From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 10 Oct 2024 11:57:36 +0000 (+0200)
Subject: oqs: Add support for FrodoKEM
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f630797e4079d573fbb6056e9f046ea60213eb00;p=thirdparty%2Fstrongswan.git

oqs: Add support for FrodoKEM
---

diff --git a/src/libstrongswan/plugins/oqs/oqs_kem.c b/src/libstrongswan/plugins/oqs/oqs_kem.c
index e3db45fdde..364d4ab13e 100644
--- a/src/libstrongswan/plugins/oqs/oqs_kem.c
+++ b/src/libstrongswan/plugins/oqs/oqs_kem.c
@@ -241,6 +241,24 @@ oqs_kem_t *oqs_kem_create(key_exchange_method_t method)
 		case ML_KEM_1024:
 			kem_alg = OQS_KEM_alg_ml_kem_1024;
 			break;
+		case KE_FRODO_AES_L1:
+			kem_alg = OQS_KEM_alg_frodokem_640_aes;
+			break;
+		case KE_FRODO_AES_L3:
+			kem_alg = OQS_KEM_alg_frodokem_976_aes;
+			break;
+		case KE_FRODO_AES_L5:
+			kem_alg = OQS_KEM_alg_frodokem_1344_aes;
+			break;
+		case KE_FRODO_SHAKE_L1:
+			kem_alg = OQS_KEM_alg_frodokem_640_shake;
+			break;
+		case KE_FRODO_SHAKE_L3:
+			kem_alg = OQS_KEM_alg_frodokem_976_shake;
+			break;
+		case KE_FRODO_SHAKE_L5:
+			kem_alg = OQS_KEM_alg_frodokem_1344_shake;
+			break;
 		default:
 			return NULL;
 	}
diff --git a/src/libstrongswan/plugins/oqs/oqs_plugin.c b/src/libstrongswan/plugins/oqs/oqs_plugin.c
index 4475ebe905..769a163a63 100644
--- a/src/libstrongswan/plugins/oqs/oqs_plugin.c
+++ b/src/libstrongswan/plugins/oqs/oqs_plugin.c
@@ -49,6 +49,12 @@ METHOD(plugin_t, get_features, int,
 			PLUGIN_PROVIDE(KE, ML_KEM_512),
 			PLUGIN_PROVIDE(KE, ML_KEM_768),
 			PLUGIN_PROVIDE(KE, ML_KEM_1024),
+			PLUGIN_PROVIDE(KE, KE_FRODO_AES_L1),
+			PLUGIN_PROVIDE(KE, KE_FRODO_AES_L3),
+			PLUGIN_PROVIDE(KE, KE_FRODO_AES_L5),
+			PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L1),
+			PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L3),
+			PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L5),
 	};
 	*features = f;
 	return countof(f);
diff --git a/src/libstrongswan/plugins/oqs/tests/suites/test_oqs.c b/src/libstrongswan/plugins/oqs/tests/suites/test_oqs.c
index 2b1c828502..20655d2dc3 100644
--- a/src/libstrongswan/plugins/oqs/tests/suites/test_oqs.c
+++ b/src/libstrongswan/plugins/oqs/tests/suites/test_oqs.c
@@ -223,18 +223,22 @@ Suite *oqs_suite_create()
 	tc = tcase_create("good");
 	test_case_set_timeout(tc, 30);
 	tcase_add_loop_test(tc, test_oqs_good, ML_KEM_512, ML_KEM_1024 + 1);
+	tcase_add_loop_test(tc, test_oqs_good, KE_FRODO_AES_L1, KE_FRODO_SHAKE_L5 + 1);
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("wrong");
 	tcase_add_loop_test(tc, test_oqs_wrong, ML_KEM_512, ML_KEM_1024 + 1);
+	tcase_add_loop_test(tc, test_oqs_wrong, KE_FRODO_AES_L1, KE_FRODO_SHAKE_L5 + 1);
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("fail_i");
 	tcase_add_loop_test(tc, test_oqs_fail_i, ML_KEM_512, ML_KEM_1024 + 1);
+	tcase_add_loop_test(tc, test_oqs_fail_i, KE_FRODO_AES_L1, KE_FRODO_SHAKE_L5 + 1);
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("fail_r");
 	tcase_add_loop_test(tc, test_oqs_fail_r, ML_KEM_512, ML_KEM_1024 + 1);
+	tcase_add_loop_test(tc, test_oqs_fail_r, KE_FRODO_AES_L1, KE_FRODO_SHAKE_L5 + 1);
 	suite_add_tcase(s, tc);
 
 	return s;