From 7d4c13b9a487fb865c63139da0312c1966ac37d6 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Mon, 20 Dec 2021 11:26:25 -0500 Subject: [PATCH] --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC AKA: The Great Rename of December 2021 --- INSTALL | 10 +- README.md | 5 +- examples/benchmark/tls_bench.c | 2 +- examples/client/client.c | 138 +++++++++++++------------- examples/server/server.c | 116 +++++++++++----------- gencertbuf.pl | 6 +- src/internal.c | 58 +++++------ src/ssl.c | 36 +++---- src/tls.c | 168 ++++++++++++++++++-------------- src/tls13.c | 38 ++++---- tests/api.c | 8 +- tests/suites.c | 2 +- tests/test-tls13-pq.conf | 104 ++++++++++---------- wolfcrypt/benchmark/benchmark.c | 94 ++++++++++-------- wolfcrypt/benchmark/benchmark.h | 4 +- wolfcrypt/src/asn.c | 78 +++++++-------- wolfcrypt/src/falcon.c | 14 ++- wolfssl/certs_test.h | 4 +- wolfssl/internal.h | 28 +++--- wolfssl/ssl.h | 18 ++-- wolfssl/wolfcrypt/asn.h | 2 +- wolfssl/wolfcrypt/asn_public.h | 8 +- wolfssl/wolfcrypt/falcon.h | 8 +- wolfssl/wolfcrypt/settings.h | 5 + 24 files changed, 498 insertions(+), 456 deletions(-) diff --git a/INSTALL b/INSTALL index 7dabef7408..cbd6bdcdb0 100644 --- a/INSTALL +++ b/INSTALL @@ -168,13 +168,13 @@ For a quick start, you can run the client and server like this: - $ ./examples/server/server -v 4 --oqs P521_KYBER_LEVEL5 - $ ./examples/client/client -v 4 --oqs P521_KYBER_LEVEL5 + $ ./examples/server/server -v 4 --pqc P521_KYBER_LEVEL5 + $ ./examples/client/client -v 4 --pqc P521_KYBER_LEVEL5 Look for the following line in the output of the server and client: ``` - Using OQS KEM: P521_KYBER_LEVEL5 + Using Post-Quantum KEM: P521_KYBER_LEVEL5 ``` For authentication, you can generate a certificate chain using the Open @@ -208,13 +208,13 @@ -A certs/falcon_level5_root_cert.pem \ -c certs/falcon_level1_entity_cert.pem \ -k certs/falcon_level1_entity_key.pem \ - --oqs P521_KYBER_LEVEL5 + --pqc P521_KYBER_LEVEL5 $ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \ -A certs/falcon_level1_root_cert.pem \ -c certs/falcon_level5_entity_cert.pem \ -k certs/falcon_level5_entity_key.pem \ - --oqs P521_KYBER_LEVEL5 + --pqc P521_KYBER_LEVEL5 Congratulations! You have just achieved a fully quantum-safe TLS 1.3 connection! diff --git a/README.md b/README.md index 5425df3611..ac3861220b 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,9 @@ standard operating environments as well because of its royalty-free pricing and excellent cross platform support. wolfSSL supports industry standards up to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, -Curve25519, Blake2b and OQS TLS 1.3 groups. User benchmarking and feedback -reports dramatically better performance when using wolfSSL over OpenSSL. +Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and +feedback reports dramatically better performance when using wolfSSL over +OpenSSL. wolfSSL is powered by the wolfCrypt cryptography library. Two versions of wolfCrypt have been FIPS 140-2 validated (Certificate #2425 and diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 3521cf744d..2294cd08f6 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -271,7 +271,7 @@ static struct group_info groups[] = { { WOLFSSL_FFDHE_4096, "FFDHE_4096" }, { WOLFSSL_FFDHE_6144, "FFDHE_6144" }, { WOLFSSL_FFDHE_8192, "FFDHE_8192" }, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC { WOLFSSL_NTRU_HPS_LEVEL1, "NTRU_HPS_LEVEL1" }, { WOLFSSL_NTRU_HPS_LEVEL3, "NTRU_HPS_LEVEL3" }, { WOLFSSL_NTRU_HPS_LEVEL5, "NTRU_HPS_LEVEL5" }, diff --git a/examples/client/client.c b/examples/client/client.c index 68cf8017d9..93f3cc48ca 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -286,7 +286,7 @@ static void ShowVersions(void) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #define MAX_GROUP_NUMBER 4 static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int setGroups) + int useX448, int usePqc, char* pqcAlg, int setGroups) { int ret; int groups[MAX_GROUP_NUMBER] = {0}; @@ -294,8 +294,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); if (onlyKeyShare == 0 || onlyKeyShare == 2) { @@ -362,120 +362,120 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, } while (ret == WC_PENDING_E); #endif } - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (onlyKeyShare == 0 || onlyKeyShare == 3) { - if (useLibOqs) { + if (usePqc) { int group = 0; - if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { + if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { group = WOLFSSL_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3", XSTRLEN("KYBER_LEVEL3")) == 0) { group = WOLFSSL_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5", XSTRLEN("KYBER_LEVEL5")) == 0) { group = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1", XSTRLEN("NTRU_HPS_LEVEL1")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3", XSTRLEN("NTRU_HPS_LEVEL3")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5", XSTRLEN("NTRU_HPS_LEVEL5")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3", XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) { group = WOLFSSL_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1", XSTRLEN("SABER_LEVEL1")) == 0) { group = WOLFSSL_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3", XSTRLEN("SABER_LEVEL3")) == 0) { group = WOLFSSL_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5", XSTRLEN("SABER_LEVEL5")) == 0) { group = WOLFSSL_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1", XSTRLEN("KYBER_90S_LEVEL1")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3", XSTRLEN("KYBER_90S_LEVEL3")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5", XSTRLEN("KYBER_90S_LEVEL5")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1", XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) { group = WOLFSSL_P256_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3", XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) { group = WOLFSSL_P384_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5", XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) { group = WOLFSSL_P521_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3", XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) { group = WOLFSSL_P384_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1", XSTRLEN("P256_SABER_LEVEL1")) == 0) { group = WOLFSSL_P256_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3", XSTRLEN("P384_SABER_LEVEL3")) == 0) { group = WOLFSSL_P384_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5", XSTRLEN("P521_SABER_LEVEL5")) == 0) { group = WOLFSSL_P521_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1", XSTRLEN("P256_KYBER_LEVEL1")) == 0) { group = WOLFSSL_P256_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3", XSTRLEN("P384_KYBER_LEVEL3")) == 0) { group = WOLFSSL_P384_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5", XSTRLEN("P521_KYBER_LEVEL5")) == 0) { group = WOLFSSL_P521_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1", XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) { group = WOLFSSL_P256_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3", XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) { group = WOLFSSL_P384_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5", XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) { group = WOLFSSL_P521_KYBER_90S_LEVEL5; } else { - err_sys("invalid OQS KEM specified"); + err_sys("invalid post-quantum KEM specified"); } - printf("Using OQS KEM: %s\n", oqsAlg); + printf("Using Post-Quantum KEM: %s\n", pqcAlg); if (wolfSSL_UseKeyShare(ssl, group) != WOLFSSL_SUCCESS) { - err_sys("unable to use oqs KEM"); + err_sys("unable to use post-quantum KEM"); } } } @@ -560,7 +560,7 @@ static const char* client_bench_conmsg[][5] = { static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, int dtlsUDP, int dtlsSCTP, int benchmark, int resumeSession, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int helloRetry, int onlyKeyShare, + int useX448, int usePqc, char* pqcAlg, int helloRetry, int onlyKeyShare, int version, int earlyData) { /* time passed in number of connects give average */ @@ -578,8 +578,8 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, (void)resumeSession; (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; (void)helloRetry; (void)onlyKeyShare; (void)version; @@ -610,7 +610,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, else if (version >= 4) { if (!helloRetry) SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, - useLibOqs, oqsAlg, 1); + usePqc, pqcAlg, 1); else wolfSSL_NoKeyShares(ssl); } @@ -694,7 +694,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, /* Measures throughput in mbps. Throughput = number of bytes */ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int exitWithRet, int version, + int useX448, int usePqc, char* pqcAlg, int exitWithRet, int version, int onlyKeyShare) { double start, conn_time = 0, tx_time = 0, rx_time = 0; @@ -714,14 +714,14 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; (void)version; (void)onlyKeyShare; #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg, 1); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg, 1); } #endif @@ -1303,8 +1303,8 @@ static const char* client_usage_msg[][70] = { "-7 Set minimum downgrade protocol version [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif -#ifdef HAVE_LIBOQS - "--oqs Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", +#ifdef HAVE_PQC + "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1513,8 +1513,8 @@ static const char* client_usage_msg[][70] = { "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif -#ifdef HAVE_LIBOQS - "--oqs liboqs 名前付きグループとの鍵共有のみ\n", +#ifdef HAVE_PQC + "--pqc post-quantum 名前付きグループとの鍵共有のみ\n", "[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " LIGHTSABER, SABER, FIRESABER, P256_NTRU_HPS_LEVEL1,\n" @@ -1740,11 +1740,11 @@ static void Usage(void) #endif printf("%s", msg[++msgid]); /* -7 */ printf("%s", msg[++msgid]); /* Examples repo link */ -#ifdef HAVE_LIBOQS - printf("%s", msg[++msgid]); /* --oqs */ - printf("%s", msg[++msgid]); /* --oqs options */ - printf("%s", msg[++msgid]); /* more --oqs options */ - printf("%s", msg[++msgid]); /* more --oqs options */ +#ifdef HAVE_PQC + printf("%s", msg[++msgid]); /* --pqc */ + printf("%s", msg[++msgid]); /* --pqc options */ + printf("%s", msg[++msgid]); /* more --pqc options */ + printf("%s", msg[++msgid]); /* more --pqc options */ #endif } @@ -1784,8 +1784,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif { "help", 0, 257 }, { "ヘルプ", 0, 258 }, -#if defined(HAVE_LIBOQS) - { "oqs", 1, 259 }, +#if defined(HAVE_PQC) + { "pqc", 1, 259 }, #endif { 0, 0, 0 } }; @@ -1891,8 +1891,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif int useX25519 = 0; int useX448 = 0; - int useLibOqs = 0; - char* oqsAlg = NULL; + int usePqc = 0; + char* pqcAlg = NULL; int exitWithRet = 0; int loadCertKeyIntoSSLObj = 0; @@ -1981,8 +1981,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) (void)onlyKeyShare; (void)useSupCurve; (void)loadCertKeyIntoSSLObj; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; StackTrap(); /* Reinitialize the global myVerifyAction. */ @@ -2541,11 +2541,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) && \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) case 259: - useLibOqs = 1; + usePqc = 1; onlyKeyShare = 3; - oqsAlg = myoptarg; + pqcAlg = myoptarg; break; #endif default: @@ -2664,14 +2664,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) err_sys("can't load whitewood net random config file"); #endif -#ifdef HAVE_LIBOQS - if (useLibOqs) { +#ifdef HAVE_PQC + if (usePqc) { if (version == CLIENT_DOWNGRADE_VERSION || version == EITHER_DOWNGRADE_VERSION) printf("WARNING: If a TLS 1.3 connection is not negotiated, you " - "will not be using a liboqs group.\n"); + "will not be using a post-quantum group.\n"); else if (version != 4) - err_sys("can only use liboqs groups with TLS 1.3"); + err_sys("can only use post-quantum groups with TLS 1.3"); } #endif @@ -3205,7 +3205,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) ((func_args*)args)->return_code = ClientBenchmarkConnections(ctx, host, port, dtlsUDP, dtlsSCTP, benchmark, resumeSession, useX25519, - useX448, useLibOqs, oqsAlg, helloRetry, + useX448, usePqc, pqcAlg, helloRetry, onlyKeyShare, version, earlyData); wolfSSL_CTX_free(ctx); ctx = NULL; XEXIT_T(EXIT_SUCCESS); @@ -3215,7 +3215,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) ((func_args*)args)->return_code = ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP, block, throughput, useX25519, useX448, - useLibOqs, oqsAlg, exitWithRet, version, + usePqc, pqcAlg, exitWithRet, version, onlyKeyShare); wolfSSL_CTX_free(ctx); ctx = NULL; if (((func_args*)args)->return_code != EXIT_SUCCESS && !exitWithRet) @@ -3340,8 +3340,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (!helloRetry && version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg, 0); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg, 0); } else { wolfSSL_NoKeyShares(ssl); diff --git a/examples/server/server.c b/examples/server/server.c index c28f9ac182..378c360e1c 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -586,7 +586,7 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #define MAX_GROUP_NUMBER 4 static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, - int useX448, int useLibOqs, char* oqsAlg) + int useX448, int usePqc, char* pqcAlg) { int ret; int groups[MAX_GROUP_NUMBER] = {0}; @@ -594,8 +594,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); if (onlyKeyShare == 2) { @@ -629,124 +629,124 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, } while (ret == WC_PENDING_E); #endif } - else if (useLibOqs == 1) { - #ifdef HAVE_LIBOQS + else if (usePqc == 1) { + #ifdef HAVE_PQC groups[count] = 0; - if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { + if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3", XSTRLEN("KYBER_LEVEL3")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5", XSTRLEN("KYBER_LEVEL5")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1", XSTRLEN("NTRU_HPS_LEVEL1")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3", XSTRLEN("NTRU_HPS_LEVEL3")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5", XSTRLEN("NTRU_HPS_LEVEL5")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3", XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) { groups[count] = WOLFSSL_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1", XSTRLEN("SABER_LEVEL1")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3", XSTRLEN("SABER_LEVEL3")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5", XSTRLEN("SABER_LEVEL5")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1", XSTRLEN("KYBER_90S_LEVEL1")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3", XSTRLEN("KYBER_90S_LEVEL3")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5", XSTRLEN("KYBER_90S_LEVEL5")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1", XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3", XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5", XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3", XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1", XSTRLEN("P256_SABER_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3", XSTRLEN("P384_SABER_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5", XSTRLEN("P521_SABER_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1", XSTRLEN("P256_KYBER_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3", XSTRLEN("P384_KYBER_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5", XSTRLEN("P521_KYBER_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1", XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3", XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5", XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_KYBER_90S_LEVEL5; } if (groups[count] == 0) { - err_sys("invalid OQS KEM specified"); + err_sys("invalid post-quantum KEM specified"); } else { if (wolfSSL_UseKeyShare(ssl, groups[count]) == WOLFSSL_SUCCESS) { - printf("Using OQS KEM: %s\n", oqsAlg); + printf("Using Post-Quantum KEM: %s\n", pqcAlg); count++; } else { groups[count] = 0; - err_sys("unable to use oqs algorithm"); + err_sys("unable to use post-quantum algorithm"); } } #endif @@ -945,8 +945,8 @@ static const char* server_usage_msg[][60] = { "-7 Set minimum downgrade protocol version [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 59 */ #endif -#ifdef HAVE_LIBOQS - "--oqs Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", +#ifdef HAVE_PQC + "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1109,8 +1109,8 @@ static const char* server_usage_msg[][60] = { "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 59 */ #endif -#ifdef HAVE_LIBOQS - "--oqs liboqs 名前付きグループとの鍵共有のみ\n", +#ifdef HAVE_PQC + "--pqc post-quantum 名前付きグループとの鍵共有のみ\n", "[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1260,11 +1260,11 @@ static void Usage(void) #endif printf("%s", msg[++msgId]); /* -7 */ printf("%s", msg[++msgId]); /* Examples repo link */ -#ifdef HAVE_LIBOQS - printf("%s", msg[++msgId]); /* --oqs */ - printf("%s", msg[++msgId]); /* --oqs options */ - printf("%s", msg[++msgId]); /* more --oqs options */ - printf("%s", msg[++msgId]); /* more --oqs options */ +#ifdef HAVE_PQC + printf("%s", msg[++msgId]); /* --pqc */ + printf("%s", msg[++msgId]); /* --pqc options */ + printf("%s", msg[++msgId]); /* more --pqc options */ + printf("%s", msg[++msgId]); /* more --pqc options */ #endif } @@ -1293,8 +1293,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif { "help", 0, 257 }, { "ヘルプ", 0, 258 }, -#if defined(HAVE_LIBOQS) - { "oqs", 1, 259 }, +#if defined(HAVE_PQC) + { "pqc", 1, 259 }, #endif { 0, 0, 0 } }; @@ -1447,8 +1447,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif int useX25519 = 0; int useX448 = 0; - int useLibOqs = 0; - char* oqsAlg = NULL; + int usePqc = 0; + char* pqcAlg = NULL; int exitWithRet = 0; int loadCertKeyIntoSSLObj = 0; @@ -1508,8 +1508,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) (void)mcastID; (void)loadCertKeyIntoSSLObj; (void)nonBlocking; - (void)oqsAlg; - (void)useLibOqs; + (void)pqcAlg; + (void)usePqc; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); @@ -2022,11 +2022,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case 259: - useLibOqs = 1; + usePqc = 1; onlyKeyShare = 2; - oqsAlg = myoptarg; + pqcAlg = myoptarg; break; #endif @@ -2070,14 +2070,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) "file"); #endif -#ifdef HAVE_LIBOQS - if (useLibOqs) { +#ifdef HAVE_PQC + if (usePqc) { if (version == SERVER_DOWNGRADE_VERSION || version == EITHER_DOWNGRADE_VERSION) { printf("WARNING: If a TLS 1.3 connection is not negotiated, you " - "will not be using a liboqs group.\n"); + "will not be using a post-quantum group.\n"); } else if (version != 4) { - err_sys("can only use liboqs groups with TLS 1.3"); + err_sys("can only use post-quantum groups with TLS 1.3"); } } #endif @@ -2775,8 +2775,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg); } #endif diff --git a/gencertbuf.pl b/gencertbuf.pl index 06f90e8b61..fb84eb2b36 100755 --- a/gencertbuf.pl +++ b/gencertbuf.pl @@ -99,7 +99,7 @@ my @fileList_4096 = ( ); #Falcon Post-Quantum Keys -#Used with HAVE_LIBOQS +#Used with HAVE_PQC my @fileList_falcon = ( ["certs/falcon/bench_falcon_level1_key.der", "bench_falcon_level1_key" ], ["certs/falcon/bench_falcon_level5_key.der", "bench_falcon_level5_key" ], @@ -194,7 +194,7 @@ for (my $i = 0; $i < $num_4096; $i++) { print OUT_FILE "#endif /* USE_CERT_BUFFERS_4096 */\n\n"; # convert and print falcon keys -print OUT_FILE "#ifdef HAVE_LIBOQS\n\n"; +print OUT_FILE "#ifdef HAVE_PQC\n\n"; for (my $i = 0; $i < $num_falcon; $i++) { my $fname = $fileList_falcon[$i][0]; @@ -208,7 +208,7 @@ for (my $i = 0; $i < $num_falcon; $i++) { print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; } -print OUT_FILE "#endif /* HAVE_LIBOQS */\n\n"; +print OUT_FILE "#endif /* HAVE_PQC */\n\n"; # convert and print 256-bit cert/keys print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n"; diff --git a/src/internal.c b/src/internal.c index cc0edc8d09..65ac2d73b3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2012,7 +2012,7 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side) ssl->options.haveECC = 1; /* server turns on with ECC key cert */ } #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->options.side == WOLFSSL_CLIENT_END) { ssl->options.haveFalconSig = 1; /* always on client side */ } @@ -2080,7 +2080,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->minEccKeySz = MIN_ECCKEY_SZ; ctx->eccTempKeySz = ECDHE_SIZE; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ctx->minFalconKeySz = MIN_FALCONKEY_SZ; #endif ctx->verifyDepth = MAX_CHAIN_DEPTH; @@ -2140,7 +2140,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->CBIOSend = GNRC_SendTo; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (method->side == WOLFSSL_CLIENT_END) ctx->haveFalconSig = 1; /* always on client side */ /* server can turn on by loading key */ @@ -2683,7 +2683,7 @@ static WC_INLINE void AddSuiteHashSigAlgo(Suites* suites, byte macAlgo, } else #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (sigAlgo == falcon_level1_sa_algo) { suites->hashSigAlgo[*inOutIdx] = FALCON_LEVEL1_SA_MAJOR; *inOutIdx += 1; @@ -2760,10 +2760,10 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, } #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */ if (haveFalconSig) { -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) AddSuiteHashSigAlgo(suites, no_mac, falcon_level1_sa_algo, keySz, &idx); AddSuiteHashSigAlgo(suites, no_mac, falcon_level5_sa_algo, keySz, &idx); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ } if (haveRSAsig) { #ifdef WC_RSA_PSS @@ -3830,8 +3830,8 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy *hashAlgo = input[1]; } break; -#ifdef HAVE_LIBOQS - case OQS_SA_MAJOR: +#ifdef HAVE_PQC + case PQC_SA_MAJOR: if (input[1] == FALCON_LEVEL1_SA_MINOR) { *hsType = falcon_level1_sa_algo; /* Hash performed as part of sign/verify operation. */ @@ -6000,7 +6000,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) #ifdef HAVE_ECC ssl->options.minEccKeySz = ctx->minEccKeySz; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ssl->options.minFalconKeySz = ctx->minFalconKeySz; #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -6736,11 +6736,11 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey) wc_curve448_free((curve448_key*)*pKey); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_free((falcon_key*)*pKey); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: wc_FreeDhKey((DhKey*)*pKey); @@ -6803,11 +6803,11 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) sz = sizeof(curve448_key); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: sz = sizeof(falcon_key); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: sz = sizeof(DhKey); @@ -6853,7 +6853,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) ret = 0; break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_init((falcon_key*)*pKey); ret = 0; @@ -6884,7 +6884,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ defined(HAVE_CURVE25519) || defined(HAVE_ED448) || \ - defined(HAVE_CURVE448) || defined(HAVE_LIBOQS) + defined(HAVE_CURVE448) || defined(HAVE_PQC) static int ReuseKey(WOLFSSL* ssl, int type, void* pKey) { int ret = 0; @@ -6930,12 +6930,12 @@ static int ReuseKey(WOLFSSL* ssl, int type, void* pKey) ret = wc_curve448_init((curve448_key*)pKey); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_free((falcon_key*)pKey); ret = wc_falcon_init((falcon_key*)pKey); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: wc_FreeDhKey((DhKey*)pKey); @@ -7173,7 +7173,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) } #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey); ssl->peerFalconKeyPresent = 0; #endif @@ -7396,10 +7396,10 @@ void FreeHandshakeResources(WOLFSSL* ssl) FreeKey(ssl, DYNAMIC_TYPE_ED448, (void**)&ssl->peerEd448Key); ssl->peerEd448KeyPresent = 0; #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey); ssl->peerFalconKeyPresent = 0; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ } #ifdef HAVE_ECC @@ -11860,7 +11860,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: if (ssl->options.minFalconKeySz < 0 || FALCON_LEVEL1_KEY_SIZE < (word16)ssl->options.minFalconKeySz) { @@ -11877,7 +11877,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) ret = FALCON_KEY_SIZE_E; } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("Key size not checked"); /* key not being checked for size if not in @@ -13080,7 +13080,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, break; } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: { @@ -13125,7 +13125,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WOLFSSL_MSG("Peer Falcon key is too small"); } } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } @@ -21703,7 +21703,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list) defined(HAVE_ED448) haveECDSAsig = 1; #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) haveFalconSig = 1; #endif } @@ -21922,7 +21922,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo) return sigAlgo == ed448_sa_algo; } #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->pkCurveOID == CTC_FALCON_LEVEL1) { /* Certificate has Falcon level 1 key, only match with Falcon level 1 * sig alg */ @@ -22036,7 +22036,7 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz) break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if (ssl->pkCurveOID == CTC_FALCON_LEVEL1 || ssl->pkCurveOID == CTC_FALCON_LEVEL5 ) { /* Matched Falcon - set chosen and finished. */ @@ -22702,7 +22702,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) } } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->buffers.keyType == falcon_level1_sa_algo || ssl->buffers.keyType == falcon_level5_sa_algo || ssl->buffers.keyType == 0) { @@ -22762,7 +22762,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) goto exit_dpk; } } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ (void)idx; (void)keySz; diff --git a/src/ssl.c b/src/ssl.c index 924e0a921e..f33ef570ea 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -117,7 +117,7 @@ #include #include #include - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) #include #endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) @@ -208,7 +208,7 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { {XSTR_SIZEOF("B-320"), "B-320", NID_brainpoolP320r1}, {XSTR_SIZEOF("B-384"), "B-384", NID_brainpoolP384r1}, {XSTR_SIZEOF("B-512"), "B-512", NID_brainpoolP512r1}, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC {XSTR_SIZEOF("KYBER_LEVEL1"), "KYBER_LEVEL1", WOLFSSL_KYBER_LEVEL1}, {XSTR_SIZEOF("KYBER_LEVEL3"), "KYBER_LEVEL3", WOLFSSL_KYBER_LEVEL3}, {XSTR_SIZEOF("KYBER_LEVEL5"), "KYBER_LEVEL5", WOLFSSL_KYBER_LEVEL5}, @@ -2615,7 +2615,7 @@ static int isValidCurveGroup(word16 name) case WOLFSSL_FFDHE_6144: case WOLFSSL_FFDHE_8192: -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: @@ -3939,7 +3939,7 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap) #ifdef HAVE_ECC cm->minEccKeySz = MIN_ECCKEY_SZ; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC cm->minFalconKeySz = MIN_FALCONKEY_SZ; #endif @@ -4887,7 +4887,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: if (cm->minFalconKeySz < 0 || FALCON_LEVEL1_KEY_SIZE < (word16)cm->minFalconKeySz) { @@ -4902,7 +4902,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) WOLFSSL_MSG("\tCA Falcon level 5 key size error"); } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("\tNo key size check done on CA"); @@ -5442,7 +5442,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der #endif if (ret != 0) { #if !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \ - !defined(HAVE_ED448) && !defined(HAVE_LIBOQS) + !defined(HAVE_ED448) && !defined(HAVE_PQC) WOLFSSL_MSG("RSA decode failed and other algorithms " "not enabled to try"); ret = WOLFSSL_BAD_FILE; @@ -5675,7 +5675,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der #endif } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ret == 0 && ((*keyFormat == 0) || (*keyFormat == FALCON_LEVEL1k) || (*keyFormat == FALCON_LEVEL5k))) { /* make sure Falcon key can be used */ @@ -5739,7 +5739,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der } XFREE(key, heap, DYNAMIC_TYPE_FALCON); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ return ret; } @@ -6087,7 +6087,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) if (ssl) { ssl->pkCurveOID = cert->pkCurveOID; #ifndef WC_STRICT_SIG @@ -6104,7 +6104,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ssl->options.haveECC = 1; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (cert->keyOID == FALCON_LEVEL1k || cert->keyOID == FALCON_LEVEL5k) { ssl->options.haveFalconSig = 1; @@ -6130,7 +6130,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ctx->haveECC = 1; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (cert->keyOID == FALCON_LEVEL1k || cert->keyOID == FALCON_LEVEL5k) { ctx->haveFalconSig = 1; @@ -6243,7 +6243,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: /* Falcon is fixed key size */ @@ -6263,7 +6263,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("No key size check done on certificate"); @@ -8524,7 +8524,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out, #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* !NO_DH && OPENSSL_EXTRA && WOLFSSL_DH_EXTRA */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC { int isFalcon = 0; #ifdef WOLFSSL_SMALL_STACK @@ -8584,7 +8584,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out, } } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ if (pkey == NULL) { WOLFSSL_MSG("wolfSSL_d2i_PUBKEY couldn't determine key type"); @@ -32216,7 +32216,7 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { #ifdef HAVE_ED25519 { NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"}, #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC { CTC_FALCON_LEVEL1, FALCON_LEVEL1k, oidKeyType, "Falcon Level 1", "Falcon Level 1"}, { CTC_FALCON_LEVEL5, FALCON_LEVEL5k, oidKeyType, "Falcon Level 5", @@ -36959,7 +36959,7 @@ struct WOLFSSL_HashSigInfo { #ifdef HAVE_ED448 { no_mac, ed448_sa_algo, CTC_ED448 }, #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC { no_mac, falcon_level1_sa_algo, CTC_FALCON_LEVEL1 }, { no_mac, falcon_level5_sa_algo, CTC_FALCON_LEVEL5 }, #endif diff --git a/src/tls.c b/src/tls.c index ed1466b8d8..af3ec880b4 100644 --- a/src/tls.c +++ b/src/tls.c @@ -48,9 +48,11 @@ #ifdef HAVE_CURVE448 #include #endif +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS #include #endif +#endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int TLSX_KeyShare_IsSupported(int namedGroup); @@ -3800,7 +3802,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type, #ifdef HAVE_SUPPORTED_CURVES #if !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) \ - && !defined(HAVE_FFDHE) && !defined(HAVE_LIBOQS) + && !defined(HAVE_FFDHE) && !defined(HAVE_PQC) #error Elliptic Curves Extension requires Elliptic Curve Cryptography or liboqs groups. \ Use --enable-ecc and/or --enable-liboqs in the configure script or \ define HAVE_ECC. Alternatively use FFDHE for DH ciphersuites. @@ -6633,6 +6635,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse) return ret; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS /* Transform a group ID into an OQS Algorithm name as a string. */ static const char* OQS_ID2name(int id) @@ -6655,73 +6658,75 @@ static const char* OQS_ID2name(int id) } return NULL; } +#endif /* HAVE_LIBOQS */ -typedef struct OqsHybridMapping { +typedef struct PqcHybridMapping { int hybrid; int ecc; - int oqs; -} OqsHybridMapping; + int pqc; +} PqcHybridMapping; -static const OqsHybridMapping oqs_hybrid_mapping[] = { - {.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL1}, - {.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL3}, - {.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL5}, - {.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_NTRU_HRSS_LEVEL3}, - {.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_SABER_LEVEL1}, - {.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_SABER_LEVEL3}, - {.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_SABER_LEVEL5}, - {.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_KYBER_LEVEL1}, - {.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_KYBER_LEVEL3}, - {.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_KYBER_LEVEL5}, - {.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL1}, - {.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL3}, - {.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL5}, - {.hybrid = 0, .ecc = 0, .oqs = 0} +static const PqcHybridMapping pqc_hybrid_mapping[] = { + {.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL1}, + {.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL3}, + {.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL5}, + {.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_NTRU_HRSS_LEVEL3}, + {.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_SABER_LEVEL1}, + {.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_SABER_LEVEL3}, + {.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_SABER_LEVEL5}, + {.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_KYBER_LEVEL1}, + {.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_KYBER_LEVEL3}, + {.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_KYBER_LEVEL5}, + {.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL1}, + {.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL3}, + {.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL5}, + {.hybrid = 0, .ecc = 0, .pqc = 0} }; -/* This will map an ecc-oqs hybrid group into its ecc group and oqs group. - * If it cannot find a mapping then *oqs is set to group. ecc is optional. */ -static void findEccOqs(int *ecc, int *oqs, int group) +/* This will map an ecc-pqs hybrid group into its ecc group and pqc kem group. + * If it cannot find a mapping then *pqc is set to group. ecc is optional. */ +static void findEccPqc(int *ecc, int *pqc, int group) { int i; - if (oqs == NULL) { + if (pqc == NULL) { return; } - *oqs = 0; + *pqc = 0; if (ecc != NULL) { *ecc = 0; } - for (i = 0; oqs_hybrid_mapping[i].hybrid != 0; i++) { - if (oqs_hybrid_mapping[i].hybrid == group) { - *oqs = oqs_hybrid_mapping[i].oqs; + for (i = 0; pqc_hybrid_mapping[i].hybrid != 0; i++) { + if (pqc_hybrid_mapping[i].hybrid == group) { + *pqc = pqc_hybrid_mapping[i].pqc; if (ecc != NULL) { - *ecc = oqs_hybrid_mapping[i].ecc; + *ecc = pqc_hybrid_mapping[i].ecc; } break; } } - if (*oqs == 0) { + if (*pqc == 0) { /* It is not a hybrid, so maybe its simple. */ - *oqs = group; + *pqc = group; } } +#ifdef HAVE_LIBOQS /* Create a key share entry using liboqs parameters group. * Generates a key pair. * @@ -6740,7 +6745,7 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse) int oqs_group = 0; int ecc_group = 0; - findEccOqs(&ecc_group, &oqs_group, kse->group); + findEccPqc(&ecc_group, &oqs_group, kse->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { WOLFSSL_MSG("Invalid OQS algorithm specified."); @@ -6830,7 +6835,8 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse) return ret; } -#endif +#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* Generate a secret/key using the key share entry. * @@ -6847,9 +6853,11 @@ static int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse) ret = TLSX_KeyShare_GenX25519Key(ssl, kse); else if (kse->group == WOLFSSL_ECC_X448) ret = TLSX_KeyShare_GenX448Key(ssl, kse); +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - else if (kse->group >= WOLFSSL_OQS_MIN && kse->group <= WOLFSSL_OQS_MAX) + else if (kse->group >= WOLFSSL_PQC_MIN && kse->group <= WOLFSSL_PQC_MAX) ret = TLSX_KeyShare_GenOqsKey(ssl, kse); +#endif #endif else ret = TLSX_KeyShare_GenEccKey(ssl, kse); @@ -6886,9 +6894,9 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap) wc_curve448_free((curve448_key*)current->key); #endif } -#ifdef HAVE_LIBOQS - else if (current->group >= WOLFSSL_OQS_MIN && - current->group <= WOLFSSL_OQS_MAX && +#ifdef HAVE_PQC + else if (current->group >= WOLFSSL_PQC_MIN && + current->group <= WOLFSSL_PQC_MAX && current->key != NULL) { ForceZero((byte*)current->key, current->keyLen); } @@ -7408,6 +7416,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) return ret; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS /* Process the liboqs key share extension on the client side. * @@ -7450,7 +7459,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) } /* I am the client, the ciphertext is in keyShareEntry->ke */ - findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group); + findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { @@ -7559,6 +7568,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) return ret; } #endif +#endif /* Process the key share extension on the client side. * @@ -7581,10 +7591,12 @@ static int TLSX_KeyShare_Process(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) ret = TLSX_KeyShare_ProcessX25519(ssl, keyShareEntry); else if (keyShareEntry->group == WOLFSSL_ECC_X448) ret = TLSX_KeyShare_ProcessX448(ssl, keyShareEntry); +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - else if (keyShareEntry->group >= WOLFSSL_OQS_MIN && - keyShareEntry->group <= WOLFSSL_OQS_MAX) + else if (keyShareEntry->group >= WOLFSSL_PQC_MIN && + keyShareEntry->group <= WOLFSSL_PQC_MAX) ret = TLSX_KeyShare_ProcessOqs(ssl, keyShareEntry); +#endif #endif else ret = TLSX_KeyShare_ProcessEcc(ssl, keyShareEntry); @@ -7633,9 +7645,9 @@ static int TLSX_KeyShareEntry_Parse(WOLFSSL* ssl, const byte* input, if (keLen > length - offset) return BUFFER_ERROR; -#ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX && +#ifdef HAVE_PQC + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX && ssl->options.side == WOLFSSL_SERVER_END) { /* For KEMs, the public key is not stored. Casting away const because * we know for KEMs, it will be read-only.*/ @@ -7800,7 +7812,7 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length, /* Not in list sent if there isn't a private key. */ if (keyShareEntry == NULL || (keyShareEntry->key == NULL - #if !defined(NO_DH) || defined(HAVE_LIBOQS) + #if !defined(NO_DH) || defined(HAVE_PQC) && keyShareEntry->privKey == NULL #endif )) { @@ -7838,9 +7850,9 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length, return ret; } -#ifdef HAVE_LIBOQS - /* For oqs groups, do this in TLSX_PopulateExtensions(). */ - if (group < WOLFSSL_OQS_MIN || group > WOLFSSL_OQS_MAX) +#ifdef HAVE_PQC + /* For post-quantum groups, do this in TLSX_PopulateExtensions(). */ + if (group < WOLFSSL_PQC_MIN || group > WOLFSSL_PQC_MAX) #endif ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL); } @@ -7888,6 +7900,7 @@ static int TLSX_KeyShare_New(KeyShareEntry** list, int group, void *heap, return 0; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS static int server_generate_oqs_ciphertext(WOLFSSL* ssl, KeyShareEntry* keyShareEntry, @@ -7908,7 +7921,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl, ecc_key eccpubkey; word32 outlen = 0; - findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group); + findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { WOLFSSL_MSG("Invalid OQS algorithm specified."); @@ -8034,6 +8047,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl, return ret; } #endif +#endif /* Use the data to create a new key share object in the extensions. * @@ -8082,9 +8096,10 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX && + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX && ssl->options.side == WOLFSSL_SERVER_END) { ret = server_generate_oqs_ciphertext(ssl, keyShareEntry, data, len); @@ -8092,6 +8107,7 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, return ret; } else +#endif #endif if (data != NULL) { if (keyShareEntry->ke != NULL) { @@ -8243,7 +8259,7 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) break; #endif #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: @@ -8270,10 +8286,12 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) case WOLFSSL_P256_KYBER_90S_LEVEL1: case WOLFSSL_P384_KYBER_90S_LEVEL3: case WOLFSSL_P521_KYBER_90S_LEVEL5: - findEccOqs(NULL, &namedGroup, namedGroup); + #ifdef HAVE_LIBOQS + findEccPqc(NULL, &namedGroup, namedGroup); if (! OQS_KEM_alg_is_enabled(OQS_ID2name(namedGroup))) { return 0; } + #endif break; #endif default: @@ -8341,7 +8359,7 @@ static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group) #ifdef HAVE_FFDHE_8192 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_8192; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* For the liboqs groups we need to do a runtime check because * liboqs could be compiled to make an algorithm unavailable. */ @@ -8524,9 +8542,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry) clientKSE->group > MAX_FFHDE_GROUP) { /* Check max value supported. */ if (clientKSE->group > WOLFSSL_ECC_MAX) { -#ifdef HAVE_LIBOQS - if (clientKSE->group < WOLFSSL_OQS_MIN || - clientKSE->group > WOLFSSL_OQS_MAX ) +#ifdef HAVE_PQC + if (clientKSE->group < WOLFSSL_PQC_MIN || + clientKSE->group > WOLFSSL_PQC_MAX ) #endif continue; } @@ -8566,9 +8584,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry) return ret; if (clientKSE->key == NULL) { -#ifdef HAVE_LIBOQS - if (clientKSE->group >= WOLFSSL_OQS_MIN && - clientKSE->group <= WOLFSSL_OQS_MAX ) { +#ifdef HAVE_PQC + if (clientKSE->group >= WOLFSSL_PQC_MIN && + clientKSE->group <= WOLFSSL_PQC_MAX ) { /* Going to need the public key (AKA ciphertext). */ serverKSE->pubKey = clientKSE->pubKey; clientKSE->pubKey = NULL; @@ -10220,7 +10238,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap); if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL3, @@ -10298,7 +10316,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_90S_LEVEL5, ssl->heap); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ (void)ssl; (void)extensions; @@ -10469,9 +10487,9 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) namedGroup = kse->group; } if (namedGroup > 0) { -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* For KEMs, the key share has already been generated. */ - if (namedGroup < WOLFSSL_OQS_MIN || namedGroup > WOLFSSL_OQS_MAX) + if (namedGroup < WOLFSSL_PQC_MIN || namedGroup > WOLFSSL_PQC_MAX) #endif ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL); if (ret != 0) diff --git a/src/tls13.c b/src/tls13.c index 08e2adefb9..b70df4ad8e 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5241,7 +5241,7 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx, #ifndef NO_CERTS #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS) + defined(HAVE_ED448) || defined(HAVE_PQC) /* Encode the signature algorithm into buffer. * * hashalgo The hash algorithm. @@ -5280,7 +5280,7 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output) output[1] = hashAlgo; break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case falcon_level1_sa_algo: output[0] = FALCON_LEVEL1_SA_MAJOR; output[1] = FALCON_LEVEL1_SA_MINOR; @@ -5333,8 +5333,8 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo, else ret = INVALID_PARAMETER; break; -#ifdef HAVE_LIBOQS - case OQS_SA_MAJOR: +#ifdef HAVE_PQC + case PQC_SA_MAJOR: if (input[1] == FALCON_LEVEL1_SA_MINOR) { *hsType = falcon_level1_sa_algo; /* Hash performed as part of sign/verify operation. */ @@ -5967,7 +5967,7 @@ static int SendTls13Certificate(WOLFSSL* ssl) } #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS)) && \ + defined(HAVE_ED448) || defined(HAVE_PQC)) && \ (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) typedef struct Scv13Args { byte* output; /* not allocated */ @@ -6112,7 +6112,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) else if (ssl->hsType == DYNAMIC_TYPE_ED448) args->sigAlgo = ed448_sa_algo; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (ssl->hsType == DYNAMIC_TYPE_FALCON) { falcon_key* fkey = (falcon_key*)ssl->hsKey; byte level = 0; @@ -6206,11 +6206,11 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) sig->length = ED448_SIG_SIZE; } #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->hsType == DYNAMIC_TYPE_FALCON) { sig->length = FALCON_MAX_SIG_SIZE; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; @@ -6262,7 +6262,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) args->length = (word16)sig->length; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->hsType == DYNAMIC_TYPE_FALCON) { ret = wc_falcon_sign_msg(args->sigData, args->sigDataSz, args->verify + HASH_SIG_SIZE + @@ -6270,7 +6270,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) (falcon_key*)ssl->hsKey); args->length = (word16)sig->length; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_RSA if (ssl->hsType == DYNAMIC_TYPE_RSA) { ret = RsaSign(ssl, sig->buffer, (word32)sig->length, @@ -6581,7 +6581,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, goto exit_dcv; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (args->sigAlgo == falcon_level1_sa_algo && !ssl->peerFalconKeyPresent) { WOLFSSL_MSG("Peer sent Falcon Level 1 sig but different cert"); ret = SIG_VERIFY_E; @@ -6664,7 +6664,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, ret = 0; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->peerFalconKeyPresent) { WOLFSSL_MSG("Doing Falcon peer cert verify"); @@ -6758,7 +6758,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, } } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->peerFalconKeyPresent) { int res = 0; WOLFSSL_MSG("Doing Falcon peer cert verify"); @@ -8141,7 +8141,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, #endif #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS) + defined(HAVE_ED448) || defined(HAVE_PQC) case certificate_verify: WOLFSSL_MSG("processing certificate verify"); ret = DoTls13CertificateVerify(ssl, input, inOutIdx, size); @@ -8579,7 +8579,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) case FIRST_REPLY_THIRD: #if (!defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS))) && (!defined(NO_WOLFSSL_SERVER) || \ + defined(HAVE_PQC))) && (!defined(NO_WOLFSSL_SERVER) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) if (!ssl->options.resuming && ssl->options.sendVerify) { ssl->error = SendTls13CertificateVerify(ssl); @@ -8740,9 +8740,9 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group) } #endif -#ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX) { +#ifdef HAVE_PQC + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX) { if (ssl->ctx != NULL && ssl->ctx->method != NULL && ssl->ctx->method->version.minor != TLSv1_3_MINOR) { @@ -9525,7 +9525,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) case TLS13_CERT_SENT : #if !defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ - defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS)) + defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC)) if (!ssl->options.resuming && ssl->options.sendVerify) { if ((ssl->error = SendTls13CertificateVerify(ssl)) != 0) { WOLFSSL_ERROR(ssl->error); diff --git a/tests/api.c b/tests/api.c index 733a3b0dd7..2bfd7cea22 100644 --- a/tests/api.c +++ b/tests/api.c @@ -47079,7 +47079,7 @@ static int test_tls13_apis(void) #endif #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) int groups[2] = { WOLFSSL_ECC_SECP256R1, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC WOLFSSL_SABER_LEVEL3 #else WOLFSSL_ECC_SECP256R1 @@ -47099,11 +47099,11 @@ static int test_tls13_apis(void) #endif #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 "P-256" -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ":P256_SABER_LEVEL1" #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ":KYBER_LEVEL1" #endif ""; @@ -47209,7 +47209,7 @@ static int test_tls13_apis(void) #endif #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3), diff --git a/tests/suites.c b/tests/suites.c index 68755c33b2..f410fb5d6c 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -877,7 +877,7 @@ int SuiteTest(int argc, char** argv) goto exit; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC /* add TLSv13 pq tests */ strcpy(argv0[1], "tests/test-tls13-pq.conf"); printf("starting TLSv13 post-quantum groups tests\n"); diff --git a/tests/test-tls13-pq.conf b/tests/test-tls13-pq.conf index 0d2baecc17..a3f2a6af84 100644 --- a/tests/test-tls13-pq.conf +++ b/tests/test-tls13-pq.conf @@ -1,260 +1,260 @@ # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL1 +--pqc KYBER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL1 +--pqc KYBER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL3 +--pqc KYBER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL3 +--pqc KYBER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL5 +--pqc KYBER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL5 +--pqc KYBER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL1 +--pqc KYBER_90S_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL1 +--pqc KYBER_90S_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL3 +--pqc KYBER_90S_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL3 +--pqc KYBER_90S_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL5 +--pqc KYBER_90S_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL5 +--pqc KYBER_90S_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL1 +--pqc NTRU_HPS_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL1 +--pqc NTRU_HPS_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL3 +--pqc NTRU_HPS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL3 +--pqc NTRU_HPS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL5 +--pqc NTRU_HPS_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL5 +--pqc NTRU_HPS_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HRSS_LEVEL3 +--pqc NTRU_HRSS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HRSS_LEVEL3 +--pqc NTRU_HRSS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL1 +--pqc SABER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL1 +--pqc SABER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL3 +--pqc SABER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL3 +--pqc SABER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL5 +--pqc SABER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL5 +--pqc SABER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_NTRU_HPS_LEVEL1 +--pqc P256_NTRU_HPS_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_NTRU_HPS_LEVEL1 +--pqc P256_NTRU_HPS_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HPS_LEVEL3 +--pqc P384_NTRU_HPS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HPS_LEVEL3 +--pqc P384_NTRU_HPS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_NTRU_HPS_LEVEL5 +--pqc P521_NTRU_HPS_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_NTRU_HPS_LEVEL5 +--pqc P521_NTRU_HPS_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HRSS_LEVEL3 +--pqc P384_NTRU_HRSS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HRSS_LEVEL3 +--pqc P384_NTRU_HRSS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_SABER_LEVEL1 +--pqc P256_SABER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_SABER_LEVEL1 +--pqc P256_SABER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_SABER_LEVEL3 +--pqc P384_SABER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_SABER_LEVEL3 +--pqc P384_SABER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_SABER_LEVEL5 +--pqc P521_SABER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_SABER_LEVEL5 +--pqc P521_SABER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_LEVEL1 +--pqc P256_KYBER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_LEVEL1 +--pqc P256_KYBER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_LEVEL3 +--pqc P384_KYBER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_LEVEL3 +--pqc P384_KYBER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_LEVEL5 +--pqc P521_KYBER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_LEVEL5 +--pqc P521_KYBER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_90S_LEVEL1 +--pqc P256_KYBER_90S_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_90S_LEVEL1 +--pqc P256_KYBER_90S_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_90S_LEVEL3 +--pqc P384_KYBER_90S_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_90S_LEVEL3 +--pqc P384_KYBER_90S_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_90S_LEVEL5 +--pqc P521_KYBER_90S_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_90S_LEVEL5 +--pqc P521_KYBER_90S_LEVEL5 diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index e29802bf95..f4b13ad4b2 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -200,6 +200,8 @@ #endif #ifdef HAVE_LIBOQS #include +#endif +#ifdef HAVE_PQC #include #endif @@ -612,7 +614,7 @@ typedef struct bench_pq_alg { const char* str; /* Bit values to set. */ word32 val; - const char* oqs_name; + const char* pqc_name; } bench_pq_alg; /* All recognized post-quantum asymmetric algorithm choosing command line @@ -1500,7 +1502,7 @@ static void bench_stats_asym_finish(const char* algo, int strength, } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) static void bench_stats_pq_asym_finish(const char* algo, int doAsync, int count, double start, int ret) { @@ -2160,63 +2162,63 @@ static void* benchmarks_do(void* args) #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL1_SIGN)) bench_falconKeySign(1); if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL5_SIGN)) bench_falconKeySign(5); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP); #endif #ifdef WOLFCRYPT_HAVE_SAKKE @@ -6656,34 +6658,36 @@ void bench_sakke(void) #endif /* WOLFCRYPT_SAKKE_CLIENT */ #endif /* WOLFCRYPT_HAVE_SAKKE */ -#ifdef HAVE_LIBOQS -static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key, +#ifdef HAVE_PQC +static void bench_pqcKemInit(word32 alg, byte **priv_key, byte **pub_key, const char **wolf_name, OQS_KEM **kem) { int i; - const char *oqs_name = NULL; + const char *pqc_name = NULL; *pub_key = NULL; *priv_key = NULL; for (i=0; bench_pq_asym_opt[i].str != NULL; i++) { if (alg == bench_pq_asym_opt[i].val) { - oqs_name = bench_pq_asym_opt[i].oqs_name; + pqc_name = bench_pq_asym_opt[i].pqc_name; *wolf_name = bench_pq_asym_opt[i].str; break; } } - if (oqs_name == NULL) { + if (pqc_name == NULL) { printf("Bad OQS Alg specified\n"); return; } - *kem = OQS_KEM_new(oqs_name); +#ifdef HAVE_LIBOQS + *kem = OQS_KEM_new(pqc_name); if (*kem == NULL) { printf("OQS_KEM_new() failed\n"); return; } +#endif *pub_key = (byte*)XMALLOC((*kem)->length_public_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6694,7 +6698,7 @@ static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key, } -void bench_oqsKemKeygen(word32 alg) +void bench_pqcKemKeygen(word32 alg) { const char *wolf_name = NULL; OQS_KEM* kem = NULL; @@ -6703,22 +6707,24 @@ void bench_oqsKemKeygen(word32 alg) byte *priv_key; byte *pub_key; - bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); + bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); if (wolf_name == NULL || kem == NULL || pub_key == NULL || priv_key == NULL) { - printf("bench_oqsKemInit() failed\n"); + printf("bench_pqcKemInit() failed\n"); goto exit; } bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { +#ifdef HAVE_LIBOQS ret = OQS_KEM_keypair(kem, pub_key, priv_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_keypair() failed: %d\n", ret); goto exit; } +#endif } count += i; } while (bench_stats_sym_check(start)); @@ -6733,7 +6739,7 @@ exit: } -void bench_oqsKemEncapDecap(word32 alg) +void bench_pqcKemEncapDecap(word32 alg) { const char *wolf_name = NULL; OQS_KEM* kem = NULL; @@ -6744,19 +6750,21 @@ void bench_oqsKemEncapDecap(word32 alg) byte *ciphertext = NULL; byte *shared_secret = NULL; - bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); + bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); if (wolf_name == NULL || kem == NULL || pub_key == NULL || priv_key == NULL) { - printf("bench_oqsKemInit() failed\n"); + printf("bench_pqcKemInit() failed\n"); goto exit; } +#ifdef HAVE_LIBOQS ret = OQS_KEM_keypair(kem, pub_key, priv_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_keypair() failed: %d\n", ret); goto exit; } +#endif shared_secret = (byte*)XMALLOC(kem->length_shared_secret, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6773,6 +6781,7 @@ void bench_oqsKemEncapDecap(word32 alg) bench_stats_start(&count, &start); do { for (i = 0; i < agreeTimes; i++) { +#ifdef HAVE_LIBOQS ret = OQS_KEM_encaps(kem, ciphertext, shared_secret, pub_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_encaps() failed: %d\n", ret); @@ -6784,6 +6793,7 @@ void bench_oqsKemEncapDecap(word32 alg) printf("OQS_KEM_decaps() failed: %d\n", ret); goto exit; } +#endif } count += i; } while (bench_stats_sym_check(start)); @@ -6898,7 +6908,7 @@ void bench_falconKeySign(byte level) wc_falcon_free(&key); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifndef HAVE_STACK_SIZE #if defined(_WIN32) && !defined(INTIME_RTOS) diff --git a/wolfcrypt/benchmark/benchmark.h b/wolfcrypt/benchmark/benchmark.h index 15a33da1bf..34380ba024 100644 --- a/wolfcrypt/benchmark/benchmark.h +++ b/wolfcrypt/benchmark/benchmark.h @@ -107,8 +107,8 @@ void bench_blake2b(void); void bench_blake2s(void); void bench_pbkdf2(void); void bench_falconKeySign(byte level); -void bench_oqsKemKeygen(word32 alg); -void bench_oqsKemEncapDecap(word32 alg); +void bench_pqcKemKeygen(word32 alg); +void bench_pqcKemEncapDecap(word32 alg); void bench_stats_print(void); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 1c8bbe0384..9a1ed7a114 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -133,7 +133,7 @@ ASN Options: #include #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #include #endif @@ -3822,13 +3822,13 @@ static word32 SetBitString16Bit(word16 val, byte* output) #ifdef HAVE_ED448 static const byte sigEd448Oid[] = {43, 101, 113}; #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* Falcon Level 1: 1 3 9999 3 1 */ static const byte sigFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; /* Falcon Level 5: 1 3 9999 3 4 */ static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* keyType */ #ifndef NO_DSA @@ -3855,13 +3855,13 @@ static word32 SetBitString16Bit(word16 val, byte* output) #ifndef NO_DH static const byte keyDhOid[] = {42, 134, 72, 134, 247, 13, 1, 3, 1}; #endif /* !NO_DH */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* Falcon Level 1: 1 3 9999 3 1 */ static const byte keyFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; /* Falcon Level 5: 1 3 9999 3 4 */ static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* curveType */ #ifdef HAVE_ECC @@ -4286,7 +4286,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(sigEd448Oid); break; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case CTC_FALCON_LEVEL1: oid = sigFalcon_Level1Oid; *oidSz = sizeof(sigFalcon_Level1Oid); @@ -4351,7 +4351,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(keyDhOid); break; #endif /* !NO_DH */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: oid = keyFalcon_Level1Oid; *oidSz = sizeof(keyFalcon_Level1Oid); @@ -6189,7 +6189,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } else #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */ - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if ((ks == FALCON_LEVEL1k) || (ks == FALCON_LEVEL5k)) { #ifdef WOLFSSL_SMALL_STACK falcon_key* key_pair = NULL; @@ -6242,7 +6242,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif } else - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ { ret = 0; } @@ -6544,7 +6544,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, XFREE(ed448, heap, DYNAMIC_TYPE_TMP_BUFFER); } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if (*algoID == 0) { falcon_key *falcon = (falcon_key *)XMALLOC(sizeof(*falcon), heap, DYNAMIC_TYPE_TMP_BUFFER); @@ -6578,7 +6578,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, } XFREE(falcon, heap, DYNAMIC_TYPE_TMP_BUFFER); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* if flag is not set then this is not a key that we understand. */ if (*algoID == 0) { @@ -9657,7 +9657,7 @@ static int GetCertHeader(DecodedCert* cert) } #endif -#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS) +#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC) /* Store the key data under the BIT_STRING in dynamicly allocated data. * * @param [in, out] cert Certificate object. @@ -10087,7 +10087,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx, ret = StoreKey(cert, source, &srcIdx, maxIdx); break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: cert->pkCurveOID = FALCON_LEVEL1k; ret = StoreKey(cert, source, &srcIdx, maxIdx); @@ -10096,7 +10096,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx, cert->pkCurveOID = FALCON_LEVEL5k; ret = StoreKey(cert, source, &srcIdx, maxIdx); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DSA case DSAk: cert->publicKey = source + pubIdx; @@ -12710,7 +12710,7 @@ static WC_INLINE int IsSigAlgoECC(int algoOID) #ifdef HAVE_CURVE448 || (algoOID == X448k) #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC || (algoOID == FALCON_LEVEL1k) || (algoOID == FALCON_LEVEL5k) #endif @@ -12992,7 +12992,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) sigCtx->key.ed448 = NULL; break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: wc_falcon_free(sigCtx->key.falcon); @@ -13000,7 +13000,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) DYNAMIC_TYPE_FALCON); sigCtx->key.falcon = NULL; break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } /* switch (keyOID) */ @@ -13138,7 +13138,7 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID, */ break; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case CTC_FALCON_LEVEL1: case CTC_FALCON_LEVEL5: /* Hashes done in signing operation. */ @@ -13444,7 +13444,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) case FALCON_LEVEL1k: { sigCtx->verify = 0; @@ -13614,7 +13614,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) case FALCON_LEVEL1k: case FALCON_LEVEL5k: { @@ -13737,7 +13737,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: { if (sigCtx->verify == 1) { @@ -13760,7 +13760,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, } break; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } /* switch (keyOID) */ @@ -18741,7 +18741,7 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----"; wcchar BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----"; wcchar END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----"; #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) wcchar BEGIN_FALCON_LEVEL1_PRIV = "-----BEGIN FALCON_LEVEL1 PRIVATE KEY-----"; wcchar END_FALCON_LEVEL1_PRIV = "-----END FALCON_LEVEL1 PRIVATE KEY-----"; wcchar BEGIN_FALCON_LEVEL5_PRIV = "-----BEGIN FALCON_LEVEL5 PRIVATE KEY-----"; @@ -18841,7 +18841,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer) ret = 0; break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case FALCON_LEVEL1_TYPE: if (header) *header = BEGIN_FALCON_LEVEL1_PRIV; if (footer) *footer = END_FALCON_LEVEL1_PRIV; @@ -21070,7 +21070,7 @@ int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen, } #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) /* Encode the public part of an Falcon key in DER. * * Pass NULL for output to get the size of the encoding. @@ -21113,7 +21113,7 @@ int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output, word32 inLen, return ret; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifdef WOLFSSL_CERT_GEN @@ -23149,7 +23149,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if ((cert->keyType == FALCON_LEVEL1_KEY) || (cert->keyType == FALCON_LEVEL5_KEY)) { if (falconKey == NULL) @@ -23627,14 +23627,14 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz, } #endif /* HAVE_ED448 && HAVE_ED448_SIGN */ - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && falconKey) { word32 outSz = sigSz; ret = wc_falcon_sign_msg(buf, sz, sig, &outSz, falconKey); if (ret == 0) ret = outSz; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ break; } @@ -23824,7 +23824,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED25519_KEY; else if (ed448Key) cert->keyType = ED448_KEY; -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC else if ((falconKey != NULL) && (falconKey->level == 1)) cert->keyType = FALCON_LEVEL1_KEY; else if ((falconKey != NULL) && (falconKey->level == 5)) @@ -23885,7 +23885,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED448_KEY; } else if (falconKey != NULL) { - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (falconKey->level == 1) cert->keyType = FALCON_LEVEL1_KEY; else if (falconKey->level == 5) @@ -24353,7 +24353,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey, (word32)sizeof(der->publicKey), 1); } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if ((cert->keyType == FALCON_LEVEL1_KEY) || (cert->keyType == FALCON_LEVEL5_KEY)) { if (falconKey == NULL) @@ -24626,7 +24626,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED25519_KEY; else if (ed448Key) cert->keyType = ED448_KEY; -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC else if ((falconKey != NULL) && (falconKey->level == 1)) cert->keyType = FALCON_LEVEL1_KEY; else if ((falconKey != NULL) && (falconKey->level == 5)) @@ -24686,7 +24686,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED448_KEY; } else if (falconKey != NULL) { - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (falconKey->level == 1) cert->keyType = FALCON_LEVEL1_KEY; else if (falconKey->level == 5) @@ -25040,7 +25040,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey, bufferSz = wc_Ed448PublicKeyToDer(ed448Key, buf, MAX_PUBLIC_KEY_SZ, 0); } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if (falconKey != NULL) { bufferSz = wc_Falcon_PublicKeyToDer(falconKey, buf, MAX_PUBLIC_KEY_SZ, 0); @@ -28252,7 +28252,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx, } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx, falcon_key* key, word32 inSz) { @@ -28319,7 +28319,7 @@ int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx, } return ret; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT) int wc_Curve448PrivateKeyDecode(const byte* input, word32* inOutIdx, @@ -28386,7 +28386,7 @@ int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen) #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) int wc_Falcon_KeyToDer(falcon_key* key, byte* output, word32 inLen) { if (key == NULL) { @@ -28425,7 +28425,7 @@ int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output, word32 inLen) return BAD_FUNC_ARG; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT) /* Write private Curve448 key to DER format, diff --git a/wolfcrypt/src/falcon.c b/wolfcrypt/src/falcon.c index a184423315..165aa5ac9c 100644 --- a/wolfcrypt/src/falcon.c +++ b/wolfcrypt/src/falcon.c @@ -25,15 +25,16 @@ #include #endif -/* in case user set HAVE_LIBOQS there */ +/* in case user set HAVE_PQC there */ #include #include +#ifdef HAVE_PQC + #ifdef HAVE_LIBOQS - #include - +#endif #include #include @@ -61,6 +62,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen, falcon_key* key) { int ret = 0; +#ifdef HAVE_LIBOQS OQS_SIG *oqssig = NULL; size_t localOutLen = 0; @@ -112,7 +114,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen, if (oqssig != NULL) { OQS_SIG_free(oqssig); } - +#endif return ret; } @@ -132,6 +134,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* res, falcon_key* key) { int ret = 0; +#ifdef HAVE_LIBOQS OQS_SIG *oqssig = NULL; if (key == NULL || sig == NULL || msg == NULL || res == NULL) { @@ -168,6 +171,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg, if (oqssig != NULL) { OQS_SIG_free(oqssig); } +#endif return ret; } @@ -683,4 +687,4 @@ int wc_falcon_sig_size(falcon_key* key) return BAD_FUNC_ARG; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index 7183fd2e2d..4d42bdda06 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -3332,7 +3332,7 @@ static const int sizeof_dh_key_der_4096 = sizeof(dh_key_der_4096); #endif /* USE_CERT_BUFFERS_4096 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* certs/falcon/bench_falcon_level1_key.der */ static const unsigned char bench_falcon_level1_key[] = @@ -3980,7 +3980,7 @@ static const unsigned char bench_falcon_level5_key[] = }; static const int sizeof_bench_falcon_level5_key = sizeof(bench_falcon_level5_key); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 0312e517bf..2a42d94c1e 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -116,7 +116,7 @@ #ifdef HAVE_CURVE448 #include #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #include #endif #ifdef HAVE_HKDF @@ -1235,7 +1235,7 @@ enum Misc { HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */ SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH, /* pre RSA and all master */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ENCRYPT_LEN = 1500, /* allow 1500 bit static buffer for falcon */ #else #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \ @@ -1458,7 +1458,7 @@ enum Misc { ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */ ED448_SA_MINOR = 8, /* Least significant byte for ED448 */ - OQS_SA_MAJOR = 0xFE,/* Most significant byte used with OQS sig algos + PQC_SA_MAJOR = 0xFE,/* Most significant byte used with PQC sig algos */ /* These match what OQS has defined in their OpenSSL fork. */ FALCON_LEVEL1_SA_MAJOR = 0xFE, @@ -1470,7 +1470,7 @@ enum Misc { MIN_RSA_SHA512_PSS_BITS = 512 * 2 + 8 * 8, /* Min key size */ MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) MAX_CERT_VERIFY_SZ = 1600, /* For Falcon */ #elif !defined(NO_RSA) MAX_CERT_VERIFY_SZ = WOLFSSL_MAX_RSA_BITS / 8, /* max RSA bytes */ @@ -1501,7 +1501,7 @@ enum Misc { MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */ #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) MAX_X509_SIZE = 5120, /* max static x509 buffer size; falcon is big */ #elif defined(WOLFSSL_HAPROXY) MAX_X509_SIZE = 3072, /* max static x509 buffer size */ @@ -1572,7 +1572,7 @@ enum Misc { #endif #define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8) -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* set minimum Falcon key size allowed */ #ifndef MIN_FALCONKEY_SZ #define MIN_FALCONKEY_SZ 897 @@ -2123,7 +2123,7 @@ struct WOLFSSL_CERT_MANAGER { wolfSSL_Mutex refMutex; /* reference count mutex */ #endif int refCount; /* reference count */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC short minFalconKeySz; /* minimum allowed Falcon key size */ #endif @@ -2622,7 +2622,7 @@ typedef struct KeyShareEntry { word32 keyLen; /* Key size (bytes) */ byte* pubKey; /* Public key */ word32 pubKeyLen; /* Public key length */ -#if !defined(NO_DH) || defined(HAVE_LIBOQS) +#if !defined(NO_DH) || defined(HAVE_PQC) byte* privKey; /* Private key - DH ond PQ KEMs only */ #endif #ifdef WOLFSSL_ASYNC_CRYPT @@ -2873,7 +2873,7 @@ struct WOLFSSL_CTX { #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum ECC key size */ #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC short minFalconKeySz; /* minimum Falcon key size */ #endif unsigned long mask; /* store SSL_OP_ flags */ @@ -3733,7 +3733,7 @@ typedef struct Options { #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum ECC key size */ #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) short minFalconKeySz; /* minimum Falcon key size */ #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -3908,9 +3908,9 @@ struct WOLFSSL_X509 { int pubKeyOID; DNS_entry* altNamesNext; /* hint for retrieval */ #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) word32 pkCurveOID; -#endif /* HAVE_ECC || HAVE_LIBOQS */ +#endif /* HAVE_ECC || HAVE_PQC */ #ifndef NO_CERTS DerBuffer* derCert; /* may need */ #endif @@ -4318,7 +4318,7 @@ struct WOLFSSL { curve448_key* peerX448Key; byte peerX448KeyPresent; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC falcon_key* peerFalconKey; byte peerFalconKeyPresent; #endif @@ -4695,7 +4695,7 @@ extern const WOLF_EC_NIST_NAME kNistCurves[]; /* This is the longest and shortest curve name in the kNistCurves list. Note we * also have quantum-safe group names as well. */ #define kNistCurves_MIN_NAME_LEN 5 -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #define kNistCurves_MAX_NAME_LEN 32 #else #define kNistCurves_MAX_NAME_LEN 7 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 1544c5294b..0b4d7866d7 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -794,7 +794,7 @@ enum SNICbReturn { /* Maximum master key length (SECRET_LEN) */ #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 /* Maximum number of groups that can be set */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #define WOLFSSL_MAX_GROUP_COUNT 36 #else #define WOLFSSL_MAX_GROUP_COUNT 10 @@ -3638,8 +3638,8 @@ enum { WOLFSSL_FFDHE_6144 = 259, WOLFSSL_FFDHE_8192 = 260, -#ifdef HAVE_LIBOQS - /* These group numbers were taken from liboqs' openssl fork, see: +#ifdef HAVE_PQC + /* These group numbers were taken from OQS's openssl fork, see: * https://github.com/open-quantum-safe/openssl/blob/OQS-OpenSSL_1_1_1-stable/ * oqs-template/oqs-kem-info.md. * @@ -3655,8 +3655,8 @@ enum { * algorithms have LEVEL2 and LEVEL4 because none of these submissions * included them. */ - WOLFSSL_OQS_MIN = 532, - WOLFSSL_OQS_SIMPLE_MIN = 532, + WOLFSSL_PQC_MIN = 532, + WOLFSSL_PQC_SIMPLE_MIN = 532, WOLFSSL_NTRU_HPS_LEVEL1 = 532, /* NTRU_HPS2048509 */ WOLFSSL_NTRU_HPS_LEVEL3 = 533, /* NTRU_HPS2048677 */ WOLFSSL_NTRU_HPS_LEVEL5 = 534, /* NTRU_HPS4096821 */ @@ -3670,9 +3670,9 @@ enum { WOLFSSL_KYBER_90S_LEVEL1 = 574, /* KYBER_90S_512 */ WOLFSSL_KYBER_90S_LEVEL3 = 575, /* KYBER_90S_768 */ WOLFSSL_KYBER_90S_LEVEL5 = 576, /* KYBER_90S_1024 */ - WOLFSSL_OQS_SIMPLE_MAX = 576, + WOLFSSL_PQC_SIMPLE_MAX = 576, - WOLFSSL_OQS_HYBRID_MIN = 12052, + WOLFSSL_PQC_HYBRID_MIN = 12052, WOLFSSL_P256_NTRU_HPS_LEVEL1 = 12052, WOLFSSL_P384_NTRU_HPS_LEVEL3 = 12053, WOLFSSL_P521_NTRU_HPS_LEVEL5 = 12054, @@ -3686,8 +3686,8 @@ enum { WOLFSSL_P256_KYBER_90S_LEVEL1 = 12094, WOLFSSL_P384_KYBER_90S_LEVEL3 = 12095, WOLFSSL_P521_KYBER_90S_LEVEL5 = 12096, - WOLFSSL_OQS_HYBRID_MAX = 12096, - WOLFSSL_OQS_MAX = 12096, + WOLFSSL_PQC_HYBRID_MAX = 12096, + WOLFSSL_PQC_MAX = 12096, #endif }; diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index fa4ef70d9e..2614b4309e 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1262,7 +1262,7 @@ struct SignatureCtx { #ifdef HAVE_ED448 struct ed448_key* ed448; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC struct falcon_key* falcon; #endif void* ptr; diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 61de722168..4c96ca3a92 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -640,7 +640,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); (defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)) || \ (defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)) || \ (defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)) || \ - (defined(HAVE_LIBOQS))) + (defined(HAVE_PQC))) #define WC_ENABLE_ASYM_KEY_EXPORT #endif @@ -649,7 +649,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); (defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \ (defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)) || \ (defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)) || \ - (defined(HAVE_LIBOQS))) + (defined(HAVE_PQC))) #define WC_ENABLE_ASYM_KEY_IMPORT #endif @@ -688,13 +688,13 @@ WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte*, word32, int); #endif #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte*, word32*, falcon_key*, word32); WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte*, word32*, falcon_key*, word32); WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key*, byte*, word32); WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key*, byte*, word32); WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key*, byte*, word32, int); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448_KEY_IMPORT diff --git a/wolfssl/wolfcrypt/falcon.h b/wolfssl/wolfcrypt/falcon.h index 56c459b84b..136976e3ff 100644 --- a/wolfssl/wolfcrypt/falcon.h +++ b/wolfssl/wolfcrypt/falcon.h @@ -31,9 +31,11 @@ #include -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC +#ifdef HAVE_LIBOQS #include +#endif #ifdef __cplusplus extern "C" { @@ -41,6 +43,7 @@ /* Macros Definitions */ +#ifdef HAVE_LIBOQS #define FALCON_LEVEL1_KEY_SIZE OQS_SIG_falcon_512_length_secret_key #define FALCON_LEVEL1_SIG_SIZE OQS_SIG_falcon_512_length_signature #define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key @@ -50,6 +53,7 @@ #define FALCON_LEVEL5_SIG_SIZE OQS_SIG_falcon_1024_length_signature #define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key #define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE) +#endif #define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE #define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE @@ -125,5 +129,5 @@ int wc_falcon_sig_size(falcon_key* key); } /* extern "C" */ #endif -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #endif /* WOLF_CRYPT_FALCON_H */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 1c7cd8afa3..243df6f7ca 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2585,6 +2585,11 @@ extern void uITRON4_free(void *p) ; #endif #endif +/* Enable Post-Quantum Cryptography if we have liboqs from the OpenQuantumSafe + * group */ +#ifdef HAVE_LIBOQS +#define HAVE_PQC +#endif /* --------------------------------------------------------------------------- * Depricated Algorithm Handling