1024
case WOLFSSL_ML_KEM_1024: case WOLFSSL_ML_KEM_1024:
return "ML_KEM_1024"; return "ML_KEM_1024";
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
return "P521_ML_KEM_1024"; return "SecP521r1MLKEM1024";
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
case WOLFSSL_P521_ML_KEM_1024_OLD: case WOLFSSL_P521_ML_KEM_1024_OLD:
return "P521_ML_KEM_1024_OLD"; return "P521_ML_KEM_1024_OLD";
#endif #endif
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
return "P384_ML_KEM_1024"; return "SecP384r1MLKEM1024";
#endif #endif
#elif defined(HAVE_LIBOQS) #elif defined(HAVE_LIBOQS)
case WOLFSSL_ML_KEM_512: case WOLFSSL_ML_KEM_512:
@@ -15666,25 +15666,25 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
return "ML_KEM_768"; return "ML_KEM_768";
case WOLFSSL_ML_KEM_1024: case WOLFSSL_ML_KEM_1024:
return "ML_KEM_1024"; return "ML_KEM_1024";
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
return "P256_ML_KEM_512"; return "SecP256r1MLKEM512";
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
return "P384_ML_KEM_768"; return "SecP384r1MLKEM768";
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
return "P256_ML_KEM_768"; return "SecP256r1MLKEM768";
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
return "P521_ML_KEM_1024"; return "SecP521r1MLKEM1024";
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
return "P384_ML_KEM_1024"; return "SecP384r1MLKEM1024";
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
return "X25519_ML_KEM_512"; return "X25519MLKEM512";
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
return "X25519_ML_KEM_768"; return "X25519MLKEM768";
#endif #endif
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
return "X448_ML_KEM_768"; return "X448MLKEM768";
#endif #endif
#endif /* WOLFSSL_WC_MLKEM */ #endif /* WOLFSSL_WC_MLKEM */
#endif /* WOLFSSL_NO_ML_KEM */ #endif /* WOLFSSL_NO_ML_KEM */
@@ -23260,22 +23260,22 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
{CURVE_NAME("ML_KEM_768"), WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768}, {CURVE_NAME("ML_KEM_768"), WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768},
{CURVE_NAME("ML_KEM_1024"), WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024}, {CURVE_NAME("ML_KEM_1024"), WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024},
#if (defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS)) && defined(HAVE_ECC) #if (defined(WOLFSSL_WC_MLKEM) || defined(HAVE_LIBOQS)) && defined(HAVE_ECC)
{CURVE_NAME("P256_ML_KEM_512"), WOLFSSL_P256_ML_KEM_512, {CURVE_NAME("SecP256r1MLKEM512"), WOLFSSL_SECP256R1MLKEM512,
WOLFSSL_P256_ML_KEM_512}, WOLFSSL_SECP256R1MLKEM512},
{CURVE_NAME("P384_ML_KEM_768"), WOLFSSL_P384_ML_KEM_768, {CURVE_NAME("SecP384r1MLKEM768"), WOLFSSL_SECP384R1MLKEM768,
WOLFSSL_P384_ML_KEM_768}, WOLFSSL_SECP384R1MLKEM768},
{CURVE_NAME("P256_ML_KEM_768"), WOLFSSL_P256_ML_KEM_768, {CURVE_NAME("SecP256r1MLKEM768"), WOLFSSL_SECP256R1MLKEM768,
WOLFSSL_P256_ML_KEM_768}, WOLFSSL_SECP256R1MLKEM768},
{CURVE_NAME("P521_ML_KEM_1024"), WOLFSSL_P521_ML_KEM_1024, {CURVE_NAME("SecP521r1MLKEM1024"), WOLFSSL_SECP521R1MLKEM1024,
WOLFSSL_P521_ML_KEM_1024}, WOLFSSL_SECP521R1MLKEM1024},
{CURVE_NAME("P384_ML_KEM_1024"), WOLFSSL_P384_ML_KEM_1024, {CURVE_NAME("SecP384r1MLKEM1024"), WOLFSSL_SECP384R1MLKEM1024,
WOLFSSL_P384_ML_KEM_1024}, WOLFSSL_SECP384R1MLKEM1024},
{CURVE_NAME("X25519_ML_KEM_512"), WOLFSSL_X25519_ML_KEM_512, {CURVE_NAME("X25519MLKEM512"), WOLFSSL_X25519MLKEM512,
WOLFSSL_X25519_ML_KEM_512}, WOLFSSL_X25519MLKEM512},
{CURVE_NAME("X448_ML_KEM_768"), WOLFSSL_X448_ML_KEM_768, {CURVE_NAME("X448MLKEM768"), WOLFSSL_X448MLKEM768,
WOLFSSL_X448_ML_KEM_768}, WOLFSSL_X448MLKEM768},
{CURVE_NAME("X25519_ML_KEM_768"), WOLFSSL_X25519_ML_KEM_768, {CURVE_NAME("X25519MLKEM768"), WOLFSSL_X25519MLKEM768,
WOLFSSL_X25519_ML_KEM_768}, WOLFSSL_X25519MLKEM768},
#endif #endif
#endif /* !WOLFSSL_NO_ML_KEM */ #endif /* !WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER

130
src/tls.c
View File

@@ -4580,26 +4580,26 @@ static int TLSX_IsGroupSupported(int namedGroup)
#ifdef WOLFSSL_WC_MLKEM #ifdef WOLFSSL_WC_MLKEM
#ifndef WOLFSSL_NO_ML_KEM_512 #ifndef WOLFSSL_NO_ML_KEM_512
case WOLFSSL_ML_KEM_512: case WOLFSSL_ML_KEM_512:
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_768 #ifndef WOLFSSL_NO_ML_KEM_768
case WOLFSSL_ML_KEM_768: case WOLFSSL_ML_KEM_768:
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
#endif #endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_1024 #ifndef WOLFSSL_NO_ML_KEM_1024
case WOLFSSL_ML_KEM_1024: case WOLFSSL_ML_KEM_1024:
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
break; break;
#endif #endif
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
@@ -4626,14 +4626,14 @@ static int TLSX_IsGroupSupported(int namedGroup)
break; break;
} }
case WOLFSSL_P256_ML_KEM_512: case WOLFSSL_SECP256R1MLKEM512:
case WOLFSSL_P384_ML_KEM_768: case WOLFSSL_SECP384R1MLKEM768:
case WOLFSSL_P256_ML_KEM_768: case WOLFSSL_SECP256R1MLKEM768:
case WOLFSSL_P521_ML_KEM_1024: case WOLFSSL_SECP521R1MLKEM1024:
case WOLFSSL_P384_ML_KEM_1024: case WOLFSSL_SECP384R1MLKEM1024:
case WOLFSSL_X25519_ML_KEM_512: case WOLFSSL_X25519MLKEM512:
case WOLFSSL_X448_ML_KEM_768: case WOLFSSL_X448MLKEM768:
case WOLFSSL_X25519_ML_KEM_768: case WOLFSSL_X25519MLKEM768:
{ {
int ret; int ret;
int id; int id;
@@ -5884,15 +5884,15 @@ int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, void* heap)
if (ret != 0) if (ret != 0)
return ret; return ret;
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
if (name == WOLFSSL_P256_ML_KEM_512) { if (name == WOLFSSL_SECP256R1MLKEM512) {
ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data,
WOLFSSL_P256_ML_KEM_512_OLD, heap); WOLFSSL_P256_ML_KEM_512_OLD, heap);
} }
else if (name == WOLFSSL_P384_ML_KEM_768) { else if (name == WOLFSSL_SECP384R1MLKEM768) {
ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data,
WOLFSSL_P384_ML_KEM_768_OLD, heap); WOLFSSL_P384_ML_KEM_768_OLD, heap);
} }
else if (name == WOLFSSL_P521_ML_KEM_1024) { else if (name == WOLFSSL_SECP521R1MLKEM1024) {
ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data, ret = TLSX_SupportedCurve_Append((SupportedCurve*)extension->data,
WOLFSSL_P521_ML_KEM_1024_OLD, heap); WOLFSSL_P521_ML_KEM_1024_OLD, heap);
} }
@@ -8465,22 +8465,22 @@ typedef struct PqcHybridMapping {
static const PqcHybridMapping pqc_hybrid_mapping[] = { static const PqcHybridMapping pqc_hybrid_mapping[] = {
#ifndef WOLFSSL_NO_ML_KEM #ifndef WOLFSSL_NO_ML_KEM
{WOLFSSL_P256_ML_KEM_512, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0}, {WOLFSSL_SECP256R1MLKEM512, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0},
{WOLFSSL_P384_ML_KEM_768, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0}, {WOLFSSL_SECP384R1MLKEM768, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0},
{WOLFSSL_P256_ML_KEM_768, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_768, 0}, {WOLFSSL_SECP256R1MLKEM768, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_768, 0},
{WOLFSSL_P521_ML_KEM_1024, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0}, {WOLFSSL_SECP521R1MLKEM1024, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0},
{WOLFSSL_P384_ML_KEM_1024, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_1024, 0}, {WOLFSSL_SECP384R1MLKEM1024, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_1024, 0},
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
{WOLFSSL_P256_ML_KEM_512_OLD, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0}, {WOLFSSL_P256_ML_KEM_512_OLD, WOLFSSL_ECC_SECP256R1, WOLFSSL_ML_KEM_512, 0},
{WOLFSSL_P384_ML_KEM_768_OLD, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0}, {WOLFSSL_P384_ML_KEM_768_OLD, WOLFSSL_ECC_SECP384R1, WOLFSSL_ML_KEM_768, 0},
{WOLFSSL_P521_ML_KEM_1024_OLD, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0}, {WOLFSSL_P521_ML_KEM_1024_OLD, WOLFSSL_ECC_SECP521R1, WOLFSSL_ML_KEM_1024, 0},
#endif #endif
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
{WOLFSSL_X25519_ML_KEM_512, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_512, 1}, {WOLFSSL_X25519MLKEM512, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_512, 1},
{WOLFSSL_X25519_ML_KEM_768, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_768, 1}, {WOLFSSL_X25519MLKEM768, WOLFSSL_ECC_X25519, WOLFSSL_ML_KEM_768, 1},
#endif #endif
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
{WOLFSSL_X448_ML_KEM_768, WOLFSSL_ECC_X448, WOLFSSL_ML_KEM_768, 1}, {WOLFSSL_X448MLKEM768, WOLFSSL_ECC_X448, WOLFSSL_ML_KEM_768, 1},
#endif #endif
#endif /* WOLFSSL_NO_ML_KEM */ #endif /* WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_MLKEM_KYBER #ifdef WOLFSSL_MLKEM_KYBER
@@ -10603,11 +10603,11 @@ int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group, word16 len, byte* data,
while (keyShareEntry != NULL) { while (keyShareEntry != NULL) {
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
if ((group == WOLFSSL_P256_ML_KEM_512_OLD && if ((group == WOLFSSL_P256_ML_KEM_512_OLD &&
keyShareEntry->group == WOLFSSL_P256_ML_KEM_512) || keyShareEntry->group == WOLFSSL_SECP256R1MLKEM512) ||
(group == WOLFSSL_P384_ML_KEM_768_OLD && (group == WOLFSSL_P384_ML_KEM_768_OLD &&
keyShareEntry->group == WOLFSSL_P384_ML_KEM_768) || keyShareEntry->group == WOLFSSL_SECP384R1MLKEM768) ||
(group == WOLFSSL_P521_ML_KEM_1024_OLD && (group == WOLFSSL_P521_ML_KEM_1024_OLD &&
keyShareEntry->group == WOLFSSL_P521_ML_KEM_1024)) { keyShareEntry->group == WOLFSSL_SECP521R1MLKEM1024)) {
keyShareEntry->group = group; keyShareEntry->group = group;
break; break;
} }
@@ -10734,43 +10734,43 @@ static const word16 preferredGroup[] = {
#ifdef WOLFSSL_WC_MLKEM #ifdef WOLFSSL_WC_MLKEM
#ifndef WOLFSSL_NO_ML_KEM_512 #ifndef WOLFSSL_NO_ML_KEM_512
WOLFSSL_ML_KEM_512, WOLFSSL_ML_KEM_512,
WOLFSSL_P256_ML_KEM_512, WOLFSSL_SECP256R1MLKEM512,
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
WOLFSSL_X25519_ML_KEM_512, WOLFSSL_X25519MLKEM512,
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_768 #ifndef WOLFSSL_NO_ML_KEM_768
WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768,
WOLFSSL_P384_ML_KEM_768, WOLFSSL_SECP384R1MLKEM768,
WOLFSSL_P256_ML_KEM_768, WOLFSSL_SECP256R1MLKEM768,
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
WOLFSSL_X25519_ML_KEM_768, WOLFSSL_X25519MLKEM768,
#endif #endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
WOLFSSL_X448_ML_KEM_768, WOLFSSL_X448MLKEM768,
#endif #endif
#endif #endif
#ifndef WOLFSSL_NO_ML_KEM_1024 #ifndef WOLFSSL_NO_ML_KEM_1024
WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024,
WOLFSSL_P521_ML_KEM_1024, WOLFSSL_SECP521R1MLKEM1024,
WOLFSSL_P384_ML_KEM_1024, WOLFSSL_SECP384R1MLKEM1024,
#endif #endif
#elif defined(HAVE_LIBOQS) #elif defined(HAVE_LIBOQS)
/* These require a runtime call to TLSX_IsGroupSupported to use */ /* These require a runtime call to TLSX_IsGroupSupported to use */
WOLFSSL_ML_KEM_512, WOLFSSL_ML_KEM_512,
WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768,
WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024,
WOLFSSL_P256_ML_KEM_512, WOLFSSL_SECP256R1MLKEM512,
WOLFSSL_P384_ML_KEM_768, WOLFSSL_SECP384R1MLKEM768,
WOLFSSL_P256_ML_KEM_768, WOLFSSL_SECP256R1MLKEM768,
WOLFSSL_P521_ML_KEM_1024, WOLFSSL_SECP521R1MLKEM1024,
WOLFSSL_P384_ML_KEM_1024, WOLFSSL_SECP384R1MLKEM1024,
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
WOLFSSL_X25519_ML_KEM_512, WOLFSSL_X25519MLKEM512,
WOLFSSL_X25519_ML_KEM_768, WOLFSSL_X25519MLKEM768,
#endif #endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
WOLFSSL_X448_ML_KEM_768, WOLFSSL_X448MLKEM768,
#endif #endif
#endif #endif
#endif /* !WOLFSSL_NO_ML_KEM */ #endif /* !WOLFSSL_NO_ML_KEM */
@@ -10853,11 +10853,11 @@ static int TLSX_KeyShare_GroupRank(const WOLFSSL* ssl, int group)
for (i = 0; i < numGroups; i++) { for (i = 0; i < numGroups; i++) {
#ifdef WOLFSSL_ML_KEM_USE_OLD_IDS #ifdef WOLFSSL_ML_KEM_USE_OLD_IDS
if ((group == WOLFSSL_P256_ML_KEM_512_OLD && if ((group == WOLFSSL_P256_ML_KEM_512_OLD &&
groups[i] == WOLFSSL_P256_ML_KEM_512) || groups[i] == WOLFSSL_SECP256R1MLKEM512) ||
(group == WOLFSSL_P384_ML_KEM_768_OLD && (group == WOLFSSL_P384_ML_KEM_768_OLD &&
groups[i] == WOLFSSL_P384_ML_KEM_768) || groups[i] == WOLFSSL_SECP384R1MLKEM768) ||
(group == WOLFSSL_P521_ML_KEM_1024_OLD && (group == WOLFSSL_P521_ML_KEM_1024_OLD &&
groups[i] == WOLFSSL_P521_ML_KEM_1024)) { groups[i] == WOLFSSL_SECP521R1MLKEM1024)) {
return i; return i;
} }
#endif #endif
@@ -14462,11 +14462,11 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_512, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_512,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_512, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM512,
ssl->heap); ssl->heap);
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_512, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM512,
ssl->heap); ssl->heap);
#endif #endif
#endif #endif
@@ -14475,19 +14475,19 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_768,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM768,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM768,
ssl->heap); ssl->heap);
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM768,
ssl->heap); ssl->heap);
#endif #endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448MLKEM768,
ssl->heap); ssl->heap);
#endif #endif
#endif #endif
@@ -14496,10 +14496,10 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP521R1MLKEM1024,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM1024,
ssl->heap); ssl->heap);
#endif #endif
#elif defined(HAVE_LIBOQS) #elif defined(HAVE_LIBOQS)
@@ -14511,31 +14511,31 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_512, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM512,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM768,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM768,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP521R1MLKEM1024,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_ML_KEM_1024, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM1024,
ssl->heap); ssl->heap);
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_512, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM512,
ssl->heap); ssl->heap);
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM768,
ssl->heap); ssl->heap);
#endif #endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
if (ret == WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448_ML_KEM_768, ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448MLKEM768,
ssl->heap); ssl->heap);
#endif #endif
#endif /* HAVE_LIBOQS */ #endif /* HAVE_LIBOQS */

6
tests/api.c
View File

@@ -49605,11 +49605,11 @@ static int test_tls13_apis(void)
#endif #endif
#else #else
#ifndef WOLFSSL_NO_KYBER512 #ifndef WOLFSSL_NO_KYBER512
":P256_ML_KEM_512" ":SecP256r1MLKEM512"
#elif !defined(WOLFSSL_NO_KYBER768) #elif !defined(WOLFSSL_NO_KYBER768)
":P256_ML_KEM_768" ":SecP384r1MLKEM768"
#else #else
":P256_ML_KEM_1024" ":SecP521r1MLKEM1024"
#endif #endif
#endif #endif
#endif #endif

24
tests/test-dtls13-pq-hybrid-frag.conf
View File

@@ -2,73 +2,73 @@
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_768 --pqc SecP384r1MLKEM768
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_768 --pqc SecP384r1MLKEM768
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_768 --pqc SecP256r1MLKEM768
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_768 --pqc SecP256r1MLKEM768
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_1024 --pqc SecP384r1MLKEM1024
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_1024 --pqc SecP384r1MLKEM1024
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_768 --pqc X25519MLKEM768
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_768 --pqc X25519MLKEM768
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X448_ML_KEM_768 --pqc X448MLKEM768
# client DTLSv1.3 with post-quantum hybrid group # client DTLSv1.3 with post-quantum hybrid group
-u -u
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X448_ML_KEM_768 --pqc X448MLKEM768
# server DTLSv1.3 with post-quantum hybrid group # server DTLSv1.3 with post-quantum hybrid group
-u -u

32
tests/test-tls13-pq-hybrid.conf
View File

@@ -1,82 +1,82 @@
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_512 --pqc SecP256r1MLKEM512
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_512 --pqc SecP256r1MLKEM512
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_768 --pqc SecP384r1MLKEM768
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_768 --pqc SecP384r1MLKEM768
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_768 --pqc SecP256r1MLKEM768
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P256_ML_KEM_768 --pqc SecP256r1MLKEM768
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P521_ML_KEM_1024 --pqc SecP521r1MLKEM1024
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_1024 --pqc SecP384r1MLKEM1024
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc P384_ML_KEM_1024 --pqc SecP384r1MLKEM1024
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_512 --pqc X25519MLKEM512
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_512 --pqc X25519MLKEM512
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_768 --pqc X25519MLKEM768
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X25519_ML_KEM_768 --pqc X25519MLKEM768
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X448_ML_KEM_768 --pqc X448MLKEM768
# client TLSv1.3 with post-quantum hybrid group # client TLSv1.3 with post-quantum hybrid group
-v 4 -v 4
-l TLS13-AES256-GCM-SHA384 -l TLS13-AES256-GCM-SHA384
--pqc X448_ML_KEM_768 --pqc X448MLKEM768
# server TLSv1.3 with post-quantum hybrid group # server TLSv1.3 with post-quantum hybrid group
-v 4 -v 4

16
wolfssl/ssl.h
View File

@@ -4618,9 +4618,9 @@ enum {
* https://github.com/post-quantum-cryptography/ * https://github.com/post-quantum-cryptography/
* draft-kwiatkowski-tls-ecdhe-mlkem/ * draft-kwiatkowski-tls-ecdhe-mlkem/
*/ */
WOLFSSL_P256_ML_KEM_768 = 4587, WOLFSSL_SECP256R1MLKEM768 = 4587,
WOLFSSL_X25519_ML_KEM_768 = 4588, WOLFSSL_X25519MLKEM768 = 4588,
WOLFSSL_P384_ML_KEM_1024 = 4589, WOLFSSL_SECP384R1MLKEM1024 = 4589,
/* Taken from OQS's openssl provider, see: /* Taken from OQS's openssl provider, see:
* https://github.com/open-quantum-safe/oqs-provider/blob/main/oqs-template/ * https://github.com/open-quantum-safe/oqs-provider/blob/main/oqs-template/
@@ -4631,11 +4631,11 @@ enum {
WOLFSSL_P384_ML_KEM_768_OLD = 12104, WOLFSSL_P384_ML_KEM_768_OLD = 12104,
WOLFSSL_P521_ML_KEM_1024_OLD = 12105, WOLFSSL_P521_ML_KEM_1024_OLD = 12105,
#endif #endif
WOLFSSL_P256_ML_KEM_512 = 12107, WOLFSSL_SECP256R1MLKEM512 = 12107,
WOLFSSL_P384_ML_KEM_768 = 12108, WOLFSSL_SECP384R1MLKEM768 = 12108,
WOLFSSL_P521_ML_KEM_1024 = 12109, WOLFSSL_SECP521R1MLKEM1024 = 12109,
WOLFSSL_X25519_ML_KEM_512 = 12214, WOLFSSL_X25519MLKEM512 = 12214,
WOLFSSL_X448_ML_KEM_768 = 12215, WOLFSSL_X448MLKEM768 = 12215,
#endif /* WOLFSSL_NO_ML_KEM */ #endif /* WOLFSSL_NO_ML_KEM */
#endif /* HAVE_PQC */ #endif /* HAVE_PQC */
WOLF_ENUM_DUMMY_LAST_ELEMENT(SSL_H) WOLF_ENUM_DUMMY_LAST_ELEMENT(SSL_H)