diff --git a/wolfcrypt/src/ext_kyber.c b/wolfcrypt/src/ext_kyber.c index 6fbfc000e..beb9e6881 100644 --- a/wolfcrypt/src/ext_kyber.c +++ b/wolfcrypt/src/ext_kyber.c @@ -25,6 +25,7 @@ #include #include +#include #ifdef WOLFSSL_HAVE_KYBER #include @@ -304,8 +305,6 @@ int wc_KyberKey_SharedSecretSize(KyberKey* key, word32* len) int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng) { int ret = 0; - const char* algName = NULL; - OQS_KEM *kem = NULL; (void)rng; /* Validate parameter. */ @@ -314,6 +313,8 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng) } #ifdef HAVE_LIBOQS + const char* algName = NULL; + OQS_KEM *kem = NULL; if (ret == 0) { algName = OQS_ID2name(key->type); if (algName == NULL) { @@ -339,6 +340,7 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng) ret = BAD_FUNC_ARG; } } + OQS_KEM_free(kem); #endif /* HAVE_LIBOQS */ #ifdef HAVE_PQM4 if (ret == 0) { @@ -353,8 +355,6 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng) ForceZero(key, sizeof(*key)); } - OQS_KEM_free(kem); - return ret; } @@ -394,8 +394,6 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss, WC_RNG* rng) { int ret = 0; - const char * algName = NULL; - OQS_KEM *kem = NULL; (void)rng; /* Validate parameters. */ @@ -404,6 +402,8 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss, } #ifdef HAVE_LIBOQS + const char * algName = NULL; + OQS_KEM *kem = NULL; if (ret == 0) { algName = OQS_ID2name(key->type); if (algName == NULL) { @@ -421,6 +421,8 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss, ret = BAD_FUNC_ARG; } } + + OQS_KEM_free(kem); #endif /* HAVE_LIBOQS */ #ifdef HAVE_PQM4 if (ret == 0) { @@ -431,8 +433,6 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss, } #endif /* HAVE_PQM4 */ - OQS_KEM_free(kem); - return ret; } @@ -477,9 +477,7 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss, const unsigned char* ct, word32 len) { int ret = 0; - const char * algName = NULL; word32 ctlen = 0; - OQS_KEM *kem = NULL; /* Validate parameters. */ if ((key == NULL) || (ss == NULL) || (ct == NULL)) { @@ -493,6 +491,8 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss, } #ifdef HAVE_LIBOQS + const char * algName = NULL; + OQS_KEM *kem = NULL; if (ret == 0) { algName = OQS_ID2name(key->type); if (algName == NULL) { @@ -510,18 +510,18 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss, ret = BAD_FUNC_ARG; } } + + OQS_KEM_free(kem); #endif /* HAVE_LIBOQS */ #ifdef HAVE_PQM4 if (ret == 0) { - if (crypto_kem_enc(ss, ct, key->priv) != 0) { + if (crypto_kem_dec(ss, ct, key->priv) != 0) { WOLFSSL_MSG("PQM4 Decapsulation failure."); ret = BAD_FUNC_ARG; } } #endif /* HAVE_PQM4 */ - OQS_KEM_free(kem); - return ret; } diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 2a2089e75..5592c6b00 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2803,8 +2803,10 @@ extern void uITRON4_free(void *p) ; #ifdef HAVE_PQM4 #define HAVE_PQC -#define HAVE_KYBER +#define WOLFSSL_HAVE_KYBER #define WOLFSSL_KYBER512 +#define WOLFSSL_NO_KYBER768 +#define WOLFSSL_NO_KYBER1024 #endif #if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4) && \