--with-liboqs now defines HAVE_LIBOQS and HAVE_PQC

AKA: The Great Rename of December 2021
This commit is contained in:
Anthony Hu
2021-12-20 11:26:25 -05:00
parent 6d2da74c21
commit 7d4c13b9a4
24 changed files with 498 additions and 456 deletions
+5 -5
View File
@@ -168,13 +168,13 @@
For a quick start, you can run the client and server like this:
$ ./examples/server/server -v 4 --oqs P521_KYBER_LEVEL5
$ ./examples/client/client -v 4 --oqs P521_KYBER_LEVEL5
$ ./examples/server/server -v 4 --pqc P521_KYBER_LEVEL5
$ ./examples/client/client -v 4 --pqc P521_KYBER_LEVEL5
Look for the following line in the output of the server and client:
```
Using OQS KEM: P521_KYBER_LEVEL5
Using Post-Quantum KEM: P521_KYBER_LEVEL5
```
For authentication, you can generate a certificate chain using the Open
@@ -208,13 +208,13 @@
-A certs/falcon_level5_root_cert.pem \
-c certs/falcon_level1_entity_cert.pem \
-k certs/falcon_level1_entity_key.pem \
--oqs P521_KYBER_LEVEL5
--pqc P521_KYBER_LEVEL5
$ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
-A certs/falcon_level1_root_cert.pem \
-c certs/falcon_level5_entity_cert.pem \
-k certs/falcon_level5_entity_key.pem \
--oqs P521_KYBER_LEVEL5
--pqc P521_KYBER_LEVEL5
Congratulations! You have just achieved a fully quantum-safe TLS 1.3
connection!
+3 -2
View File
@@ -12,8 +12,9 @@ standard operating environments as well because of its royalty-free pricing
and excellent cross platform support. wolfSSL supports industry standards up
to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to
20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20,
Curve25519, Blake2b and OQS TLS 1.3 groups. User benchmarking and feedback
reports dramatically better performance when using wolfSSL over OpenSSL.
Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and
feedback reports dramatically better performance when using wolfSSL over
OpenSSL.
wolfSSL is powered by the wolfCrypt cryptography library. Two versions of
wolfCrypt have been FIPS 140-2 validated (Certificate #2425 and
+1 -1
View File
@@ -271,7 +271,7 @@ static struct group_info groups[] = {
{ WOLFSSL_FFDHE_4096, "FFDHE_4096" },
{ WOLFSSL_FFDHE_6144, "FFDHE_6144" },
{ WOLFSSL_FFDHE_8192, "FFDHE_8192" },
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
{ WOLFSSL_NTRU_HPS_LEVEL1, "NTRU_HPS_LEVEL1" },
{ WOLFSSL_NTRU_HPS_LEVEL3, "NTRU_HPS_LEVEL3" },
{ WOLFSSL_NTRU_HPS_LEVEL5, "NTRU_HPS_LEVEL5" },
+69 -69
View File
@@ -286,7 +286,7 @@ static void ShowVersions(void)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
#define MAX_GROUP_NUMBER 4
static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
int useX448, int useLibOqs, char* oqsAlg, int setGroups)
int useX448, int usePqc, char* pqcAlg, int setGroups)
{
int ret;
int groups[MAX_GROUP_NUMBER] = {0};
@@ -294,8 +294,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
(void)useX25519;
(void)useX448;
(void)useLibOqs;
(void)oqsAlg;
(void)usePqc;
(void)pqcAlg;
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
if (onlyKeyShare == 0 || onlyKeyShare == 2) {
@@ -362,120 +362,120 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
} while (ret == WC_PENDING_E);
#endif
}
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (onlyKeyShare == 0 || onlyKeyShare == 3) {
if (useLibOqs) {
if (usePqc) {
int group = 0;
if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) {
if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) {
group = WOLFSSL_KYBER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3",
XSTRLEN("KYBER_LEVEL3")) == 0) {
group = WOLFSSL_KYBER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5",
XSTRLEN("KYBER_LEVEL5")) == 0) {
group = WOLFSSL_KYBER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1",
XSTRLEN("NTRU_HPS_LEVEL1")) == 0) {
group = WOLFSSL_NTRU_HPS_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3",
XSTRLEN("NTRU_HPS_LEVEL3")) == 0) {
group = WOLFSSL_NTRU_HPS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5",
XSTRLEN("NTRU_HPS_LEVEL5")) == 0) {
group = WOLFSSL_NTRU_HPS_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3",
XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) {
group = WOLFSSL_NTRU_HRSS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1",
XSTRLEN("SABER_LEVEL1")) == 0) {
group = WOLFSSL_SABER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3",
XSTRLEN("SABER_LEVEL3")) == 0) {
group = WOLFSSL_SABER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5",
XSTRLEN("SABER_LEVEL5")) == 0) {
group = WOLFSSL_SABER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1",
XSTRLEN("KYBER_90S_LEVEL1")) == 0) {
group = WOLFSSL_KYBER_90S_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3",
XSTRLEN("KYBER_90S_LEVEL3")) == 0) {
group = WOLFSSL_KYBER_90S_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5",
XSTRLEN("KYBER_90S_LEVEL5")) == 0) {
group = WOLFSSL_KYBER_90S_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1",
XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) {
group = WOLFSSL_P256_NTRU_HPS_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3",
XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) {
group = WOLFSSL_P384_NTRU_HPS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5",
XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) {
group = WOLFSSL_P521_NTRU_HPS_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3",
XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) {
group = WOLFSSL_P384_NTRU_HRSS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1",
XSTRLEN("P256_SABER_LEVEL1")) == 0) {
group = WOLFSSL_P256_SABER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3",
XSTRLEN("P384_SABER_LEVEL3")) == 0) {
group = WOLFSSL_P384_SABER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5",
XSTRLEN("P521_SABER_LEVEL5")) == 0) {
group = WOLFSSL_P521_SABER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1",
XSTRLEN("P256_KYBER_LEVEL1")) == 0) {
group = WOLFSSL_P256_KYBER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3",
XSTRLEN("P384_KYBER_LEVEL3")) == 0) {
group = WOLFSSL_P384_KYBER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5",
XSTRLEN("P521_KYBER_LEVEL5")) == 0) {
group = WOLFSSL_P521_KYBER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1",
XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) {
group = WOLFSSL_P256_KYBER_90S_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3",
XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) {
group = WOLFSSL_P384_KYBER_90S_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5",
XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) {
group = WOLFSSL_P521_KYBER_90S_LEVEL5;
} else {
err_sys("invalid OQS KEM specified");
err_sys("invalid post-quantum KEM specified");
}
printf("Using OQS KEM: %s\n", oqsAlg);
printf("Using Post-Quantum KEM: %s\n", pqcAlg);
if (wolfSSL_UseKeyShare(ssl, group) != WOLFSSL_SUCCESS) {
err_sys("unable to use oqs KEM");
err_sys("unable to use post-quantum KEM");
}
}
}
@@ -560,7 +560,7 @@ static const char* client_bench_conmsg[][5] = {
static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
int dtlsUDP, int dtlsSCTP, int benchmark, int resumeSession, int useX25519,
int useX448, int useLibOqs, char* oqsAlg, int helloRetry, int onlyKeyShare,
int useX448, int usePqc, char* pqcAlg, int helloRetry, int onlyKeyShare,
int version, int earlyData)
{
/* time passed in number of connects give average */
@@ -578,8 +578,8 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
(void)resumeSession;
(void)useX25519;
(void)useX448;
(void)useLibOqs;
(void)oqsAlg;
(void)usePqc;
(void)pqcAlg;
(void)helloRetry;
(void)onlyKeyShare;
(void)version;
@@ -610,7 +610,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
else if (version >= 4) {
if (!helloRetry)
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448,
useLibOqs, oqsAlg, 1);
usePqc, pqcAlg, 1);
else
wolfSSL_NoKeyShares(ssl);
}
@@ -694,7 +694,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
/* Measures throughput in mbps. Throughput = number of bytes */
static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519,
int useX448, int useLibOqs, char* oqsAlg, int exitWithRet, int version,
int useX448, int usePqc, char* pqcAlg, int exitWithRet, int version,
int onlyKeyShare)
{
double start, conn_time = 0, tx_time = 0, rx_time = 0;
@@ -714,14 +714,14 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
(void)useX25519;
(void)useX448;
(void)useLibOqs;
(void)oqsAlg;
(void)usePqc;
(void)pqcAlg;
(void)version;
(void)onlyKeyShare;
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (version >= 4) {
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs,
oqsAlg, 1);
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc,
pqcAlg, 1);
}
#endif
@@ -1303,8 +1303,8 @@ static const char* client_usage_msg[][70] = {
"-7 Set minimum downgrade protocol version [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 69 */
#endif
#ifdef HAVE_LIBOQS
"--oqs <alg> Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n",
#ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n",
" KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n",
" NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n",
" SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n"
@@ -1513,8 +1513,8 @@ static const char* client_usage_msg[][70] = {
"-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 69 */
#endif
#ifdef HAVE_LIBOQS
"--oqs <alg> liboqs 名前付きグループとの鍵共有のみ\n",
#ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ\n",
"[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n",
" NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n",
" LIGHTSABER, SABER, FIRESABER, P256_NTRU_HPS_LEVEL1,\n"
@@ -1740,11 +1740,11 @@ static void Usage(void)
#endif
printf("%s", msg[++msgid]); /* -7 */
printf("%s", msg[++msgid]); /* Examples repo link */
#ifdef HAVE_LIBOQS
printf("%s", msg[++msgid]); /* --oqs */
printf("%s", msg[++msgid]); /* --oqs options */
printf("%s", msg[++msgid]); /* more --oqs options */
printf("%s", msg[++msgid]); /* more --oqs options */
#ifdef HAVE_PQC
printf("%s", msg[++msgid]); /* --pqc */
printf("%s", msg[++msgid]); /* --pqc options */
printf("%s", msg[++msgid]); /* more --pqc options */
printf("%s", msg[++msgid]); /* more --pqc options */
#endif
}
@@ -1784,8 +1784,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
{ "help", 0, 257 },
{ "ヘルプ", 0, 258 },
#if defined(HAVE_LIBOQS)
{ "oqs", 1, 259 },
#if defined(HAVE_PQC)
{ "pqc", 1, 259 },
#endif
{ 0, 0, 0 }
};
@@ -1891,8 +1891,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
int useX25519 = 0;
int useX448 = 0;
int useLibOqs = 0;
char* oqsAlg = NULL;
int usePqc = 0;
char* pqcAlg = NULL;
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
@@ -1981,8 +1981,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)onlyKeyShare;
(void)useSupCurve;
(void)loadCertKeyIntoSSLObj;
(void)useLibOqs;
(void)oqsAlg;
(void)usePqc;
(void)pqcAlg;
StackTrap();
/* Reinitialize the global myVerifyAction. */
@@ -2541,11 +2541,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) && \
defined(HAVE_LIBOQS)
defined(HAVE_PQC)
case 259:
useLibOqs = 1;
usePqc = 1;
onlyKeyShare = 3;
oqsAlg = myoptarg;
pqcAlg = myoptarg;
break;
#endif
default:
@@ -2664,14 +2664,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err_sys("can't load whitewood net random config file");
#endif
#ifdef HAVE_LIBOQS
if (useLibOqs) {
#ifdef HAVE_PQC
if (usePqc) {
if (version == CLIENT_DOWNGRADE_VERSION ||
version == EITHER_DOWNGRADE_VERSION)
printf("WARNING: If a TLS 1.3 connection is not negotiated, you "
"will not be using a liboqs group.\n");
"will not be using a post-quantum group.\n");
else if (version != 4)
err_sys("can only use liboqs groups with TLS 1.3");
err_sys("can only use post-quantum groups with TLS 1.3");
}
#endif
@@ -3205,7 +3205,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
((func_args*)args)->return_code =
ClientBenchmarkConnections(ctx, host, port, dtlsUDP, dtlsSCTP,
benchmark, resumeSession, useX25519,
useX448, useLibOqs, oqsAlg, helloRetry,
useX448, usePqc, pqcAlg, helloRetry,
onlyKeyShare, version, earlyData);
wolfSSL_CTX_free(ctx); ctx = NULL;
XEXIT_T(EXIT_SUCCESS);
@@ -3215,7 +3215,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
((func_args*)args)->return_code =
ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP,
block, throughput, useX25519, useX448,
useLibOqs, oqsAlg, exitWithRet, version,
usePqc, pqcAlg, exitWithRet, version,
onlyKeyShare);
wolfSSL_CTX_free(ctx); ctx = NULL;
if (((func_args*)args)->return_code != EXIT_SUCCESS && !exitWithRet)
@@ -3340,8 +3340,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (!helloRetry && version >= 4) {
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs,
oqsAlg, 0);
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc,
pqcAlg, 0);
}
else {
wolfSSL_NoKeyShares(ssl);
+58 -58
View File
@@ -586,7 +586,7 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
#define MAX_GROUP_NUMBER 4
static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
int useX448, int useLibOqs, char* oqsAlg)
int useX448, int usePqc, char* pqcAlg)
{
int ret;
int groups[MAX_GROUP_NUMBER] = {0};
@@ -594,8 +594,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
(void)useX25519;
(void)useX448;
(void)useLibOqs;
(void)oqsAlg;
(void)usePqc;
(void)pqcAlg;
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
if (onlyKeyShare == 2) {
@@ -629,124 +629,124 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
} while (ret == WC_PENDING_E);
#endif
}
else if (useLibOqs == 1) {
#ifdef HAVE_LIBOQS
else if (usePqc == 1) {
#ifdef HAVE_PQC
groups[count] = 0;
if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) {
if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) {
groups[count] = WOLFSSL_KYBER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3",
XSTRLEN("KYBER_LEVEL3")) == 0) {
groups[count] = WOLFSSL_KYBER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5",
XSTRLEN("KYBER_LEVEL5")) == 0) {
groups[count] = WOLFSSL_KYBER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1",
XSTRLEN("NTRU_HPS_LEVEL1")) == 0) {
groups[count] = WOLFSSL_NTRU_HPS_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3",
XSTRLEN("NTRU_HPS_LEVEL3")) == 0) {
groups[count] = WOLFSSL_NTRU_HPS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5",
else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5",
XSTRLEN("NTRU_HPS_LEVEL5")) == 0) {
groups[count] = WOLFSSL_NTRU_HPS_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3",
XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) {
groups[count] = WOLFSSL_NTRU_HRSS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1",
XSTRLEN("SABER_LEVEL1")) == 0) {
groups[count] = WOLFSSL_SABER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3",
XSTRLEN("SABER_LEVEL3")) == 0) {
groups[count] = WOLFSSL_SABER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5",
XSTRLEN("SABER_LEVEL5")) == 0) {
groups[count] = WOLFSSL_SABER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1",
XSTRLEN("KYBER_90S_LEVEL1")) == 0) {
groups[count] = WOLFSSL_KYBER_90S_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3",
XSTRLEN("KYBER_90S_LEVEL3")) == 0) {
groups[count] = WOLFSSL_KYBER_90S_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5",
else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5",
XSTRLEN("KYBER_90S_LEVEL5")) == 0) {
groups[count] = WOLFSSL_KYBER_90S_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1",
XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) {
groups[count] = WOLFSSL_P256_NTRU_HPS_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3",
XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) {
groups[count] = WOLFSSL_P384_NTRU_HPS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5",
XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) {
groups[count] = WOLFSSL_P521_NTRU_HPS_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3",
XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) {
groups[count] = WOLFSSL_P384_NTRU_HRSS_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1",
XSTRLEN("P256_SABER_LEVEL1")) == 0) {
groups[count] = WOLFSSL_P256_SABER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3",
XSTRLEN("P384_SABER_LEVEL3")) == 0) {
groups[count] = WOLFSSL_P384_SABER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5",
XSTRLEN("P521_SABER_LEVEL5")) == 0) {
groups[count] = WOLFSSL_P521_SABER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1",
XSTRLEN("P256_KYBER_LEVEL1")) == 0) {
groups[count] = WOLFSSL_P256_KYBER_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3",
XSTRLEN("P384_KYBER_LEVEL3")) == 0) {
groups[count] = WOLFSSL_P384_KYBER_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5",
XSTRLEN("P521_KYBER_LEVEL5")) == 0) {
groups[count] = WOLFSSL_P521_KYBER_LEVEL5;
}
else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1",
else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1",
XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) {
groups[count] = WOLFSSL_P256_KYBER_90S_LEVEL1;
}
else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3",
else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3",
XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) {
groups[count] = WOLFSSL_P384_KYBER_90S_LEVEL3;
}
else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5",
else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5",
XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) {
groups[count] = WOLFSSL_P521_KYBER_90S_LEVEL5;
}
if (groups[count] == 0) {
err_sys("invalid OQS KEM specified");
err_sys("invalid post-quantum KEM specified");
}
else {
if (wolfSSL_UseKeyShare(ssl, groups[count]) == WOLFSSL_SUCCESS) {
printf("Using OQS KEM: %s\n", oqsAlg);
printf("Using Post-Quantum KEM: %s\n", pqcAlg);
count++;
}
else {
groups[count] = 0;
err_sys("unable to use oqs algorithm");
err_sys("unable to use post-quantum algorithm");
}
}
#endif
@@ -945,8 +945,8 @@ static const char* server_usage_msg[][60] = {
"-7 Set minimum downgrade protocol version [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 59 */
#endif
#ifdef HAVE_LIBOQS
"--oqs <alg> Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n",
#ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n",
" KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n",
" NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n",
" SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n"
@@ -1109,8 +1109,8 @@ static const char* server_usage_msg[][60] = {
"-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 59 */
#endif
#ifdef HAVE_LIBOQS
"--oqs <alg> liboqs 名前付きグループとの鍵共有のみ\n",
#ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ\n",
"[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n",
" NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n",
" SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n"
@@ -1260,11 +1260,11 @@ static void Usage(void)
#endif
printf("%s", msg[++msgId]); /* -7 */
printf("%s", msg[++msgId]); /* Examples repo link */
#ifdef HAVE_LIBOQS
printf("%s", msg[++msgId]); /* --oqs */
printf("%s", msg[++msgId]); /* --oqs options */
printf("%s", msg[++msgId]); /* more --oqs options */
printf("%s", msg[++msgId]); /* more --oqs options */
#ifdef HAVE_PQC
printf("%s", msg[++msgId]); /* --pqc */
printf("%s", msg[++msgId]); /* --pqc options */
printf("%s", msg[++msgId]); /* more --pqc options */
printf("%s", msg[++msgId]); /* more --pqc options */
#endif
}
@@ -1293,8 +1293,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
{ "help", 0, 257 },
{ "ヘルプ", 0, 258 },
#if defined(HAVE_LIBOQS)
{ "oqs", 1, 259 },
#if defined(HAVE_PQC)
{ "pqc", 1, 259 },
#endif
{ 0, 0, 0 }
};
@@ -1447,8 +1447,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
int useX25519 = 0;
int useX448 = 0;
int useLibOqs = 0;
char* oqsAlg = NULL;
int usePqc = 0;
char* pqcAlg = NULL;
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
@@ -1508,8 +1508,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
(void)mcastID;
(void)loadCertKeyIntoSSLObj;
(void)nonBlocking;
(void)oqsAlg;
(void)useLibOqs;
(void)pqcAlg;
(void)usePqc;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -2022,11 +2022,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
break;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case 259:
useLibOqs = 1;
usePqc = 1;
onlyKeyShare = 2;
oqsAlg = myoptarg;
pqcAlg = myoptarg;
break;
#endif
@@ -2070,14 +2070,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
"file");
#endif
#ifdef HAVE_LIBOQS
if (useLibOqs) {
#ifdef HAVE_PQC
if (usePqc) {
if (version == SERVER_DOWNGRADE_VERSION ||
version == EITHER_DOWNGRADE_VERSION) {
printf("WARNING: If a TLS 1.3 connection is not negotiated, you "
"will not be using a liboqs group.\n");
"will not be using a post-quantum group.\n");
} else if (version != 4) {
err_sys("can only use liboqs groups with TLS 1.3");
err_sys("can only use post-quantum groups with TLS 1.3");
}
}
#endif
@@ -2775,8 +2775,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (version >= 4) {
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs,
oqsAlg);
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc,
pqcAlg);
}
#endif
+3 -3
View File
@@ -99,7 +99,7 @@ my @fileList_4096 = (
);
#Falcon Post-Quantum Keys
#Used with HAVE_LIBOQS
#Used with HAVE_PQC
my @fileList_falcon = (
["certs/falcon/bench_falcon_level1_key.der", "bench_falcon_level1_key" ],
["certs/falcon/bench_falcon_level5_key.der", "bench_falcon_level5_key" ],
@@ -194,7 +194,7 @@ for (my $i = 0; $i < $num_4096; $i++) {
print OUT_FILE "#endif /* USE_CERT_BUFFERS_4096 */\n\n";
# convert and print falcon keys
print OUT_FILE "#ifdef HAVE_LIBOQS\n\n";
print OUT_FILE "#ifdef HAVE_PQC\n\n";
for (my $i = 0; $i < $num_falcon; $i++) {
my $fname = $fileList_falcon[$i][0];
@@ -208,7 +208,7 @@ for (my $i = 0; $i < $num_falcon; $i++) {
print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
}
print OUT_FILE "#endif /* HAVE_LIBOQS */\n\n";
print OUT_FILE "#endif /* HAVE_PQC */\n\n";
# convert and print 256-bit cert/keys
print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n";
+29 -29
View File
@@ -2012,7 +2012,7 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side)
ssl->options.haveECC = 1; /* server turns on with ECC key cert */
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->options.side == WOLFSSL_CLIENT_END) {
ssl->options.haveFalconSig = 1; /* always on client side */
}
@@ -2080,7 +2080,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
ctx->minEccKeySz = MIN_ECCKEY_SZ;
ctx->eccTempKeySz = ECDHE_SIZE;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
ctx->minFalconKeySz = MIN_FALCONKEY_SZ;
#endif
ctx->verifyDepth = MAX_CHAIN_DEPTH;
@@ -2140,7 +2140,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
ctx->CBIOSend = GNRC_SendTo;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (method->side == WOLFSSL_CLIENT_END)
ctx->haveFalconSig = 1; /* always on client side */
/* server can turn on by loading key */
@@ -2683,7 +2683,7 @@ static WC_INLINE void AddSuiteHashSigAlgo(Suites* suites, byte macAlgo,
}
else
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (sigAlgo == falcon_level1_sa_algo) {
suites->hashSigAlgo[*inOutIdx] = FALCON_LEVEL1_SA_MAJOR;
*inOutIdx += 1;
@@ -2760,10 +2760,10 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
}
#endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */
if (haveFalconSig) {
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
AddSuiteHashSigAlgo(suites, no_mac, falcon_level1_sa_algo, keySz, &idx);
AddSuiteHashSigAlgo(suites, no_mac, falcon_level5_sa_algo, keySz, &idx);
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
}
if (haveRSAsig) {
#ifdef WC_RSA_PSS
@@ -3830,8 +3830,8 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy
*hashAlgo = input[1];
}
break;
#ifdef HAVE_LIBOQS
case OQS_SA_MAJOR:
#ifdef HAVE_PQC
case PQC_SA_MAJOR:
if (input[1] == FALCON_LEVEL1_SA_MINOR) {
*hsType = falcon_level1_sa_algo;
/* Hash performed as part of sign/verify operation. */
@@ -6000,7 +6000,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
#ifdef HAVE_ECC
ssl->options.minEccKeySz = ctx->minEccKeySz;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
ssl->options.minFalconKeySz = ctx->minFalconKeySz;
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -6736,11 +6736,11 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey)
wc_curve448_free((curve448_key*)*pKey);
break;
#endif /* HAVE_CURVE448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case DYNAMIC_TYPE_FALCON:
wc_falcon_free((falcon_key*)*pKey);
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef NO_DH
case DYNAMIC_TYPE_DH:
wc_FreeDhKey((DhKey*)*pKey);
@@ -6803,11 +6803,11 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
sz = sizeof(curve448_key);
break;
#endif /* HAVE_CURVE448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case DYNAMIC_TYPE_FALCON:
sz = sizeof(falcon_key);
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef NO_DH
case DYNAMIC_TYPE_DH:
sz = sizeof(DhKey);
@@ -6853,7 +6853,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
ret = 0;
break;
#endif /* HAVE_CURVE448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case DYNAMIC_TYPE_FALCON:
wc_falcon_init((falcon_key*)*pKey);
ret = 0;
@@ -6884,7 +6884,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
#if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_CURVE25519) || defined(HAVE_ED448) || \
defined(HAVE_CURVE448) || defined(HAVE_LIBOQS)
defined(HAVE_CURVE448) || defined(HAVE_PQC)
static int ReuseKey(WOLFSSL* ssl, int type, void* pKey)
{
int ret = 0;
@@ -6930,12 +6930,12 @@ static int ReuseKey(WOLFSSL* ssl, int type, void* pKey)
ret = wc_curve448_init((curve448_key*)pKey);
break;
#endif /* HAVE_CURVE448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case DYNAMIC_TYPE_FALCON:
wc_falcon_free((falcon_key*)pKey);
ret = wc_falcon_init((falcon_key*)pKey);
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef NO_DH
case DYNAMIC_TYPE_DH:
wc_FreeDhKey((DhKey*)pKey);
@@ -7173,7 +7173,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
}
#endif
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey);
ssl->peerFalconKeyPresent = 0;
#endif
@@ -7396,10 +7396,10 @@ void FreeHandshakeResources(WOLFSSL* ssl)
FreeKey(ssl, DYNAMIC_TYPE_ED448, (void**)&ssl->peerEd448Key);
ssl->peerEd448KeyPresent = 0;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey);
ssl->peerFalconKeyPresent = 0;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
}
#ifdef HAVE_ECC
@@ -11860,7 +11860,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
}
break;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
if (ssl->options.minFalconKeySz < 0 ||
FALCON_LEVEL1_KEY_SIZE < (word16)ssl->options.minFalconKeySz) {
@@ -11877,7 +11877,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
ret = FALCON_KEY_SIZE_E;
}
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
WOLFSSL_MSG("Key size not checked");
/* key not being checked for size if not in
@@ -13080,7 +13080,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
break;
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
case FALCON_LEVEL5k:
{
@@ -13125,7 +13125,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_MSG("Peer Falcon key is too small");
}
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
break;
}
@@ -21703,7 +21703,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
defined(HAVE_ED448)
haveECDSAsig = 1;
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
haveFalconSig = 1;
#endif
}
@@ -21922,7 +21922,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo)
return sigAlgo == ed448_sa_algo;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->pkCurveOID == CTC_FALCON_LEVEL1) {
/* Certificate has Falcon level 1 key, only match with Falcon level 1
* sig alg */
@@ -22036,7 +22036,7 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
break;
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if (ssl->pkCurveOID == CTC_FALCON_LEVEL1 ||
ssl->pkCurveOID == CTC_FALCON_LEVEL5 ) {
/* Matched Falcon - set chosen and finished. */
@@ -22702,7 +22702,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
}
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->buffers.keyType == falcon_level1_sa_algo ||
ssl->buffers.keyType == falcon_level5_sa_algo ||
ssl->buffers.keyType == 0) {
@@ -22762,7 +22762,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
goto exit_dpk;
}
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
(void)idx;
(void)keySz;
+18 -18
View File
@@ -117,7 +117,7 @@
#include <wolfssl/wolfcrypt/curve25519.h>
#include <wolfssl/wolfcrypt/ed25519.h>
#include <wolfssl/wolfcrypt/curve448.h>
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
#include <wolfssl/wolfcrypt/falcon.h>
#endif
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL)
@@ -208,7 +208,7 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
{XSTR_SIZEOF("B-320"), "B-320", NID_brainpoolP320r1},
{XSTR_SIZEOF("B-384"), "B-384", NID_brainpoolP384r1},
{XSTR_SIZEOF("B-512"), "B-512", NID_brainpoolP512r1},
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
{XSTR_SIZEOF("KYBER_LEVEL1"), "KYBER_LEVEL1", WOLFSSL_KYBER_LEVEL1},
{XSTR_SIZEOF("KYBER_LEVEL3"), "KYBER_LEVEL3", WOLFSSL_KYBER_LEVEL3},
{XSTR_SIZEOF("KYBER_LEVEL5"), "KYBER_LEVEL5", WOLFSSL_KYBER_LEVEL5},
@@ -2615,7 +2615,7 @@ static int isValidCurveGroup(word16 name)
case WOLFSSL_FFDHE_6144:
case WOLFSSL_FFDHE_8192:
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case WOLFSSL_KYBER_LEVEL1:
case WOLFSSL_KYBER_LEVEL3:
case WOLFSSL_KYBER_LEVEL5:
@@ -3939,7 +3939,7 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
#ifdef HAVE_ECC
cm->minEccKeySz = MIN_ECCKEY_SZ;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
cm->minFalconKeySz = MIN_FALCONKEY_SZ;
#endif
@@ -4887,7 +4887,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
}
break;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
if (cm->minFalconKeySz < 0 ||
FALCON_LEVEL1_KEY_SIZE < (word16)cm->minFalconKeySz) {
@@ -4902,7 +4902,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
WOLFSSL_MSG("\tCA Falcon level 5 key size error");
}
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
WOLFSSL_MSG("\tNo key size check done on CA");
@@ -5442,7 +5442,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#endif
if (ret != 0) {
#if !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
!defined(HAVE_ED448) && !defined(HAVE_LIBOQS)
!defined(HAVE_ED448) && !defined(HAVE_PQC)
WOLFSSL_MSG("RSA decode failed and other algorithms "
"not enabled to try");
ret = WOLFSSL_BAD_FILE;
@@ -5675,7 +5675,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#endif
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ret == 0 && ((*keyFormat == 0) || (*keyFormat == FALCON_LEVEL1k) ||
(*keyFormat == FALCON_LEVEL5k))) {
/* make sure Falcon key can be used */
@@ -5739,7 +5739,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
}
XFREE(key, heap, DYNAMIC_TYPE_FALCON);
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
return ret;
}
@@ -6087,7 +6087,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \
defined(HAVE_LIBOQS)
defined(HAVE_PQC)
if (ssl) {
ssl->pkCurveOID = cert->pkCurveOID;
#ifndef WC_STRICT_SIG
@@ -6104,7 +6104,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
ssl->options.haveECC = 1;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
else if (cert->keyOID == FALCON_LEVEL1k ||
cert->keyOID == FALCON_LEVEL5k) {
ssl->options.haveFalconSig = 1;
@@ -6130,7 +6130,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
ctx->haveECC = 1;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
else if (cert->keyOID == FALCON_LEVEL1k ||
cert->keyOID == FALCON_LEVEL5k) {
ctx->haveFalconSig = 1;
@@ -6243,7 +6243,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
break;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
case FALCON_LEVEL5k:
/* Falcon is fixed key size */
@@ -6263,7 +6263,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
}
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
WOLFSSL_MSG("No key size check done on certificate");
@@ -8524,7 +8524,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out,
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH && OPENSSL_EXTRA && WOLFSSL_DH_EXTRA */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
{
int isFalcon = 0;
#ifdef WOLFSSL_SMALL_STACK
@@ -8584,7 +8584,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out,
}
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
if (pkey == NULL) {
WOLFSSL_MSG("wolfSSL_d2i_PUBKEY couldn't determine key type");
@@ -32216,7 +32216,7 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
#ifdef HAVE_ED25519
{ NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"},
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
{ CTC_FALCON_LEVEL1, FALCON_LEVEL1k, oidKeyType, "Falcon Level 1",
"Falcon Level 1"},
{ CTC_FALCON_LEVEL5, FALCON_LEVEL5k, oidKeyType, "Falcon Level 5",
@@ -36959,7 +36959,7 @@ struct WOLFSSL_HashSigInfo {
#ifdef HAVE_ED448
{ no_mac, ed448_sa_algo, CTC_ED448 },
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
{ no_mac, falcon_level1_sa_algo, CTC_FALCON_LEVEL1 },
{ no_mac, falcon_level5_sa_algo, CTC_FALCON_LEVEL5 },
#endif
+93 -75
View File
@@ -48,9 +48,11 @@
#ifdef HAVE_CURVE448
#include <wolfssl/wolfcrypt/curve448.h>
#endif
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
#include <oqs/kem.h>
#endif
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
static int TLSX_KeyShare_IsSupported(int namedGroup);
@@ -3800,7 +3802,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
#ifdef HAVE_SUPPORTED_CURVES
#if !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) \
&& !defined(HAVE_FFDHE) && !defined(HAVE_LIBOQS)
&& !defined(HAVE_FFDHE) && !defined(HAVE_PQC)
#error Elliptic Curves Extension requires Elliptic Curve Cryptography or liboqs groups. \
Use --enable-ecc and/or --enable-liboqs in the configure script or \
define HAVE_ECC. Alternatively use FFDHE for DH ciphersuites.
@@ -6633,6 +6635,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
return ret;
}
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
/* Transform a group ID into an OQS Algorithm name as a string. */
static const char* OQS_ID2name(int id)
@@ -6655,73 +6658,75 @@ static const char* OQS_ID2name(int id)
}
return NULL;
}
#endif /* HAVE_LIBOQS */
typedef struct OqsHybridMapping {
typedef struct PqcHybridMapping {
int hybrid;
int ecc;
int oqs;
} OqsHybridMapping;
int pqc;
} PqcHybridMapping;
static const OqsHybridMapping oqs_hybrid_mapping[] = {
{.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.oqs = WOLFSSL_NTRU_HPS_LEVEL1},
{.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.oqs = WOLFSSL_NTRU_HPS_LEVEL3},
{.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.oqs = WOLFSSL_NTRU_HPS_LEVEL5},
{.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.oqs = WOLFSSL_NTRU_HRSS_LEVEL3},
{.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.oqs = WOLFSSL_SABER_LEVEL1},
{.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.oqs = WOLFSSL_SABER_LEVEL3},
{.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.oqs = WOLFSSL_SABER_LEVEL5},
{.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.oqs = WOLFSSL_KYBER_LEVEL1},
{.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.oqs = WOLFSSL_KYBER_LEVEL3},
{.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.oqs = WOLFSSL_KYBER_LEVEL5},
{.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.oqs = WOLFSSL_KYBER_90S_LEVEL1},
{.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.oqs = WOLFSSL_KYBER_90S_LEVEL3},
{.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.oqs = WOLFSSL_KYBER_90S_LEVEL5},
{.hybrid = 0, .ecc = 0, .oqs = 0}
static const PqcHybridMapping pqc_hybrid_mapping[] = {
{.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.pqc = WOLFSSL_NTRU_HPS_LEVEL1},
{.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.pqc = WOLFSSL_NTRU_HPS_LEVEL3},
{.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.pqc = WOLFSSL_NTRU_HPS_LEVEL5},
{.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.pqc = WOLFSSL_NTRU_HRSS_LEVEL3},
{.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.pqc = WOLFSSL_SABER_LEVEL1},
{.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.pqc = WOLFSSL_SABER_LEVEL3},
{.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.pqc = WOLFSSL_SABER_LEVEL5},
{.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.pqc = WOLFSSL_KYBER_LEVEL1},
{.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.pqc = WOLFSSL_KYBER_LEVEL3},
{.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.pqc = WOLFSSL_KYBER_LEVEL5},
{.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1,
.pqc = WOLFSSL_KYBER_90S_LEVEL1},
{.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1,
.pqc = WOLFSSL_KYBER_90S_LEVEL3},
{.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1,
.pqc = WOLFSSL_KYBER_90S_LEVEL5},
{.hybrid = 0, .ecc = 0, .pqc = 0}
};
/* This will map an ecc-oqs hybrid group into its ecc group and oqs group.
* If it cannot find a mapping then *oqs is set to group. ecc is optional. */
static void findEccOqs(int *ecc, int *oqs, int group)
/* This will map an ecc-pqs hybrid group into its ecc group and pqc kem group.
* If it cannot find a mapping then *pqc is set to group. ecc is optional. */
static void findEccPqc(int *ecc, int *pqc, int group)
{
int i;
if (oqs == NULL) {
if (pqc == NULL) {
return;
}
*oqs = 0;
*pqc = 0;
if (ecc != NULL) {
*ecc = 0;
}
for (i = 0; oqs_hybrid_mapping[i].hybrid != 0; i++) {
if (oqs_hybrid_mapping[i].hybrid == group) {
*oqs = oqs_hybrid_mapping[i].oqs;
for (i = 0; pqc_hybrid_mapping[i].hybrid != 0; i++) {
if (pqc_hybrid_mapping[i].hybrid == group) {
*pqc = pqc_hybrid_mapping[i].pqc;
if (ecc != NULL) {
*ecc = oqs_hybrid_mapping[i].ecc;
*ecc = pqc_hybrid_mapping[i].ecc;
}
break;
}
}
if (*oqs == 0) {
if (*pqc == 0) {
/* It is not a hybrid, so maybe its simple. */
*oqs = group;
*pqc = group;
}
}
#ifdef HAVE_LIBOQS
/* Create a key share entry using liboqs parameters group.
* Generates a key pair.
*
@@ -6740,7 +6745,7 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse)
int oqs_group = 0;
int ecc_group = 0;
findEccOqs(&ecc_group, &oqs_group, kse->group);
findEccPqc(&ecc_group, &oqs_group, kse->group);
algName = OQS_ID2name(oqs_group);
if (algName == NULL) {
WOLFSSL_MSG("Invalid OQS algorithm specified.");
@@ -6830,7 +6835,8 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse)
return ret;
}
#endif
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
/* Generate a secret/key using the key share entry.
*
@@ -6847,9 +6853,11 @@ static int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse)
ret = TLSX_KeyShare_GenX25519Key(ssl, kse);
else if (kse->group == WOLFSSL_ECC_X448)
ret = TLSX_KeyShare_GenX448Key(ssl, kse);
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
else if (kse->group >= WOLFSSL_OQS_MIN && kse->group <= WOLFSSL_OQS_MAX)
else if (kse->group >= WOLFSSL_PQC_MIN && kse->group <= WOLFSSL_PQC_MAX)
ret = TLSX_KeyShare_GenOqsKey(ssl, kse);
#endif
#endif
else
ret = TLSX_KeyShare_GenEccKey(ssl, kse);
@@ -6886,9 +6894,9 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
wc_curve448_free((curve448_key*)current->key);
#endif
}
#ifdef HAVE_LIBOQS
else if (current->group >= WOLFSSL_OQS_MIN &&
current->group <= WOLFSSL_OQS_MAX &&
#ifdef HAVE_PQC
else if (current->group >= WOLFSSL_PQC_MIN &&
current->group <= WOLFSSL_PQC_MAX &&
current->key != NULL) {
ForceZero((byte*)current->key, current->keyLen);
}
@@ -7408,6 +7416,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
return ret;
}
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
/* Process the liboqs key share extension on the client side.
*
@@ -7450,7 +7459,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
}
/* I am the client, the ciphertext is in keyShareEntry->ke */
findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group);
findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group);
algName = OQS_ID2name(oqs_group);
if (algName == NULL) {
@@ -7559,6 +7568,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
return ret;
}
#endif
#endif
/* Process the key share extension on the client side.
*
@@ -7581,10 +7591,12 @@ static int TLSX_KeyShare_Process(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
ret = TLSX_KeyShare_ProcessX25519(ssl, keyShareEntry);
else if (keyShareEntry->group == WOLFSSL_ECC_X448)
ret = TLSX_KeyShare_ProcessX448(ssl, keyShareEntry);
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
else if (keyShareEntry->group >= WOLFSSL_OQS_MIN &&
keyShareEntry->group <= WOLFSSL_OQS_MAX)
else if (keyShareEntry->group >= WOLFSSL_PQC_MIN &&
keyShareEntry->group <= WOLFSSL_PQC_MAX)
ret = TLSX_KeyShare_ProcessOqs(ssl, keyShareEntry);
#endif
#endif
else
ret = TLSX_KeyShare_ProcessEcc(ssl, keyShareEntry);
@@ -7633,9 +7645,9 @@ static int TLSX_KeyShareEntry_Parse(WOLFSSL* ssl, const byte* input,
if (keLen > length - offset)
return BUFFER_ERROR;
#ifdef HAVE_LIBOQS
if (group >= WOLFSSL_OQS_MIN &&
group <= WOLFSSL_OQS_MAX &&
#ifdef HAVE_PQC
if (group >= WOLFSSL_PQC_MIN &&
group <= WOLFSSL_PQC_MAX &&
ssl->options.side == WOLFSSL_SERVER_END) {
/* For KEMs, the public key is not stored. Casting away const because
* we know for KEMs, it will be read-only.*/
@@ -7800,7 +7812,7 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
/* Not in list sent if there isn't a private key. */
if (keyShareEntry == NULL || (keyShareEntry->key == NULL
#if !defined(NO_DH) || defined(HAVE_LIBOQS)
#if !defined(NO_DH) || defined(HAVE_PQC)
&& keyShareEntry->privKey == NULL
#endif
)) {
@@ -7838,9 +7850,9 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
return ret;
}
#ifdef HAVE_LIBOQS
/* For oqs groups, do this in TLSX_PopulateExtensions(). */
if (group < WOLFSSL_OQS_MIN || group > WOLFSSL_OQS_MAX)
#ifdef HAVE_PQC
/* For post-quantum groups, do this in TLSX_PopulateExtensions(). */
if (group < WOLFSSL_PQC_MIN || group > WOLFSSL_PQC_MAX)
#endif
ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL);
}
@@ -7888,6 +7900,7 @@ static int TLSX_KeyShare_New(KeyShareEntry** list, int group, void *heap,
return 0;
}
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
static int server_generate_oqs_ciphertext(WOLFSSL* ssl,
KeyShareEntry* keyShareEntry,
@@ -7908,7 +7921,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl,
ecc_key eccpubkey;
word32 outlen = 0;
findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group);
findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group);
algName = OQS_ID2name(oqs_group);
if (algName == NULL) {
WOLFSSL_MSG("Invalid OQS algorithm specified.");
@@ -8034,6 +8047,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl,
return ret;
}
#endif
#endif
/* Use the data to create a new key share object in the extensions.
*
@@ -8082,9 +8096,10 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data,
}
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
if (group >= WOLFSSL_OQS_MIN &&
group <= WOLFSSL_OQS_MAX &&
if (group >= WOLFSSL_PQC_MIN &&
group <= WOLFSSL_PQC_MAX &&
ssl->options.side == WOLFSSL_SERVER_END) {
ret = server_generate_oqs_ciphertext(ssl, keyShareEntry, data,
len);
@@ -8092,6 +8107,7 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data,
return ret;
}
else
#endif
#endif
if (data != NULL) {
if (keyShareEntry->ke != NULL) {
@@ -8243,7 +8259,7 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
break;
#endif
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case WOLFSSL_KYBER_LEVEL1:
case WOLFSSL_KYBER_LEVEL3:
case WOLFSSL_KYBER_LEVEL5:
@@ -8270,10 +8286,12 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
case WOLFSSL_P256_KYBER_90S_LEVEL1:
case WOLFSSL_P384_KYBER_90S_LEVEL3:
case WOLFSSL_P521_KYBER_90S_LEVEL5:
findEccOqs(NULL, &namedGroup, namedGroup);
#ifdef HAVE_LIBOQS
findEccPqc(NULL, &namedGroup, namedGroup);
if (! OQS_KEM_alg_is_enabled(OQS_ID2name(namedGroup))) {
return 0;
}
#endif
break;
#endif
default:
@@ -8341,7 +8359,7 @@ static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group)
#ifdef HAVE_FFDHE_8192
ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_8192;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* For the liboqs groups we need to do a runtime check because
* liboqs could be compiled to make an algorithm unavailable.
*/
@@ -8524,9 +8542,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry)
clientKSE->group > MAX_FFHDE_GROUP) {
/* Check max value supported. */
if (clientKSE->group > WOLFSSL_ECC_MAX) {
#ifdef HAVE_LIBOQS
if (clientKSE->group < WOLFSSL_OQS_MIN ||
clientKSE->group > WOLFSSL_OQS_MAX )
#ifdef HAVE_PQC
if (clientKSE->group < WOLFSSL_PQC_MIN ||
clientKSE->group > WOLFSSL_PQC_MAX )
#endif
continue;
}
@@ -8566,9 +8584,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry)
return ret;
if (clientKSE->key == NULL) {
#ifdef HAVE_LIBOQS
if (clientKSE->group >= WOLFSSL_OQS_MIN &&
clientKSE->group <= WOLFSSL_OQS_MAX ) {
#ifdef HAVE_PQC
if (clientKSE->group >= WOLFSSL_PQC_MIN &&
clientKSE->group <= WOLFSSL_PQC_MAX ) {
/* Going to need the public key (AKA ciphertext). */
serverKSE->pubKey = clientKSE->pubKey;
clientKSE->pubKey = NULL;
@@ -10220,7 +10238,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
#endif
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap);
if (ret == WOLFSSL_SUCCESS)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL3,
@@ -10298,7 +10316,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_90S_LEVEL5,
ssl->heap);
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
(void)ssl;
(void)extensions;
@@ -10469,9 +10487,9 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
namedGroup = kse->group;
}
if (namedGroup > 0) {
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* For KEMs, the key share has already been generated. */
if (namedGroup < WOLFSSL_OQS_MIN || namedGroup > WOLFSSL_OQS_MAX)
if (namedGroup < WOLFSSL_PQC_MIN || namedGroup > WOLFSSL_PQC_MAX)
#endif
ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL);
if (ret != 0)
+19 -19
View File
@@ -5241,7 +5241,7 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
#ifndef NO_CERTS
#if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_ED448) || defined(HAVE_LIBOQS)
defined(HAVE_ED448) || defined(HAVE_PQC)
/* Encode the signature algorithm into buffer.
*
* hashalgo The hash algorithm.
@@ -5280,7 +5280,7 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
output[1] = hashAlgo;
break;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case falcon_level1_sa_algo:
output[0] = FALCON_LEVEL1_SA_MAJOR;
output[1] = FALCON_LEVEL1_SA_MINOR;
@@ -5333,8 +5333,8 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo,
else
ret = INVALID_PARAMETER;
break;
#ifdef HAVE_LIBOQS
case OQS_SA_MAJOR:
#ifdef HAVE_PQC
case PQC_SA_MAJOR:
if (input[1] == FALCON_LEVEL1_SA_MINOR) {
*hsType = falcon_level1_sa_algo;
/* Hash performed as part of sign/verify operation. */
@@ -5967,7 +5967,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
}
#if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_ED448) || defined(HAVE_LIBOQS)) && \
defined(HAVE_ED448) || defined(HAVE_PQC)) && \
(!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH))
typedef struct Scv13Args {
byte* output; /* not allocated */
@@ -6112,7 +6112,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
else if (ssl->hsType == DYNAMIC_TYPE_ED448)
args->sigAlgo = ed448_sa_algo;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
else if (ssl->hsType == DYNAMIC_TYPE_FALCON) {
falcon_key* fkey = (falcon_key*)ssl->hsKey;
byte level = 0;
@@ -6206,11 +6206,11 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
sig->length = ED448_SIG_SIZE;
}
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->hsType == DYNAMIC_TYPE_FALCON) {
sig->length = FALCON_MAX_SIG_SIZE;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
/* Advance state and proceed */
ssl->options.asyncState = TLS_ASYNC_DO;
@@ -6262,7 +6262,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args->length = (word16)sig->length;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->hsType == DYNAMIC_TYPE_FALCON) {
ret = wc_falcon_sign_msg(args->sigData, args->sigDataSz,
args->verify + HASH_SIG_SIZE +
@@ -6270,7 +6270,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
(falcon_key*)ssl->hsKey);
args->length = (word16)sig->length;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef NO_RSA
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
ret = RsaSign(ssl, sig->buffer, (word32)sig->length,
@@ -6581,7 +6581,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
goto exit_dcv;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (args->sigAlgo == falcon_level1_sa_algo && !ssl->peerFalconKeyPresent) {
WOLFSSL_MSG("Peer sent Falcon Level 1 sig but different cert");
ret = SIG_VERIFY_E;
@@ -6664,7 +6664,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
ret = 0;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->peerFalconKeyPresent) {
WOLFSSL_MSG("Doing Falcon peer cert verify");
@@ -6758,7 +6758,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
}
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (ssl->peerFalconKeyPresent) {
int res = 0;
WOLFSSL_MSG("Doing Falcon peer cert verify");
@@ -8141,7 +8141,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif
#if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_ED448) || defined(HAVE_LIBOQS)
defined(HAVE_ED448) || defined(HAVE_PQC)
case certificate_verify:
WOLFSSL_MSG("processing certificate verify");
ret = DoTls13CertificateVerify(ssl, input, inOutIdx, size);
@@ -8579,7 +8579,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
case FIRST_REPLY_THIRD:
#if (!defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \
defined(HAVE_ED25519) || defined(HAVE_ED448) || \
defined(HAVE_LIBOQS))) && (!defined(NO_WOLFSSL_SERVER) || \
defined(HAVE_PQC))) && (!defined(NO_WOLFSSL_SERVER) || \
!defined(WOLFSSL_NO_CLIENT_AUTH))
if (!ssl->options.resuming && ssl->options.sendVerify) {
ssl->error = SendTls13CertificateVerify(ssl);
@@ -8740,9 +8740,9 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
}
#endif
#ifdef HAVE_LIBOQS
if (group >= WOLFSSL_OQS_MIN &&
group <= WOLFSSL_OQS_MAX) {
#ifdef HAVE_PQC
if (group >= WOLFSSL_PQC_MIN &&
group <= WOLFSSL_PQC_MAX) {
if (ssl->ctx != NULL && ssl->ctx->method != NULL &&
ssl->ctx->method->version.minor != TLSv1_3_MINOR) {
@@ -9525,7 +9525,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
case TLS13_CERT_SENT :
#if !defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \
defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS))
defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC))
if (!ssl->options.resuming && ssl->options.sendVerify) {
if ((ssl->error = SendTls13CertificateVerify(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);
+4 -4
View File
@@ -47079,7 +47079,7 @@ static int test_tls13_apis(void)
#endif
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
int groups[2] = { WOLFSSL_ECC_SECP256R1,
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
WOLFSSL_SABER_LEVEL3
#else
WOLFSSL_ECC_SECP256R1
@@ -47099,11 +47099,11 @@ static int test_tls13_apis(void)
#endif
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
"P-256"
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
":P256_SABER_LEVEL1"
#endif
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
":KYBER_LEVEL1"
#endif
"";
@@ -47209,7 +47209,7 @@ static int test_tls13_apis(void)
#endif
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
+1 -1
View File
@@ -877,7 +877,7 @@ int SuiteTest(int argc, char** argv)
goto exit;
}
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* add TLSv13 pq tests */
strcpy(argv0[1], "tests/test-tls13-pq.conf");
printf("starting TLSv13 post-quantum groups tests\n");
+52 -52
View File
@@ -1,260 +1,260 @@
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL1
--pqc KYBER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL1
--pqc KYBER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL3
--pqc KYBER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL3
--pqc KYBER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL5
--pqc KYBER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_LEVEL5
--pqc KYBER_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL1
--pqc KYBER_90S_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL1
--pqc KYBER_90S_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL3
--pqc KYBER_90S_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL3
--pqc KYBER_90S_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL5
--pqc KYBER_90S_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs KYBER_90S_LEVEL5
--pqc KYBER_90S_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL1
--pqc NTRU_HPS_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL1
--pqc NTRU_HPS_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL3
--pqc NTRU_HPS_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL3
--pqc NTRU_HPS_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL5
--pqc NTRU_HPS_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HPS_LEVEL5
--pqc NTRU_HPS_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HRSS_LEVEL3
--pqc NTRU_HRSS_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs NTRU_HRSS_LEVEL3
--pqc NTRU_HRSS_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL1
--pqc SABER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL1
--pqc SABER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL3
--pqc SABER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL3
--pqc SABER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL5
--pqc SABER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs SABER_LEVEL5
--pqc SABER_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_NTRU_HPS_LEVEL1
--pqc P256_NTRU_HPS_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_NTRU_HPS_LEVEL1
--pqc P256_NTRU_HPS_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_NTRU_HPS_LEVEL3
--pqc P384_NTRU_HPS_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_NTRU_HPS_LEVEL3
--pqc P384_NTRU_HPS_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_NTRU_HPS_LEVEL5
--pqc P521_NTRU_HPS_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_NTRU_HPS_LEVEL5
--pqc P521_NTRU_HPS_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_NTRU_HRSS_LEVEL3
--pqc P384_NTRU_HRSS_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_NTRU_HRSS_LEVEL3
--pqc P384_NTRU_HRSS_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_SABER_LEVEL1
--pqc P256_SABER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_SABER_LEVEL1
--pqc P256_SABER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_SABER_LEVEL3
--pqc P384_SABER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_SABER_LEVEL3
--pqc P384_SABER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_SABER_LEVEL5
--pqc P521_SABER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_SABER_LEVEL5
--pqc P521_SABER_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_KYBER_LEVEL1
--pqc P256_KYBER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_KYBER_LEVEL1
--pqc P256_KYBER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_KYBER_LEVEL3
--pqc P384_KYBER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_KYBER_LEVEL3
--pqc P384_KYBER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_KYBER_LEVEL5
--pqc P521_KYBER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_KYBER_LEVEL5
--pqc P521_KYBER_LEVEL5
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_KYBER_90S_LEVEL1
--pqc P256_KYBER_90S_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P256_KYBER_90S_LEVEL1
--pqc P256_KYBER_90S_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_KYBER_90S_LEVEL3
--pqc P384_KYBER_90S_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P384_KYBER_90S_LEVEL3
--pqc P384_KYBER_90S_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_KYBER_90S_LEVEL5
--pqc P521_KYBER_90S_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--oqs P521_KYBER_90S_LEVEL5
--pqc P521_KYBER_90S_LEVEL5
+52 -42
View File
@@ -200,6 +200,8 @@
#endif
#ifdef HAVE_LIBOQS
#include <oqs/kem.h>
#endif
#ifdef HAVE_PQC
#include <wolfssl/wolfcrypt/falcon.h>
#endif
@@ -612,7 +614,7 @@ typedef struct bench_pq_alg {
const char* str;
/* Bit values to set. */
word32 val;
const char* oqs_name;
const char* pqc_name;
} bench_pq_alg;
/* All recognized post-quantum asymmetric algorithm choosing command line
@@ -1500,7 +1502,7 @@ static void bench_stats_asym_finish(const char* algo, int strength,
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
static void bench_stats_pq_asym_finish(const char* algo, int doAsync, int count,
double start, int ret)
{
@@ -2160,63 +2162,63 @@ static void* benchmarks_do(void* args)
#endif
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL1_SIGN))
bench_falconKeySign(1);
if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL5_SIGN))
bench_falconKeySign(5);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_KEYGEN))
bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN);
bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_ENCAP))
bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP);
bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_KEYGEN))
bench_oqsKemKeygen(BENCH_SABER_LEVEL1_KEYGEN);
bench_pqcKemKeygen(BENCH_SABER_LEVEL1_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_ENCAP))
bench_oqsKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP);
bench_pqcKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_KEYGEN))
bench_oqsKemKeygen(BENCH_SABER_LEVEL3_KEYGEN);
bench_pqcKemKeygen(BENCH_SABER_LEVEL3_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_ENCAP))
bench_oqsKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP);
bench_pqcKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_KEYGEN))
bench_oqsKemKeygen(BENCH_SABER_LEVEL5_KEYGEN);
bench_pqcKemKeygen(BENCH_SABER_LEVEL5_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_ENCAP))
bench_oqsKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP);
bench_pqcKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_KEYGEN))
bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN);
bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_ENCAP))
bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP);
bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_KEYGEN))
bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN);
bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_ENCAP))
bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP);
bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_KEYGEN))
bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN);
bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_ENCAP))
bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP);
bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_KEYGEN))
bench_oqsKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN);
bench_pqcKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN);
if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_ENCAP))
bench_oqsKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP);
bench_pqcKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP);
#endif
#ifdef WOLFCRYPT_HAVE_SAKKE
@@ -6656,34 +6658,36 @@ void bench_sakke(void)
#endif /* WOLFCRYPT_SAKKE_CLIENT */
#endif /* WOLFCRYPT_HAVE_SAKKE */
#ifdef HAVE_LIBOQS
static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key,
#ifdef HAVE_PQC
static void bench_pqcKemInit(word32 alg, byte **priv_key, byte **pub_key,
const char **wolf_name, OQS_KEM **kem)
{
int i;
const char *oqs_name = NULL;
const char *pqc_name = NULL;
*pub_key = NULL;
*priv_key = NULL;
for (i=0; bench_pq_asym_opt[i].str != NULL; i++) {
if (alg == bench_pq_asym_opt[i].val) {
oqs_name = bench_pq_asym_opt[i].oqs_name;
pqc_name = bench_pq_asym_opt[i].pqc_name;
*wolf_name = bench_pq_asym_opt[i].str;
break;
}
}
if (oqs_name == NULL) {
if (pqc_name == NULL) {
printf("Bad OQS Alg specified\n");
return;
}
*kem = OQS_KEM_new(oqs_name);
#ifdef HAVE_LIBOQS
*kem = OQS_KEM_new(pqc_name);
if (*kem == NULL) {
printf("OQS_KEM_new() failed\n");
return;
}
#endif
*pub_key = (byte*)XMALLOC((*kem)->length_public_key, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
@@ -6694,7 +6698,7 @@ static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key,
}
void bench_oqsKemKeygen(word32 alg)
void bench_pqcKemKeygen(word32 alg)
{
const char *wolf_name = NULL;
OQS_KEM* kem = NULL;
@@ -6703,22 +6707,24 @@ void bench_oqsKemKeygen(word32 alg)
byte *priv_key;
byte *pub_key;
bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem);
bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem);
if (wolf_name == NULL || kem == NULL || pub_key == NULL ||
priv_key == NULL) {
printf("bench_oqsKemInit() failed\n");
printf("bench_pqcKemInit() failed\n");
goto exit;
}
bench_stats_start(&count, &start);
do {
for (i = 0; i < genTimes; i++) {
#ifdef HAVE_LIBOQS
ret = OQS_KEM_keypair(kem, pub_key, priv_key);
if (ret != OQS_SUCCESS) {
printf("OQS_KEM_keypair() failed: %d\n", ret);
goto exit;
}
#endif
}
count += i;
} while (bench_stats_sym_check(start));
@@ -6733,7 +6739,7 @@ exit:
}
void bench_oqsKemEncapDecap(word32 alg)
void bench_pqcKemEncapDecap(word32 alg)
{
const char *wolf_name = NULL;
OQS_KEM* kem = NULL;
@@ -6744,19 +6750,21 @@ void bench_oqsKemEncapDecap(word32 alg)
byte *ciphertext = NULL;
byte *shared_secret = NULL;
bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem);
bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem);
if (wolf_name == NULL || kem == NULL || pub_key == NULL ||
priv_key == NULL) {
printf("bench_oqsKemInit() failed\n");
printf("bench_pqcKemInit() failed\n");
goto exit;
}
#ifdef HAVE_LIBOQS
ret = OQS_KEM_keypair(kem, pub_key, priv_key);
if (ret != OQS_SUCCESS) {
printf("OQS_KEM_keypair() failed: %d\n", ret);
goto exit;
}
#endif
shared_secret = (byte*)XMALLOC(kem->length_shared_secret, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
@@ -6773,6 +6781,7 @@ void bench_oqsKemEncapDecap(word32 alg)
bench_stats_start(&count, &start);
do {
for (i = 0; i < agreeTimes; i++) {
#ifdef HAVE_LIBOQS
ret = OQS_KEM_encaps(kem, ciphertext, shared_secret, pub_key);
if (ret != OQS_SUCCESS) {
printf("OQS_KEM_encaps() failed: %d\n", ret);
@@ -6784,6 +6793,7 @@ void bench_oqsKemEncapDecap(word32 alg)
printf("OQS_KEM_decaps() failed: %d\n", ret);
goto exit;
}
#endif
}
count += i;
} while (bench_stats_sym_check(start));
@@ -6898,7 +6908,7 @@ void bench_falconKeySign(byte level)
wc_falcon_free(&key);
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef HAVE_STACK_SIZE
#if defined(_WIN32) && !defined(INTIME_RTOS)
+2 -2
View File
@@ -107,8 +107,8 @@ void bench_blake2b(void);
void bench_blake2s(void);
void bench_pbkdf2(void);
void bench_falconKeySign(byte level);
void bench_oqsKemKeygen(word32 alg);
void bench_oqsKemEncapDecap(word32 alg);
void bench_pqcKemKeygen(word32 alg);
void bench_pqcKemEncapDecap(word32 alg);
void bench_stats_print(void);
+39 -39
View File
@@ -133,7 +133,7 @@ ASN Options:
#include <wolfssl/wolfcrypt/curve448.h>
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
#include <wolfssl/wolfcrypt/falcon.h>
#endif
@@ -3822,13 +3822,13 @@ static word32 SetBitString16Bit(word16 val, byte* output)
#ifdef HAVE_ED448
static const byte sigEd448Oid[] = {43, 101, 113};
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* Falcon Level 1: 1 3 9999 3 1 */
static const byte sigFalcon_Level1Oid[] = {43, 206, 15, 3, 1};
/* Falcon Level 5: 1 3 9999 3 4 */
static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 4};
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
/* keyType */
#ifndef NO_DSA
@@ -3855,13 +3855,13 @@ static word32 SetBitString16Bit(word16 val, byte* output)
#ifndef NO_DH
static const byte keyDhOid[] = {42, 134, 72, 134, 247, 13, 1, 3, 1};
#endif /* !NO_DH */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* Falcon Level 1: 1 3 9999 3 1 */
static const byte keyFalcon_Level1Oid[] = {43, 206, 15, 3, 1};
/* Falcon Level 5: 1 3 9999 3 4 */
static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 4};
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
/* curveType */
#ifdef HAVE_ECC
@@ -4286,7 +4286,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
*oidSz = sizeof(sigEd448Oid);
break;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case CTC_FALCON_LEVEL1:
oid = sigFalcon_Level1Oid;
*oidSz = sizeof(sigFalcon_Level1Oid);
@@ -4351,7 +4351,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
*oidSz = sizeof(keyDhOid);
break;
#endif /* !NO_DH */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
oid = keyFalcon_Level1Oid;
*oidSz = sizeof(keyFalcon_Level1Oid);
@@ -6189,7 +6189,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
}
else
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if ((ks == FALCON_LEVEL1k) || (ks == FALCON_LEVEL5k)) {
#ifdef WOLFSSL_SMALL_STACK
falcon_key* key_pair = NULL;
@@ -6242,7 +6242,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
#endif
}
else
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
{
ret = 0;
}
@@ -6544,7 +6544,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
XFREE(ed448, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if (*algoID == 0) {
falcon_key *falcon = (falcon_key *)XMALLOC(sizeof(*falcon), heap,
DYNAMIC_TYPE_TMP_BUFFER);
@@ -6578,7 +6578,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
}
XFREE(falcon, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
/* if flag is not set then this is not a key that we understand. */
if (*algoID == 0) {
@@ -9657,7 +9657,7 @@ static int GetCertHeader(DecodedCert* cert)
}
#endif
#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS)
#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC)
/* Store the key data under the BIT_STRING in dynamicly allocated data.
*
* @param [in, out] cert Certificate object.
@@ -10087,7 +10087,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
ret = StoreKey(cert, source, &srcIdx, maxIdx);
break;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
cert->pkCurveOID = FALCON_LEVEL1k;
ret = StoreKey(cert, source, &srcIdx, maxIdx);
@@ -10096,7 +10096,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
cert->pkCurveOID = FALCON_LEVEL5k;
ret = StoreKey(cert, source, &srcIdx, maxIdx);
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifndef NO_DSA
case DSAk:
cert->publicKey = source + pubIdx;
@@ -12710,7 +12710,7 @@ static WC_INLINE int IsSigAlgoECC(int algoOID)
#ifdef HAVE_CURVE448
|| (algoOID == X448k)
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
|| (algoOID == FALCON_LEVEL1k)
|| (algoOID == FALCON_LEVEL5k)
#endif
@@ -12992,7 +12992,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
sigCtx->key.ed448 = NULL;
break;
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
case FALCON_LEVEL5k:
wc_falcon_free(sigCtx->key.falcon);
@@ -13000,7 +13000,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
DYNAMIC_TYPE_FALCON);
sigCtx->key.falcon = NULL;
break;
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
break;
} /* switch (keyOID) */
@@ -13138,7 +13138,7 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
*/
break;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case CTC_FALCON_LEVEL1:
case CTC_FALCON_LEVEL5:
/* Hashes done in signing operation. */
@@ -13444,7 +13444,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
break;
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
case FALCON_LEVEL1k:
{
sigCtx->verify = 0;
@@ -13614,7 +13614,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
break;
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
case FALCON_LEVEL1k:
case FALCON_LEVEL5k:
{
@@ -13737,7 +13737,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
break;
}
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1k:
{
if (sigCtx->verify == 1) {
@@ -13760,7 +13760,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
break;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
default:
break;
} /* switch (keyOID) */
@@ -18741,7 +18741,7 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----";
wcchar BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----";
wcchar END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----";
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
wcchar BEGIN_FALCON_LEVEL1_PRIV = "-----BEGIN FALCON_LEVEL1 PRIVATE KEY-----";
wcchar END_FALCON_LEVEL1_PRIV = "-----END FALCON_LEVEL1 PRIVATE KEY-----";
wcchar BEGIN_FALCON_LEVEL5_PRIV = "-----BEGIN FALCON_LEVEL5 PRIVATE KEY-----";
@@ -18841,7 +18841,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
ret = 0;
break;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
case FALCON_LEVEL1_TYPE:
if (header) *header = BEGIN_FALCON_LEVEL1_PRIV;
if (footer) *footer = END_FALCON_LEVEL1_PRIV;
@@ -21070,7 +21070,7 @@ int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
/* Encode the public part of an Falcon key in DER.
*
* Pass NULL for output to get the size of the encoding.
@@ -21113,7 +21113,7 @@ int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output, word32 inLen,
return ret;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifdef WOLFSSL_CERT_GEN
@@ -23149,7 +23149,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if ((cert->keyType == FALCON_LEVEL1_KEY) ||
(cert->keyType == FALCON_LEVEL5_KEY)) {
if (falconKey == NULL)
@@ -23627,14 +23627,14 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz,
}
#endif /* HAVE_ED448 && HAVE_ED448_SIGN */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && falconKey) {
word32 outSz = sigSz;
ret = wc_falcon_sign_msg(buf, sz, sig, &outSz, falconKey);
if (ret == 0)
ret = outSz;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
break;
}
@@ -23824,7 +23824,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = ED25519_KEY;
else if (ed448Key)
cert->keyType = ED448_KEY;
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
else if ((falconKey != NULL) && (falconKey->level == 1))
cert->keyType = FALCON_LEVEL1_KEY;
else if ((falconKey != NULL) && (falconKey->level == 5))
@@ -23885,7 +23885,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = ED448_KEY;
}
else if (falconKey != NULL) {
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (falconKey->level == 1)
cert->keyType = FALCON_LEVEL1_KEY;
else if (falconKey->level == 5)
@@ -24353,7 +24353,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
(word32)sizeof(der->publicKey), 1);
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if ((cert->keyType == FALCON_LEVEL1_KEY) ||
(cert->keyType == FALCON_LEVEL5_KEY)) {
if (falconKey == NULL)
@@ -24626,7 +24626,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = ED25519_KEY;
else if (ed448Key)
cert->keyType = ED448_KEY;
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
else if ((falconKey != NULL) && (falconKey->level == 1))
cert->keyType = FALCON_LEVEL1_KEY;
else if ((falconKey != NULL) && (falconKey->level == 5))
@@ -24686,7 +24686,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = ED448_KEY;
}
else if (falconKey != NULL) {
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
if (falconKey->level == 1)
cert->keyType = FALCON_LEVEL1_KEY;
else if (falconKey->level == 5)
@@ -25040,7 +25040,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
bufferSz = wc_Ed448PublicKeyToDer(ed448Key, buf, MAX_PUBLIC_KEY_SZ, 0);
}
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
if (falconKey != NULL) {
bufferSz = wc_Falcon_PublicKeyToDer(falconKey, buf, MAX_PUBLIC_KEY_SZ,
0);
@@ -28252,7 +28252,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
falcon_key* key, word32 inSz)
{
@@ -28319,7 +28319,7 @@ int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx,
}
return ret;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)
int wc_Curve448PrivateKeyDecode(const byte* input, word32* inOutIdx,
@@ -28386,7 +28386,7 @@ int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen)
#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
int wc_Falcon_KeyToDer(falcon_key* key, byte* output, word32 inLen)
{
if (key == NULL) {
@@ -28425,7 +28425,7 @@ int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output, word32 inLen)
return BAD_FUNC_ARG;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)
/* Write private Curve448 key to DER format,
+9 -5
View File
@@ -25,15 +25,16 @@
#include <config.h>
#endif
/* in case user set HAVE_LIBOQS there */
/* in case user set HAVE_PQC there */
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/asn.h>
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#include <wolfssl/wolfcrypt/falcon.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -61,6 +62,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
falcon_key* key)
{
int ret = 0;
#ifdef HAVE_LIBOQS
OQS_SIG *oqssig = NULL;
size_t localOutLen = 0;
@@ -112,7 +114,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
if (oqssig != NULL) {
OQS_SIG_free(oqssig);
}
#endif
return ret;
}
@@ -132,6 +134,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, falcon_key* key)
{
int ret = 0;
#ifdef HAVE_LIBOQS
OQS_SIG *oqssig = NULL;
if (key == NULL || sig == NULL || msg == NULL || res == NULL) {
@@ -168,6 +171,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
if (oqssig != NULL) {
OQS_SIG_free(oqssig);
}
#endif
return ret;
}
@@ -683,4 +687,4 @@ int wc_falcon_sig_size(falcon_key* key)
return BAD_FUNC_ARG;
}
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
+2 -2
View File
@@ -3332,7 +3332,7 @@ static const int sizeof_dh_key_der_4096 = sizeof(dh_key_der_4096);
#endif /* USE_CERT_BUFFERS_4096 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* certs/falcon/bench_falcon_level1_key.der */
static const unsigned char bench_falcon_level1_key[] =
@@ -3980,7 +3980,7 @@ static const unsigned char bench_falcon_level5_key[] =
};
static const int sizeof_bench_falcon_level5_key = sizeof(bench_falcon_level5_key);
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
+14 -14
View File
@@ -116,7 +116,7 @@
#ifdef HAVE_CURVE448
#include <wolfssl/wolfcrypt/curve448.h>
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
#include <wolfssl/wolfcrypt/falcon.h>
#endif
#ifdef HAVE_HKDF
@@ -1235,7 +1235,7 @@ enum Misc {
HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */
SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH,
/* pre RSA and all master */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
ENCRYPT_LEN = 1500, /* allow 1500 bit static buffer for falcon */
#else
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || \
@@ -1458,7 +1458,7 @@ enum Misc {
ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */
ED448_SA_MINOR = 8, /* Least significant byte for ED448 */
OQS_SA_MAJOR = 0xFE,/* Most significant byte used with OQS sig algos
PQC_SA_MAJOR = 0xFE,/* Most significant byte used with PQC sig algos
*/
/* These match what OQS has defined in their OpenSSL fork. */
FALCON_LEVEL1_SA_MAJOR = 0xFE,
@@ -1470,7 +1470,7 @@ enum Misc {
MIN_RSA_SHA512_PSS_BITS = 512 * 2 + 8 * 8, /* Min key size */
MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
MAX_CERT_VERIFY_SZ = 1600, /* For Falcon */
#elif !defined(NO_RSA)
MAX_CERT_VERIFY_SZ = WOLFSSL_MAX_RSA_BITS / 8, /* max RSA bytes */
@@ -1501,7 +1501,7 @@ enum Misc {
MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
MAX_X509_SIZE = 5120, /* max static x509 buffer size; falcon is big */
#elif defined(WOLFSSL_HAPROXY)
MAX_X509_SIZE = 3072, /* max static x509 buffer size */
@@ -1572,7 +1572,7 @@ enum Misc {
#endif
#define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8)
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
/* set minimum Falcon key size allowed */
#ifndef MIN_FALCONKEY_SZ
#define MIN_FALCONKEY_SZ 897
@@ -2123,7 +2123,7 @@ struct WOLFSSL_CERT_MANAGER {
wolfSSL_Mutex refMutex; /* reference count mutex */
#endif
int refCount; /* reference count */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
short minFalconKeySz; /* minimum allowed Falcon key size */
#endif
@@ -2622,7 +2622,7 @@ typedef struct KeyShareEntry {
word32 keyLen; /* Key size (bytes) */
byte* pubKey; /* Public key */
word32 pubKeyLen; /* Public key length */
#if !defined(NO_DH) || defined(HAVE_LIBOQS)
#if !defined(NO_DH) || defined(HAVE_PQC)
byte* privKey; /* Private key - DH ond PQ KEMs only */
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -2873,7 +2873,7 @@ struct WOLFSSL_CTX {
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
short minEccKeySz; /* minimum ECC key size */
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
short minFalconKeySz; /* minimum Falcon key size */
#endif
unsigned long mask; /* store SSL_OP_ flags */
@@ -3733,7 +3733,7 @@ typedef struct Options {
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
short minEccKeySz; /* minimum ECC key size */
#endif
#if defined(HAVE_LIBOQS)
#if defined(HAVE_PQC)
short minFalconKeySz; /* minimum Falcon key size */
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -3908,9 +3908,9 @@ struct WOLFSSL_X509 {
int pubKeyOID;
DNS_entry* altNamesNext; /* hint for retrieval */
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \
defined(HAVE_LIBOQS)
defined(HAVE_PQC)
word32 pkCurveOID;
#endif /* HAVE_ECC || HAVE_LIBOQS */
#endif /* HAVE_ECC || HAVE_PQC */
#ifndef NO_CERTS
DerBuffer* derCert; /* may need */
#endif
@@ -4318,7 +4318,7 @@ struct WOLFSSL {
curve448_key* peerX448Key;
byte peerX448KeyPresent;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
falcon_key* peerFalconKey;
byte peerFalconKeyPresent;
#endif
@@ -4695,7 +4695,7 @@ extern const WOLF_EC_NIST_NAME kNistCurves[];
/* This is the longest and shortest curve name in the kNistCurves list. Note we
* also have quantum-safe group names as well. */
#define kNistCurves_MIN_NAME_LEN 5
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
#define kNistCurves_MAX_NAME_LEN 32
#else
#define kNistCurves_MAX_NAME_LEN 7
+9 -9
View File
@@ -794,7 +794,7 @@ enum SNICbReturn {
/* Maximum master key length (SECRET_LEN) */
#define WOLFSSL_MAX_MASTER_KEY_LENGTH 48
/* Maximum number of groups that can be set */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
#define WOLFSSL_MAX_GROUP_COUNT 36
#else
#define WOLFSSL_MAX_GROUP_COUNT 10
@@ -3638,8 +3638,8 @@ enum {
WOLFSSL_FFDHE_6144 = 259,
WOLFSSL_FFDHE_8192 = 260,
#ifdef HAVE_LIBOQS
/* These group numbers were taken from liboqs' openssl fork, see:
#ifdef HAVE_PQC
/* These group numbers were taken from OQS's openssl fork, see:
* https://github.com/open-quantum-safe/openssl/blob/OQS-OpenSSL_1_1_1-stable/
* oqs-template/oqs-kem-info.md.
*
@@ -3655,8 +3655,8 @@ enum {
* algorithms have LEVEL2 and LEVEL4 because none of these submissions
* included them. */
WOLFSSL_OQS_MIN = 532,
WOLFSSL_OQS_SIMPLE_MIN = 532,
WOLFSSL_PQC_MIN = 532,
WOLFSSL_PQC_SIMPLE_MIN = 532,
WOLFSSL_NTRU_HPS_LEVEL1 = 532, /* NTRU_HPS2048509 */
WOLFSSL_NTRU_HPS_LEVEL3 = 533, /* NTRU_HPS2048677 */
WOLFSSL_NTRU_HPS_LEVEL5 = 534, /* NTRU_HPS4096821 */
@@ -3670,9 +3670,9 @@ enum {
WOLFSSL_KYBER_90S_LEVEL1 = 574, /* KYBER_90S_512 */
WOLFSSL_KYBER_90S_LEVEL3 = 575, /* KYBER_90S_768 */
WOLFSSL_KYBER_90S_LEVEL5 = 576, /* KYBER_90S_1024 */
WOLFSSL_OQS_SIMPLE_MAX = 576,
WOLFSSL_PQC_SIMPLE_MAX = 576,
WOLFSSL_OQS_HYBRID_MIN = 12052,
WOLFSSL_PQC_HYBRID_MIN = 12052,
WOLFSSL_P256_NTRU_HPS_LEVEL1 = 12052,
WOLFSSL_P384_NTRU_HPS_LEVEL3 = 12053,
WOLFSSL_P521_NTRU_HPS_LEVEL5 = 12054,
@@ -3686,8 +3686,8 @@ enum {
WOLFSSL_P256_KYBER_90S_LEVEL1 = 12094,
WOLFSSL_P384_KYBER_90S_LEVEL3 = 12095,
WOLFSSL_P521_KYBER_90S_LEVEL5 = 12096,
WOLFSSL_OQS_HYBRID_MAX = 12096,
WOLFSSL_OQS_MAX = 12096,
WOLFSSL_PQC_HYBRID_MAX = 12096,
WOLFSSL_PQC_MAX = 12096,
#endif
};
+1 -1
View File
@@ -1262,7 +1262,7 @@ struct SignatureCtx {
#ifdef HAVE_ED448
struct ed448_key* ed448;
#endif
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
struct falcon_key* falcon;
#endif
void* ptr;
+4 -4
View File
@@ -640,7 +640,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)) || \
(defined(HAVE_LIBOQS)))
(defined(HAVE_PQC)))
#define WC_ENABLE_ASYM_KEY_EXPORT
#endif
@@ -649,7 +649,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)) || \
(defined(HAVE_LIBOQS)))
(defined(HAVE_PQC)))
#define WC_ENABLE_ASYM_KEY_IMPORT
#endif
@@ -688,13 +688,13 @@ WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte*, word32, int);
#endif
#endif /* HAVE_ED448 */
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte*, word32*, falcon_key*, word32);
WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte*, word32*, falcon_key*, word32);
WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key*, byte*, word32);
WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key*, byte*, word32);
WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key*, byte*, word32, int);
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#ifdef HAVE_CURVE448
#ifdef HAVE_CURVE448_KEY_IMPORT
+6 -2
View File
@@ -31,9 +31,11 @@
#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_LIBOQS
#ifdef HAVE_PQC
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#ifdef __cplusplus
extern "C" {
@@ -41,6 +43,7 @@
/* Macros Definitions */
#ifdef HAVE_LIBOQS
#define FALCON_LEVEL1_KEY_SIZE OQS_SIG_falcon_512_length_secret_key
#define FALCON_LEVEL1_SIG_SIZE OQS_SIG_falcon_512_length_signature
#define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key
@@ -50,6 +53,7 @@
#define FALCON_LEVEL5_SIG_SIZE OQS_SIG_falcon_1024_length_signature
#define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key
#define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE)
#endif
#define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
#define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE
@@ -125,5 +129,5 @@ int wc_falcon_sig_size(falcon_key* key);
} /* extern "C" */
#endif
#endif /* HAVE_LIBOQS */
#endif /* HAVE_PQC */
#endif /* WOLF_CRYPT_FALCON_H */
+5
View File
@@ -2585,6 +2585,11 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
/* Enable Post-Quantum Cryptography if we have liboqs from the OpenQuantumSafe
* group */
#ifdef HAVE_LIBOQS
#define HAVE_PQC
#endif
/* ---------------------------------------------------------------------------
* Depricated Algorithm Handling