algorithms: rename GNUTLS_PK_MLKEM768 to GNUTLS_PK_ML_KEM_768

To be consistent with ML-DSA algorithms, this renames
GNUTLS_PK_MLKEM768 to GNUTLS_PK_ML_KEM_768, while the old name is
preserved through a compatibility macro.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/algorithms.h b/lib/algorithms.h
index 3ce601c92695afe2f3124feea63f9437105e62e9..dac466b830703cdd7e294b4fbe6e472dcb84035e 100644 (file)
--- a/lib/algorithms.h
+++ b/lib/algorithms.h
@@ -53,7 +53,7 @@
        (((x) == GNUTLS_PK_ECDH_X25519) || ((x) == GNUTLS_PK_ECDH_X448))
 
 #define IS_KEM(x) \
-       (((x) == GNUTLS_PK_MLKEM768) || ((x) == GNUTLS_PK_EXP_KYBER768))
+       (((x) == GNUTLS_PK_ML_KEM_768) || ((x) == GNUTLS_PK_EXP_KYBER768))
 
 #define IS_ML_DSA(x)                                                     \
        (((x) == GNUTLS_PK_ML_DSA_44) || ((x) == GNUTLS_PK_ML_DSA_65) || \

diff --git a/lib/algorithms/groups.c b/lib/algorithms/groups.c
index 2fbe7b8ecc99a82f71195917bf9dfd729331cc95..c4f60531c95973588266486adb401cc896827937 100644 (file)
--- a/lib/algorithms/groups.c
+++ b/lib/algorithms/groups.c
@@ -176,7 +176,7 @@ static const gnutls_group_entry_st supported_groups[] = {
        {
                .name = "MLKEM768",
                .id = GNUTLS_GROUP_EXP_MLKEM768,
-               .pk = GNUTLS_PK_MLKEM768,
+               .pk = GNUTLS_PK_ML_KEM_768,
                /* absense of .tls_id means that this group alone cannot be used in TLS */
        },
        {

diff --git a/lib/algorithms/publickey.c b/lib/algorithms/publickey.c
index bda0ce6263e8ab39c3ef58b2d6a23b93d257a7be..59d1b8825fc8567b609a5ed35d3a65fc688acfc9 100644 (file)
--- a/lib/algorithms/publickey.c
+++ b/lib/algorithms/publickey.c
@@ -204,7 +204,7 @@ static const gnutls_pk_entry pk_algorithms[] = {
          .curve = GNUTLS_ECC_CURVE_X448 },
        { .name = "ML-KEM-768",
          .oid = NULL,
-         .id = GNUTLS_PK_MLKEM768,
+         .id = GNUTLS_PK_ML_KEM_768,
          .curve = GNUTLS_ECC_CURVE_INVALID },
 /* Hidden behind HAVE_LIBOQS as it will be removed in the future.
         */

diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
index 8fbe2d2bd42146bdf8fc62080299a585c57c11f5..f069bf0bf2f6f7472071c26415cb05a1cbf07741 100644 (file)
--- a/lib/ext/key_share.c
+++ b/lib/ext/key_share.c
@@ -183,7 +183,7 @@ static int client_gen_key_share_single(gnutls_session_t session,
                ret = 0;
                break;
 
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768:
                gnutls_pk_params_release(&session->key.kshare.kem_params);
                gnutls_pk_params_init(&session->key.kshare.kem_params);
@@ -319,7 +319,7 @@ static int server_gen_key_share_single(gnutls_session_t session,
                ret = 0;
                break;
 
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768:
                ret = gnutls_buffer_append_data(
                        extdata, session->key.kshare.kem_params.raw_pub.data,
@@ -562,7 +562,7 @@ static int server_use_key_share_single(gnutls_session_t session,
 
                return 0;
 
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                gnutls_pk_params_release(&session->key.kshare.kem_params);
                gnutls_pk_params_init(&session->key.kshare.kem_params);
@@ -762,7 +762,7 @@ static int client_use_key_share_single(gnutls_session_t session,
 
                return 0;
 
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                if (KYBER768_CIPHERTEXT_SIZE > buffer->length)
                        return gnutls_assert_val(

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index f0d5dd8abd687d10efe3e20a49c98a8563c2e84f..f10bd24f43ac1ca7080fc16734cb066b8efaa564 100644 (file)
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -874,6 +874,8 @@ typedef enum gnutls_certificate_print_formats {
 #define GNUTLS_PK_EC GNUTLS_PK_ECDSA
 
 #define GNUTLS_PK_ECDHX GNUTLS_PK_ECDH_X25519
+#define GNUTLS_PK_MLKEM768 GNUTLS_PK_ML_KEM_768
+
 /**
  * gnutls_pk_algorithm_t:
  * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
@@ -908,7 +910,7 @@ typedef enum {
        GNUTLS_PK_ECDH_X448 = 11,
        GNUTLS_PK_EDDSA_ED448 = 12,
        GNUTLS_PK_RSA_OAEP = 13,
-       GNUTLS_PK_MLKEM768 = 14,
+       GNUTLS_PK_ML_KEM_768 = 14,
        GNUTLS_PK_ML_DSA_44 = 15,
        GNUTLS_PK_ML_DSA_65 = 16,
        GNUTLS_PK_ML_DSA_87 = 17,

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 9cc0a8be577bd3eae181df27c0e8283035c10d4e..a13870a2bcbe64af8ec8a10762ba1ccb1dc53634 100644 (file)
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -695,7 +695,7 @@ cleanup:
 static const char *pk_to_liboqs_algo(gnutls_pk_algorithm_t algo)
 {
        switch (algo) {
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
                return OQS_KEM_alg_ml_kem_768;
        case GNUTLS_PK_EXP_KYBER768:
                return OQS_KEM_alg_kyber_768;
@@ -721,7 +721,7 @@ static int _wrap_nettle_pk_encaps(gnutls_pk_algorithm_t algo,
 
        switch (algo) {
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                OQS_KEM *kem = NULL;
                const char *algo_name;
@@ -789,7 +789,7 @@ static int _wrap_nettle_pk_decaps(gnutls_pk_algorithm_t algo,
 
        switch (algo) {
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                OQS_KEM *kem = NULL;
                const char *algo_name;
@@ -2476,7 +2476,7 @@ static int _wrap_nettle_pk_exists(gnutls_pk_algorithm_t pk)
        case GNUTLS_PK_EDDSA_ED448:
                return 1;
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                const char *algo_name;
 
@@ -2710,7 +2710,7 @@ static int wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo,
        case GNUTLS_PK_GOST_12_256:
        case GNUTLS_PK_GOST_12_512:
 #endif
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_ML_DSA_44:
        case GNUTLS_PK_ML_DSA_65:
        case GNUTLS_PK_ML_DSA_87:
@@ -3142,7 +3142,7 @@ static int pct_test(gnutls_pk_algorithm_t algo,
        case GNUTLS_PK_ECDH_X448:
                break;
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                const char *algo_name;
 
@@ -3907,7 +3907,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
                break;
        }
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                OQS_KEM *kem = NULL;
                const char *algo_name;
@@ -4277,7 +4277,7 @@ static int wrap_nettle_pk_verify_priv_params(gnutls_pk_algorithm_t algo,
                break;
        }
 #ifdef HAVE_LIBOQS
-       case GNUTLS_PK_MLKEM768:
+       case GNUTLS_PK_ML_KEM_768:
        case GNUTLS_PK_EXP_KYBER768: {
                const char *algo_name;
 

diff --git a/tests/privkey-keygen.c b/tests/privkey-keygen.c
index 2af60e27ca5f237e6ff5ebca5ac0c1414199ef42..dac8b638436e82f5046a75870c637f929d211cc4 100644 (file)
--- a/tests/privkey-keygen.c
+++ b/tests/privkey-keygen.c
@@ -162,7 +162,7 @@ void doit(void)
 #endif
                            algorithm == GNUTLS_PK_ECDH_X25519 ||
                            algorithm == GNUTLS_PK_ECDH_X448 ||
-                           algorithm == GNUTLS_PK_MLKEM768)
+                           algorithm == GNUTLS_PK_ML_KEM_768)
                                continue;
 
                        if (algorithm == GNUTLS_PK_GOST_01 ||