Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Algorithm & ID updates #447

Merged
merged 1 commit into from
May 23, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 4 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h

<!--- OQS_TEMPLATE_FRAGMENT_LIST_KEXS_START -->
- **BIKE**: `bikel1`, `bikel3`, `bikel5`
- **CRYSTALS-Kyber**: `kyber512`, `kyber768`, `kyber1024`, `kyber90s512`, `kyber90s768`, `kyber90s1024`
- **CRYSTALS-Kyber**: `kyber512`, `kyber768`, `kyber1024`
- **FrodoKEM**: `frodo640aes`, `frodo640shake`, `frodo976aes`, `frodo976shake`, `frodo1344aes`, `frodo1344shake`
- **HQC**: `hqc128`, `hqc192`, `hqc256`†
<!--- OQS_TEMPLATE_FRAGMENT_LIST_KEXS_END -->
Expand All @@ -96,11 +96,10 @@ Note that algorithms marked with a dagger (†) have large stack usage and may c
The following digital signature algorithms from liboqs are supported by the fork. **Note that not all variants of all algorithms are enabled by default; algorithms that are enabled by default are marked with an asterisk, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssl/wiki/Using-liboqs-algorithms-not-in-the-fork#code-generation)**.

<!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_START -->
- **CRYSTALS-Dilithium**:`dilithium2`\*, `dilithium3`\*, `dilithium5`\*, `dilithium2_aes`\*, `dilithium3_aes`\*, `dilithium5_aes`\*
- **CRYSTALS-Dilithium**:`dilithium2`\*, `dilithium3`\*, `dilithium5`\*
- **Falcon**:`falcon512`\*, `falcon1024`\*
- **SPHINCS-Haraka**:`sphincsharaka128frobust`\*, `sphincsharaka128fsimple`\*, `sphincsharaka128srobust`, `sphincsharaka128ssimple`, `sphincsharaka192frobust`, `sphincsharaka192fsimple`, `sphincsharaka192srobust`, `sphincsharaka192ssimple`, `sphincsharaka256frobust`, `sphincsharaka256fsimple`, `sphincsharaka256srobust`, `sphincsharaka256ssimple`
- **SPHINCS-SHA256**:`sphincssha256128frobust`\*, `sphincssha256128fsimple`, `sphincssha256128srobust`, `sphincssha256128ssimple`\*, `sphincssha256192frobust`, `sphincssha256192fsimple`, `sphincssha256192srobust`, `sphincssha256192ssimple`, `sphincssha256256frobust`, `sphincssha256256fsimple`, `sphincssha256256srobust`, `sphincssha256256ssimple`
- **SPHINCS-SHAKE256**:`sphincsshake256128frobust`, `sphincsshake256128fsimple`\*, `sphincsshake256128srobust`, `sphincsshake256128ssimple`, `sphincsshake256192frobust`, `sphincsshake256192fsimple`, `sphincsshake256192srobust`, `sphincsshake256192ssimple`, `sphincsshake256256frobust`, `sphincsshake256256fsimple`, `sphincsshake256256srobust`, `sphincsshake256256ssimple`
- **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `sphincssha2256fsimple`, `sphincssha2256ssimple`
- **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple`
<!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_END -->

The following hybrid algorithms are supported; they combine a quantum-safe algorithm listed above with a traditional digital signature algorithm (`<SIG>` is any one of the algorithms listed above):
Expand Down
72 changes: 22 additions & 50 deletions apps/s_cb.c
Original file line number Diff line number Diff line change
Expand Up @@ -266,20 +266,6 @@ static const char *get_sigtype(int nid)
return "Dilithium5";
case NID_p521_dilithium5:
return "ECDSA p521 - Dilithium5";
case NID_dilithium2_aes:
return "Dilithium2_AES";
case NID_p256_dilithium2_aes:
return "ECDSA p256 - Dilithium2_AES";
case NID_rsa3072_dilithium2_aes:
return "RSA3072 - Dilithium2_AES";
case NID_dilithium3_aes:
return "Dilithium3_AES";
case NID_p384_dilithium3_aes:
return "ECDSA p384 - Dilithium3_AES";
case NID_dilithium5_aes:
return "Dilithium5_AES";
case NID_p521_dilithium5_aes:
return "ECDSA p521 - Dilithium5_AES";
case NID_falcon512:
return "Falcon-512";
case NID_p256_falcon512:
Expand All @@ -290,36 +276,28 @@ static const char *get_sigtype(int nid)
return "Falcon-1024";
case NID_p521_falcon1024:
return "ECDSA p521 - Falcon-1024";
case NID_sphincsharaka128frobust:
return "SPHINCS+-Haraka-128f-robust";
case NID_p256_sphincsharaka128frobust:
return "ECDSA p256 - SPHINCS+-Haraka-128f-robust";
case NID_rsa3072_sphincsharaka128frobust:
return "RSA3072 - SPHINCS+-Haraka-128f-robust";
case NID_sphincsharaka128fsimple:
return "SPHINCS+-Haraka-128f-simple";
case NID_p256_sphincsharaka128fsimple:
return "ECDSA p256 - SPHINCS+-Haraka-128f-simple";
case NID_rsa3072_sphincsharaka128fsimple:
return "RSA3072 - SPHINCS+-Haraka-128f-simple";
case NID_sphincssha256128frobust:
return "SPHINCS+-SHA256-128f-robust";
case NID_p256_sphincssha256128frobust:
return "ECDSA p256 - SPHINCS+-SHA256-128f-robust";
case NID_rsa3072_sphincssha256128frobust:
return "RSA3072 - SPHINCS+-SHA256-128f-robust";
case NID_sphincssha256128ssimple:
return "SPHINCS+-SHA256-128s-simple";
case NID_p256_sphincssha256128ssimple:
return "ECDSA p256 - SPHINCS+-SHA256-128s-simple";
case NID_rsa3072_sphincssha256128ssimple:
return "RSA3072 - SPHINCS+-SHA256-128s-simple";
case NID_sphincsshake256128fsimple:
return "SPHINCS+-SHAKE256-128f-simple";
case NID_p256_sphincsshake256128fsimple:
return "ECDSA p256 - SPHINCS+-SHAKE256-128f-simple";
case NID_rsa3072_sphincsshake256128fsimple:
return "RSA3072 - SPHINCS+-SHAKE256-128f-simple";
case NID_sphincssha2128fsimple:
return "SPHINCS+-SHA2-128f-simple";
case NID_p256_sphincssha2128fsimple:
return "ECDSA p256 - SPHINCS+-SHA2-128f-simple";
case NID_rsa3072_sphincssha2128fsimple:
return "RSA3072 - SPHINCS+-SHA2-128f-simple";
case NID_sphincssha2128ssimple:
return "SPHINCS+-SHA2-128s-simple";
case NID_p256_sphincssha2128ssimple:
return "ECDSA p256 - SPHINCS+-SHA2-128s-simple";
case NID_rsa3072_sphincssha2128ssimple:
return "RSA3072 - SPHINCS+-SHA2-128s-simple";
case NID_sphincssha2192fsimple:
return "SPHINCS+-SHA2-192f-simple";
case NID_p384_sphincssha2192fsimple:
return "ECDSA p384 - SPHINCS+-SHA2-192f-simple";
case NID_sphincsshake128fsimple:
return "SPHINCS+-SHAKE-128f-simple";
case NID_p256_sphincsshake128fsimple:
return "ECDSA p256 - SPHINCS+-SHAKE-128f-simple";
case NID_rsa3072_sphincsshake128fsimple:
return "RSA3072 - SPHINCS+-SHAKE-128f-simple";
///// OQS_TEMPLATE_FRAGMENT_SIG_NAME_STR_END
default:
return NULL;
Expand Down Expand Up @@ -485,9 +463,6 @@ static const char* OQS_CURVE_ID_NAME_STR(int id) {
case 0x0241: return "bikel1";
case 0x0242: return "bikel3";
case 0x0243: return "bikel5";
case 0x023E: return "kyber90s512";
case 0x023F: return "kyber90s768";
case 0x0240: return "kyber90s1024";
case 0x022C: return "hqc128";
case 0x022D: return "hqc192";
case 0x022E: return "hqc256";
Expand All @@ -505,9 +480,6 @@ static const char* OQS_CURVE_ID_NAME_STR(int id) {
case 0x2F41: return "p256_bikel1 hybrid";
case 0x2F42: return "p384_bikel3 hybrid";
case 0x2F43: return "p521_bikel5 hybrid";
case 0x2F3E: return "p256_kyber90s512 hybrid";
case 0x2F3F: return "p384_kyber90s768 hybrid";
case 0x2F40: return "p521_kyber90s1024 hybrid";
case 0x2F2C: return "p256_hqc128 hybrid";
case 0x2F2D: return "p384_hqc192 hybrid";
case 0x2F2E: return "p521_hqc256 hybrid";
Expand Down
33 changes: 11 additions & 22 deletions crypto/asn1/standard_methods.h
Original file line number Diff line number Diff line change
Expand Up @@ -67,32 +67,21 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
&p384_dilithium3_asn1_meth,
&dilithium5_asn1_meth,
&p521_dilithium5_asn1_meth,
&dilithium2_aes_asn1_meth,
&p256_dilithium2_aes_asn1_meth,
&rsa3072_dilithium2_aes_asn1_meth,
&dilithium3_aes_asn1_meth,
&p384_dilithium3_aes_asn1_meth,
&dilithium5_aes_asn1_meth,
&p521_dilithium5_aes_asn1_meth,
&falcon512_asn1_meth,
&p256_falcon512_asn1_meth,
&rsa3072_falcon512_asn1_meth,
&falcon1024_asn1_meth,
&p521_falcon1024_asn1_meth,
&sphincsharaka128frobust_asn1_meth,
&p256_sphincsharaka128frobust_asn1_meth,
&rsa3072_sphincsharaka128frobust_asn1_meth,
&sphincsharaka128fsimple_asn1_meth,
&p256_sphincsharaka128fsimple_asn1_meth,
&rsa3072_sphincsharaka128fsimple_asn1_meth,
&sphincssha256128frobust_asn1_meth,
&p256_sphincssha256128frobust_asn1_meth,
&rsa3072_sphincssha256128frobust_asn1_meth,
&sphincssha256128ssimple_asn1_meth,
&p256_sphincssha256128ssimple_asn1_meth,
&rsa3072_sphincssha256128ssimple_asn1_meth,
&sphincsshake256128fsimple_asn1_meth,
&p256_sphincsshake256128fsimple_asn1_meth,
&rsa3072_sphincsshake256128fsimple_asn1_meth,
&sphincssha2128fsimple_asn1_meth,
&p256_sphincssha2128fsimple_asn1_meth,
&rsa3072_sphincssha2128fsimple_asn1_meth,
&sphincssha2128ssimple_asn1_meth,
&p256_sphincssha2128ssimple_asn1_meth,
&rsa3072_sphincssha2128ssimple_asn1_meth,
&sphincssha2192fsimple_asn1_meth,
&p384_sphincssha2192fsimple_asn1_meth,
&sphincsshake128fsimple_asn1_meth,
&p256_sphincsshake128fsimple_asn1_meth,
&rsa3072_sphincsshake128fsimple_asn1_meth,
///// OQS_TEMPLATE_FRAGMENT_SIG_ASN1_METHS_END
};
Loading