fips: add hybrid KEM algorithms to the FIPS provider

author Pauli <ppzgs1@gmail.com>

Tue, 11 Feb 2025 23:13:36 +0000 (10:13 +1100)

committer Tomas Mraz <tomas@openssl.org>

Fri, 14 Feb 2025 16:08:42 +0000 (17:08 +0100)
author Pauli <ppzgs1@gmail.com>
Tue, 11 Feb 2025 23:13:36 +0000 (10:13 +1100)
committer Tomas Mraz <tomas@openssl.org>
Fri, 14 Feb 2025 16:08:42 +0000 (17:08 +0100)
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c

index 798d776fcdfd9e150f4477ee55079370dc2eb5e6..2cdfd4f5e554fff04a40868470018b19ee8987b9 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -514,6 +514,14 @@ static const OSSL_ALGORITHM fips_asym_kem[] = {
      { PROV_NAMES_ML_KEM_512, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions },
      { PROV_NAMES_ML_KEM_768, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions },
      { PROV_NAMES_ML_KEM_1024, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions },
+# if !defined(OPENSSL_NO_ECX)
+    { "X25519MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+    { "X448MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+# endif
+# if !defined(OPENSSL_NO_EC)
+    { "SecP256r1MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+    { "SecP384r1MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+# endif
  #endif
      { NULL, NULL, NULL }
  };
@@ -566,12 +574,24 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {
        ossl_cmac_legacy_keymgmt_functions, PROV_DESCS_CMAC_SIGN },
  #endif
  #ifndef OPENSSL_NO_ML_KEM
-    { PROV_NAMES_ML_KEM_512, FIPS_DEFAULT_PROPERTIES,
-      ossl_ml_kem_512_keymgmt_functions, PROV_DESCS_ML_KEM_512 },
-    { PROV_NAMES_ML_KEM_768, FIPS_DEFAULT_PROPERTIES,
-      ossl_ml_kem_768_keymgmt_functions, PROV_DESCS_ML_KEM_768 },
-    { PROV_NAMES_ML_KEM_1024, FIPS_DEFAULT_PROPERTIES,
-      ossl_ml_kem_1024_keymgmt_functions, PROV_DESCS_ML_KEM_1024 },
+    { PROV_NAMES_ML_KEM_512, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_512_keymgmt_functions,
+      PROV_DESCS_ML_KEM_512 },
+    { PROV_NAMES_ML_KEM_768, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_768_keymgmt_functions,
+      PROV_DESCS_ML_KEM_768 },
+    { PROV_NAMES_ML_KEM_1024, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_1024_keymgmt_functions,
+      PROV_DESCS_ML_KEM_1024 },
+# if !defined(OPENSSL_NO_ECX)
+    { PROV_NAMES_X25519MLKEM768, FIPS_DEFAULT_PROPERTIES, ossl_mlx_x25519_kem_kmgmt_functions,
+      PROV_DESCS_X25519MLKEM768 },
+    { PROV_NAMES_X448MLKEM1024, FIPS_DEFAULT_PROPERTIES, ossl_mlx_x448_kem_kmgmt_functions,
+      PROV_DESCS_X448MLKEM1024 },
+# endif
+# if !defined(OPENSSL_NO_EC)
+    { PROV_NAMES_SecP256r1MLKEM768, FIPS_DEFAULT_PROPERTIES, ossl_mlx_p256_kem_kmgmt_functions,
+      PROV_DESCS_SecP256r1MLKEM768 },
+    { PROV_NAMES_SecP384r1MLKEM1024, FIPS_DEFAULT_PROPERTIES, ossl_mlx_p384_kem_kmgmt_functions,
+      PROV_DESCS_SecP384r1MLKEM1024 },
+# endif
  #endif
      { NULL, NULL, NULL }
  };
author	Pauli <ppzgs1@gmail.com>
	Tue, 11 Feb 2025 23:13:36 +0000 (10:13 +1100)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 14 Feb 2025 16:08:42 +0000 (17:08 +0100)