From 5c75a56c23e3dfd6ea1b9e3ccd868f2e15a349c3 Mon Sep 17 00:00:00 2001 From: pi-314159 <74706004+pi-314159@users.noreply.github.com> Date: Thu, 19 Dec 2024 01:11:31 -0500 Subject: [PATCH] Update lattice-based algorithms 1. Update ML-DSA to the FIPS 204 2. Remove Kyber 3. Remove Dilithium --- README.md | 2 - crypto/evp/evp.c | 6 - crypto/evp/evp_asn1.c | 3 - crypto/evp/evp_ctx.c | 3 - crypto/evp/internal.h | 6 - crypto/evp/p_oqs.c | 3 - crypto/evp/p_oqs_asn1.c | 21 +-- crypto/obj/obj_dat.h | 205 ++++++++---------------- crypto/obj/obj_mac.num | 11 -- crypto/obj/obj_xref.c | 3 - crypto/obj/objects.txt | 23 +-- crypto/x509/algorithm.c | 3 - include/openssl/evp.h | 9 -- include/openssl/nid.h | 51 +----- include/openssl/ssl.h | 35 ++-- oqs_scripts/test_with_interop_server.py | 11 -- oqs_scripts/try_handshake.py | 11 -- oqs_template/generate.yml | 91 +++-------- pki/signature_algorithm.cc | 27 +--- pki/signature_algorithm.h | 3 - pki/simple_path_builder_delegate.cc | 3 - pki/verify_signed_data.cc | 15 -- ssl/extensions.cc | 34 ---- ssl/ssl_key_share.cc | 24 --- ssl/ssl_privkey.cc | 12 -- ssl/ssl_test.cc | 46 ------ ssl/test/fuzzer.h | 8 - ssl/test/runner/runner.go | 2 +- ssl/test/test_config.cc | 3 - 29 files changed, 130 insertions(+), 544 deletions(-) diff --git a/README.md b/README.md index 4e4a243059..9bd5453ac1 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,6 @@ Along with `X25519MLKEM768` and `X25519Kyber768Draft00` supported by BoringSSL t - **BIKE**: `bikel1`, `p256_bikel1`, `x25519_bikel1`, `bikel3`, `p384_bikel3`, `bikel5`, `p521_bikel5` -- **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p256_kyber768`, `p384_kyber768`, `kyber1024`, `p521_kyber1024` - **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` - **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `hqc256`, `p521_hqc256`† - **ML-KEM**: `mlkem768`, `p256_mlkem768`, `p384_mlkem768`, `mlkem1024`, `p384_mlkem1024`, `p521_mlkem1024` @@ -86,7 +85,6 @@ The following quantum-safe digital signature algorithms from liboqs are supporte - **CROSS**: `CROSSrsdp128balanced` -- **CRYSTALS-DILITHIUM**: `dilithium2`, `dilithium3`, `dilithium5` - **Falcon**: `falcon512`, `rsa3072_falcon512`, `falconpadded512`, `falcon1024`, `falconpadded1024` - **MAYO**: `mayo1`, `mayo2`, `mayo3`, `mayo5` - **ML-DSA**: `p256_mldsa44`, `mldsa65`, `p384_mldsa65`, `mldsa87`, `p521_mldsa87` diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c index e7797a2ded..b27dd61f0d 100644 --- a/crypto/evp/evp.c +++ b/crypto/evp/evp.c @@ -231,12 +231,6 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) { return &mldsa87_asn1_meth; case EVP_PKEY_P521_MLDSA87: return &p521_mldsa87_asn1_meth; - case EVP_PKEY_DILITHIUM2: - return &dilithium2_asn1_meth; - case EVP_PKEY_DILITHIUM3: - return &dilithium3_asn1_meth; - case EVP_PKEY_DILITHIUM5: - return &dilithium5_asn1_meth; case EVP_PKEY_FALCON512: return &falcon512_asn1_meth; case EVP_PKEY_RSA3072_FALCON512: diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c index 29900d4961..cd0f3ece73 100644 --- a/crypto/evp/evp_asn1.c +++ b/crypto/evp/evp_asn1.c @@ -83,9 +83,6 @@ static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = { &p384_mldsa65_asn1_meth, &mldsa87_asn1_meth, &p521_mldsa87_asn1_meth, - &dilithium2_asn1_meth, - &dilithium3_asn1_meth, - &dilithium5_asn1_meth, &falcon512_asn1_meth, &rsa3072_falcon512_asn1_meth, &falconpadded512_asn1_meth, diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c index 51f2f46981..63fda92b0b 100644 --- a/crypto/evp/evp_ctx.c +++ b/crypto/evp/evp_ctx.c @@ -78,9 +78,6 @@ static const EVP_PKEY_METHOD *const evp_methods[] = { &p384_mldsa65_pkey_meth, &mldsa87_pkey_meth, &p521_mldsa87_pkey_meth, - &dilithium2_pkey_meth, - &dilithium3_pkey_meth, - &dilithium5_pkey_meth, &falcon512_pkey_meth, &rsa3072_falcon512_pkey_meth, &falconpadded512_pkey_meth, diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index 45e3d6b704..323a3b2310 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h @@ -334,9 +334,6 @@ extern const EVP_PKEY_ASN1_METHOD mldsa65_asn1_meth; extern const EVP_PKEY_ASN1_METHOD p384_mldsa65_asn1_meth; extern const EVP_PKEY_ASN1_METHOD mldsa87_asn1_meth; extern const EVP_PKEY_ASN1_METHOD p521_mldsa87_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dilithium2_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dilithium3_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dilithium5_asn1_meth; extern const EVP_PKEY_ASN1_METHOD falcon512_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa3072_falcon512_asn1_meth; extern const EVP_PKEY_ASN1_METHOD falconpadded512_asn1_meth; @@ -374,9 +371,6 @@ extern const EVP_PKEY_METHOD mldsa65_pkey_meth; extern const EVP_PKEY_METHOD p384_mldsa65_pkey_meth; extern const EVP_PKEY_METHOD mldsa87_pkey_meth; extern const EVP_PKEY_METHOD p521_mldsa87_pkey_meth; -extern const EVP_PKEY_METHOD dilithium2_pkey_meth; -extern const EVP_PKEY_METHOD dilithium3_pkey_meth; -extern const EVP_PKEY_METHOD dilithium5_pkey_meth; extern const EVP_PKEY_METHOD falcon512_pkey_meth; extern const EVP_PKEY_METHOD rsa3072_falcon512_pkey_meth; extern const EVP_PKEY_METHOD falconpadded512_pkey_meth; diff --git a/crypto/evp/p_oqs.c b/crypto/evp/p_oqs.c index 07afa475fb..ca29b029de 100644 --- a/crypto/evp/p_oqs.c +++ b/crypto/evp/p_oqs.c @@ -306,9 +306,6 @@ DEFINE_OQS_PKEY_METHODS(mldsa65, OQS_SIG_alg_ml_dsa_65, EVP_PKEY_MLDSA65) DEFINE_OQS_PKEY_METHODS(p384_mldsa65, OQS_SIG_alg_ml_dsa_65, EVP_PKEY_P384_MLDSA65) DEFINE_OQS_PKEY_METHODS(mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_MLDSA87) DEFINE_OQS_PKEY_METHODS(p521_mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_P521_MLDSA87) -DEFINE_OQS_PKEY_METHODS(dilithium2, OQS_SIG_alg_dilithium_2, EVP_PKEY_DILITHIUM2) -DEFINE_OQS_PKEY_METHODS(dilithium3, OQS_SIG_alg_dilithium_3, EVP_PKEY_DILITHIUM3) -DEFINE_OQS_PKEY_METHODS(dilithium5, OQS_SIG_alg_dilithium_5, EVP_PKEY_DILITHIUM5) DEFINE_OQS_PKEY_METHODS(falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_FALCON512) DEFINE_OQS_PKEY_METHODS(rsa3072_falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_RSA3072_FALCON512) DEFINE_OQS_PKEY_METHODS(falconpadded512, OQS_SIG_alg_falcon_padded_512, EVP_PKEY_FALCONPADDED512) diff --git a/crypto/evp/p_oqs_asn1.c b/crypto/evp/p_oqs_asn1.c index 220000df0b..621b5be69d 100644 --- a/crypto/evp/p_oqs_asn1.c +++ b/crypto/evp/p_oqs_asn1.c @@ -426,31 +426,22 @@ static int decode_EC_pub(int nid, const unsigned char* encoded_key, int key_len, // the OIDs can also be found in the kObjectData array in crypto/obj/obj_dat.h ///// OQS_TEMPLATE_FRAGMENT_DEF_ASN1_METHODS_START DEFINE_OQS_ASN1_METHODS(mldsa44, OQS_SIG_alg_ml_dsa_44, EVP_PKEY_MLDSA44) -DEFINE_OQS_PKEY_ASN1_METHOD(mldsa44, EVP_PKEY_MLDSA44, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x04, 0x04)) +DEFINE_OQS_PKEY_ASN1_METHOD(mldsa44, EVP_PKEY_MLDSA44, OID(0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11)) DEFINE_OQS_ASN1_METHODS(p256_mldsa44, OQS_SIG_alg_ml_dsa_44, EVP_PKEY_P256_MLDSA44) -DEFINE_OQS_PKEY_ASN1_METHOD(p256_mldsa44, EVP_PKEY_P256_MLDSA44, OID(0x2B, 0xCE, 0x0F, 0x07, 0x01)) +DEFINE_OQS_PKEY_ASN1_METHOD(p256_mldsa44, EVP_PKEY_P256_MLDSA44, OID(0x2B, 0xCE, 0x0F, 0x07, 0x05)) DEFINE_OQS_ASN1_METHODS(mldsa65, OQS_SIG_alg_ml_dsa_65, EVP_PKEY_MLDSA65) -DEFINE_OQS_PKEY_ASN1_METHOD(mldsa65, EVP_PKEY_MLDSA65, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x06, 0x05)) +DEFINE_OQS_PKEY_ASN1_METHOD(mldsa65, EVP_PKEY_MLDSA65, OID(0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12)) DEFINE_OQS_ASN1_METHODS(p384_mldsa65, OQS_SIG_alg_ml_dsa_65, EVP_PKEY_P384_MLDSA65) -DEFINE_OQS_PKEY_ASN1_METHOD(p384_mldsa65, EVP_PKEY_P384_MLDSA65, OID(0x2B, 0xCE, 0x0F, 0x07, 0x03)) +DEFINE_OQS_PKEY_ASN1_METHOD(p384_mldsa65, EVP_PKEY_P384_MLDSA65, OID(0x2B, 0xCE, 0x0F, 0x07, 0x07)) DEFINE_OQS_ASN1_METHODS(mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_MLDSA87) -DEFINE_OQS_PKEY_ASN1_METHOD(mldsa87, EVP_PKEY_MLDSA87, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x08, 0x07)) +DEFINE_OQS_PKEY_ASN1_METHOD(mldsa87, EVP_PKEY_MLDSA87, OID(0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13)) DEFINE_OQS_ASN1_METHODS(p521_mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_P521_MLDSA87) -DEFINE_OQS_PKEY_ASN1_METHOD(p521_mldsa87, EVP_PKEY_P521_MLDSA87, OID(0x2B, 0xCE, 0x0F, 0x07, 0x04)) - -DEFINE_OQS_ASN1_METHODS(dilithium2, OQS_SIG_alg_dilithium_2, EVP_PKEY_DILITHIUM2) -DEFINE_OQS_PKEY_ASN1_METHOD(dilithium2, EVP_PKEY_DILITHIUM2, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x04, 0x04)) - -DEFINE_OQS_ASN1_METHODS(dilithium3, OQS_SIG_alg_dilithium_3, EVP_PKEY_DILITHIUM3) -DEFINE_OQS_PKEY_ASN1_METHOD(dilithium3, EVP_PKEY_DILITHIUM3, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x06, 0x05)) - -DEFINE_OQS_ASN1_METHODS(dilithium5, OQS_SIG_alg_dilithium_5, EVP_PKEY_DILITHIUM5) -DEFINE_OQS_PKEY_ASN1_METHOD(dilithium5, EVP_PKEY_DILITHIUM5, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x08, 0x07)) +DEFINE_OQS_PKEY_ASN1_METHOD(p521_mldsa87, EVP_PKEY_P521_MLDSA87, OID(0x2B, 0xCE, 0x0F, 0x07, 0x08)) DEFINE_OQS_ASN1_METHODS(falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_FALCON512) DEFINE_OQS_PKEY_ASN1_METHOD(falcon512, EVP_PKEY_FALCON512, OID(0x2B, 0xCE, 0x0F, 0x03, 0x0B)) diff --git a/crypto/obj/obj_dat.h b/crypto/obj/obj_dat.h index e6c413550d..9f707e0e24 100644 --- a/crypto/obj/obj_dat.h +++ b/crypto/obj/obj_dat.h @@ -7138,83 +7138,41 @@ static const uint8_t kObjectData[] = { 0x02, 0x06, /* NID_mldsa44 */ - 0x2b, - 0x06, - 0x01, - 0x04, + 0x60, + 0x86, + 0x48, 0x01, - 0x02, - 0x82, - 0x0b, - 0x0c, - 0x04, + 0x65, + 0x03, 0x04, + 0x03, + 0x11, /* NID_mldsa65 */ - 0x2b, - 0x06, + 0x60, + 0x86, + 0x48, 0x01, + 0x65, + 0x03, 0x04, - 0x01, - 0x02, - 0x82, - 0x0b, - 0x0c, - 0x06, - 0x05, + 0x03, + 0x12, /* NID_p384_mldsa65 */ 0x2b, 0xce, 0x0f, 0x07, - 0x03, - /* NID_mldsa87 */ - 0x2b, - 0x06, - 0x01, - 0x04, - 0x01, - 0x02, - 0x82, - 0x0b, - 0x0c, - 0x08, - 0x07, - /* NID_dilithium2 */ - 0x2b, - 0x06, - 0x01, - 0x04, - 0x01, - 0x02, - 0x82, - 0x0b, - 0x07, - 0x04, - 0x04, - /* NID_dilithium3 */ - 0x2b, - 0x06, - 0x01, - 0x04, - 0x01, - 0x02, - 0x82, - 0x0b, 0x07, - 0x06, - 0x05, - /* NID_dilithium5 */ - 0x2b, - 0x06, + /* NID_mldsa87 */ + 0x60, + 0x86, + 0x48, 0x01, + 0x65, + 0x03, 0x04, - 0x01, - 0x02, - 0x82, - 0x0b, - 0x07, - 0x08, - 0x07, + 0x03, + 0x13, /* NID_falcon512 */ 0x2b, 0xce, @@ -7356,13 +7314,13 @@ static const uint8_t kObjectData[] = { 0xce, 0x0f, 0x07, - 0x01, + 0x05, /* NID_p521_mldsa87 */ 0x2b, 0xce, 0x0f, 0x07, - 0x04, + 0x08, /* NID_rsa3072_falcon512 */ 0x2b, 0xce, @@ -9055,13 +9013,13 @@ static const ASN1_OBJECT kObjects[NUM_NID] = { {"frodo1344shake", "frodo1344shake", NID_frodo1344shake, 0, NULL, 0}, {"p521_frodo1344shake", "p521_frodo1344shake", NID_p521_frodo1344shake, 0, NULL, 0}, - {"kyber512", "kyber512", NID_kyber512, 0, NULL, 0}, - {"p256_kyber512", "p256_kyber512", NID_p256_kyber512, 0, NULL, 0}, - {"x25519_kyber512", "x25519_kyber512", NID_x25519_kyber512, 0, NULL, 0}, - {"kyber768", "kyber768", NID_kyber768, 0, NULL, 0}, - {"p384_kyber768", "p384_kyber768", NID_p384_kyber768, 0, NULL, 0}, - {"kyber1024", "kyber1024", NID_kyber1024, 0, NULL, 0}, - {"p521_kyber1024", "p521_kyber1024", NID_p521_kyber1024, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, {"bikel1", "bikel1", NID_bikel1, 0, NULL, 0}, {"p256_bikel1", "p256_bikel1", NID_p256_bikel1, 0, NULL, 0}, {"x25519_bikel1", "x25519_bikel1", NID_x25519_bikel1, 0, NULL, 0}, @@ -9076,61 +9034,61 @@ static const ASN1_OBJECT kObjects[NUM_NID] = { {"p384_hqc192", "p384_hqc192", NID_p384_hqc192, 0, NULL, 0}, {"hqc256", "hqc256", NID_hqc256, 0, NULL, 0}, {"p521_hqc256", "p521_hqc256", NID_p521_hqc256, 0, NULL, 0}, - {"mldsa44", "mldsa44", NID_mldsa44, 11, &kObjectData[6196], 0}, + {"mldsa44", "mldsa44", NID_mldsa44, 9, &kObjectData[6196], 0}, {NULL, NULL, NID_undef, 0, NULL, 0}, - {"mldsa65", "mldsa65", NID_mldsa65, 11, &kObjectData[6207], 0}, - {"p384_mldsa65", "p384_mldsa65", NID_p384_mldsa65, 5, &kObjectData[6218], + {"mldsa65", "mldsa65", NID_mldsa65, 9, &kObjectData[6205], 0}, + {"p384_mldsa65", "p384_mldsa65", NID_p384_mldsa65, 5, &kObjectData[6214], 0}, - {"mldsa87", "mldsa87", NID_mldsa87, 11, &kObjectData[6223], 0}, - {"dilithium2", "dilithium2", NID_dilithium2, 11, &kObjectData[6234], 0}, - {"dilithium3", "dilithium3", NID_dilithium3, 11, &kObjectData[6245], 0}, - {"dilithium5", "dilithium5", NID_dilithium5, 11, &kObjectData[6256], 0}, - {"falcon512", "falcon512", NID_falcon512, 5, &kObjectData[6267], 0}, + {"mldsa87", "mldsa87", NID_mldsa87, 9, &kObjectData[6219], 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {NULL, NULL, NID_undef, 0, NULL, 0}, + {"falcon512", "falcon512", NID_falcon512, 5, &kObjectData[6228], 0}, {NULL, NULL, NID_undef, 0, NULL, 0}, {"falconpadded512", "falconpadded512", NID_falconpadded512, 5, - &kObjectData[6272], 0}, - {"falcon1024", "falcon1024", NID_falcon1024, 5, &kObjectData[6277], 0}, + &kObjectData[6233], 0}, + {"falcon1024", "falcon1024", NID_falcon1024, 5, &kObjectData[6238], 0}, {"falconpadded1024", "falconpadded1024", NID_falconpadded1024, 5, - &kObjectData[6282], 0}, - {"mayo1", "mayo1", NID_mayo1, 6, &kObjectData[6287], 0}, - {"mayo2", "mayo2", NID_mayo2, 6, &kObjectData[6293], 0}, - {"mayo3", "mayo3", NID_mayo3, 6, &kObjectData[6299], 0}, - {"mayo5", "mayo5", NID_mayo5, 6, &kObjectData[6305], 0}, + &kObjectData[6243], 0}, + {"mayo1", "mayo1", NID_mayo1, 6, &kObjectData[6248], 0}, + {"mayo2", "mayo2", NID_mayo2, 6, &kObjectData[6254], 0}, + {"mayo3", "mayo3", NID_mayo3, 6, &kObjectData[6260], 0}, + {"mayo5", "mayo5", NID_mayo5, 6, &kObjectData[6266], 0}, {"sphincssha2128fsimple", "sphincssha2128fsimple", - NID_sphincssha2128fsimple, 6, &kObjectData[6311], 0}, + NID_sphincssha2128fsimple, 6, &kObjectData[6272], 0}, {"sphincssha2128ssimple", "sphincssha2128ssimple", - NID_sphincssha2128ssimple, 6, &kObjectData[6317], 0}, + NID_sphincssha2128ssimple, 6, &kObjectData[6278], 0}, {"sphincssha2192fsimple", "sphincssha2192fsimple", - NID_sphincssha2192fsimple, 6, &kObjectData[6323], 0}, + NID_sphincssha2192fsimple, 6, &kObjectData[6284], 0}, {"sphincssha2192ssimple", "sphincssha2192ssimple", - NID_sphincssha2192ssimple, 6, &kObjectData[6329], 0}, + NID_sphincssha2192ssimple, 6, &kObjectData[6290], 0}, {"sphincssha2256fsimple", "sphincssha2256fsimple", - NID_sphincssha2256fsimple, 6, &kObjectData[6335], 0}, + NID_sphincssha2256fsimple, 6, &kObjectData[6296], 0}, {"sphincssha2256ssimple", "sphincssha2256ssimple", - NID_sphincssha2256ssimple, 6, &kObjectData[6341], 0}, + NID_sphincssha2256ssimple, 6, &kObjectData[6302], 0}, {"sphincsshake128fsimple", "sphincsshake128fsimple", - NID_sphincsshake128fsimple, 6, &kObjectData[6347], 0}, + NID_sphincsshake128fsimple, 6, &kObjectData[6308], 0}, {"sphincsshake128ssimple", "sphincsshake128ssimple", - NID_sphincsshake128ssimple, 6, &kObjectData[6353], 0}, + NID_sphincsshake128ssimple, 6, &kObjectData[6314], 0}, {"sphincsshake192fsimple", "sphincsshake192fsimple", - NID_sphincsshake192fsimple, 6, &kObjectData[6359], 0}, + NID_sphincsshake192fsimple, 6, &kObjectData[6320], 0}, {"sphincsshake192ssimple", "sphincsshake192ssimple", - NID_sphincsshake192ssimple, 6, &kObjectData[6365], 0}, + NID_sphincsshake192ssimple, 6, &kObjectData[6326], 0}, {"sphincsshake256fsimple", "sphincsshake256fsimple", - NID_sphincsshake256fsimple, 6, &kObjectData[6371], 0}, + NID_sphincsshake256fsimple, 6, &kObjectData[6332], 0}, {"sphincsshake256ssimple", "sphincsshake256ssimple", - NID_sphincsshake256ssimple, 6, &kObjectData[6377], 0}, + NID_sphincsshake256ssimple, 6, &kObjectData[6338], 0}, {"p256_mlkem768", "p256_mlkem768", NID_p256_mlkem768, 0, NULL, 0}, {"p384_mlkem1024", "p384_mlkem1024", NID_p384_mlkem1024, 0, NULL, 0}, - {"p256_kyber768", "p256_kyber768", NID_p256_kyber768, 0, NULL, 0}, - {"p256_mldsa44", "p256_mldsa44", NID_p256_mldsa44, 5, &kObjectData[6383], + {NULL, NULL, NID_undef, 0, NULL, 0}, + {"p256_mldsa44", "p256_mldsa44", NID_p256_mldsa44, 5, &kObjectData[6344], 0}, - {"p521_mldsa87", "p521_mldsa87", NID_p521_mldsa87, 5, &kObjectData[6388], + {"p521_mldsa87", "p521_mldsa87", NID_p521_mldsa87, 5, &kObjectData[6349], 0}, {"rsa3072_falcon512", "rsa3072_falcon512", NID_rsa3072_falcon512, 5, - &kObjectData[6393], 0}, + &kObjectData[6354], 0}, {"CROSSrsdp128balanced", "CROSSrsdp128balanced", NID_CROSSrsdp128balanced, - 11, &kObjectData[6398], 0}, + 11, &kObjectData[6359], 0}, }; static const uint16_t kNIDsInShortNameOrder[] = { @@ -9445,9 +9403,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 939 /* dhSinglePass-stdDH-sha384kdf-scheme */, 940 /* dhSinglePass-stdDH-sha512kdf-scheme */, 920 /* dhpublicnumber */, - 1013 /* dilithium2 */, - 1014 /* dilithium3 */, - 1015 /* dilithium5 */, 382 /* directory */, 887 /* distinguishedName */, 892 /* dmdName */, @@ -9773,9 +9728,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 492 /* janetMailbox */, 150 /* keyBag */, 83 /* keyUsage */, - 992 /* kyber1024 */, - 987 /* kyber512 */, - 990 /* kyber768 */, 477 /* lastModifiedBy */, 476 /* lastModifiedTime */, 157 /* localKeyID */, @@ -9835,8 +9787,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 974 /* p256_frodo640aes */, 977 /* p256_frodo640shake */, 1002 /* p256_hqc128 */, - 988 /* p256_kyber512 */, - 1039 /* p256_kyber768 */, 1040 /* p256_mldsa44 */, 967 /* p256_mlkem512 */, 1037 /* p256_mlkem768 */, @@ -9844,7 +9794,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 980 /* p384_frodo976aes */, 982 /* p384_frodo976shake */, 1005 /* p384_hqc192 */, - 991 /* p384_kyber768 */, 1011 /* p384_mldsa65 */, 1038 /* p384_mlkem1024 */, 970 /* p384_mlkem768 */, @@ -9852,7 +9801,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 984 /* p521_frodo1344aes */, 986 /* p521_frodo1344shake */, 1007 /* p521_hqc256 */, - 993 /* p521_kyber1024 */, 1041 /* p521_mldsa87 */, 972 /* p521_mlkem1024 */, 489 /* pagerTelephoneNumber */, @@ -10159,7 +10107,6 @@ static const uint16_t kNIDsInShortNameOrder[] = { 975 /* x25519_frodo640aes */, 978 /* x25519_frodo640shake */, 1003 /* x25519_hqc128 */, - 989 /* x25519_kyber512 */, 968 /* x25519_mlkem512 */, 503 /* x500UniqueIdentifier */, 158 /* x509Certificate */, @@ -10483,9 +10430,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 938 /* dhSinglePass-stdDH-sha256kdf-scheme */, 939 /* dhSinglePass-stdDH-sha384kdf-scheme */, 940 /* dhSinglePass-stdDH-sha512kdf-scheme */, - 1013 /* dilithium2 */, - 1014 /* dilithium3 */, - 1015 /* dilithium5 */, 11 /* directory services (X.500) */, 378 /* directory services - algorithms */, 887 /* distinguishedName */, @@ -10793,9 +10737,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 952 /* kx-ecdhe */, 953 /* kx-psk */, 951 /* kx-rsa */, - 992 /* kyber1024 */, - 987 /* kyber512 */, - 990 /* kyber768 */, 477 /* lastModifiedBy */, 476 /* lastModifiedTime */, 157 /* localKeyID */, @@ -10844,8 +10785,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 974 /* p256_frodo640aes */, 977 /* p256_frodo640shake */, 1002 /* p256_hqc128 */, - 988 /* p256_kyber512 */, - 1039 /* p256_kyber768 */, 1040 /* p256_mldsa44 */, 967 /* p256_mlkem512 */, 1037 /* p256_mlkem768 */, @@ -10853,7 +10792,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 980 /* p384_frodo976aes */, 982 /* p384_frodo976shake */, 1005 /* p384_hqc192 */, - 991 /* p384_kyber768 */, 1011 /* p384_mldsa65 */, 1038 /* p384_mlkem1024 */, 970 /* p384_mlkem768 */, @@ -10861,7 +10799,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 984 /* p521_frodo1344aes */, 986 /* p521_frodo1344shake */, 1007 /* p521_hqc256 */, - 993 /* p521_kyber1024 */, 1041 /* p521_mldsa87 */, 972 /* p521_mlkem1024 */, 935 /* pSpecified */, @@ -11191,7 +11128,6 @@ static const uint16_t kNIDsInLongNameOrder[] = { 975 /* x25519_frodo640aes */, 978 /* x25519_frodo640shake */, 1003 /* x25519_hqc128 */, - 989 /* x25519_kyber512 */, 968 /* x25519_mlkem512 */, 503 /* x500UniqueIdentifier */, 158 /* x509Certificate */, @@ -11490,9 +11426,9 @@ static const uint16_t kNIDsInOIDOrder[] = { 1019 /* 1.3.9999.3.14 (OBJ_falcon1024) */, 1018 /* 1.3.9999.3.16 (OBJ_falconpadded512) */, 1020 /* 1.3.9999.3.19 (OBJ_falconpadded1024) */, - 1040 /* 1.3.9999.7.1 (OBJ_p256_mldsa44) */, - 1011 /* 1.3.9999.7.3 (OBJ_p384_mldsa65) */, - 1041 /* 1.3.9999.7.4 (OBJ_p521_mldsa87) */, + 1040 /* 1.3.9999.7.5 (OBJ_p256_mldsa44) */, + 1011 /* 1.3.9999.7.7 (OBJ_p384_mldsa65) */, + 1041 /* 1.3.9999.7.8 (OBJ_p521_mldsa87) */, 624 /* 2.23.42.3.0.0 (OBJ_set_rootKeyThumb) */, 625 /* 2.23.42.3.0.1 (OBJ_set_addPolicy) */, 626 /* 2.23.42.3.2.1 (OBJ_setAttr_Token_EMV) */, @@ -11935,6 +11871,9 @@ static const uint16_t kNIDsInOIDOrder[] = { 962 /* 2.16.840.1.101.3.4.2.6 (OBJ_sha512_256) */, 802 /* 2.16.840.1.101.3.4.3.1 (OBJ_dsa_with_SHA224) */, 803 /* 2.16.840.1.101.3.4.3.2 (OBJ_dsa_with_SHA256) */, + 1008 /* 2.16.840.1.101.3.4.3.17 (OBJ_mldsa44) */, + 1010 /* 2.16.840.1.101.3.4.3.18 (OBJ_mldsa65) */, + 1012 /* 2.16.840.1.101.3.4.3.19 (OBJ_mldsa87) */, 71 /* 2.16.840.1.113730.1.1 (OBJ_netscape_cert_type) */, 72 /* 2.16.840.1.113730.1.2 (OBJ_netscape_base_url) */, 73 /* 2.16.840.1.113730.1.3 (OBJ_netscape_revocation_url) */, @@ -12109,12 +12048,6 @@ static const uint16_t kNIDsInOIDOrder[] = { 153 /* 1.2.840.113549.1.12.10.1.4 (OBJ_crlBag) */, 154 /* 1.2.840.113549.1.12.10.1.5 (OBJ_secretBag) */, 155 /* 1.2.840.113549.1.12.10.1.6 (OBJ_safeContentsBag) */, - 1013 /* 1.3.6.1.4.1.2.267.7.4.4 (OBJ_dilithium2) */, - 1014 /* 1.3.6.1.4.1.2.267.7.6.5 (OBJ_dilithium3) */, - 1015 /* 1.3.6.1.4.1.2.267.7.8.7 (OBJ_dilithium5) */, - 1008 /* 1.3.6.1.4.1.2.267.12.4.4 (OBJ_mldsa44) */, - 1010 /* 1.3.6.1.4.1.2.267.12.6.5 (OBJ_mldsa65) */, - 1012 /* 1.3.6.1.4.1.2.267.12.8.7 (OBJ_mldsa87) */, 34 /* 1.3.6.1.4.1.188.7.1.1.2 (OBJ_idea_cbc) */, 1043 /* 1.3.6.1.4.1.62245.2.1.1 (OBJ_CROSSrsdp128balanced) */, }; diff --git a/crypto/obj/obj_mac.num b/crypto/obj/obj_mac.num index c14adf4a43..76ce08abf6 100644 --- a/crypto/obj/obj_mac.num +++ b/crypto/obj/obj_mac.num @@ -974,13 +974,6 @@ frodo1344aes 983 p521_frodo1344aes 984 frodo1344shake 985 p521_frodo1344shake 986 -kyber512 987 -p256_kyber512 988 -x25519_kyber512 989 -kyber768 990 -p384_kyber768 991 -kyber1024 992 -p521_kyber1024 993 bikel1 994 p256_bikel1 995 x25519_bikel1 996 @@ -999,9 +992,6 @@ mldsa44 1008 mldsa65 1010 p384_mldsa65 1011 mldsa87 1012 -dilithium2 1013 -dilithium3 1014 -dilithium5 1015 falcon512 1016 falconpadded512 1018 falcon1024 1019 @@ -1024,7 +1014,6 @@ sphincsshake256fsimple 1035 sphincsshake256ssimple 1036 p256_mlkem768 1037 p384_mlkem1024 1038 -p256_kyber768 1039 p256_mldsa44 1040 p521_mldsa87 1041 rsa3072_falcon512 1042 diff --git a/crypto/obj/obj_xref.c b/crypto/obj/obj_xref.c index ceaf0acb20..cad33062c5 100644 --- a/crypto/obj/obj_xref.c +++ b/crypto/obj/obj_xref.c @@ -96,9 +96,6 @@ static const nid_triple kTriples[] = { {NID_p384_mldsa65, NID_sha384, NID_p384_mldsa65}, {NID_mldsa87, NID_sha512, NID_mldsa87}, {NID_p521_mldsa87, NID_sha512, NID_p521_mldsa87}, - {NID_dilithium2, NID_sha256, NID_dilithium2}, - {NID_dilithium3, NID_sha384, NID_dilithium3}, - {NID_dilithium5, NID_sha512, NID_dilithium5}, {NID_falcon512, NID_sha256, NID_falcon512}, {NID_rsa3072_falcon512, NID_sha256, NID_rsa3072_falcon512}, {NID_falconpadded512, NID_sha256, NID_falconpadded512}, diff --git a/crypto/obj/objects.txt b/crypto/obj/objects.txt index 223a068c26..a310a2d27c 100644 --- a/crypto/obj/objects.txt +++ b/crypto/obj/objects.txt @@ -1384,14 +1384,6 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme : p521_frodo1344aes : frodo1344shake : p521_frodo1344shake - : kyber512 - : p256_kyber512 - : x25519_kyber512 - : kyber768 - : p256_kyber768 - : p384_kyber768 - : kyber1024 - : p521_kyber1024 : bikel1 : p256_bikel1 : x25519_bikel1 @@ -1409,15 +1401,12 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme ##### OQS_TEMPLATE_FRAGMENT_DEF_NIDS_END ##### OQS_TEMPLATE_FRAGMENT_ASSIGN_OIDS_START -1 3 6 1 4 1 2 267 12 4 4 : mldsa44 : mldsa44 -1 3 9999 7 1 : p256_mldsa44 : p256_mldsa44 -1 3 6 1 4 1 2 267 12 6 5 : mldsa65 : mldsa65 -1 3 9999 7 3 : p384_mldsa65 : p384_mldsa65 -1 3 6 1 4 1 2 267 12 8 7 : mldsa87 : mldsa87 -1 3 9999 7 4 : p521_mldsa87 : p521_mldsa87 -1 3 6 1 4 1 2 267 7 4 4 : dilithium2 : dilithium2 -1 3 6 1 4 1 2 267 7 6 5 : dilithium3 : dilithium3 -1 3 6 1 4 1 2 267 7 8 7 : dilithium5 : dilithium5 +2 16 840 1 101 3 4 3 17 : mldsa44 : mldsa44 +1 3 9999 7 5 : p256_mldsa44 : p256_mldsa44 +2 16 840 1 101 3 4 3 18 : mldsa65 : mldsa65 +1 3 9999 7 7 : p384_mldsa65 : p384_mldsa65 +2 16 840 1 101 3 4 3 19 : mldsa87 : mldsa87 +1 3 9999 7 8 : p521_mldsa87 : p521_mldsa87 1 3 9999 3 11 : falcon512 : falcon512 1 3 9999 3 13 : rsa3072_falcon512 : rsa3072_falcon512 1 3 9999 3 16 : falconpadded512 : falconpadded512 diff --git a/crypto/x509/algorithm.c b/crypto/x509/algorithm.c index ff83aac108..3531fe5b38 100644 --- a/crypto/x509/algorithm.c +++ b/crypto/x509/algorithm.c @@ -101,9 +101,6 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { pkey_id == EVP_PKEY_P384_MLDSA65 || pkey_id == EVP_PKEY_MLDSA87 || pkey_id == EVP_PKEY_P521_MLDSA87 || - pkey_id == EVP_PKEY_DILITHIUM2 || - pkey_id == EVP_PKEY_DILITHIUM3 || - pkey_id == EVP_PKEY_DILITHIUM5 || pkey_id == EVP_PKEY_FALCON512 || pkey_id == EVP_PKEY_RSA3072_FALCON512 || pkey_id == EVP_PKEY_FALCONPADDED512 || diff --git a/include/openssl/evp.h b/include/openssl/evp.h index a027f87588..0bdbfbb7d7 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -191,9 +191,6 @@ OPENSSL_EXPORT DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey); #define EVP_PKEY_P384_MLDSA65 NID_p384_mldsa65 #define EVP_PKEY_MLDSA87 NID_mldsa87 #define EVP_PKEY_P521_MLDSA87 NID_p521_mldsa87 -#define EVP_PKEY_DILITHIUM2 NID_dilithium2 -#define EVP_PKEY_DILITHIUM3 NID_dilithium3 -#define EVP_PKEY_DILITHIUM5 NID_dilithium5 #define EVP_PKEY_FALCON512 NID_falcon512 #define EVP_PKEY_RSA3072_FALCON512 NID_rsa3072_falcon512 #define EVP_PKEY_FALCONPADDED512 NID_falconpadded512 @@ -224,9 +221,6 @@ OPENSSL_EXPORT DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey); (pkey_id == NID_p384_mldsa65) || \ (pkey_id == NID_mldsa87) || \ (pkey_id == NID_p521_mldsa87) || \ - (pkey_id == NID_dilithium2) || \ - (pkey_id == NID_dilithium3) || \ - (pkey_id == NID_dilithium5) || \ (pkey_id == NID_falcon512) || \ (pkey_id == NID_rsa3072_falcon512) || \ (pkey_id == NID_falconpadded512) || \ @@ -258,9 +252,6 @@ OPENSSL_EXPORT DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey); (pkey_id == NID_frodo976shake) || \ (pkey_id == NID_frodo1344aes) || \ (pkey_id == NID_frodo1344shake) || \ - (pkey_id == NID_kyber512) || \ - (pkey_id == NID_kyber768) || \ - (pkey_id == NID_kyber1024) || \ (pkey_id == NID_bikel1) || \ (pkey_id == NID_bikel3) || \ (pkey_id == NID_bikel5) || \ diff --git a/include/openssl/nid.h b/include/openssl/nid.h index 961b1b6880..ecf394ea41 100644 --- a/include/openssl/nid.h +++ b/include/openssl/nid.h @@ -4321,27 +4321,6 @@ extern "C" { #define SN_p521_frodo1344shake "p521_frodo1344shake" #define NID_p521_frodo1344shake 986 -#define SN_kyber512 "kyber512" -#define NID_kyber512 987 - -#define SN_p256_kyber512 "p256_kyber512" -#define NID_p256_kyber512 988 - -#define SN_x25519_kyber512 "x25519_kyber512" -#define NID_x25519_kyber512 989 - -#define SN_kyber768 "kyber768" -#define NID_kyber768 990 - -#define SN_p384_kyber768 "p384_kyber768" -#define NID_p384_kyber768 991 - -#define SN_kyber1024 "kyber1024" -#define NID_kyber1024 992 - -#define SN_p521_kyber1024 "p521_kyber1024" -#define NID_p521_kyber1024 993 - #define SN_bikel1 "bikel1" #define NID_bikel1 994 @@ -4387,37 +4366,22 @@ extern "C" { #define SN_mldsa44 "mldsa44" #define LN_mldsa44 "mldsa44" #define NID_mldsa44 1008 -#define OBJ_mldsa44 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 12L, 4L, 4L +#define OBJ_mldsa44 2L, 16L, 840L, 1L, 101L, 3L, 4L, 3L, 17L #define SN_mldsa65 "mldsa65" #define LN_mldsa65 "mldsa65" #define NID_mldsa65 1010 -#define OBJ_mldsa65 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 12L, 6L, 5L +#define OBJ_mldsa65 2L, 16L, 840L, 1L, 101L, 3L, 4L, 3L, 18L #define SN_p384_mldsa65 "p384_mldsa65" #define LN_p384_mldsa65 "p384_mldsa65" #define NID_p384_mldsa65 1011 -#define OBJ_p384_mldsa65 1L, 3L, 9999L, 7L, 3L +#define OBJ_p384_mldsa65 1L, 3L, 9999L, 7L, 7L #define SN_mldsa87 "mldsa87" #define LN_mldsa87 "mldsa87" #define NID_mldsa87 1012 -#define OBJ_mldsa87 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 12L, 8L, 7L - -#define SN_dilithium2 "dilithium2" -#define LN_dilithium2 "dilithium2" -#define NID_dilithium2 1013 -#define OBJ_dilithium2 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 7L, 4L, 4L - -#define SN_dilithium3 "dilithium3" -#define LN_dilithium3 "dilithium3" -#define NID_dilithium3 1014 -#define OBJ_dilithium3 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 7L, 6L, 5L - -#define SN_dilithium5 "dilithium5" -#define LN_dilithium5 "dilithium5" -#define NID_dilithium5 1015 -#define OBJ_dilithium5 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 7L, 8L, 7L +#define OBJ_mldsa87 2L, 16L, 840L, 1L, 101L, 3L, 4L, 3L, 19L #define SN_falcon512 "falcon512" #define LN_falcon512 "falcon512" @@ -4525,18 +4489,15 @@ extern "C" { #define SN_p384_mlkem1024 "p384_mlkem1024" #define NID_p384_mlkem1024 1038 -#define SN_p256_kyber768 "p256_kyber768" -#define NID_p256_kyber768 1039 - #define SN_p256_mldsa44 "p256_mldsa44" #define LN_p256_mldsa44 "p256_mldsa44" #define NID_p256_mldsa44 1040 -#define OBJ_p256_mldsa44 1L, 3L, 9999L, 7L, 1L +#define OBJ_p256_mldsa44 1L, 3L, 9999L, 7L, 5L #define SN_p521_mldsa87 "p521_mldsa87" #define LN_p521_mldsa87 "p521_mldsa87" #define NID_p521_mldsa87 1041 -#define OBJ_p521_mldsa87 1L, 3L, 9999L, 7L, 4L +#define OBJ_p521_mldsa87 1L, 3L, 9999L, 7L, 8L #define SN_rsa3072_falcon512 "rsa3072_falcon512" #define LN_rsa3072_falcon512 "rsa3072_falcon512" diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index a4af0d0a40..509cc2dcb6 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1216,15 +1216,12 @@ OPENSSL_EXPORT int SSL_set_ocsp_response(SSL *ssl, #define SSL_SIGN_RSA_PSS_RSAE_SHA512 0x0806 #define SSL_SIGN_ED25519 0x0807 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_SIG_CODEPOINTS_START -#define SSL_SIGN_MLDSA44 0xfed0 -#define SSL_SIGN_P256_MLDSA44 0xfed3 -#define SSL_SIGN_MLDSA65 0xfed1 -#define SSL_SIGN_P384_MLDSA65 0xfed5 -#define SSL_SIGN_MLDSA87 0xfed2 -#define SSL_SIGN_P521_MLDSA87 0xfed6 -#define SSL_SIGN_DILITHIUM2 0xfea0 -#define SSL_SIGN_DILITHIUM3 0xfea3 -#define SSL_SIGN_DILITHIUM5 0xfea5 +#define SSL_SIGN_MLDSA44 0x0904 +#define SSL_SIGN_P256_MLDSA44 0xff06 +#define SSL_SIGN_MLDSA65 0x0905 +#define SSL_SIGN_P384_MLDSA65 0xff08 +#define SSL_SIGN_MLDSA87 0x0906 +#define SSL_SIGN_P521_MLDSA87 0xff09 #define SSL_SIGN_FALCON512 0xfed7 #define SSL_SIGN_RSA3072_FALCON512 0xfed9 #define SSL_SIGN_FALCONPADDED512 0xfedc @@ -2584,22 +2581,22 @@ OPENSSL_EXPORT size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx); #define SSL_GROUP_X25519_MLKEM768 0x11ec #define SSL_GROUP_X25519_KYBER768_DRAFT00 0x6399 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEM_CURVEIDS_START -#define SSL_GROUP_MLKEM512 586 +#define SSL_GROUP_MLKEM512 512 #define SSL_GROUP_P256_MLKEM512 12107 #define SSL_GROUP_X25519_MLKEM512 12214 -#define SSL_GROUP_MLKEM768 1896 +#define SSL_GROUP_MLKEM768 513 #define SSL_GROUP_P256_MLKEM768 4587 #define SSL_GROUP_P384_MLKEM768 12108 -#define SSL_GROUP_MLKEM1024 4132 +#define SSL_GROUP_MLKEM1024 514 #define SSL_GROUP_P384_MLKEM1024 12110 #define SSL_GROUP_P521_MLKEM1024 12109 -#define SSL_GROUP_FRODO640AES 512 +#define SSL_GROUP_FRODO640AES 65024 #define SSL_GROUP_P256_FRODO640AES 12032 #define SSL_GROUP_X25519_FRODO640AES 12160 -#define SSL_GROUP_FRODO640SHAKE 513 +#define SSL_GROUP_FRODO640SHAKE 65025 #define SSL_GROUP_P256_FRODO640SHAKE 12033 #define SSL_GROUP_X25519_FRODO640SHAKE 12161 -#define SSL_GROUP_FRODO976AES 514 +#define SSL_GROUP_FRODO976AES 65026 #define SSL_GROUP_P384_FRODO976AES 12034 #define SSL_GROUP_FRODO976SHAKE 515 #define SSL_GROUP_P384_FRODO976SHAKE 12035 @@ -2607,14 +2604,6 @@ OPENSSL_EXPORT size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx); #define SSL_GROUP_P521_FRODO1344AES 12036 #define SSL_GROUP_FRODO1344SHAKE 517 #define SSL_GROUP_P521_FRODO1344SHAKE 12037 -#define SSL_GROUP_KYBER512 570 -#define SSL_GROUP_P256_KYBER512 12090 -#define SSL_GROUP_X25519_KYBER512 12089 -#define SSL_GROUP_KYBER768 572 -#define SSL_GROUP_P256_KYBER768 25498 -#define SSL_GROUP_P384_KYBER768 12092 -#define SSL_GROUP_KYBER1024 573 -#define SSL_GROUP_P521_KYBER1024 12093 #define SSL_GROUP_BIKEL1 577 #define SSL_GROUP_P256_BIKEL1 12097 #define SSL_GROUP_X25519_BIKEL1 12206 diff --git a/oqs_scripts/test_with_interop_server.py b/oqs_scripts/test_with_interop_server.py index 36f177bd83..f2e631b06f 100755 --- a/oqs_scripts/test_with_interop_server.py +++ b/oqs_scripts/test_with_interop_server.py @@ -27,14 +27,6 @@ 'p521_frodo1344aes', 'frodo1344shake', 'p521_frodo1344shake', - 'kyber512', - 'p256_kyber512', - 'x25519_kyber512', - 'kyber768', - 'p256_kyber768', - 'p384_kyber768', - 'kyber1024', - 'p521_kyber1024', 'bikel1', 'p256_bikel1', 'x25519_bikel1', @@ -62,9 +54,6 @@ 'p384_mldsa65', 'mldsa87', 'p521_mldsa87', - 'dilithium2', - 'dilithium3', - 'dilithium5', 'falcon512', 'rsa3072_falcon512', 'falconpadded512', diff --git a/oqs_scripts/try_handshake.py b/oqs_scripts/try_handshake.py index 4c0e4efd18..adfcf82049 100644 --- a/oqs_scripts/try_handshake.py +++ b/oqs_scripts/try_handshake.py @@ -34,14 +34,6 @@ 'p521_frodo1344aes', 'frodo1344shake', 'p521_frodo1344shake', - 'kyber512', - 'p256_kyber512', - 'x25519_kyber512', - 'kyber768', - 'p256_kyber768', - 'p384_kyber768', - 'kyber1024', - 'p521_kyber1024', 'bikel1', 'p256_bikel1', 'x25519_bikel1', @@ -68,9 +60,6 @@ 'p384_mldsa65', 'mldsa87', 'p521_mldsa87', - 'dilithium2', - 'dilithium3', - 'dilithium5', 'falcon512', 'rsa3072_falcon512', 'falconpadded512', diff --git a/oqs_template/generate.yml b/oqs_template/generate.yml index 581288dbc5..2b67b6f51a 100644 --- a/oqs_template/generate.yml +++ b/oqs_template/generate.yml @@ -4,41 +4,41 @@ kems: - family: 'ML-KEM' name: 'mlkem512' - nid: '0x024A' + nid: '0x0200' mix_with: [{'name': 'p256', 'mix_nid':'0x2F4B', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'x25519', 'mix_nid':'0x2FB6', 'nid':'SSL_GROUP_X25519'}] use_as_default_with: 'x25519' oqs_meth: 'OQS_KEM_alg_ml_kem_512' - family: 'ML-KEM' name: 'mlkem768' - nid: '0x0768' + nid: '0x0201' mix_with: [{'name': 'p256', 'mix_nid':'0x11EB', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'p384', 'mix_nid':'0x2F4C', 'nid':'SSL_GROUP_SECP384R1'}] use_as_default_with: 'p256' oqs_meth: 'OQS_KEM_alg_ml_kem_768' - family: 'ML-KEM' name: 'mlkem1024' - nid: '0x1024' + nid: '0x0202' mix_with: [{'name': 'p384', 'mix_nid':'0x2F4E', 'nid':'SSL_GROUP_SECP384R1'}, {'name': 'p521', 'mix_nid':'0x2F4D', 'nid':'SSL_GROUP_SECP521R1'}] oqs_meth: 'OQS_KEM_alg_ml_kem_1024' - family: 'FrodoKEM' name: 'frodo640aes' - nid: '0x0200' + nid: '0xFE00' mix_with: [{'name': 'p256', 'mix_nid':'0x2F00', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'x25519', 'mix_nid':'0x2F80', 'nid':'SSL_GROUP_X25519'}] use_as_default_with: 'x25519' oqs_meth: 'OQS_KEM_alg_frodokem_640_aes' - family: 'FrodoKEM' name: 'frodo640shake' - nid: '0x0201' + nid: '0xFE01' mix_with: [{'name': 'p256', 'mix_nid':'0x2F01', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'x25519', 'mix_nid':'0x2F81', 'nid':'SSL_GROUP_X25519'}] use_as_default_with: 'x25519' oqs_meth: 'OQS_KEM_alg_frodokem_640_shake' - family: 'FrodoKEM' name: 'frodo976aes' - nid: '0x0202' + nid: '0xFE02' mix_with: [{'name': 'p384', 'mix_nid':'0x2F02', 'nid':'SSL_GROUP_SECP384R1'}] oqs_meth: 'OQS_KEM_alg_frodokem_976_aes' - @@ -59,25 +59,6 @@ kems: nid: '0x0205' mix_with: [{'name': 'p521', 'mix_nid':'0x2F05', 'nid':'SSL_GROUP_SECP521R1'}] oqs_meth: 'OQS_KEM_alg_frodokem_1344_shake' - - - family: 'CRYSTALS-Kyber' - name: 'kyber512' - nid: '0x023A' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F3A', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'x25519', 'mix_nid':'0x2F39', 'nid':'SSL_GROUP_X25519'}] - use_as_default_with: 'x25519' - oqs_meth: 'OQS_KEM_alg_kyber_512' - - - family: 'CRYSTALS-Kyber' - name: 'kyber768' - nid: '0x023C' - mix_with: [{'name': 'p256', 'mix_nid':'0x639A', 'nid':'SSL_GROUP_SECP256R1'}, {'name': 'p384', 'mix_nid':'0x2F3C', 'nid':'SSL_GROUP_SECP384R1'}] - oqs_meth: 'OQS_KEM_alg_kyber_768' - - - family: 'CRYSTALS-Kyber' - name: 'kyber1024' - nid: '0x023D' - mix_with: [{'name': 'p521', 'mix_nid':'0x2F3D', 'nid':'SSL_GROUP_SECP521R1'}] - oqs_meth: 'OQS_KEM_alg_kyber_1024' - family: 'BIKE' name: 'bikel1' @@ -124,74 +105,50 @@ sigs: - family: 'ML-DSA' name: 'mldsa44' - oid: '1 3 6 1 4 1 2 267 12 4 4' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x04, 0x04' + oid: '2 16 840 1 101 3 4 3 17' + oid_encoded: '0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11' oqs_meth: 'OQS_SIG_alg_ml_dsa_44' - code_point: '0xfed0' + code_point: '0x0904' claimed_security_level: '2' - family: 'ML-DSA' name: 'p256_mldsa44' - oid: '1 3 9999 7 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x01' + oid: '1 3 9999 7 5' + oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x05' oqs_meth: 'OQS_SIG_alg_ml_dsa_44' - code_point: '0xfed3' + code_point: '0xff06' claimed_security_level: '2' - family: 'ML-DSA' name: 'mldsa65' - oid: '1 3 6 1 4 1 2 267 12 6 5' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x06, 0x05' + oid: '2 16 840 1 101 3 4 3 18' + oid_encoded: '0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12' oqs_meth: 'OQS_SIG_alg_ml_dsa_65' - code_point: '0xfed1' + code_point: '0x0905' claimed_security_level: '3' - family: 'ML-DSA' name: 'p384_mldsa65' - oid: '1 3 9999 7 3' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x03' + oid: '1 3 9999 7 7' + oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x07' oqs_meth: 'OQS_SIG_alg_ml_dsa_65' - code_point: '0xfed5' + code_point: '0xff08' claimed_security_level: '3' - family: 'ML-DSA' name: 'mldsa87' - oid: '1 3 6 1 4 1 2 267 12 8 7' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x08, 0x07' + oid: '2 16 840 1 101 3 4 3 19' + oid_encoded: '0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13' oqs_meth: 'OQS_SIG_alg_ml_dsa_87' - code_point: '0xfed2' + code_point: '0x0906' claimed_security_level: '5' - family: 'ML-DSA' name: 'p521_mldsa87' - oid: '1 3 9999 7 4' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x04' + oid: '1 3 9999 7 8' + oid_encoded: '0x2B, 0xCE, 0x0F, 0x07, 0x08' oqs_meth: 'OQS_SIG_alg_ml_dsa_87' - code_point: '0xfed6' - claimed_security_level: '5' - - - family: 'CRYSTALS-DILITHIUM' - name: 'dilithium2' - oid: '1 3 6 1 4 1 2 267 7 4 4' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x04, 0x04' - oqs_meth: 'OQS_SIG_alg_dilithium_2' - code_point: '0xfea0' - claimed_security_level: '2' - - - family: 'CRYSTALS-DILITHIUM' - name: 'dilithium3' - oid: '1 3 6 1 4 1 2 267 7 6 5' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x06, 0x05' - oqs_meth: 'OQS_SIG_alg_dilithium_3' - code_point: '0xfea3' - claimed_security_level: '3' - - - family: 'CRYSTALS-DILITHIUM' - name: 'dilithium5' - oid: '1 3 6 1 4 1 2 267 7 8 7' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x07, 0x08, 0x07' - oqs_meth: 'OQS_SIG_alg_dilithium_5' - code_point: '0xfea5' + code_point: '0xff09' claimed_security_level: '5' - family: 'Falcon' diff --git a/pki/signature_algorithm.cc b/pki/signature_algorithm.cc index 45888736a6..a5ead1af82 100644 --- a/pki/signature_algorithm.cc +++ b/pki/signature_algorithm.cc @@ -124,15 +124,12 @@ const uint8_t kOidMgf1[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08}; ///// OQS_TEMPLATE_FRAGMENT_LIST_SIG_OIDS_START -const uint8_t kOidMldsa44[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x04, 0x04}; -const uint8_t kOidP256_mldsa44[] = {0x2b, 0xce, 0x0f, 0x07, 0x01}; -const uint8_t kOidMldsa65[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x06, 0x05}; -const uint8_t kOidP384_mldsa65[] = {0x2b, 0xce, 0x0f, 0x07, 0x03}; -const uint8_t kOidMldsa87[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x08, 0x07}; -const uint8_t kOidP521_mldsa87[] = {0x2b, 0xce, 0x0f, 0x07, 0x04}; -const uint8_t kOidDilithium2[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x04, 0x04}; -const uint8_t kOidDilithium3[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x06, 0x05}; -const uint8_t kOidDilithium5[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x07, 0x08, 0x07}; +const uint8_t kOidMldsa44[] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11}; +const uint8_t kOidP256_mldsa44[] = {0x2b, 0xce, 0x0f, 0x07, 0x05}; +const uint8_t kOidMldsa65[] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12}; +const uint8_t kOidP384_mldsa65[] = {0x2b, 0xce, 0x0f, 0x07, 0x07}; +const uint8_t kOidMldsa87[] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13}; +const uint8_t kOidP521_mldsa87[] = {0x2b, 0xce, 0x0f, 0x07, 0x08}; const uint8_t kOidFalcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x0b}; const uint8_t kOidRsa3072_falcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x0d}; const uint8_t kOidFalconpadded512[] = {0x2b, 0xce, 0x0f, 0x03, 0x10}; @@ -429,15 +426,6 @@ std::optional ParseSignatureAlgorithm( if (oid == der::Input(kOidP521_mldsa87)) { return SignatureAlgorithm::kP521_mldsa87; } - if (oid == der::Input(kOidDilithium2)) { - return SignatureAlgorithm::kDilithium2; - } - if (oid == der::Input(kOidDilithium3)) { - return SignatureAlgorithm::kDilithium3; - } - if (oid == der::Input(kOidDilithium5)) { - return SignatureAlgorithm::kDilithium5; - } if (oid == der::Input(kOidFalcon512)) { return SignatureAlgorithm::kFalcon512; } @@ -542,7 +530,6 @@ std::optional GetTlsServerEndpointDigestAlgorithm( ///// OQS_TEMPLATE_FRAGMENT_PAIR_SIGS_WITH_DIGESTS_START case SignatureAlgorithm::kMldsa44: case SignatureAlgorithm::kP256_mldsa44: - case SignatureAlgorithm::kDilithium2: case SignatureAlgorithm::kFalcon512: case SignatureAlgorithm::kRsa3072_falcon512: case SignatureAlgorithm::kFalconpadded512: @@ -557,7 +544,6 @@ std::optional GetTlsServerEndpointDigestAlgorithm( case SignatureAlgorithm::kMldsa65: case SignatureAlgorithm::kP384_mldsa65: - case SignatureAlgorithm::kDilithium3: case SignatureAlgorithm::kMayo3: case SignatureAlgorithm::kSphincssha2192fsimple: case SignatureAlgorithm::kSphincssha2192ssimple: @@ -567,7 +553,6 @@ std::optional GetTlsServerEndpointDigestAlgorithm( case SignatureAlgorithm::kMldsa87: case SignatureAlgorithm::kP521_mldsa87: - case SignatureAlgorithm::kDilithium5: case SignatureAlgorithm::kFalcon1024: case SignatureAlgorithm::kFalconpadded1024: case SignatureAlgorithm::kMayo5: diff --git a/pki/signature_algorithm.h b/pki/signature_algorithm.h index d927013a3c..d5250b7b24 100644 --- a/pki/signature_algorithm.h +++ b/pki/signature_algorithm.h @@ -46,9 +46,6 @@ enum class SignatureAlgorithm { kP384_mldsa65, kMldsa87, kP521_mldsa87, - kDilithium2, - kDilithium3, - kDilithium5, kFalcon512, kRsa3072_falcon512, kFalconpadded512, diff --git a/pki/simple_path_builder_delegate.cc b/pki/simple_path_builder_delegate.cc index 36236a64df..4e0fc121fa 100644 --- a/pki/simple_path_builder_delegate.cc +++ b/pki/simple_path_builder_delegate.cc @@ -84,9 +84,6 @@ bool SimplePathBuilderDelegate::IsSignatureAlgorithmAcceptable( case SignatureAlgorithm::kP384_mldsa65: case SignatureAlgorithm::kMldsa87: case SignatureAlgorithm::kP521_mldsa87: - case SignatureAlgorithm::kDilithium2: - case SignatureAlgorithm::kDilithium3: - case SignatureAlgorithm::kDilithium5: case SignatureAlgorithm::kFalcon512: case SignatureAlgorithm::kRsa3072_falcon512: case SignatureAlgorithm::kFalconpadded512: diff --git a/pki/verify_signed_data.cc b/pki/verify_signed_data.cc index ec1bedb6f9..a06fc4b0ce 100644 --- a/pki/verify_signed_data.cc +++ b/pki/verify_signed_data.cc @@ -233,21 +233,6 @@ bool VerifySignedData(SignatureAlgorithm algorithm, der::Input signed_data, digest = EVP_sha512(); cache_algorithm_name = "P521_mldsa87"; break; - case SignatureAlgorithm::kDilithium2: - expected_pkey_id = EVP_PKEY_DILITHIUM2; - digest = EVP_sha256(); - cache_algorithm_name = "Dilithium2"; - break; - case SignatureAlgorithm::kDilithium3: - expected_pkey_id = EVP_PKEY_DILITHIUM3; - digest = EVP_sha384(); - cache_algorithm_name = "Dilithium3"; - break; - case SignatureAlgorithm::kDilithium5: - expected_pkey_id = EVP_PKEY_DILITHIUM5; - digest = EVP_sha512(); - cache_algorithm_name = "Dilithium5"; - break; case SignatureAlgorithm::kFalcon512: expected_pkey_id = EVP_PKEY_FALCON512; digest = EVP_sha256(); diff --git a/ssl/extensions.cc b/ssl/extensions.cc index a8e38796c4..09e351c1ee 100644 --- a/ssl/extensions.cc +++ b/ssl/extensions.cc @@ -256,22 +256,6 @@ static bool is_post_quantum_group(uint16_t id) { return true; case SSL_GROUP_P521_FRODO1344SHAKE: return true; - case SSL_GROUP_KYBER512: - return true; - case SSL_GROUP_P256_KYBER512: - return true; - case SSL_GROUP_X25519_KYBER512: - return true; - case SSL_GROUP_KYBER768: - return true; - case SSL_GROUP_P256_KYBER768: - return true; - case SSL_GROUP_P384_KYBER768: - return true; - case SSL_GROUP_KYBER1024: - return true; - case SSL_GROUP_P521_KYBER1024: - return true; case SSL_GROUP_BIKEL1: return true; case SSL_GROUP_P256_BIKEL1: @@ -408,7 +392,6 @@ static const uint16_t kDefaultGroups[] = { SSL_GROUP_P256_MLKEM768, SSL_GROUP_X25519_FRODO640AES, SSL_GROUP_X25519_FRODO640SHAKE, - SSL_GROUP_X25519_KYBER512, SSL_GROUP_X25519_BIKEL1, SSL_GROUP_X25519_HQC128, ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_KEMS_END @@ -448,14 +431,6 @@ static const uint16_t kAllSupportedGroups[] = { SSL_GROUP_FRODO1344AES, SSL_GROUP_P521_FRODO1344SHAKE, SSL_GROUP_FRODO1344SHAKE, - SSL_GROUP_P256_KYBER512, - SSL_GROUP_X25519_KYBER512, - SSL_GROUP_KYBER512, - SSL_GROUP_P256_KYBER768, - SSL_GROUP_P384_KYBER768, - SSL_GROUP_KYBER768, - SSL_GROUP_P521_KYBER1024, - SSL_GROUP_KYBER1024, SSL_GROUP_P256_BIKEL1, SSL_GROUP_X25519_BIKEL1, SSL_GROUP_BIKEL1, @@ -558,9 +533,6 @@ static const uint16_t kVerifySignatureAlgorithms[] = { SSL_SIGN_P384_MLDSA65, SSL_SIGN_MLDSA87, SSL_SIGN_P521_MLDSA87, - SSL_SIGN_DILITHIUM2, - SSL_SIGN_DILITHIUM3, - SSL_SIGN_DILITHIUM5, SSL_SIGN_FALCON512, SSL_SIGN_RSA3072_FALCON512, SSL_SIGN_FALCONPADDED512, @@ -612,9 +584,6 @@ static const uint16_t kSignSignatureAlgorithms[] = { SSL_SIGN_P384_MLDSA65, SSL_SIGN_MLDSA87, SSL_SIGN_P521_MLDSA87, - SSL_SIGN_DILITHIUM2, - SSL_SIGN_DILITHIUM3, - SSL_SIGN_DILITHIUM5, SSL_SIGN_FALCON512, SSL_SIGN_RSA3072_FALCON512, SSL_SIGN_FALCONPADDED512, @@ -4385,9 +4354,6 @@ bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, SSL_SIGN_P384_MLDSA65, SSL_SIGN_MLDSA87, SSL_SIGN_P521_MLDSA87, - SSL_SIGN_DILITHIUM2, - SSL_SIGN_DILITHIUM3, - SSL_SIGN_DILITHIUM5, SSL_SIGN_FALCON512, SSL_SIGN_RSA3072_FALCON512, SSL_SIGN_FALCONPADDED512, diff --git a/ssl/ssl_key_share.cc b/ssl/ssl_key_share.cc index f1155e7f91..c692e5609a 100644 --- a/ssl/ssl_key_share.cc +++ b/ssl/ssl_key_share.cc @@ -685,14 +685,6 @@ constexpr NamedGroup kNamedGroups[] = { {NID_p521_frodo1344aes, SSL_GROUP_P521_FRODO1344AES, "p521_frodo1344aes", "p521_frodo1344aes"}, {NID_frodo1344shake, SSL_GROUP_FRODO1344SHAKE, "frodo1344shake", "frodo1344shake"}, {NID_p521_frodo1344shake, SSL_GROUP_P521_FRODO1344SHAKE, "p521_frodo1344shake", "p521_frodo1344shake"}, - {NID_kyber512, SSL_GROUP_KYBER512, "kyber512", "kyber512"}, - {NID_p256_kyber512, SSL_GROUP_P256_KYBER512, "p256_kyber512", "p256_kyber512"}, - {NID_x25519_kyber512, SSL_GROUP_X25519_KYBER512, "x25519_kyber512", "x25519_kyber512"}, - {NID_kyber768, SSL_GROUP_KYBER768, "kyber768", "kyber768"}, - {NID_p256_kyber768, SSL_GROUP_P256_KYBER768, "p256_kyber768", "p256_kyber768"}, - {NID_p384_kyber768, SSL_GROUP_P384_KYBER768, "p384_kyber768", "p384_kyber768"}, - {NID_kyber1024, SSL_GROUP_KYBER1024, "kyber1024", "kyber1024"}, - {NID_p521_kyber1024, SSL_GROUP_P521_KYBER1024, "p521_kyber1024", "p521_kyber1024"}, {NID_bikel1, SSL_GROUP_BIKEL1, "bikel1", "bikel1"}, {NID_p256_bikel1, SSL_GROUP_P256_BIKEL1, "p256_bikel1", "p256_bikel1"}, {NID_x25519_bikel1, SSL_GROUP_X25519_BIKEL1, "x25519_bikel1", "x25519_bikel1"}, @@ -779,22 +771,6 @@ UniquePtr SSLKeyShare::Create(uint16_t group_id) { return MakeUnique(SSL_GROUP_FRODO1344SHAKE, OQS_KEM_alg_frodokem_1344_shake); case SSL_GROUP_P521_FRODO1344SHAKE: return MakeUnique(SSL_GROUP_P521_FRODO1344SHAKE, SSL_GROUP_SECP521R1, OQS_KEM_alg_frodokem_1344_shake); - case SSL_GROUP_KYBER512: - return MakeUnique(SSL_GROUP_KYBER512, OQS_KEM_alg_kyber_512); - case SSL_GROUP_P256_KYBER512: - return MakeUnique(SSL_GROUP_P256_KYBER512, SSL_GROUP_SECP256R1, OQS_KEM_alg_kyber_512); - case SSL_GROUP_X25519_KYBER512: - return MakeUnique(SSL_GROUP_X25519_KYBER512, SSL_GROUP_X25519, OQS_KEM_alg_kyber_512); - case SSL_GROUP_KYBER768: - return MakeUnique(SSL_GROUP_KYBER768, OQS_KEM_alg_kyber_768); - case SSL_GROUP_P256_KYBER768: - return MakeUnique(SSL_GROUP_P256_KYBER768, SSL_GROUP_SECP256R1, OQS_KEM_alg_kyber_768); - case SSL_GROUP_P384_KYBER768: - return MakeUnique(SSL_GROUP_P384_KYBER768, SSL_GROUP_SECP384R1, OQS_KEM_alg_kyber_768); - case SSL_GROUP_KYBER1024: - return MakeUnique(SSL_GROUP_KYBER1024, OQS_KEM_alg_kyber_1024); - case SSL_GROUP_P521_KYBER1024: - return MakeUnique(SSL_GROUP_P521_KYBER1024, SSL_GROUP_SECP521R1, OQS_KEM_alg_kyber_1024); case SSL_GROUP_BIKEL1: return MakeUnique(SSL_GROUP_BIKEL1, OQS_KEM_alg_bike_l1); case SSL_GROUP_P256_BIKEL1: diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc index 7d52174891..a72ffe628d 100644 --- a/ssl/ssl_privkey.cc +++ b/ssl/ssl_privkey.cc @@ -84,9 +84,6 @@ bool ssl_is_key_type_supported(int key_type) { key_type == EVP_PKEY_P384_MLDSA65 || key_type == EVP_PKEY_MLDSA87 || key_type == EVP_PKEY_P521_MLDSA87 || - key_type == EVP_PKEY_DILITHIUM2 || - key_type == EVP_PKEY_DILITHIUM3 || - key_type == EVP_PKEY_DILITHIUM5 || key_type == EVP_PKEY_FALCON512 || key_type == EVP_PKEY_RSA3072_FALCON512 || key_type == EVP_PKEY_FALCONPADDED512 || @@ -180,9 +177,6 @@ static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[] = { {SSL_SIGN_P384_MLDSA65, EVP_PKEY_P384_MLDSA65, NID_undef, &EVP_sha384, false, true, true, false}, {SSL_SIGN_MLDSA87, EVP_PKEY_MLDSA87, NID_undef, &EVP_sha512, false, true, true, false}, {SSL_SIGN_P521_MLDSA87, EVP_PKEY_P521_MLDSA87, NID_undef, &EVP_sha512, false, true, true, false}, - {SSL_SIGN_DILITHIUM2, EVP_PKEY_DILITHIUM2, NID_undef, &EVP_sha256, false, true, true, false}, - {SSL_SIGN_DILITHIUM3, EVP_PKEY_DILITHIUM3, NID_undef, &EVP_sha384, false, true, true, false}, - {SSL_SIGN_DILITHIUM5, EVP_PKEY_DILITHIUM5, NID_undef, &EVP_sha512, false, true, true, false}, {SSL_SIGN_FALCON512, EVP_PKEY_FALCON512, NID_undef, &EVP_sha256, false, true, true, false}, {SSL_SIGN_RSA3072_FALCON512, EVP_PKEY_RSA3072_FALCON512, NID_undef, &EVP_sha256, false, true, true, false}, {SSL_SIGN_FALCONPADDED512, EVP_PKEY_FALCONPADDED512, NID_undef, &EVP_sha256, false, true, true, false}, @@ -585,9 +579,6 @@ static const SignatureAlgorithmName kSignatureAlgorithmNames[] = { {SSL_SIGN_P384_MLDSA65, "p384_mldsa65"}, {SSL_SIGN_MLDSA87, "mldsa87"}, {SSL_SIGN_P521_MLDSA87, "p521_mldsa87"}, - {SSL_SIGN_DILITHIUM2, "dilithium2"}, - {SSL_SIGN_DILITHIUM3, "dilithium3"}, - {SSL_SIGN_DILITHIUM5, "dilithium5"}, {SSL_SIGN_FALCON512, "falcon512"}, {SSL_SIGN_RSA3072_FALCON512, "rsa3072_falcon512"}, {SSL_SIGN_FALCONPADDED512, "falconpadded512"}, @@ -794,9 +785,6 @@ static constexpr struct { {EVP_PKEY_P384_MLDSA65, NID_sha384, SSL_SIGN_P384_MLDSA65}, {EVP_PKEY_MLDSA87, NID_sha512, SSL_SIGN_MLDSA87}, {EVP_PKEY_P521_MLDSA87, NID_sha512, SSL_SIGN_P521_MLDSA87}, - {EVP_PKEY_DILITHIUM2, NID_sha256, SSL_SIGN_DILITHIUM2}, - {EVP_PKEY_DILITHIUM3, NID_sha384, SSL_SIGN_DILITHIUM3}, - {EVP_PKEY_DILITHIUM5, NID_sha512, SSL_SIGN_DILITHIUM5}, {EVP_PKEY_FALCON512, NID_sha256, SSL_SIGN_FALCON512}, {EVP_PKEY_RSA3072_FALCON512, NID_sha256, SSL_SIGN_RSA3072_FALCON512}, {EVP_PKEY_FALCONPADDED512, NID_sha256, SSL_SIGN_FALCONPADDED512}, diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index d3dc19b1af..edbac98662 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -581,29 +581,6 @@ static const CurveTest kCurveTests[] = { SSL_GROUP_P521_FRODO1344SHAKE, }, }, - { - "kyber512:p256_kyber512:x25519_kyber512", - { - SSL_GROUP_KYBER512, - SSL_GROUP_P256_KYBER512, - SSL_GROUP_X25519_KYBER512, - }, - }, - { - "kyber768:p256_kyber768:p384_kyber768", - { - SSL_GROUP_KYBER768, - SSL_GROUP_P256_KYBER768, - SSL_GROUP_P384_KYBER768, - }, - }, - { - "kyber1024:p521_kyber1024", - { - SSL_GROUP_KYBER1024, - SSL_GROUP_P521_KYBER1024, - }, - }, { "bikel1:p256_bikel1:x25519_bikel1", { @@ -5876,12 +5853,6 @@ TEST(SSLTest, SignatureAlgorithmProperties) { SSL_get_signature_algorithm_key_type(SSL_SIGN_MLDSA87)); EXPECT_EQ(EVP_PKEY_P521_MLDSA87, SSL_get_signature_algorithm_key_type(SSL_SIGN_P521_MLDSA87)); - EXPECT_EQ(EVP_PKEY_DILITHIUM2, - SSL_get_signature_algorithm_key_type(SSL_SIGN_DILITHIUM2)); - EXPECT_EQ(EVP_PKEY_DILITHIUM3, - SSL_get_signature_algorithm_key_type(SSL_SIGN_DILITHIUM3)); - EXPECT_EQ(EVP_PKEY_DILITHIUM5, - SSL_get_signature_algorithm_key_type(SSL_SIGN_DILITHIUM5)); EXPECT_EQ(EVP_PKEY_FALCON512, SSL_get_signature_algorithm_key_type(SSL_SIGN_FALCON512)); EXPECT_EQ(EVP_PKEY_RSA3072_FALCON512, @@ -6258,9 +6229,6 @@ TEST(SSLTest, SigAlgs) { {{NID_sha384, EVP_PKEY_P384_MLDSA65}, true, {SSL_SIGN_P384_MLDSA65}}, {{NID_sha512, EVP_PKEY_MLDSA87}, true, {SSL_SIGN_MLDSA87}}, {{NID_sha512, EVP_PKEY_P521_MLDSA87}, true, {SSL_SIGN_P521_MLDSA87}}, - {{NID_sha256, EVP_PKEY_DILITHIUM2}, true, {SSL_SIGN_DILITHIUM2}}, - {{NID_sha384, EVP_PKEY_DILITHIUM3}, true, {SSL_SIGN_DILITHIUM3}}, - {{NID_sha512, EVP_PKEY_DILITHIUM5}, true, {SSL_SIGN_DILITHIUM5}}, {{NID_sha256, EVP_PKEY_FALCON512}, true, {SSL_SIGN_FALCON512}}, {{NID_sha256, EVP_PKEY_RSA3072_FALCON512}, true, {SSL_SIGN_RSA3072_FALCON512}}, {{NID_sha256, EVP_PKEY_FALCONPADDED512}, true, {SSL_SIGN_FALCONPADDED512}}, @@ -6347,9 +6315,6 @@ TEST(SSLTest, SigAlgsList) { {"p384_mldsa65", true, {SSL_SIGN_P384_MLDSA65}}, {"mldsa87", true, {SSL_SIGN_MLDSA87}}, {"p521_mldsa87", true, {SSL_SIGN_P521_MLDSA87}}, - {"dilithium2", true, {SSL_SIGN_DILITHIUM2}}, - {"dilithium3", true, {SSL_SIGN_DILITHIUM3}}, - {"dilithium5", true, {SSL_SIGN_DILITHIUM5}}, {"falcon512", true, {SSL_SIGN_FALCON512}}, {"rsa3072_falcon512", true, {SSL_SIGN_RSA3072_FALCON512}}, {"falconpadded512", true, {SSL_SIGN_FALCONPADDED512}}, @@ -8758,14 +8723,6 @@ static const TLSGroup kOQSGroups[] = { {NID_p521_frodo1344aes, SSL_GROUP_P521_FRODO1344AES}, {NID_frodo1344shake, SSL_GROUP_FRODO1344SHAKE}, {NID_p521_frodo1344shake, SSL_GROUP_P521_FRODO1344SHAKE}, - {NID_kyber512, SSL_GROUP_KYBER512}, - {NID_p256_kyber512, SSL_GROUP_P256_KYBER512}, - {NID_x25519_kyber512, SSL_GROUP_X25519_KYBER512}, - {NID_kyber768, SSL_GROUP_KYBER768}, - {NID_p256_kyber768, SSL_GROUP_P256_KYBER768}, - {NID_p384_kyber768, SSL_GROUP_P384_KYBER768}, - {NID_kyber1024, SSL_GROUP_KYBER1024}, - {NID_p521_kyber1024, SSL_GROUP_P521_KYBER1024}, {NID_bikel1, SSL_GROUP_BIKEL1}, {NID_p256_bikel1, SSL_GROUP_P256_BIKEL1}, {NID_x25519_bikel1, SSL_GROUP_X25519_BIKEL1}, @@ -8870,9 +8827,6 @@ INSTANTIATE_TEST_SUITE_P(WithSignatureNIDs, OQSHandshakeTest, NID_p384_mldsa65, NID_mldsa87, NID_p521_mldsa87, - NID_dilithium2, - NID_dilithium3, - NID_dilithium5, NID_falcon512, NID_rsa3072_falcon512, NID_falconpadded512, diff --git a/ssl/test/fuzzer.h b/ssl/test/fuzzer.h index 92b5ed3ff6..41b0db28f5 100644 --- a/ssl/test/fuzzer.h +++ b/ssl/test/fuzzer.h @@ -446,14 +446,6 @@ class TLSFuzzer { SSL_GROUP_P521_FRODO1344AES, SSL_GROUP_FRODO1344SHAKE, SSL_GROUP_P521_FRODO1344SHAKE, - SSL_GROUP_KYBER512, - SSL_GROUP_P256_KYBER512, - SSL_GROUP_X25519_KYBER512, - SSL_GROUP_KYBER768, - SSL_GROUP_P256_KYBER768, - SSL_GROUP_P384_KYBER768, - SSL_GROUP_KYBER1024, - SSL_GROUP_P521_KYBER1024, SSL_GROUP_BIKEL1, SSL_GROUP_P256_BIKEL1, SSL_GROUP_X25519_BIKEL1, diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go index 3de9c997a1..68f06bdf43 100644 --- a/ssl/test/runner/runner.go +++ b/ssl/test/runner/runner.go @@ -8786,7 +8786,7 @@ func addExtensionTests() { // the ClientHello size needs to be recalculated. // The calculation method can be found here: // https://github.com/open-quantum-safe/boringssl/pull/100#issuecomment-1592853839 - RequireClientHelloSize: 1234, + RequireClientHelloSize: 1226, }, }, // This hostname just needs to be long enough to push the diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc index 790d0303a3..4825ec22ab 100644 --- a/ssl/test/test_config.cc +++ b/ssl/test/test_config.cc @@ -2265,9 +2265,6 @@ bssl::UniquePtr TestConfig::NewSSL( NID_frodo976shake, NID_p384_frodo976shake, NID_frodo1344aes, NID_p521_frodo1344aes, NID_frodo1344shake, NID_p521_frodo1344shake, - NID_kyber512, NID_p256_kyber512, NID_x25519_kyber512, - NID_kyber768, NID_p256_kyber768, NID_p384_kyber768, - NID_kyber1024, NID_p521_kyber1024, NID_bikel1, NID_p256_bikel1, NID_x25519_bikel1, NID_bikel3, NID_p384_bikel3, NID_bikel5, NID_p521_bikel5,