diff --git a/README.md b/README.md index c4f2722c8a..46d6f3e933 100644 --- a/README.md +++ b/README.md @@ -68,8 +68,6 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h - **FrodoKEM**: `frodo640shake`, `frodo976aes`, `frodo976shake`, `frodo1344aes`, `frodo1344shake` - **HQC**: `hqc128`, `hqc192`, `hqc256`† - **NTRU**: `ntru_hps2048509`, `ntru_hps2048677`, `ntru_hps4096821`, `ntru_hps40961229`, `ntru_hrss701`, `ntru_hrss1373` -- **NTRU-Prime**: `ntrulpr653`, `ntrulpr761`, `ntrulpr857`, `ntrulpr1277`, `sntrup653`, `sntrup761`, `sntrup857`, `sntrup1277` -- **SABER**: `lightsaber`, `saber`, `firesaber` For each `` listed above, the following hybrid algorithms are made available as follows: @@ -89,8 +87,6 @@ The following quantum-safe digital signature algorithms from liboqs are supporte - **CRYSTALS-DILITHIUM**: `dilithium3`, `dilithium5`, `dilithium2_aes`, `dilithium3_aes`, `dilithium5_aes` - **Falcon**: `falcon512`, `falcon1024` -- **Picnic**: `picnicl1fs`, `picnicl1ur`, `picnicl1full`, `picnic3l1`, `picnic3l3`, `picnic3l5` -- **Rainbow**: `rainbowIIIclassic`, `rainbowIIIcircumzenithal`, `rainbowIIIcompressed`, `rainbowVclassic`, `rainbowVcircumzenithal`, `rainbowVcompressed` - **SPHINCS-Haraka**: `sphincsharaka128frobust`, `sphincsharaka128fsimple`, `sphincsharaka128srobust`, `sphincsharaka128ssimple`, `sphincsharaka192frobust`, `sphincsharaka192fsimple`, `sphincsharaka192srobust`, `sphincsharaka192ssimple`, `sphincsharaka256frobust`, `sphincsharaka256fsimple`, `sphincsharaka256srobust`, `sphincsharaka256ssimple` - **SPHINCS-SHA256**: `sphincssha256128frobust`, `sphincssha256128fsimple`, `sphincssha256128srobust`, `sphincssha256128ssimple`, `sphincssha256192frobust`, `sphincssha256192fsimple`, `sphincssha256192srobust`, `sphincssha256192ssimple`, `sphincssha256256frobust`, `sphincssha256256fsimple`, `sphincssha256256srobust`, `sphincssha256256ssimple` - **SPHINCS-SHAKE256**: `sphincsshake256128frobust`, `sphincsshake256128fsimple`, `sphincsshake256128srobust`, `sphincsshake256128ssimple`, `sphincsshake256192frobust`, `sphincsshake256192fsimple`, `sphincsshake256192srobust`, `sphincsshake256192ssimple`, `sphincsshake256256frobust`, `sphincsshake256256fsimple`, `sphincsshake256256srobust`, `sphincsshake256256ssimple` diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c index 9f36d85480..49aacd7f00 100644 --- a/crypto/evp/evp.c +++ b/crypto/evp/evp.c @@ -231,30 +231,6 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) { return &falcon512_asn1_meth; case EVP_PKEY_FALCON1024: return &falcon1024_asn1_meth; - case EVP_PKEY_PICNICL1FS: - return &picnicl1fs_asn1_meth; - case EVP_PKEY_PICNICL1UR: - return &picnicl1ur_asn1_meth; - case EVP_PKEY_PICNICL1FULL: - return &picnicl1full_asn1_meth; - case EVP_PKEY_PICNIC3L1: - return &picnic3l1_asn1_meth; - case EVP_PKEY_PICNIC3L3: - return &picnic3l3_asn1_meth; - case EVP_PKEY_PICNIC3L5: - return &picnic3l5_asn1_meth; - case EVP_PKEY_RAINBOWIIICLASSIC: - return &rainbowIIIclassic_asn1_meth; - case EVP_PKEY_RAINBOWIIICIRCUMZENITHAL: - return &rainbowIIIcircumzenithal_asn1_meth; - case EVP_PKEY_RAINBOWIIICOMPRESSED: - return &rainbowIIIcompressed_asn1_meth; - case EVP_PKEY_RAINBOWVCLASSIC: - return &rainbowVclassic_asn1_meth; - case EVP_PKEY_RAINBOWVCIRCUMZENITHAL: - return &rainbowVcircumzenithal_asn1_meth; - case EVP_PKEY_RAINBOWVCOMPRESSED: - return &rainbowVcompressed_asn1_meth; case EVP_PKEY_SPHINCSHARAKA128FROBUST: return &sphincsharaka128frobust_asn1_meth; case EVP_PKEY_SPHINCSHARAKA128FSIMPLE: diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c index b840d19042..5a93e296ba 100644 --- a/crypto/evp/evp_asn1.c +++ b/crypto/evp/evp_asn1.c @@ -83,18 +83,6 @@ static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = { &dilithium5_aes_asn1_meth, &falcon512_asn1_meth, &falcon1024_asn1_meth, - &picnicl1fs_asn1_meth, - &picnicl1ur_asn1_meth, - &picnicl1full_asn1_meth, - &picnic3l1_asn1_meth, - &picnic3l3_asn1_meth, - &picnic3l5_asn1_meth, - &rainbowIIIclassic_asn1_meth, - &rainbowIIIcircumzenithal_asn1_meth, - &rainbowIIIcompressed_asn1_meth, - &rainbowVclassic_asn1_meth, - &rainbowVcircumzenithal_asn1_meth, - &rainbowVcompressed_asn1_meth, &sphincsharaka128frobust_asn1_meth, &sphincsharaka128fsimple_asn1_meth, &sphincsharaka128srobust_asn1_meth, diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c index b5272eff98..843f99d4e8 100644 --- a/crypto/evp/evp_ctx.c +++ b/crypto/evp/evp_ctx.c @@ -79,18 +79,6 @@ static const EVP_PKEY_METHOD *const evp_methods[] = { &dilithium5_aes_pkey_meth, &falcon512_pkey_meth, &falcon1024_pkey_meth, - &picnicl1fs_pkey_meth, - &picnicl1ur_pkey_meth, - &picnicl1full_pkey_meth, - &picnic3l1_pkey_meth, - &picnic3l3_pkey_meth, - &picnic3l5_pkey_meth, - &rainbowIIIclassic_pkey_meth, - &rainbowIIIcircumzenithal_pkey_meth, - &rainbowIIIcompressed_pkey_meth, - &rainbowVclassic_pkey_meth, - &rainbowVcircumzenithal_pkey_meth, - &rainbowVcompressed_pkey_meth, &sphincsharaka128frobust_pkey_meth, &sphincsharaka128fsimple_pkey_meth, &sphincsharaka128srobust_pkey_meth, diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index 1531e2d0a1..7e1d013837 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h @@ -276,18 +276,6 @@ extern const EVP_PKEY_ASN1_METHOD dilithium3_aes_asn1_meth; extern const EVP_PKEY_ASN1_METHOD dilithium5_aes_asn1_meth; extern const EVP_PKEY_ASN1_METHOD falcon512_asn1_meth; extern const EVP_PKEY_ASN1_METHOD falcon1024_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnicl1fs_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnicl1ur_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnicl1full_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnic3l1_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnic3l3_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD picnic3l5_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowIIIclassic_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowIIIcircumzenithal_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowIIIcompressed_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowVclassic_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowVcircumzenithal_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rainbowVcompressed_asn1_meth; extern const EVP_PKEY_ASN1_METHOD sphincsharaka128frobust_asn1_meth; extern const EVP_PKEY_ASN1_METHOD sphincsharaka128fsimple_asn1_meth; extern const EVP_PKEY_ASN1_METHOD sphincsharaka128srobust_asn1_meth; @@ -339,18 +327,6 @@ extern const EVP_PKEY_METHOD dilithium3_aes_pkey_meth; extern const EVP_PKEY_METHOD dilithium5_aes_pkey_meth; extern const EVP_PKEY_METHOD falcon512_pkey_meth; extern const EVP_PKEY_METHOD falcon1024_pkey_meth; -extern const EVP_PKEY_METHOD picnicl1fs_pkey_meth; -extern const EVP_PKEY_METHOD picnicl1ur_pkey_meth; -extern const EVP_PKEY_METHOD picnicl1full_pkey_meth; -extern const EVP_PKEY_METHOD picnic3l1_pkey_meth; -extern const EVP_PKEY_METHOD picnic3l3_pkey_meth; -extern const EVP_PKEY_METHOD picnic3l5_pkey_meth; -extern const EVP_PKEY_METHOD rainbowIIIclassic_pkey_meth; -extern const EVP_PKEY_METHOD rainbowIIIcircumzenithal_pkey_meth; -extern const EVP_PKEY_METHOD rainbowIIIcompressed_pkey_meth; -extern const EVP_PKEY_METHOD rainbowVclassic_pkey_meth; -extern const EVP_PKEY_METHOD rainbowVcircumzenithal_pkey_meth; -extern const EVP_PKEY_METHOD rainbowVcompressed_pkey_meth; extern const EVP_PKEY_METHOD sphincsharaka128frobust_pkey_meth; extern const EVP_PKEY_METHOD sphincsharaka128fsimple_pkey_meth; extern const EVP_PKEY_METHOD sphincsharaka128srobust_pkey_meth; diff --git a/crypto/evp/p_oqs.c b/crypto/evp/p_oqs.c index 838428e07a..a71b4dfdda 100644 --- a/crypto/evp/p_oqs.c +++ b/crypto/evp/p_oqs.c @@ -142,18 +142,6 @@ DEFINE_OQS_PKEY_METHODS(dilithium3_aes, OQS_SIG_alg_dilithium_3_aes, EVP_PKEY_DI DEFINE_OQS_PKEY_METHODS(dilithium5_aes, OQS_SIG_alg_dilithium_5_aes, EVP_PKEY_DILITHIUM5_AES) DEFINE_OQS_PKEY_METHODS(falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_FALCON512) DEFINE_OQS_PKEY_METHODS(falcon1024, OQS_SIG_alg_falcon_1024, EVP_PKEY_FALCON1024) -DEFINE_OQS_PKEY_METHODS(picnicl1fs, OQS_SIG_alg_picnic_L1_FS, EVP_PKEY_PICNICL1FS) -DEFINE_OQS_PKEY_METHODS(picnicl1ur, OQS_SIG_alg_picnic_L1_UR, EVP_PKEY_PICNICL1UR) -DEFINE_OQS_PKEY_METHODS(picnicl1full, OQS_SIG_alg_picnic_L1_full, EVP_PKEY_PICNICL1FULL) -DEFINE_OQS_PKEY_METHODS(picnic3l1, OQS_SIG_alg_picnic3_L1, EVP_PKEY_PICNIC3L1) -DEFINE_OQS_PKEY_METHODS(picnic3l3, OQS_SIG_alg_picnic3_L3, EVP_PKEY_PICNIC3L3) -DEFINE_OQS_PKEY_METHODS(picnic3l5, OQS_SIG_alg_picnic3_L5, EVP_PKEY_PICNIC3L5) -DEFINE_OQS_PKEY_METHODS(rainbowIIIclassic, OQS_SIG_alg_rainbow_III_classic, EVP_PKEY_RAINBOWIIICLASSIC) -DEFINE_OQS_PKEY_METHODS(rainbowIIIcircumzenithal, OQS_SIG_alg_rainbow_III_circumzenithal, EVP_PKEY_RAINBOWIIICIRCUMZENITHAL) -DEFINE_OQS_PKEY_METHODS(rainbowIIIcompressed, OQS_SIG_alg_rainbow_III_compressed, EVP_PKEY_RAINBOWIIICOMPRESSED) -DEFINE_OQS_PKEY_METHODS(rainbowVclassic, OQS_SIG_alg_rainbow_V_classic, EVP_PKEY_RAINBOWVCLASSIC) -DEFINE_OQS_PKEY_METHODS(rainbowVcircumzenithal, OQS_SIG_alg_rainbow_V_circumzenithal, EVP_PKEY_RAINBOWVCIRCUMZENITHAL) -DEFINE_OQS_PKEY_METHODS(rainbowVcompressed, OQS_SIG_alg_rainbow_V_compressed, EVP_PKEY_RAINBOWVCOMPRESSED) DEFINE_OQS_PKEY_METHODS(sphincsharaka128frobust, OQS_SIG_alg_sphincs_haraka_128f_robust, EVP_PKEY_SPHINCSHARAKA128FROBUST) DEFINE_OQS_PKEY_METHODS(sphincsharaka128fsimple, OQS_SIG_alg_sphincs_haraka_128f_simple, EVP_PKEY_SPHINCSHARAKA128FSIMPLE) DEFINE_OQS_PKEY_METHODS(sphincsharaka128srobust, OQS_SIG_alg_sphincs_haraka_128s_robust, EVP_PKEY_SPHINCSHARAKA128SROBUST) diff --git a/crypto/evp/p_oqs_asn1.c b/crypto/evp/p_oqs_asn1.c index d7f1007853..da5afdf165 100644 --- a/crypto/evp/p_oqs_asn1.c +++ b/crypto/evp/p_oqs_asn1.c @@ -241,42 +241,6 @@ DEFINE_OQS_PKEY_ASN1_METHOD(falcon512, EVP_PKEY_FALCON512, OID(0x2B, 0xCE, 0x0F, DEFINE_OQS_ASN1_METHODS(falcon1024, OQS_SIG_alg_falcon_1024, EVP_PKEY_FALCON1024) DEFINE_OQS_PKEY_ASN1_METHOD(falcon1024, EVP_PKEY_FALCON1024, OID(0x2B, 0xCE, 0x0F, 0x03, 0x04)) -DEFINE_OQS_ASN1_METHODS(picnicl1fs, OQS_SIG_alg_picnic_L1_FS, EVP_PKEY_PICNICL1FS) -DEFINE_OQS_PKEY_ASN1_METHOD(picnicl1fs, EVP_PKEY_PICNICL1FS, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x01)) - -DEFINE_OQS_ASN1_METHODS(picnicl1ur, OQS_SIG_alg_picnic_L1_UR, EVP_PKEY_PICNICL1UR) -DEFINE_OQS_PKEY_ASN1_METHOD(picnicl1ur, EVP_PKEY_PICNICL1UR, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x04)) - -DEFINE_OQS_ASN1_METHODS(picnicl1full, OQS_SIG_alg_picnic_L1_full, EVP_PKEY_PICNICL1FULL) -DEFINE_OQS_PKEY_ASN1_METHOD(picnicl1full, EVP_PKEY_PICNICL1FULL, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x07)) - -DEFINE_OQS_ASN1_METHODS(picnic3l1, OQS_SIG_alg_picnic3_L1, EVP_PKEY_PICNIC3L1) -DEFINE_OQS_PKEY_ASN1_METHOD(picnic3l1, EVP_PKEY_PICNIC3L1, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x15)) - -DEFINE_OQS_ASN1_METHODS(picnic3l3, OQS_SIG_alg_picnic3_L3, EVP_PKEY_PICNIC3L3) -DEFINE_OQS_PKEY_ASN1_METHOD(picnic3l3, EVP_PKEY_PICNIC3L3, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x18)) - -DEFINE_OQS_ASN1_METHODS(picnic3l5, OQS_SIG_alg_picnic3_L5, EVP_PKEY_PICNIC3L5) -DEFINE_OQS_PKEY_ASN1_METHOD(picnic3l5, EVP_PKEY_PICNIC3L5, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x1a)) - -DEFINE_OQS_ASN1_METHODS(rainbowIIIclassic, OQS_SIG_alg_rainbow_III_classic, EVP_PKEY_RAINBOWIIICLASSIC) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowIIIclassic, EVP_PKEY_RAINBOWIIICLASSIC, OID(0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x01, 0x01)) - -DEFINE_OQS_ASN1_METHODS(rainbowIIIcircumzenithal, OQS_SIG_alg_rainbow_III_circumzenithal, EVP_PKEY_RAINBOWIIICIRCUMZENITHAL) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowIIIcircumzenithal, EVP_PKEY_RAINBOWIIICIRCUMZENITHAL, OID(0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x03, 0x01)) - -DEFINE_OQS_ASN1_METHODS(rainbowIIIcompressed, OQS_SIG_alg_rainbow_III_compressed, EVP_PKEY_RAINBOWIIICOMPRESSED) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowIIIcompressed, EVP_PKEY_RAINBOWIIICOMPRESSED, OID(0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x05, 0x01)) - -DEFINE_OQS_ASN1_METHODS(rainbowVclassic, OQS_SIG_alg_rainbow_V_classic, EVP_PKEY_RAINBOWVCLASSIC) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowVclassic, EVP_PKEY_RAINBOWVCLASSIC, OID(0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x01, 0x01)) - -DEFINE_OQS_ASN1_METHODS(rainbowVcircumzenithal, OQS_SIG_alg_rainbow_V_circumzenithal, EVP_PKEY_RAINBOWVCIRCUMZENITHAL) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowVcircumzenithal, EVP_PKEY_RAINBOWVCIRCUMZENITHAL, OID(0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x03, 0x01)) - -DEFINE_OQS_ASN1_METHODS(rainbowVcompressed, OQS_SIG_alg_rainbow_V_compressed, EVP_PKEY_RAINBOWVCOMPRESSED) -DEFINE_OQS_PKEY_ASN1_METHOD(rainbowVcompressed, EVP_PKEY_RAINBOWVCOMPRESSED, OID(0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x05, 0x01)) - DEFINE_OQS_ASN1_METHODS(sphincsharaka128frobust, OQS_SIG_alg_sphincs_haraka_128f_robust, EVP_PKEY_SPHINCSHARAKA128FROBUST) DEFINE_OQS_PKEY_ASN1_METHOD(sphincsharaka128frobust, EVP_PKEY_SPHINCSHARAKA128FROBUST, OID(0x2B, 0xCE, 0x0F, 0x06, 0x01, 0x01)) diff --git a/crypto/obj/obj_xref.c b/crypto/obj/obj_xref.c index 4b16e6135d..1c37c13fa7 100644 --- a/crypto/obj/obj_xref.c +++ b/crypto/obj/obj_xref.c @@ -98,18 +98,6 @@ static const nid_triple kTriples[] = { {NID_dilithium5_aes, NID_sha512, NID_dilithium5_aes}, {NID_falcon512, NID_sha256, NID_falcon512}, {NID_falcon1024, NID_sha512, NID_falcon1024}, - {NID_picnicl1fs, NID_sha256, NID_picnicl1fs}, - {NID_picnicl1ur, NID_sha256, NID_picnicl1ur}, - {NID_picnicl1full, NID_sha256, NID_picnicl1full}, - {NID_picnic3l1, NID_sha256, NID_picnic3l1}, - {NID_picnic3l3, NID_sha384, NID_picnic3l3}, - {NID_picnic3l5, NID_sha512, NID_picnic3l5}, - {NID_rainbowIIIclassic, NID_sha384, NID_rainbowIIIclassic}, - {NID_rainbowIIIcircumzenithal, NID_sha384, NID_rainbowIIIcircumzenithal}, - {NID_rainbowIIIcompressed, NID_sha384, NID_rainbowIIIcompressed}, - {NID_rainbowVclassic, NID_sha512, NID_rainbowVclassic}, - {NID_rainbowVcircumzenithal, NID_sha512, NID_rainbowVcircumzenithal}, - {NID_rainbowVcompressed, NID_sha512, NID_rainbowVcompressed}, {NID_sphincsharaka128frobust, NID_sha256, NID_sphincsharaka128frobust}, {NID_sphincsharaka128fsimple, NID_sha256, NID_sphincsharaka128fsimple}, {NID_sphincsharaka128srobust, NID_sha256, NID_sphincsharaka128srobust}, diff --git a/crypto/obj/objects.txt b/crypto/obj/objects.txt index 083905ec27..ad18a6f9c1 100644 --- a/crypto/obj/objects.txt +++ b/crypto/obj/objects.txt @@ -1392,12 +1392,6 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme : p384_ntru_hrss701 : ntru_hrss1373 : p521_ntru_hrss1373 - : lightsaber - : p256_lightsaber - : saber - : p384_saber - : firesaber - : p521_firesaber : kyber90s512 : p256_kyber90s512 : kyber90s768 @@ -1410,22 +1404,6 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme : p384_hqc192 : hqc256 : p521_hqc256 - : ntrulpr653 - : p256_ntrulpr653 - : ntrulpr761 - : p256_ntrulpr761 - : ntrulpr857 - : p384_ntrulpr857 - : ntrulpr1277 - : p521_ntrulpr1277 - : sntrup653 - : p256_sntrup653 - : sntrup761 - : p256_sntrup761 - : sntrup857 - : p384_sntrup857 - : sntrup1277 - : p521_sntrup1277 ##### OQS_TEMPLATE_FRAGMENT_DEF_NIDS_END ##### OQS_TEMPLATE_FRAGMENT_ASSIGN_OIDS_START @@ -1437,18 +1415,6 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme 1 3 6 1 4 1 2 267 11 8 7 : dilithium5_aes : dilithium5_aes 1 3 9999 3 1 : falcon512 : falcon512 1 3 9999 3 4 : falcon1024 : falcon1024 -1 3 6 1 4 1 311 89 2 1 1 : picnicl1fs : picnicl1fs -1 3 6 1 4 1 311 89 2 1 4 : picnicl1ur : picnicl1ur -1 3 6 1 4 1 311 89 2 1 7 : picnicl1full : picnicl1full -1 3 6 1 4 1 311 89 2 1 21 : picnic3l1 : picnic3l1 -1 3 6 1 4 1 311 89 2 1 24 : picnic3l3 : picnic3l3 -1 3 6 1 4 1 311 89 2 1 26 : picnic3l5 : picnic3l5 -1 3 9999 5 2 1 1 : rainbowIIIclassic : rainbowIIIclassic -1 3 9999 5 2 3 1 : rainbowIIIcircumzenithal : rainbowIIIcircumzenithal -1 3 9999 5 2 5 1 : rainbowIIIcompressed : rainbowIIIcompressed -1 3 9999 5 3 1 1 : rainbowVclassic : rainbowVclassic -1 3 9999 5 3 3 1 : rainbowVcircumzenithal : rainbowVcircumzenithal -1 3 9999 5 3 5 1 : rainbowVcompressed : rainbowVcompressed 1 3 9999 6 1 1 : sphincsharaka128frobust : sphincsharaka128frobust 1 3 9999 6 1 4 : sphincsharaka128fsimple : sphincsharaka128fsimple 1 3 9999 6 1 7 : sphincsharaka128srobust : sphincsharaka128srobust diff --git a/crypto/x509/algorithm.c b/crypto/x509/algorithm.c index 37a90fa68e..21a53c7c5c 100644 --- a/crypto/x509/algorithm.c +++ b/crypto/x509/algorithm.c @@ -94,18 +94,6 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { pkey_id == EVP_PKEY_DILITHIUM5_AES || pkey_id == EVP_PKEY_FALCON512 || pkey_id == EVP_PKEY_FALCON1024 || - pkey_id == EVP_PKEY_PICNICL1FS || - pkey_id == EVP_PKEY_PICNICL1UR || - pkey_id == EVP_PKEY_PICNICL1FULL || - pkey_id == EVP_PKEY_PICNIC3L1 || - pkey_id == EVP_PKEY_PICNIC3L3 || - pkey_id == EVP_PKEY_PICNIC3L5 || - pkey_id == EVP_PKEY_RAINBOWIIICLASSIC || - pkey_id == EVP_PKEY_RAINBOWIIICIRCUMZENITHAL || - pkey_id == EVP_PKEY_RAINBOWIIICOMPRESSED || - pkey_id == EVP_PKEY_RAINBOWVCLASSIC || - pkey_id == EVP_PKEY_RAINBOWVCIRCUMZENITHAL || - pkey_id == EVP_PKEY_RAINBOWVCOMPRESSED || pkey_id == EVP_PKEY_SPHINCSHARAKA128FROBUST || pkey_id == EVP_PKEY_SPHINCSHARAKA128FSIMPLE || pkey_id == EVP_PKEY_SPHINCSHARAKA128SROBUST || diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 7d7fb9a071..20ca73c0a9 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -188,18 +188,6 @@ OPENSSL_EXPORT EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey); #define EVP_PKEY_DILITHIUM5_AES NID_dilithium5_aes #define EVP_PKEY_FALCON512 NID_falcon512 #define EVP_PKEY_FALCON1024 NID_falcon1024 -#define EVP_PKEY_PICNICL1FS NID_picnicl1fs -#define EVP_PKEY_PICNICL1UR NID_picnicl1ur -#define EVP_PKEY_PICNICL1FULL NID_picnicl1full -#define EVP_PKEY_PICNIC3L1 NID_picnic3l1 -#define EVP_PKEY_PICNIC3L3 NID_picnic3l3 -#define EVP_PKEY_PICNIC3L5 NID_picnic3l5 -#define EVP_PKEY_RAINBOWIIICLASSIC NID_rainbowIIIclassic -#define EVP_PKEY_RAINBOWIIICIRCUMZENITHAL NID_rainbowIIIcircumzenithal -#define EVP_PKEY_RAINBOWIIICOMPRESSED NID_rainbowIIIcompressed -#define EVP_PKEY_RAINBOWVCLASSIC NID_rainbowVclassic -#define EVP_PKEY_RAINBOWVCIRCUMZENITHAL NID_rainbowVcircumzenithal -#define EVP_PKEY_RAINBOWVCOMPRESSED NID_rainbowVcompressed #define EVP_PKEY_SPHINCSHARAKA128FROBUST NID_sphincsharaka128frobust #define EVP_PKEY_SPHINCSHARAKA128FSIMPLE NID_sphincsharaka128fsimple #define EVP_PKEY_SPHINCSHARAKA128SROBUST NID_sphincsharaka128srobust @@ -246,18 +234,6 @@ OPENSSL_EXPORT EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey); (pkey_id == NID_dilithium5_aes) || \ (pkey_id == NID_falcon512) || \ (pkey_id == NID_falcon1024) || \ - (pkey_id == NID_picnicl1fs) || \ - (pkey_id == NID_picnicl1ur) || \ - (pkey_id == NID_picnicl1full) || \ - (pkey_id == NID_picnic3l1) || \ - (pkey_id == NID_picnic3l3) || \ - (pkey_id == NID_picnic3l5) || \ - (pkey_id == NID_rainbowIIIclassic) || \ - (pkey_id == NID_rainbowIIIcircumzenithal) || \ - (pkey_id == NID_rainbowIIIcompressed) || \ - (pkey_id == NID_rainbowVclassic) || \ - (pkey_id == NID_rainbowVcircumzenithal) || \ - (pkey_id == NID_rainbowVcompressed) || \ (pkey_id == NID_sphincsharaka128frobust) || \ (pkey_id == NID_sphincsharaka128fsimple) || \ (pkey_id == NID_sphincsharaka128srobust) || \ @@ -311,23 +287,12 @@ OPENSSL_EXPORT EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey); (pkey_id == NID_ntru_hps40961229) || \ (pkey_id == NID_ntru_hrss701) || \ (pkey_id == NID_ntru_hrss1373) || \ - (pkey_id == NID_lightsaber) || \ - (pkey_id == NID_saber) || \ - (pkey_id == NID_firesaber) || \ (pkey_id == NID_kyber90s512) || \ (pkey_id == NID_kyber90s768) || \ (pkey_id == NID_kyber90s1024) || \ (pkey_id == NID_hqc128) || \ (pkey_id == NID_hqc192) || \ (pkey_id == NID_hqc256) || \ - (pkey_id == NID_ntrulpr653) || \ - (pkey_id == NID_ntrulpr761) || \ - (pkey_id == NID_ntrulpr857) || \ - (pkey_id == NID_ntrulpr1277) || \ - (pkey_id == NID_sntrup653) || \ - (pkey_id == NID_sntrup761) || \ - (pkey_id == NID_sntrup857) || \ - (pkey_id == NID_sntrup1277) || \ 0 ) ///// OQS_TEMPLATE_FRAGMENT_DEFINE_EVP_PKEYS_END diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index d100882d05..9c0eb18bbe 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1083,18 +1083,6 @@ OPENSSL_EXPORT int SSL_set_ocsp_response(SSL *ssl, #define SSL_SIGN_DILITHIUM5_AES 0xfeac #define SSL_SIGN_FALCON512 0xfe0b #define SSL_SIGN_FALCON1024 0xfe0e -#define SSL_SIGN_PICNICL1FS 0xfe15 -#define SSL_SIGN_PICNICL1UR 0xfe18 -#define SSL_SIGN_PICNICL1FULL 0xfe96 -#define SSL_SIGN_PICNIC3L1 0xfe1b -#define SSL_SIGN_PICNIC3L3 0xfe1e -#define SSL_SIGN_PICNIC3L5 0xfe20 -#define SSL_SIGN_RAINBOWIIICLASSIC 0xfe36 -#define SSL_SIGN_RAINBOWIIICIRCUMZENITHAL 0xfe38 -#define SSL_SIGN_RAINBOWIIICOMPRESSED 0xfe3a -#define SSL_SIGN_RAINBOWVCLASSIC 0xfe3c -#define SSL_SIGN_RAINBOWVCIRCUMZENITHAL 0xfe3e -#define SSL_SIGN_RAINBOWVCOMPRESSED 0xfe40 #define SSL_SIGN_SPHINCSHARAKA128FROBUST 0xfe42 #define SSL_SIGN_SPHINCSHARAKA128FSIMPLE 0xfe45 #define SSL_SIGN_SPHINCSHARAKA128SROBUST 0xfe48 @@ -2422,12 +2410,6 @@ OPENSSL_EXPORT int SSL_set1_curves_list(SSL *ssl, const char *curves); #define SSL_CURVE_P384_NTRU_HRSS701 12055 #define SSL_CURVE_NTRU_HRSS1373 582 #define SSL_CURVE_P521_NTRU_HRSS1373 12102 -#define SSL_CURVE_LIGHTSABER 536 -#define SSL_CURVE_P256_LIGHTSABER 12056 -#define SSL_CURVE_SABER 537 -#define SSL_CURVE_P384_SABER 12057 -#define SSL_CURVE_FIRESABER 538 -#define SSL_CURVE_P521_FIRESABER 12058 #define SSL_CURVE_KYBER90S512 574 #define SSL_CURVE_P256_KYBER90S512 12094 #define SSL_CURVE_KYBER90S768 575 @@ -2440,22 +2422,6 @@ OPENSSL_EXPORT int SSL_set1_curves_list(SSL *ssl, const char *curves); #define SSL_CURVE_P384_HQC192 12077 #define SSL_CURVE_HQC256 558 #define SSL_CURVE_P521_HQC256 12078 -#define SSL_CURVE_NTRULPR653 559 -#define SSL_CURVE_P256_NTRULPR653 12079 -#define SSL_CURVE_NTRULPR761 560 -#define SSL_CURVE_P256_NTRULPR761 12099 -#define SSL_CURVE_NTRULPR857 561 -#define SSL_CURVE_P384_NTRULPR857 12081 -#define SSL_CURVE_NTRULPR1277 577 -#define SSL_CURVE_P521_NTRULPR1277 12097 -#define SSL_CURVE_SNTRUP653 562 -#define SSL_CURVE_P256_SNTRUP653 12082 -#define SSL_CURVE_SNTRUP761 563 -#define SSL_CURVE_P256_SNTRUP761 12100 -#define SSL_CURVE_SNTRUP857 564 -#define SSL_CURVE_P384_SNTRUP857 12084 -#define SSL_CURVE_SNTRUP1277 578 -#define SSL_CURVE_P521_SNTRUP1277 12098 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEM_CURVEIDS_END // SSL_get_curve_id returns the ID of the curve used by |ssl|'s most recently diff --git a/oqs_scripts/test_with_interop_server.py b/oqs_scripts/test_with_interop_server.py index 4e07e37ad6..a52dc383b2 100644 --- a/oqs_scripts/test_with_interop_server.py +++ b/oqs_scripts/test_with_interop_server.py @@ -44,12 +44,6 @@ 'p384_ntru_hrss701', 'ntru_hrss1373', 'p521_ntru_hrss1373', - 'lightsaber', - 'p256_lightsaber', - 'saber', - 'p384_saber', - 'firesaber', - 'p521_firesaber', 'kyber90s512', 'p256_kyber90s512', 'kyber90s768', @@ -62,22 +56,6 @@ 'p384_hqc192', 'hqc256', 'p521_hqc256', - 'ntrulpr653', - 'p256_ntrulpr653', - 'ntrulpr761', - 'p256_ntrulpr761', - 'ntrulpr857', - 'p384_ntrulpr857', - 'ntrulpr1277', - 'p521_ntrulpr1277', - 'sntrup653', - 'p256_sntrup653', - 'sntrup761', - 'p256_sntrup761', - 'sntrup857', - 'p384_sntrup857', - 'sntrup1277', - 'p521_sntrup1277', ##### OQS_TEMPLATE_FRAGMENT_LIST_KEMS_END ] @@ -92,18 +70,6 @@ 'dilithium5_aes', 'falcon512', 'falcon1024', - 'picnicl1fs', - 'picnicl1ur', - 'picnicl1full', - 'picnic3l1', - 'picnic3l3', - 'picnic3l5', - 'rainbowIIIclassic', - 'rainbowIIIcircumzenithal', - 'rainbowIIIcompressed', - 'rainbowVclassic', - 'rainbowVcircumzenithal', - 'rainbowVcompressed', 'sphincsharaka128frobust', 'sphincsharaka128fsimple', 'sphincsharaka128srobust', diff --git a/oqs_scripts/try_handshake.py b/oqs_scripts/try_handshake.py index 341ff1da15..21f3708fe4 100644 --- a/oqs_scripts/try_handshake.py +++ b/oqs_scripts/try_handshake.py @@ -46,12 +46,6 @@ 'p384_ntru_hrss701', 'ntru_hrss1373', 'p521_ntru_hrss1373', - 'lightsaber', - 'p256_lightsaber', - 'saber', - 'p384_saber', - 'firesaber', - 'p521_firesaber', 'kyber90s512', 'p256_kyber90s512', 'kyber90s768', @@ -64,22 +58,6 @@ 'p384_hqc192', 'hqc256', 'p521_hqc256', - 'ntrulpr653', - 'p256_ntrulpr653', - 'ntrulpr761', - 'p256_ntrulpr761', - 'ntrulpr857', - 'p384_ntrulpr857', - 'ntrulpr1277', - 'p521_ntrulpr1277', - 'sntrup653', - 'p256_sntrup653', - 'sntrup761', - 'p256_sntrup761', - 'sntrup857', - 'p384_sntrup857', - 'sntrup1277', - 'p521_sntrup1277', ##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEMS_END ] @@ -94,18 +72,6 @@ 'dilithium5_aes', 'falcon512', 'falcon1024', - 'picnicl1fs', - 'picnicl1ur', - 'picnicl1full', - 'picnic3l1', - 'picnic3l3', - 'picnic3l5', - 'rainbowIIIclassic', - 'rainbowIIIcircumzenithal', - 'rainbowIIIcompressed', - 'rainbowVclassic', - 'rainbowVcircumzenithal', - 'rainbowVcompressed', 'sphincsharaka128frobust', 'sphincsharaka128fsimple', 'sphincsharaka128srobust', diff --git a/oqs_template/generate.yml b/oqs_template/generate.yml index c874a0bfa7..f207c5b947 100644 --- a/oqs_template/generate.yml +++ b/oqs_template/generate.yml @@ -106,25 +106,6 @@ kems: nid: '0x0246' mix_with: [{'name': 'p521', 'mix_nid':'0x2F46', 'nid':'SSL_CURVE_SECP521R1'}] oqs_meth: 'OQS_KEM_alg_ntru_hrss1373' - - - family: 'SABER' - name: 'lightsaber' - nid: '0x0218' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F18', 'nid':'SSL_CURVE_SECP256R1'}] - use_as_default_with: 'p256' - oqs_meth: 'OQS_KEM_alg_saber_lightsaber' - - - family: 'SABER' - name: 'saber' - nid: '0x0219' - mix_with: [{'name': 'p384', 'mix_nid':'0x2F19', 'nid':'SSL_CURVE_SECP384R1'}] - oqs_meth: 'OQS_KEM_alg_saber_saber' - - - family: 'SABER' - name: 'firesaber' - nid: '0x021A' - mix_with: [{'name': 'p521', 'mix_nid':'0x2F1A', 'nid':'SSL_CURVE_SECP521R1'}] - oqs_meth: 'OQS_KEM_alg_saber_firesaber' - family: 'CRYSTALS-Kyber' name: 'kyber90s512' @@ -162,54 +143,6 @@ kems: nid: '0x022E' mix_with: [{'name': 'p521', 'mix_nid':'0x2F2E', 'nid':'SSL_CURVE_SECP521R1'}] oqs_meth: 'OQS_KEM_alg_hqc_256' - - - family: 'NTRU-Prime' - name: 'ntrulpr653' - nid: '0x022F' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F2F', 'nid':'SSL_CURVE_SECP256R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_ntrulpr653' - - - family: 'NTRU-Prime' - name: 'ntrulpr761' - nid: '0x0230' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F43', 'nid':'SSL_CURVE_SECP256R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_ntrulpr761' - - - family: 'NTRU-Prime' - name: 'ntrulpr857' - nid: '0x0231' - mix_with: [{'name': 'p384', 'mix_nid':'0x2F31', 'nid':'SSL_CURVE_SECP384R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_ntrulpr857' - - - family: 'NTRU-Prime' - name: 'ntrulpr1277' - nid: '0x0241' - mix_with: [{'name': 'p521', 'mix_nid':'0x2F41', 'nid':'SSL_CURVE_SECP521R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_ntrulpr1277' - - - family: 'NTRU-Prime' - name: 'sntrup653' - nid: '0x0232' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F32', 'nid':'SSL_CURVE_SECP256R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_sntrup653' - - - family: 'NTRU-Prime' - name: 'sntrup761' - nid: '0x0233' - mix_with: [{'name': 'p256', 'mix_nid':'0x2F44', 'nid':'SSL_CURVE_SECP256R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_sntrup761' - - - family: 'NTRU-Prime' - name: 'sntrup857' - nid: '0x0234' - mix_with: [{'name': 'p384', 'mix_nid':'0x2F34', 'nid':'SSL_CURVE_SECP384R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_sntrup857' - - - family: 'NTRU-Prime' - name: 'sntrup1277' - nid: '0x0242' - mix_with: [{'name': 'p521', 'mix_nid':'0x2F42', 'nid':'SSL_CURVE_SECP521R1'}] - oqs_meth: 'OQS_KEM_alg_ntruprime_sntrup1277' # N.B: Code points and OIDs must match those used @@ -279,102 +212,6 @@ sigs: oqs_meth: 'OQS_SIG_alg_falcon_1024' code_point: '0xfe0e' claimed_security_level: '5' - - - family: 'Picnic' - name: 'picnicl1fs' - oid: '1 3 6 1 4 1 311 89 2 1 1' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x01' - oqs_meth: 'OQS_SIG_alg_picnic_L1_FS' - code_point: '0xfe15' - claimed_security_level: '1' - - - family: 'Picnic' - name: 'picnicl1ur' - oid: '1 3 6 1 4 1 311 89 2 1 4' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x04' - oqs_meth: 'OQS_SIG_alg_picnic_L1_UR' - code_point: '0xfe18' - claimed_security_level: '1' - - - family: 'Picnic' - name: 'picnicl1full' - oid: '1 3 6 1 4 1 311 89 2 1 7' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x07' - oqs_meth: 'OQS_SIG_alg_picnic_L1_full' - code_point: '0xfe96' - claimed_security_level: '1' - - - family: 'Picnic' - name: 'picnic3l1' - oid: '1 3 6 1 4 1 311 89 2 1 21' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x15' - oqs_meth: 'OQS_SIG_alg_picnic3_L1' - code_point: '0xfe1b' - claimed_security_level: '1' - - - family: 'Picnic' - name: 'picnic3l3' - oid: '1 3 6 1 4 1 311 89 2 1 24' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x18' - oqs_meth: 'OQS_SIG_alg_picnic3_L3' - code_point: '0xfe1e' - claimed_security_level: '3' - - - family: 'Picnic' - name: 'picnic3l5' - oid: '1 3 6 1 4 1 311 89 2 1 26' - oid_encoded: '0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x59, 0x02, 0x01, 0x1a' - oqs_meth: 'OQS_SIG_alg_picnic3_L5' - code_point: '0xfe20' - claimed_security_level: '5' - - - family: 'Rainbow' - name: 'rainbowIIIclassic' - oid: '1 3 9999 5 2 1 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x01, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_III_classic' - code_point: '0xfe36' - claimed_security_level: '3' - - - family: 'Rainbow' - name: 'rainbowIIIcircumzenithal' - oid: '1 3 9999 5 2 3 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x03, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_III_circumzenithal' - code_point: '0xfe38' - claimed_security_level: '3' - - - family: 'Rainbow' - name: 'rainbowIIIcompressed' - oid: '1 3 9999 5 2 5 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x02, 0x05, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_III_compressed' - code_point: '0xfe3a' - claimed_security_level: '3' - - - family: 'Rainbow' - name: 'rainbowVclassic' - oid: '1 3 9999 5 3 1 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x01, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_V_classic' - code_point: '0xfe3c' - claimed_security_level: '5' - - - family: 'Rainbow' - name: 'rainbowVcircumzenithal' - oid: '1 3 9999 5 3 3 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x03, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_V_circumzenithal' - code_point: '0xfe3e' - claimed_security_level: '5' - - - family: 'Rainbow' - name: 'rainbowVcompressed' - oid: '1 3 9999 5 3 5 1' - oid_encoded: '0x2B, 0xCE, 0x0F, 0x05, 0x03, 0x05, 0x01' - oqs_meth: 'OQS_SIG_alg_rainbow_V_compressed' - code_point: '0xfe40' - claimed_security_level: '5' - family: 'SPHINCS-Haraka' name: 'sphincsharaka128frobust' diff --git a/ssl/extensions.cc b/ssl/extensions.cc index d498bb2ab1..a1f7654312 100644 --- a/ssl/extensions.cc +++ b/ssl/extensions.cc @@ -240,12 +240,6 @@ static bool is_post_quantum_group(uint16_t id) { id == SSL_CURVE_P384_NTRU_HRSS701 || id == SSL_CURVE_NTRU_HRSS1373 || id == SSL_CURVE_P521_NTRU_HRSS1373 || - id == SSL_CURVE_LIGHTSABER || - id == SSL_CURVE_P256_LIGHTSABER || - id == SSL_CURVE_SABER || - id == SSL_CURVE_P384_SABER || - id == SSL_CURVE_FIRESABER || - id == SSL_CURVE_P521_FIRESABER || id == SSL_CURVE_KYBER90S512 || id == SSL_CURVE_P256_KYBER90S512 || id == SSL_CURVE_KYBER90S768 || @@ -257,23 +251,7 @@ static bool is_post_quantum_group(uint16_t id) { id == SSL_CURVE_HQC192 || id == SSL_CURVE_P384_HQC192 || id == SSL_CURVE_HQC256 || - id == SSL_CURVE_P521_HQC256 || - id == SSL_CURVE_NTRULPR653 || - id == SSL_CURVE_P256_NTRULPR653 || - id == SSL_CURVE_NTRULPR761 || - id == SSL_CURVE_P256_NTRULPR761 || - id == SSL_CURVE_NTRULPR857 || - id == SSL_CURVE_P384_NTRULPR857 || - id == SSL_CURVE_NTRULPR1277 || - id == SSL_CURVE_P521_NTRULPR1277 || - id == SSL_CURVE_SNTRUP653 || - id == SSL_CURVE_P256_SNTRUP653 || - id == SSL_CURVE_SNTRUP761 || - id == SSL_CURVE_P256_SNTRUP761 || - id == SSL_CURVE_SNTRUP857 || - id == SSL_CURVE_P384_SNTRUP857 || - id == SSL_CURVE_SNTRUP1277 || - id == SSL_CURVE_P521_SNTRUP1277; + id == SSL_CURVE_P521_HQC256; ///// OQS_TEMPLATE_FRAGMENT_ADD_PQ_GROUPS_END } @@ -379,7 +357,6 @@ static const uint16_t kDefaultGroups[] = { SSL_CURVE_P256_FRODO640AES, SSL_CURVE_P256_BIKEL1, SSL_CURVE_P256_NTRU_HPS2048509, - SSL_CURVE_P256_LIGHTSABER, SSL_CURVE_P256_KYBER90S512, ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_KEMS_END }; @@ -429,12 +406,6 @@ static const uint16_t kAllSupportedGroups[] = { SSL_CURVE_NTRU_HRSS701, SSL_CURVE_P521_NTRU_HRSS1373, SSL_CURVE_NTRU_HRSS1373, - SSL_CURVE_P256_LIGHTSABER, - SSL_CURVE_LIGHTSABER, - SSL_CURVE_P384_SABER, - SSL_CURVE_SABER, - SSL_CURVE_P521_FIRESABER, - SSL_CURVE_FIRESABER, SSL_CURVE_P256_KYBER90S512, SSL_CURVE_KYBER90S512, SSL_CURVE_P384_KYBER90S768, @@ -447,22 +418,6 @@ static const uint16_t kAllSupportedGroups[] = { SSL_CURVE_HQC192, SSL_CURVE_P521_HQC256, SSL_CURVE_HQC256, - SSL_CURVE_P256_NTRULPR653, - SSL_CURVE_NTRULPR653, - SSL_CURVE_P256_NTRULPR761, - SSL_CURVE_NTRULPR761, - SSL_CURVE_P384_NTRULPR857, - SSL_CURVE_NTRULPR857, - SSL_CURVE_P521_NTRULPR1277, - SSL_CURVE_NTRULPR1277, - SSL_CURVE_P256_SNTRUP653, - SSL_CURVE_SNTRUP653, - SSL_CURVE_P256_SNTRUP761, - SSL_CURVE_SNTRUP761, - SSL_CURVE_P384_SNTRUP857, - SSL_CURVE_SNTRUP857, - SSL_CURVE_P521_SNTRUP1277, - SSL_CURVE_SNTRUP1277, ///// OQS_TEMPLATE_FRAGMENT_ADD_ALL_KEMS_END }; @@ -604,18 +559,6 @@ static const uint16_t kVerifySignatureAlgorithms[] = { SSL_SIGN_DILITHIUM5_AES, SSL_SIGN_FALCON512, SSL_SIGN_FALCON1024, - SSL_SIGN_PICNICL1FS, - SSL_SIGN_PICNICL1UR, - SSL_SIGN_PICNICL1FULL, - SSL_SIGN_PICNIC3L1, - SSL_SIGN_PICNIC3L3, - SSL_SIGN_PICNIC3L5, - SSL_SIGN_RAINBOWIIICLASSIC, - SSL_SIGN_RAINBOWIIICIRCUMZENITHAL, - SSL_SIGN_RAINBOWIIICOMPRESSED, - SSL_SIGN_RAINBOWVCLASSIC, - SSL_SIGN_RAINBOWVCIRCUMZENITHAL, - SSL_SIGN_RAINBOWVCOMPRESSED, SSL_SIGN_SPHINCSHARAKA128FROBUST, SSL_SIGN_SPHINCSHARAKA128FSIMPLE, SSL_SIGN_SPHINCSHARAKA128SROBUST, @@ -683,18 +626,6 @@ static const uint16_t kSignSignatureAlgorithms[] = { SSL_SIGN_DILITHIUM5_AES, SSL_SIGN_FALCON512, SSL_SIGN_FALCON1024, - SSL_SIGN_PICNICL1FS, - SSL_SIGN_PICNICL1UR, - SSL_SIGN_PICNICL1FULL, - SSL_SIGN_PICNIC3L1, - SSL_SIGN_PICNIC3L3, - SSL_SIGN_PICNIC3L5, - SSL_SIGN_RAINBOWIIICLASSIC, - SSL_SIGN_RAINBOWIIICIRCUMZENITHAL, - SSL_SIGN_RAINBOWIIICOMPRESSED, - SSL_SIGN_RAINBOWVCLASSIC, - SSL_SIGN_RAINBOWVCIRCUMZENITHAL, - SSL_SIGN_RAINBOWVCOMPRESSED, SSL_SIGN_SPHINCSHARAKA128FROBUST, SSL_SIGN_SPHINCSHARAKA128FSIMPLE, SSL_SIGN_SPHINCSHARAKA128SROBUST, @@ -4396,18 +4327,6 @@ Span tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs) { SSL_SIGN_DILITHIUM5_AES, SSL_SIGN_FALCON512, SSL_SIGN_FALCON1024, - SSL_SIGN_PICNICL1FS, - SSL_SIGN_PICNICL1UR, - SSL_SIGN_PICNICL1FULL, - SSL_SIGN_PICNIC3L1, - SSL_SIGN_PICNIC3L3, - SSL_SIGN_PICNIC3L5, - SSL_SIGN_RAINBOWIIICLASSIC, - SSL_SIGN_RAINBOWIIICIRCUMZENITHAL, - SSL_SIGN_RAINBOWIIICOMPRESSED, - SSL_SIGN_RAINBOWVCLASSIC, - SSL_SIGN_RAINBOWVCIRCUMZENITHAL, - SSL_SIGN_RAINBOWVCOMPRESSED, SSL_SIGN_SPHINCSHARAKA128FROBUST, SSL_SIGN_SPHINCSHARAKA128FSIMPLE, SSL_SIGN_SPHINCSHARAKA128SROBUST, diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc index b012542216..fb3f94db1e 100644 --- a/ssl/s3_both.cc +++ b/ssl/s3_both.cc @@ -702,12 +702,6 @@ class CipherScorer { group_id != SSL_CURVE_P384_NTRU_HRSS701 && group_id != SSL_CURVE_NTRU_HRSS1373 && group_id != SSL_CURVE_P521_NTRU_HRSS1373 && - group_id != SSL_CURVE_LIGHTSABER && - group_id != SSL_CURVE_P256_LIGHTSABER && - group_id != SSL_CURVE_SABER && - group_id != SSL_CURVE_P384_SABER && - group_id != SSL_CURVE_FIRESABER && - group_id != SSL_CURVE_P521_FIRESABER && group_id != SSL_CURVE_KYBER90S512 && group_id != SSL_CURVE_P256_KYBER90S512 && group_id != SSL_CURVE_KYBER90S768 && @@ -719,23 +713,7 @@ class CipherScorer { group_id != SSL_CURVE_HQC192 && group_id != SSL_CURVE_P384_HQC192 && group_id != SSL_CURVE_HQC256 && - group_id != SSL_CURVE_P521_HQC256 && - group_id != SSL_CURVE_NTRULPR653 && - group_id != SSL_CURVE_P256_NTRULPR653 && - group_id != SSL_CURVE_NTRULPR761 && - group_id != SSL_CURVE_P256_NTRULPR761 && - group_id != SSL_CURVE_NTRULPR857 && - group_id != SSL_CURVE_P384_NTRULPR857 && - group_id != SSL_CURVE_NTRULPR1277 && - group_id != SSL_CURVE_P521_NTRULPR1277 && - group_id != SSL_CURVE_SNTRUP653 && - group_id != SSL_CURVE_P256_SNTRUP653 && - group_id != SSL_CURVE_SNTRUP761 && - group_id != SSL_CURVE_P256_SNTRUP761 && - group_id != SSL_CURVE_SNTRUP857 && - group_id != SSL_CURVE_P384_SNTRUP857 && - group_id != SSL_CURVE_SNTRUP1277 && - group_id != SSL_CURVE_P521_SNTRUP1277 + group_id != SSL_CURVE_P521_HQC256 ///// OQS_TEMPLATE_FRAGMENT_LIST_CURVES_END ) {} diff --git a/ssl/ssl_key_share.cc b/ssl/ssl_key_share.cc index 110083637f..9a207a7838 100644 --- a/ssl/ssl_key_share.cc +++ b/ssl/ssl_key_share.cc @@ -611,12 +611,6 @@ CONSTEXPR_ARRAY NamedGroup kNamedGroups[] = { {NID_p384_ntru_hrss701, SSL_CURVE_P384_NTRU_HRSS701, "p384_ntru_hrss701", "p384_ntru_hrss701"}, {NID_ntru_hrss1373, SSL_CURVE_NTRU_HRSS1373, "ntru_hrss1373", "ntru_hrss1373"}, {NID_p521_ntru_hrss1373, SSL_CURVE_P521_NTRU_HRSS1373, "p521_ntru_hrss1373", "p521_ntru_hrss1373"}, - {NID_lightsaber, SSL_CURVE_LIGHTSABER, "lightsaber", "lightsaber"}, - {NID_p256_lightsaber, SSL_CURVE_P256_LIGHTSABER, "p256_lightsaber", "p256_lightsaber"}, - {NID_saber, SSL_CURVE_SABER, "saber", "saber"}, - {NID_p384_saber, SSL_CURVE_P384_SABER, "p384_saber", "p384_saber"}, - {NID_firesaber, SSL_CURVE_FIRESABER, "firesaber", "firesaber"}, - {NID_p521_firesaber, SSL_CURVE_P521_FIRESABER, "p521_firesaber", "p521_firesaber"}, {NID_kyber90s512, SSL_CURVE_KYBER90S512, "kyber90s512", "kyber90s512"}, {NID_p256_kyber90s512, SSL_CURVE_P256_KYBER90S512, "p256_kyber90s512", "p256_kyber90s512"}, {NID_kyber90s768, SSL_CURVE_KYBER90S768, "kyber90s768", "kyber90s768"}, @@ -629,22 +623,6 @@ CONSTEXPR_ARRAY NamedGroup kNamedGroups[] = { {NID_p384_hqc192, SSL_CURVE_P384_HQC192, "p384_hqc192", "p384_hqc192"}, {NID_hqc256, SSL_CURVE_HQC256, "hqc256", "hqc256"}, {NID_p521_hqc256, SSL_CURVE_P521_HQC256, "p521_hqc256", "p521_hqc256"}, - {NID_ntrulpr653, SSL_CURVE_NTRULPR653, "ntrulpr653", "ntrulpr653"}, - {NID_p256_ntrulpr653, SSL_CURVE_P256_NTRULPR653, "p256_ntrulpr653", "p256_ntrulpr653"}, - {NID_ntrulpr761, SSL_CURVE_NTRULPR761, "ntrulpr761", "ntrulpr761"}, - {NID_p256_ntrulpr761, SSL_CURVE_P256_NTRULPR761, "p256_ntrulpr761", "p256_ntrulpr761"}, - {NID_ntrulpr857, SSL_CURVE_NTRULPR857, "ntrulpr857", "ntrulpr857"}, - {NID_p384_ntrulpr857, SSL_CURVE_P384_NTRULPR857, "p384_ntrulpr857", "p384_ntrulpr857"}, - {NID_ntrulpr1277, SSL_CURVE_NTRULPR1277, "ntrulpr1277", "ntrulpr1277"}, - {NID_p521_ntrulpr1277, SSL_CURVE_P521_NTRULPR1277, "p521_ntrulpr1277", "p521_ntrulpr1277"}, - {NID_sntrup653, SSL_CURVE_SNTRUP653, "sntrup653", "sntrup653"}, - {NID_p256_sntrup653, SSL_CURVE_P256_SNTRUP653, "p256_sntrup653", "p256_sntrup653"}, - {NID_sntrup761, SSL_CURVE_SNTRUP761, "sntrup761", "sntrup761"}, - {NID_p256_sntrup761, SSL_CURVE_P256_SNTRUP761, "p256_sntrup761", "p256_sntrup761"}, - {NID_sntrup857, SSL_CURVE_SNTRUP857, "sntrup857", "sntrup857"}, - {NID_p384_sntrup857, SSL_CURVE_P384_SNTRUP857, "p384_sntrup857", "p384_sntrup857"}, - {NID_sntrup1277, SSL_CURVE_SNTRUP1277, "sntrup1277", "sntrup1277"}, - {NID_p521_sntrup1277, SSL_CURVE_P521_SNTRUP1277, "p521_sntrup1277", "p521_sntrup1277"}, ///// OQS_TEMPLATE_FRAGMENT_DEF_NAMEDGROUPS_END }; @@ -843,36 +821,6 @@ UniquePtr SSLKeyShare::Create(uint16_t group_id) { return UniquePtr(New(SSL_CURVE_P521_NTRU_HRSS1373, SSL_CURVE_SECP521R1, OQS_KEM_alg_ntru_hrss1373)); else return nullptr; - case SSL_CURVE_LIGHTSABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_lightsaber)) - return UniquePtr(New(SSL_CURVE_LIGHTSABER, OQS_KEM_alg_saber_lightsaber)); - else - return nullptr; - case SSL_CURVE_P256_LIGHTSABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_lightsaber)) - return UniquePtr(New(SSL_CURVE_P256_LIGHTSABER, SSL_CURVE_SECP256R1, OQS_KEM_alg_saber_lightsaber)); - else - return nullptr; - case SSL_CURVE_SABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_saber)) - return UniquePtr(New(SSL_CURVE_SABER, OQS_KEM_alg_saber_saber)); - else - return nullptr; - case SSL_CURVE_P384_SABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_saber)) - return UniquePtr(New(SSL_CURVE_P384_SABER, SSL_CURVE_SECP384R1, OQS_KEM_alg_saber_saber)); - else - return nullptr; - case SSL_CURVE_FIRESABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_firesaber)) - return UniquePtr(New(SSL_CURVE_FIRESABER, OQS_KEM_alg_saber_firesaber)); - else - return nullptr; - case SSL_CURVE_P521_FIRESABER: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_saber_firesaber)) - return UniquePtr(New(SSL_CURVE_P521_FIRESABER, SSL_CURVE_SECP521R1, OQS_KEM_alg_saber_firesaber)); - else - return nullptr; case SSL_CURVE_KYBER90S512: if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_kyber_512_90s)) return UniquePtr(New(SSL_CURVE_KYBER90S512, OQS_KEM_alg_kyber_512_90s)); @@ -933,86 +881,6 @@ UniquePtr SSLKeyShare::Create(uint16_t group_id) { return UniquePtr(New(SSL_CURVE_P521_HQC256, SSL_CURVE_SECP521R1, OQS_KEM_alg_hqc_256)); else return nullptr; - case SSL_CURVE_NTRULPR653: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr653)) - return UniquePtr(New(SSL_CURVE_NTRULPR653, OQS_KEM_alg_ntruprime_ntrulpr653)); - else - return nullptr; - case SSL_CURVE_P256_NTRULPR653: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr653)) - return UniquePtr(New(SSL_CURVE_P256_NTRULPR653, SSL_CURVE_SECP256R1, OQS_KEM_alg_ntruprime_ntrulpr653)); - else - return nullptr; - case SSL_CURVE_NTRULPR761: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr761)) - return UniquePtr(New(SSL_CURVE_NTRULPR761, OQS_KEM_alg_ntruprime_ntrulpr761)); - else - return nullptr; - case SSL_CURVE_P256_NTRULPR761: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr761)) - return UniquePtr(New(SSL_CURVE_P256_NTRULPR761, SSL_CURVE_SECP256R1, OQS_KEM_alg_ntruprime_ntrulpr761)); - else - return nullptr; - case SSL_CURVE_NTRULPR857: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr857)) - return UniquePtr(New(SSL_CURVE_NTRULPR857, OQS_KEM_alg_ntruprime_ntrulpr857)); - else - return nullptr; - case SSL_CURVE_P384_NTRULPR857: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr857)) - return UniquePtr(New(SSL_CURVE_P384_NTRULPR857, SSL_CURVE_SECP384R1, OQS_KEM_alg_ntruprime_ntrulpr857)); - else - return nullptr; - case SSL_CURVE_NTRULPR1277: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr1277)) - return UniquePtr(New(SSL_CURVE_NTRULPR1277, OQS_KEM_alg_ntruprime_ntrulpr1277)); - else - return nullptr; - case SSL_CURVE_P521_NTRULPR1277: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_ntrulpr1277)) - return UniquePtr(New(SSL_CURVE_P521_NTRULPR1277, SSL_CURVE_SECP521R1, OQS_KEM_alg_ntruprime_ntrulpr1277)); - else - return nullptr; - case SSL_CURVE_SNTRUP653: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup653)) - return UniquePtr(New(SSL_CURVE_SNTRUP653, OQS_KEM_alg_ntruprime_sntrup653)); - else - return nullptr; - case SSL_CURVE_P256_SNTRUP653: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup653)) - return UniquePtr(New(SSL_CURVE_P256_SNTRUP653, SSL_CURVE_SECP256R1, OQS_KEM_alg_ntruprime_sntrup653)); - else - return nullptr; - case SSL_CURVE_SNTRUP761: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup761)) - return UniquePtr(New(SSL_CURVE_SNTRUP761, OQS_KEM_alg_ntruprime_sntrup761)); - else - return nullptr; - case SSL_CURVE_P256_SNTRUP761: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup761)) - return UniquePtr(New(SSL_CURVE_P256_SNTRUP761, SSL_CURVE_SECP256R1, OQS_KEM_alg_ntruprime_sntrup761)); - else - return nullptr; - case SSL_CURVE_SNTRUP857: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup857)) - return UniquePtr(New(SSL_CURVE_SNTRUP857, OQS_KEM_alg_ntruprime_sntrup857)); - else - return nullptr; - case SSL_CURVE_P384_SNTRUP857: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup857)) - return UniquePtr(New(SSL_CURVE_P384_SNTRUP857, SSL_CURVE_SECP384R1, OQS_KEM_alg_ntruprime_sntrup857)); - else - return nullptr; - case SSL_CURVE_SNTRUP1277: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup1277)) - return UniquePtr(New(SSL_CURVE_SNTRUP1277, OQS_KEM_alg_ntruprime_sntrup1277)); - else - return nullptr; - case SSL_CURVE_P521_SNTRUP1277: - if(OQS_KEM_alg_is_enabled(OQS_KEM_alg_ntruprime_sntrup1277)) - return UniquePtr(New(SSL_CURVE_P521_SNTRUP1277, SSL_CURVE_SECP521R1, OQS_KEM_alg_ntruprime_sntrup1277)); - else - return nullptr; ///// OQS_TEMPLATE_FRAGMENT_HANDLE_GROUP_IDS_END default: return nullptr; diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc index fafb02a00f..f1ed87925e 100644 --- a/ssl/ssl_privkey.cc +++ b/ssl/ssl_privkey.cc @@ -84,18 +84,6 @@ bool ssl_is_key_type_supported(int key_type) { key_type == EVP_PKEY_DILITHIUM5_AES || key_type == EVP_PKEY_FALCON512 || key_type == EVP_PKEY_FALCON1024 || - key_type == EVP_PKEY_PICNICL1FS || - key_type == EVP_PKEY_PICNICL1UR || - key_type == EVP_PKEY_PICNICL1FULL || - key_type == EVP_PKEY_PICNIC3L1 || - key_type == EVP_PKEY_PICNIC3L3 || - key_type == EVP_PKEY_PICNIC3L5 || - key_type == EVP_PKEY_RAINBOWIIICLASSIC || - key_type == EVP_PKEY_RAINBOWIIICIRCUMZENITHAL || - key_type == EVP_PKEY_RAINBOWIIICOMPRESSED || - key_type == EVP_PKEY_RAINBOWVCLASSIC || - key_type == EVP_PKEY_RAINBOWVCIRCUMZENITHAL || - key_type == EVP_PKEY_RAINBOWVCOMPRESSED || key_type == EVP_PKEY_SPHINCSHARAKA128FROBUST || key_type == EVP_PKEY_SPHINCSHARAKA128FSIMPLE || key_type == EVP_PKEY_SPHINCSHARAKA128SROBUST || @@ -190,18 +178,6 @@ static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[] = { {SSL_SIGN_DILITHIUM5_AES, EVP_PKEY_DILITHIUM5_AES, NID_undef, &EVP_sha512, false}, {SSL_SIGN_FALCON512, EVP_PKEY_FALCON512, NID_undef, &EVP_sha256, false}, {SSL_SIGN_FALCON1024, EVP_PKEY_FALCON1024, NID_undef, &EVP_sha512, false}, - {SSL_SIGN_PICNICL1FS, EVP_PKEY_PICNICL1FS, NID_undef, &EVP_sha256, false}, - {SSL_SIGN_PICNICL1UR, EVP_PKEY_PICNICL1UR, NID_undef, &EVP_sha256, false}, - {SSL_SIGN_PICNICL1FULL, EVP_PKEY_PICNICL1FULL, NID_undef, &EVP_sha256, false}, - {SSL_SIGN_PICNIC3L1, EVP_PKEY_PICNIC3L1, NID_undef, &EVP_sha256, false}, - {SSL_SIGN_PICNIC3L3, EVP_PKEY_PICNIC3L3, NID_undef, &EVP_sha384, false}, - {SSL_SIGN_PICNIC3L5, EVP_PKEY_PICNIC3L5, NID_undef, &EVP_sha512, false}, - {SSL_SIGN_RAINBOWIIICLASSIC, EVP_PKEY_RAINBOWIIICLASSIC, NID_undef, &EVP_sha384, false}, - {SSL_SIGN_RAINBOWIIICIRCUMZENITHAL, EVP_PKEY_RAINBOWIIICIRCUMZENITHAL, NID_undef, &EVP_sha384, false}, - {SSL_SIGN_RAINBOWIIICOMPRESSED, EVP_PKEY_RAINBOWIIICOMPRESSED, NID_undef, &EVP_sha384, false}, - {SSL_SIGN_RAINBOWVCLASSIC, EVP_PKEY_RAINBOWVCLASSIC, NID_undef, &EVP_sha512, false}, - {SSL_SIGN_RAINBOWVCIRCUMZENITHAL, EVP_PKEY_RAINBOWVCIRCUMZENITHAL, NID_undef, &EVP_sha512, false}, - {SSL_SIGN_RAINBOWVCOMPRESSED, EVP_PKEY_RAINBOWVCOMPRESSED, NID_undef, &EVP_sha512, false}, {SSL_SIGN_SPHINCSHARAKA128FROBUST, EVP_PKEY_SPHINCSHARAKA128FROBUST, NID_undef, &EVP_sha256, false}, {SSL_SIGN_SPHINCSHARAKA128FSIMPLE, EVP_PKEY_SPHINCSHARAKA128FSIMPLE, NID_undef, &EVP_sha256, false}, {SSL_SIGN_SPHINCSHARAKA128SROBUST, EVP_PKEY_SPHINCSHARAKA128SROBUST, NID_undef, &EVP_sha256, false}, @@ -580,18 +556,6 @@ static const struct { {SSL_SIGN_DILITHIUM5_AES, "dilithium5_aes"}, {SSL_SIGN_FALCON512, "falcon512"}, {SSL_SIGN_FALCON1024, "falcon1024"}, - {SSL_SIGN_PICNICL1FS, "picnicl1fs"}, - {SSL_SIGN_PICNICL1UR, "picnicl1ur"}, - {SSL_SIGN_PICNICL1FULL, "picnicl1full"}, - {SSL_SIGN_PICNIC3L1, "picnic3l1"}, - {SSL_SIGN_PICNIC3L3, "picnic3l3"}, - {SSL_SIGN_PICNIC3L5, "picnic3l5"}, - {SSL_SIGN_RAINBOWIIICLASSIC, "rainbowIIIclassic"}, - {SSL_SIGN_RAINBOWIIICIRCUMZENITHAL, "rainbowIIIcircumzenithal"}, - {SSL_SIGN_RAINBOWIIICOMPRESSED, "rainbowIIIcompressed"}, - {SSL_SIGN_RAINBOWVCLASSIC, "rainbowVclassic"}, - {SSL_SIGN_RAINBOWVCIRCUMZENITHAL, "rainbowVcircumzenithal"}, - {SSL_SIGN_RAINBOWVCOMPRESSED, "rainbowVcompressed"}, {SSL_SIGN_SPHINCSHARAKA128FROBUST, "sphincsharaka128frobust"}, {SSL_SIGN_SPHINCSHARAKA128FSIMPLE, "sphincsharaka128fsimple"}, {SSL_SIGN_SPHINCSHARAKA128SROBUST, "sphincsharaka128srobust"}, @@ -710,18 +674,6 @@ static constexpr struct { {EVP_PKEY_DILITHIUM5_AES, NID_sha512, SSL_SIGN_DILITHIUM5_AES}, {EVP_PKEY_FALCON512, NID_sha256, SSL_SIGN_FALCON512}, {EVP_PKEY_FALCON1024, NID_sha512, SSL_SIGN_FALCON1024}, - {EVP_PKEY_PICNICL1FS, NID_sha256, SSL_SIGN_PICNICL1FS}, - {EVP_PKEY_PICNICL1UR, NID_sha256, SSL_SIGN_PICNICL1UR}, - {EVP_PKEY_PICNICL1FULL, NID_sha256, SSL_SIGN_PICNICL1FULL}, - {EVP_PKEY_PICNIC3L1, NID_sha256, SSL_SIGN_PICNIC3L1}, - {EVP_PKEY_PICNIC3L3, NID_sha384, SSL_SIGN_PICNIC3L3}, - {EVP_PKEY_PICNIC3L5, NID_sha512, SSL_SIGN_PICNIC3L5}, - {EVP_PKEY_RAINBOWIIICLASSIC, NID_sha384, SSL_SIGN_RAINBOWIIICLASSIC}, - {EVP_PKEY_RAINBOWIIICIRCUMZENITHAL, NID_sha384, SSL_SIGN_RAINBOWIIICIRCUMZENITHAL}, - {EVP_PKEY_RAINBOWIIICOMPRESSED, NID_sha384, SSL_SIGN_RAINBOWIIICOMPRESSED}, - {EVP_PKEY_RAINBOWVCLASSIC, NID_sha512, SSL_SIGN_RAINBOWVCLASSIC}, - {EVP_PKEY_RAINBOWVCIRCUMZENITHAL, NID_sha512, SSL_SIGN_RAINBOWVCIRCUMZENITHAL}, - {EVP_PKEY_RAINBOWVCOMPRESSED, NID_sha512, SSL_SIGN_RAINBOWVCOMPRESSED}, {EVP_PKEY_SPHINCSHARAKA128FROBUST, NID_sha256, SSL_SIGN_SPHINCSHARAKA128FROBUST}, {EVP_PKEY_SPHINCSHARAKA128FSIMPLE, NID_sha256, SSL_SIGN_SPHINCSHARAKA128FSIMPLE}, {EVP_PKEY_SPHINCSHARAKA128SROBUST, NID_sha256, SSL_SIGN_SPHINCSHARAKA128SROBUST}, diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index dbd6d31e5d..6afd0be394 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -542,27 +542,6 @@ static const CurveTest kCurveTests[] = { SSL_CURVE_P521_NTRU_HRSS1373, }, }, - { - "lightsaber:p256_lightsaber", - { - SSL_CURVE_LIGHTSABER, - SSL_CURVE_P256_LIGHTSABER, - }, - }, - { - "saber:p384_saber", - { - SSL_CURVE_SABER, - SSL_CURVE_P384_SABER, - }, - }, - { - "firesaber:p521_firesaber", - { - SSL_CURVE_FIRESABER, - SSL_CURVE_P521_FIRESABER, - }, - }, { "kyber90s512:p256_kyber90s512", { @@ -605,62 +584,6 @@ static const CurveTest kCurveTests[] = { SSL_CURVE_P521_HQC256, }, }, - { - "ntrulpr653:p256_ntrulpr653", - { - SSL_CURVE_NTRULPR653, - SSL_CURVE_P256_NTRULPR653, - }, - }, - { - "ntrulpr761:p256_ntrulpr761", - { - SSL_CURVE_NTRULPR761, - SSL_CURVE_P256_NTRULPR761, - }, - }, - { - "ntrulpr857:p384_ntrulpr857", - { - SSL_CURVE_NTRULPR857, - SSL_CURVE_P384_NTRULPR857, - }, - }, - { - "ntrulpr1277:p521_ntrulpr1277", - { - SSL_CURVE_NTRULPR1277, - SSL_CURVE_P521_NTRULPR1277, - }, - }, - { - "sntrup653:p256_sntrup653", - { - SSL_CURVE_SNTRUP653, - SSL_CURVE_P256_SNTRUP653, - }, - }, - { - "sntrup761:p256_sntrup761", - { - SSL_CURVE_SNTRUP761, - SSL_CURVE_P256_SNTRUP761, - }, - }, - { - "sntrup857:p384_sntrup857", - { - SSL_CURVE_SNTRUP857, - SSL_CURVE_P384_SNTRUP857, - }, - }, - { - "sntrup1277:p521_sntrup1277", - { - SSL_CURVE_SNTRUP1277, - SSL_CURVE_P521_SNTRUP1277, - }, - }, ///// OQS_TEMPLATE_FRAGMENT_ADD_CURVETEST_END }; @@ -5336,30 +5259,6 @@ TEST(SSLTest, SignatureAlgorithmProperties) { SSL_get_signature_algorithm_key_type(SSL_SIGN_FALCON512)); EXPECT_EQ(EVP_PKEY_FALCON1024, SSL_get_signature_algorithm_key_type(SSL_SIGN_FALCON1024)); - EXPECT_EQ(EVP_PKEY_PICNICL1FS, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNICL1FS)); - EXPECT_EQ(EVP_PKEY_PICNICL1UR, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNICL1UR)); - EXPECT_EQ(EVP_PKEY_PICNICL1FULL, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNICL1FULL)); - EXPECT_EQ(EVP_PKEY_PICNIC3L1, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNIC3L1)); - EXPECT_EQ(EVP_PKEY_PICNIC3L3, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNIC3L3)); - EXPECT_EQ(EVP_PKEY_PICNIC3L5, - SSL_get_signature_algorithm_key_type(SSL_SIGN_PICNIC3L5)); - EXPECT_EQ(EVP_PKEY_RAINBOWIIICLASSIC, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWIIICLASSIC)); - EXPECT_EQ(EVP_PKEY_RAINBOWIIICIRCUMZENITHAL, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWIIICIRCUMZENITHAL)); - EXPECT_EQ(EVP_PKEY_RAINBOWIIICOMPRESSED, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWIIICOMPRESSED)); - EXPECT_EQ(EVP_PKEY_RAINBOWVCLASSIC, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWVCLASSIC)); - EXPECT_EQ(EVP_PKEY_RAINBOWVCIRCUMZENITHAL, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWVCIRCUMZENITHAL)); - EXPECT_EQ(EVP_PKEY_RAINBOWVCOMPRESSED, - SSL_get_signature_algorithm_key_type(SSL_SIGN_RAINBOWVCOMPRESSED)); EXPECT_EQ(EVP_PKEY_SPHINCSHARAKA128FROBUST, SSL_get_signature_algorithm_key_type(SSL_SIGN_SPHINCSHARAKA128FROBUST)); EXPECT_EQ(EVP_PKEY_SPHINCSHARAKA128FSIMPLE, @@ -5722,18 +5621,6 @@ TEST(SSLTest, SigAlgs) { {{NID_sha512, EVP_PKEY_DILITHIUM5_AES}, true, {SSL_SIGN_DILITHIUM5_AES}}, {{NID_sha256, EVP_PKEY_FALCON512}, true, {SSL_SIGN_FALCON512}}, {{NID_sha512, EVP_PKEY_FALCON1024}, true, {SSL_SIGN_FALCON1024}}, - {{NID_sha256, EVP_PKEY_PICNICL1FS}, true, {SSL_SIGN_PICNICL1FS}}, - {{NID_sha256, EVP_PKEY_PICNICL1UR}, true, {SSL_SIGN_PICNICL1UR}}, - {{NID_sha256, EVP_PKEY_PICNICL1FULL}, true, {SSL_SIGN_PICNICL1FULL}}, - {{NID_sha256, EVP_PKEY_PICNIC3L1}, true, {SSL_SIGN_PICNIC3L1}}, - {{NID_sha384, EVP_PKEY_PICNIC3L3}, true, {SSL_SIGN_PICNIC3L3}}, - {{NID_sha512, EVP_PKEY_PICNIC3L5}, true, {SSL_SIGN_PICNIC3L5}}, - {{NID_sha384, EVP_PKEY_RAINBOWIIICLASSIC}, true, {SSL_SIGN_RAINBOWIIICLASSIC}}, - {{NID_sha384, EVP_PKEY_RAINBOWIIICIRCUMZENITHAL}, true, {SSL_SIGN_RAINBOWIIICIRCUMZENITHAL}}, - {{NID_sha384, EVP_PKEY_RAINBOWIIICOMPRESSED}, true, {SSL_SIGN_RAINBOWIIICOMPRESSED}}, - {{NID_sha512, EVP_PKEY_RAINBOWVCLASSIC}, true, {SSL_SIGN_RAINBOWVCLASSIC}}, - {{NID_sha512, EVP_PKEY_RAINBOWVCIRCUMZENITHAL}, true, {SSL_SIGN_RAINBOWVCIRCUMZENITHAL}}, - {{NID_sha512, EVP_PKEY_RAINBOWVCOMPRESSED}, true, {SSL_SIGN_RAINBOWVCOMPRESSED}}, {{NID_sha256, EVP_PKEY_SPHINCSHARAKA128FROBUST}, true, {SSL_SIGN_SPHINCSHARAKA128FROBUST}}, {{NID_sha256, EVP_PKEY_SPHINCSHARAKA128FSIMPLE}, true, {SSL_SIGN_SPHINCSHARAKA128FSIMPLE}}, {{NID_sha256, EVP_PKEY_SPHINCSHARAKA128SROBUST}, true, {SSL_SIGN_SPHINCSHARAKA128SROBUST}}, @@ -5835,18 +5722,6 @@ TEST(SSLTest, SigAlgsList) { {"dilithium5_aes", true, {SSL_SIGN_DILITHIUM5_AES}}, {"falcon512", true, {SSL_SIGN_FALCON512}}, {"falcon1024", true, {SSL_SIGN_FALCON1024}}, - {"picnicl1fs", true, {SSL_SIGN_PICNICL1FS}}, - {"picnicl1ur", true, {SSL_SIGN_PICNICL1UR}}, - {"picnicl1full", true, {SSL_SIGN_PICNICL1FULL}}, - {"picnic3l1", true, {SSL_SIGN_PICNIC3L1}}, - {"picnic3l3", true, {SSL_SIGN_PICNIC3L3}}, - {"picnic3l5", true, {SSL_SIGN_PICNIC3L5}}, - {"rainbowIIIclassic", true, {SSL_SIGN_RAINBOWIIICLASSIC}}, - {"rainbowIIIcircumzenithal", true, {SSL_SIGN_RAINBOWIIICIRCUMZENITHAL}}, - {"rainbowIIIcompressed", true, {SSL_SIGN_RAINBOWIIICOMPRESSED}}, - {"rainbowVclassic", true, {SSL_SIGN_RAINBOWVCLASSIC}}, - {"rainbowVcircumzenithal", true, {SSL_SIGN_RAINBOWVCIRCUMZENITHAL}}, - {"rainbowVcompressed", true, {SSL_SIGN_RAINBOWVCOMPRESSED}}, {"sphincsharaka128frobust", true, {SSL_SIGN_SPHINCSHARAKA128FROBUST}}, {"sphincsharaka128fsimple", true, {SSL_SIGN_SPHINCSHARAKA128FSIMPLE}}, {"sphincsharaka128srobust", true, {SSL_SIGN_SPHINCSHARAKA128SROBUST}}, @@ -8105,34 +7980,12 @@ static const TLSGroup kOQSGroups[] = { {NID_p384_ntru_hrss701, SSL_CURVE_P384_NTRU_HRSS701}, {NID_ntru_hrss1373, SSL_CURVE_NTRU_HRSS1373}, {NID_p521_ntru_hrss1373, SSL_CURVE_P521_NTRU_HRSS1373}, - {NID_lightsaber, SSL_CURVE_LIGHTSABER}, - {NID_p256_lightsaber, SSL_CURVE_P256_LIGHTSABER}, - {NID_saber, SSL_CURVE_SABER}, - {NID_p384_saber, SSL_CURVE_P384_SABER}, - {NID_firesaber, SSL_CURVE_FIRESABER}, - {NID_p521_firesaber, SSL_CURVE_P521_FIRESABER}, {NID_kyber90s512, SSL_CURVE_KYBER90S512}, {NID_p256_kyber90s512, SSL_CURVE_P256_KYBER90S512}, {NID_kyber90s768, SSL_CURVE_KYBER90S768}, {NID_p384_kyber90s768, SSL_CURVE_P384_KYBER90S768}, {NID_kyber90s1024, SSL_CURVE_KYBER90S1024}, {NID_p521_kyber90s1024, SSL_CURVE_P521_KYBER90S1024}, - {NID_ntrulpr653, SSL_CURVE_NTRULPR653}, - {NID_p256_ntrulpr653, SSL_CURVE_P256_NTRULPR653}, - {NID_ntrulpr761, SSL_CURVE_NTRULPR761}, - {NID_p256_ntrulpr761, SSL_CURVE_P256_NTRULPR761}, - {NID_ntrulpr857, SSL_CURVE_NTRULPR857}, - {NID_p384_ntrulpr857, SSL_CURVE_P384_NTRULPR857}, - {NID_ntrulpr1277, SSL_CURVE_NTRULPR1277}, - {NID_p521_ntrulpr1277, SSL_CURVE_P521_NTRULPR1277}, - {NID_sntrup653, SSL_CURVE_SNTRUP653}, - {NID_p256_sntrup653, SSL_CURVE_P256_SNTRUP653}, - {NID_sntrup761, SSL_CURVE_SNTRUP761}, - {NID_p256_sntrup761, SSL_CURVE_P256_SNTRUP761}, - {NID_sntrup857, SSL_CURVE_SNTRUP857}, - {NID_p384_sntrup857, SSL_CURVE_P384_SNTRUP857}, - {NID_sntrup1277, SSL_CURVE_SNTRUP1277}, - {NID_p521_sntrup1277, SSL_CURVE_P521_SNTRUP1277}, ///// OQS_TEMPLATE_FRAGMENT_LIST_ALL_OQS_KEMS_END }; @@ -8232,18 +8085,6 @@ INSTANTIATE_TEST_SUITE_P(WithSignatureNIDs, OQSHandshakeTest, NID_dilithium5_aes, NID_falcon512, NID_falcon1024, - NID_picnicl1fs, - NID_picnicl1ur, - NID_picnicl1full, - NID_picnic3l1, - NID_picnic3l3, - NID_picnic3l5, - NID_rainbowIIIclassic, - NID_rainbowIIIcircumzenithal, - NID_rainbowIIIcompressed, - NID_rainbowVclassic, - NID_rainbowVcircumzenithal, - NID_rainbowVcompressed, NID_sphincsharaka128frobust, NID_sphincsharaka128fsimple, NID_sphincsharaka128srobust, diff --git a/ssl/test/fuzzer.h b/ssl/test/fuzzer.h index 82aa5b6237..725d904a63 100644 --- a/ssl/test/fuzzer.h +++ b/ssl/test/fuzzer.h @@ -439,23 +439,12 @@ class TLSFuzzer { NID_ntru_hps40961229, NID_p521_ntru_hps40961229, NID_ntru_hrss701, NID_p384_ntru_hrss701, NID_ntru_hrss1373, NID_p521_ntru_hrss1373, - NID_lightsaber, NID_p256_lightsaber, - NID_saber, NID_p384_saber, - NID_firesaber, NID_p521_firesaber, NID_kyber90s512, NID_p256_kyber90s512, NID_kyber90s768, NID_p384_kyber90s768, NID_kyber90s1024, NID_p521_kyber90s1024, NID_hqc128, NID_p256_hqc128, NID_hqc192, NID_p384_hqc192, NID_hqc256, NID_p521_hqc256, - NID_ntrulpr653, NID_p256_ntrulpr653, - NID_ntrulpr761, NID_p256_ntrulpr761, - NID_ntrulpr857, NID_p384_ntrulpr857, - NID_ntrulpr1277, NID_p521_ntrulpr1277, - NID_sntrup653, NID_p256_sntrup653, - NID_sntrup761, NID_p256_sntrup761, - NID_sntrup857, NID_p384_sntrup857, - NID_sntrup1277, NID_p521_sntrup1277, ///// OQS_TEMPLATE_FRAGMENT_LIST_NIDS_END }; if (!SSL_CTX_set1_curves(ctx_.get(), kCurves, diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc index 42fa5eeca0..9c1d70b829 100644 --- a/ssl/test/test_config.cc +++ b/ssl/test/test_config.cc @@ -2003,24 +2003,6 @@ bssl::UniquePtr TestConfig::NewSSL( case SSL_CURVE_P521_NTRU_HRSS1373: nids.push_back(NID_p521_ntru_hrss1373); break; - case SSL_CURVE_LIGHTSABER: - nids.push_back(NID_lightsaber); - break; - case SSL_CURVE_P256_LIGHTSABER: - nids.push_back(NID_p256_lightsaber); - break; - case SSL_CURVE_SABER: - nids.push_back(NID_saber); - break; - case SSL_CURVE_P384_SABER: - nids.push_back(NID_p384_saber); - break; - case SSL_CURVE_FIRESABER: - nids.push_back(NID_firesaber); - break; - case SSL_CURVE_P521_FIRESABER: - nids.push_back(NID_p521_firesaber); - break; case SSL_CURVE_KYBER90S512: nids.push_back(NID_kyber90s512); break; @@ -2057,54 +2039,6 @@ bssl::UniquePtr TestConfig::NewSSL( case SSL_CURVE_P521_HQC256: nids.push_back(NID_p521_hqc256); break; - case SSL_CURVE_NTRULPR653: - nids.push_back(NID_ntrulpr653); - break; - case SSL_CURVE_P256_NTRULPR653: - nids.push_back(NID_p256_ntrulpr653); - break; - case SSL_CURVE_NTRULPR761: - nids.push_back(NID_ntrulpr761); - break; - case SSL_CURVE_P256_NTRULPR761: - nids.push_back(NID_p256_ntrulpr761); - break; - case SSL_CURVE_NTRULPR857: - nids.push_back(NID_ntrulpr857); - break; - case SSL_CURVE_P384_NTRULPR857: - nids.push_back(NID_p384_ntrulpr857); - break; - case SSL_CURVE_NTRULPR1277: - nids.push_back(NID_ntrulpr1277); - break; - case SSL_CURVE_P521_NTRULPR1277: - nids.push_back(NID_p521_ntrulpr1277); - break; - case SSL_CURVE_SNTRUP653: - nids.push_back(NID_sntrup653); - break; - case SSL_CURVE_P256_SNTRUP653: - nids.push_back(NID_p256_sntrup653); - break; - case SSL_CURVE_SNTRUP761: - nids.push_back(NID_sntrup761); - break; - case SSL_CURVE_P256_SNTRUP761: - nids.push_back(NID_p256_sntrup761); - break; - case SSL_CURVE_SNTRUP857: - nids.push_back(NID_sntrup857); - break; - case SSL_CURVE_P384_SNTRUP857: - nids.push_back(NID_p384_sntrup857); - break; - case SSL_CURVE_SNTRUP1277: - nids.push_back(NID_sntrup1277); - break; - case SSL_CURVE_P521_SNTRUP1277: - nids.push_back(NID_p521_sntrup1277); - break; ///// OQS_TEMPLATE_FRAGMENT_ADD_NIDS_END } if (!SSL_set1_curves(ssl.get(), &nids[0], nids.size())) { @@ -2135,23 +2069,12 @@ bssl::UniquePtr TestConfig::NewSSL( NID_ntru_hps40961229, NID_p521_ntru_hps40961229, NID_ntru_hrss701, NID_p384_ntru_hrss701, NID_ntru_hrss1373, NID_p521_ntru_hrss1373, - NID_lightsaber, NID_p256_lightsaber, - NID_saber, NID_p384_saber, - NID_firesaber, NID_p521_firesaber, NID_kyber90s512, NID_p256_kyber90s512, NID_kyber90s768, NID_p384_kyber90s768, NID_kyber90s1024, NID_p521_kyber90s1024, NID_hqc128, NID_p256_hqc128, NID_hqc192, NID_p384_hqc192, NID_hqc256, NID_p521_hqc256, - NID_ntrulpr653, NID_p256_ntrulpr653, - NID_ntrulpr761, NID_p256_ntrulpr761, - NID_ntrulpr857, NID_p384_ntrulpr857, - NID_ntrulpr1277, NID_p521_ntrulpr1277, - NID_sntrup653, NID_p256_sntrup653, - NID_sntrup761, NID_p256_sntrup761, - NID_sntrup857, NID_p384_sntrup857, - NID_sntrup1277, NID_p521_sntrup1277, ///// OQS_TEMPLATE_FRAGMENT_LIST_PQ_CURVEIDS_END }; if (!SSL_set1_curves(ssl.get(), kAllCurves,