#define IS_FALCON(x) \
(((x) == GNUTLS_PK_EXP_FALCON512) || ((x) == GNUTLS_PK_EXP_FALCON1024))
-
-#define IS_SIMPLE_SPHINCS(x) \
- (((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_128S) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_192S) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_256S) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_128S) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_192S) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_256S))
-
-#define IS_FAST_SPHINCS(x) \
- (((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_128F) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_192F) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHA2_256F) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_128F) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_192F) || \
- ((x) == GNUTLS_PK_EXP_SPHINCS_SHAKE_256F))
-
-#define IS_SPHINCS(x) (IS_SIMPLE_SPHINCS(x) || IS_FAST_SPHINCS(x))
#endif
#define SIG_SEM_PRE_TLS12 (1 << 1)
.id = GNUTLS_PK_EXP_FALCON1024,
.curve = GNUTLS_ECC_CURVE_INVALID,
.no_prehashed = 1 },
- { .name = "Sphincs SHA2 128F",
- .oid = SPHINCS_SHA2_128F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_128F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHA2 128S",
- .oid = SPHINCS_SHA2_128S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_128S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHA2 192F",
- .oid = SPHINCS_SHA2_192F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_192F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHA2 192S",
- .oid = SPHINCS_SHA2_192S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_192S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHA2 256F",
- .oid = SPHINCS_SHA2_256F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_256F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHA2 256S",
- .oid = SPHINCS_SHA2_256S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHA2_256S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 128F",
- .oid = SPHINCS_SHAKE_128F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_128F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 128S",
- .oid = SPHINCS_SHAKE_128S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_128S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 192F",
- .oid = SPHINCS_SHAKE_192F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_192F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 192S",
- .oid = SPHINCS_SHAKE_192S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_192S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 256F",
- .oid = SPHINCS_SHAKE_256F_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_256F,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
- { .name = "Sphincs SHAKE 256S",
- .oid = SPHINCS_SHAKE_256S_OID,
- .id = GNUTLS_PK_EXP_SPHINCS_SHAKE_256S,
- .curve = GNUTLS_ECC_CURVE_INVALID,
- .no_prehashed = 1 },
#endif
{ .name = "UNKNOWN",
.oid = NULL,
#ifdef HAVE_LIBOQS
unsigned int ml_dsa_bits;
unsigned int falcon_bits;
- unsigned int sphincs_bits;
#endif
} gnutls_sec_params_entry;
static const gnutls_sec_params_entry sec_params[] = {
{ "Insecure", GNUTLS_SEC_PARAM_INSECURE, 0, 0, 0, 0, 0,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
},
{ "Export", GNUTLS_SEC_PARAM_EXPORT, 42, 512, 0, 84, 0,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
},
{ "Very weak", GNUTLS_SEC_PARAM_VERY_WEAK, 64, 767, 0, 128, 0,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
},
{ "Weak", GNUTLS_SEC_PARAM_WEAK, 72, 1008, 1008, 160, 160,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
},
#ifdef ENABLE_FIPS140
{ "Low", GNUTLS_SEC_PARAM_LOW, 80, 1024, 1024, 160, 160,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
},
{ "Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1024, 1024, 192, 192,
#ifdef HAVE_LIBOQS
- 0, OQS_SIG_falcon_512_length_public_key,
- OQS_SIG_sphincs_sha2_128f_simple_length_public_key
+ 0, OQS_SIG_falcon_512_length_public_key
#endif
},
{ "Medium", GNUTLS_SEC_PARAM_MEDIUM, 112, 2048, 2048, 224, 224,
#ifdef HAVE_LIBOQS
- OQS_SIG_ml_dsa_44_length_public_key, 0, 0
+ OQS_SIG_ml_dsa_44_length_public_key, 0
#endif
},
{ "High", GNUTLS_SEC_PARAM_HIGH, 128, 3072, 3072, 256, 256,
#ifdef HAVE_LIBOQS
- 0, 0, OQS_SIG_sphincs_sha2_192s_simple_length_public_key
+ 0, 0
#endif
},
#else
{ "Low", GNUTLS_SEC_PARAM_LOW, 80, 1024, 1024, 160, 160,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
}, /* ENISA-LEGACY */
{ "Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1776, 2048, 192, 192,
#ifdef HAVE_LIBOQS
- 0, OQS_SIG_falcon_512_length_public_key, OQS_SIG_sphincs_sha2_128f_simple_length_public_key
+ 0, OQS_SIG_falcon_512_length_public_key
#endif
},
{ "Medium", GNUTLS_SEC_PARAM_MEDIUM, 112, 2048, 2048, 256, 224,
#ifdef HAVE_LIBOQS
- OQS_SIG_ml_dsa_44_length_public_key, 0, 0
+ OQS_SIG_ml_dsa_44_length_public_key, 0
#endif
},
{ "High", GNUTLS_SEC_PARAM_HIGH, 128, 3072, 3072, 256, 256,
#ifdef HAVE_LIBOQS
- 0, 0, OQS_SIG_sphincs_sha2_192s_simple_length_public_key
+ 0, 0
#endif
},
#endif
{ "Ultra", GNUTLS_SEC_PARAM_ULTRA, 192, 8192, 8192, 384, 384,
#ifdef HAVE_LIBOQS
- OQS_SIG_ml_dsa_65_length_public_key, 0, 0
+ OQS_SIG_ml_dsa_65_length_public_key, 0
#endif
},
{ "Future", GNUTLS_SEC_PARAM_FUTURE, 256, 15360, 15360, 512, 512,
#ifdef HAVE_LIBOQS
OQS_SIG_ml_dsa_87_length_public_key,
- OQS_SIG_falcon_1024_length_public_key,
- OQS_SIG_sphincs_sha2_256f_simple_length_public_key
+ OQS_SIG_falcon_1024_length_public_key
#endif
},
- { NULL, 0, 0, 0, 0,
+ { NULL, 0, 0, 0, 0, 0, 0,
#ifdef HAVE_LIBOQS
- 0, 0, 0
+ 0, 0
#endif
}
};
ret = p->ml_dsa_bits;
else if (IS_FALCON(algo))
ret = p->falcon_bits;
- else if (IS_SPHINCS(algo))
- ret = p->sphincs_bits;
#endif
else
ret = p->pk_bits;
break;
ret = p->sec_param;
}
- } else if (IS_SPHINCS(algo)) {
- for (p = sec_params; p->name; p++) {
- if (p->sphincs_bits > bits)
- break;
- ret = p->sec_param;
- }
#endif
} else {
for (p = sec_params; p->name; p++) {
.pk = GNUTLS_PK_EXP_FALCON1024,
.hash = GNUTLS_DIG_SHAKE_256,
.aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-128F",
- .oid = SPHINCS_SHA2_128F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_128F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_128F,
- .hash = GNUTLS_DIG_SHA256, //
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-128S",
- .oid = SPHINCS_SHA2_128S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_128S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_128S,
- .hash = GNUTLS_DIG_SHA256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-192F",
- .oid = SPHINCS_SHA2_192F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_192F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_192F,
- .hash = GNUTLS_DIG_SHA256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-192S",
- .oid = SPHINCS_SHA2_192S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_192S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_192S,
- .hash = GNUTLS_DIG_SHA256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-256F",
- .oid = SPHINCS_SHA2_256F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_256F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_256F,
- .hash = GNUTLS_DIG_SHA256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHA2-256S",
- .oid = SPHINCS_SHA2_256S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHA2_256S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHA2_256S,
- .hash = GNUTLS_DIG_SHA256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-128F",
- .oid = SPHINCS_SHAKE_128F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_128F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_128F,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-128S",
- .oid = SPHINCS_SHAKE_128S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_128S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_128S,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-192F",
- .oid = SPHINCS_SHAKE_192F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_192F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_192F,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-192S",
- .oid = SPHINCS_SHAKE_192S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_192S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_192S,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-256F",
- .oid = SPHINCS_SHAKE_256F_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_256F,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_256F,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
- { .name = "Sphincs-SHAKE-256S",
- .oid = SPHINCS_SHAKE_256S_OID,
- .id = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_256S,
- .pk = GNUTLS_PK_EXP_SPHINCS_SHAKE_256S,
- .hash = GNUTLS_DIG_SHAKE_256,
- .aid = TLS_SIGN_AID_UNKNOWN },
#endif
{ .name = 0,
.oid = 0,
#ifdef HAVE_LIBOQS
#define ML_DSA_PRIVATE_PARAMS 4
#define FALCON_PRIVATE_PARAMS 4
-#define SPHINCS_PRIVATE_PARAMS 4
#endif
#if MAX_PRIV_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
FUNC(OQS_STATUS, OQS_KEM_encaps, (const OQS_KEM *kem, uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key), (kem, ciphertext, shared_secret, public_key))
FUNC(OQS_STATUS, OQS_KEM_decaps, (const OQS_KEM *kem, uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key), (kem, shared_secret, ciphertext, secret_key))
VOID_FUNC(void, OQS_KEM_free, (OQS_KEM *kem), (kem))
-VOID_FUNC(void, OQS_SHA2_set_callbacks, (struct OQS_SHA2_callbacks *new_callbacks), (new_callbacks))
-VOID_FUNC(void, OQS_SHA3_set_callbacks, (struct OQS_SHA3_callbacks *new_callbacks), (new_callbacks))
-VOID_FUNC(void, OQS_SHA3_x4_set_callbacks, (struct OQS_SHA3_x4_callbacks *new_callbacks), (new_callbacks))
-FUNC(const char *, OQS_version, (void), ())
FUNC(int, OQS_SIG_alg_is_enabled, (const char *method_name), (method_name))
FUNC(OQS_SIG *, OQS_SIG_new, (const char *method_name), (method_name))
FUNC(OQS_STATUS, OQS_SIG_keypair, (const OQS_SIG *sig, uint8_t *public_key, uint8_t *secret_key), (sig, public_key, secret_key))
privateKey OCTET STRING,
publicKey [1] OCTET STRING OPTIONAL
}
-
-SphincsPrivateKey ::= SEQUENCE {
- version INTEGER,
- privateKeyAlgorithm AlgorithmIdentifier,
- privateKey OCTET STRING,
- publicKey [1] OCTET STRING OPTIONAL
-}
-
END
GNUTLS_PK_EXP_KYBER768 = 257,
GNUTLS_PK_EXP_FALCON512 = 258,
GNUTLS_PK_EXP_FALCON1024 = 259,
- GNUTLS_PK_EXP_SPHINCS_SHA2_128F = 260,
- GNUTLS_PK_EXP_SPHINCS_SHA2_128S = 261,
- GNUTLS_PK_EXP_SPHINCS_SHA2_192F = 262,
- GNUTLS_PK_EXP_SPHINCS_SHA2_192S = 263,
- GNUTLS_PK_EXP_SPHINCS_SHA2_256F = 264,
- GNUTLS_PK_EXP_SPHINCS_SHA2_256S = 265,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_128F = 266,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_128S = 267,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_192F = 268,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_192S = 269,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_256F = 270,
- GNUTLS_PK_EXP_SPHINCS_SHAKE_256S = 271,
- GNUTLS_PK_EXP_MAX = GNUTLS_PK_EXP_SPHINCS_SHAKE_256S
+ GNUTLS_PK_EXP_MAX = GNUTLS_PK_EXP_FALCON1024
} gnutls_pk_algorithm_t;
const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm);
GNUTLS_SIGN_EXP_MIN = 256,
GNUTLS_SIGN_EXP_FALCON512 = 257,
GNUTLS_SIGN_EXP_FALCON1024 = 258,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_128F = 259,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_128S = 260,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_192F = 261,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_192S = 262,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_256F = 263,
- GNUTLS_SIGN_EXP_SPHINCS_SHA2_256S = 264,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_128F = 265,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_128S = 266,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_192F = 267,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_192S = 268,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_256F = 269,
- GNUTLS_SIGN_EXP_SPHINCS_SHAKE_256S = 270,
- GNUTLS_SIGN_EXP_MAX = GNUTLS_SIGN_EXP_SPHINCS_SHAKE_256S,
+ GNUTLS_SIGN_EXP_MAX = GNUTLS_SIGN_EXP_FALCON1024,
} gnutls_sign_algorithm_t;
/**
return OQS_KEM_alg_ml_kem_768;
case GNUTLS_PK_EXP_KYBER768:
return OQS_KEM_alg_kyber_768;
+ case GNUTLS_PK_ML_DSA_44:
+ return OQS_SIG_alg_ml_dsa_44;
+ case GNUTLS_PK_ML_DSA_65:
+ return OQS_SIG_alg_ml_dsa_65;
+ case GNUTLS_PK_ML_DSA_87:
+ return OQS_SIG_alg_ml_dsa_87;
+ case GNUTLS_PK_EXP_FALCON512:
+ return OQS_SIG_alg_falcon_512;
+ case GNUTLS_PK_EXP_FALCON1024:
+ return OQS_SIG_alg_falcon_1024;
default:
gnutls_assert();
return NULL;
}
}
-#ifdef HAVE_LIBOQS
-static inline const char *convert_to_oqs_alg(gnutls_pk_algorithm_t algo)
-{
- switch (algo) {
- case GNUTLS_PK_ML_DSA_44:
- return OQS_SIG_alg_ml_dsa_44;
- case GNUTLS_PK_ML_DSA_65:
- return OQS_SIG_alg_ml_dsa_65;
- case GNUTLS_PK_ML_DSA_87:
- return OQS_SIG_alg_ml_dsa_87;
- case GNUTLS_PK_EXP_FALCON512:
- return OQS_SIG_alg_falcon_512;
- case GNUTLS_PK_EXP_FALCON1024:
- return OQS_SIG_alg_falcon_1024;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- return OQS_SIG_alg_sphincs_sha2_128f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- return OQS_SIG_alg_sphincs_sha2_128s_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- return OQS_SIG_alg_sphincs_sha2_192f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- return OQS_SIG_alg_sphincs_sha2_192s_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- return OQS_SIG_alg_sphincs_sha2_256f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- return OQS_SIG_alg_sphincs_sha2_256s_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- return OQS_SIG_alg_sphincs_shake_128f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- return OQS_SIG_alg_sphincs_shake_128s_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- return OQS_SIG_alg_sphincs_shake_192f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- return OQS_SIG_alg_sphincs_shake_192s_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- return OQS_SIG_alg_sphincs_shake_256f_simple;
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
- return OQS_SIG_alg_sphincs_shake_256s_simple;
- default:
- gnutls_assert();
- return NULL;
- }
-}
-#endif
-
/* This is the lower-level part of privkey_sign_raw_data().
*
* It accepts data in the appropriate hash form, i.e., DigestInfo
case GNUTLS_PK_ML_DSA_65:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
- case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S: {
+ case GNUTLS_PK_EXP_FALCON1024: {
OQS_SIG *sig;
OQS_STATUS rc;
size_t size;
- const char *algo_name = convert_to_oqs_alg(algo);
+ const char *algo_name = pk_to_liboqs_algo(algo);
if (algo_name == NULL ||
!GNUTLS_OQS_FUNC(OQS_SIG_alg_is_enabled)(algo_name)) {
return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
case GNUTLS_PK_ML_DSA_65:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
- case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S: {
+ case GNUTLS_PK_EXP_FALCON1024: {
OQS_SIG *sig;
OQS_STATUS rc;
- const char *algo_name = convert_to_oqs_alg(algo);
+ const char *algo_name = pk_to_liboqs_algo(algo);
if (algo_name == NULL ||
!GNUTLS_OQS_FUNC(OQS_SIG_alg_is_enabled)(algo_name)) {
return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
case GNUTLS_PK_ML_DSA_65:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
- case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S: {
+ case GNUTLS_PK_EXP_FALCON1024: {
const char *algo_name;
if (_gnutls_liboqs_ensure() < 0)
case GNUTLS_PK_GOST_12_256:
case GNUTLS_PK_GOST_12_512:
#endif
+ case GNUTLS_PK_MLKEM768:
case GNUTLS_PK_ML_DSA_44:
case GNUTLS_PK_ML_DSA_65:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
break;
default:
gnutls_assert();
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
if (params->pkflags & GNUTLS_PK_FLAG_PROVABLE)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
not_approved = true;
- const char *algo_name = convert_to_oqs_alg(algo);
+ const char *algo_name = pk_to_liboqs_algo(algo);
if (algo_name == NULL ||
!GNUTLS_OQS_FUNC(OQS_SIG_alg_is_enabled)(
algo_name)) {
}
#ifdef HAVE_LIBOQS
case GNUTLS_PK_MLKEM768:
- case GNUTLS_PK_EXP_KYBER768: {
+ case GNUTLS_PK_EXP_KYBER768:
+ case GNUTLS_PK_ML_DSA_44:
+ case GNUTLS_PK_ML_DSA_65:
+ case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_EXP_FALCON512:
+ case GNUTLS_PK_EXP_FALCON1024: {
const char *algo_name;
if (_gnutls_liboqs_ensure() < 0)
ret = 0;
break;
}
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
- case GNUTLS_PK_EXP_FALCON512:
- case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
- ret = 0;
- break;
#endif
#if ENABLE_GOST
case GNUTLS_PK_GOST_01:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
#endif
ret = _gnutls_set_datum(&pub->raw_pub, priv->raw_pub.data,
priv->raw_pub.size);
{ GNUTLS_PK_ML_DSA_87, OQS_SIG_ml_dsa_87_length_public_key },
{ GNUTLS_PK_EXP_FALCON512, OQS_SIG_falcon_512_length_public_key },
{ GNUTLS_PK_EXP_FALCON1024, OQS_SIG_falcon_1024_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_128F,
- OQS_SIG_sphincs_sha2_128f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_128S,
- OQS_SIG_sphincs_sha2_128s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_192F,
- OQS_SIG_sphincs_sha2_192f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_192S,
- OQS_SIG_sphincs_sha2_192s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_256F,
- OQS_SIG_sphincs_sha2_256f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_256S,
- OQS_SIG_sphincs_sha2_256s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_128F,
- OQS_SIG_sphincs_shake_128f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_128S,
- OQS_SIG_sphincs_shake_128s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_192F,
- OQS_SIG_sphincs_shake_192f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_192S,
- OQS_SIG_sphincs_shake_192s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_256F,
- OQS_SIG_sphincs_shake_256f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_256S,
- OQS_SIG_sphincs_shake_256s_simple_length_public_key },
{ GNUTLS_PK_UNKNOWN, 0 }
};
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
return pq_pubkey_to_bits(params->algo);
#endif
default:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
if (hash)
*hash = GNUTLS_DIG_SHAKE_256;
ret = 0;
break;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- if (hash)
- *hash = GNUTLS_DIG_SHA256;
- ret = 0;
- break;
#endif
default:
gnutls_assert();
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
#endif
if (_gnutls_pk_verify(se->pk, data, signature, params,
sign_params) != 0) {
#define FALCON512_OID "1.3.9999.3.1"
#define FALCON1024_OID "1.3.9999.3.4"
-
-#define SPHINCS_SHA2_128F_OID "1.3.9999.6.4.1"
-#define SPHINCS_SHA2_128S_OID "1.3.9999.6.4.2"
-#define SPHINCS_SHA2_192F_OID "1.3.9999.6.5.1"
-#define SPHINCS_SHA2_192S_OID "1.3.9999.6.5.2"
-#define SPHINCS_SHA2_256F_OID "1.3.9999.6.6.1"
-#define SPHINCS_SHA2_256S_OID "1.3.9999.6.6.2"
-#define SPHINCS_SHAKE_128F_OID "1.3.9999.6.7.1"
-#define SPHINCS_SHAKE_128S_OID "1.3.9999.6.7.2"
-#define SPHINCS_SHAKE_192F_OID "1.3.9999.6.8.1"
-#define SPHINCS_SHAKE_192S_OID "1.3.9999.6.8.2"
-#define SPHINCS_SHAKE_256F_OID "1.3.9999.6.9.1"
-#define SPHINCS_SHAKE_256S_OID "1.3.9999.6.9.2"
#endif
#define ASN1_NULL "\x05\x00"
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
ret = _gnutls_set_datum(¶ms->raw_pub, der, dersize);
break;
#endif
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
#endif
return 0;
default:
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
#endif
der->data = NULL;
der->size = 0;
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
return _gnutls_x509_write_pqc_alg_pubkey(params, der);
#endif
default:
return '\x01';
case GNUTLS_PK_EXP_FALCON1024:
return '\x02';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- return '\x01';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- return '\x02';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- return '\x03';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- return '\x04';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- return '\x05';
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- return '\x06';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- return '\x07';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- return '\x08';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- return '\x09';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- return '\x0a';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- return '\x0b';
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
- return '\x0c';
default:
return '\x00';
}
return GNUTLS_E_SUCCESS;
}
-cleanup:
- asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
-
- return ret;
-}
-
-static int _gnutls_asn1_encode_sphincs(asn1_node *c2,
- gnutls_pk_params_st *params)
-{
- int ret;
- const char *oid;
-
- oid = gnutls_pk_get_oid(params->algo);
- if (oid == NULL)
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
-
- /* first make sure that no previously allocated data are leaked */
- if (*c2 != NULL) {
- asn1_delete_structure(c2);
- *c2 = NULL;
- }
-
- if ((ret = asn1_create_element(_gnutls_get_gnutls_asn(),
- "GNUTLS.SphincsPrivateKey", c2)) !=
- ASN1_SUCCESS) {
- gnutls_assert();
- ret = _gnutls_asn2err(ret);
- goto cleanup;
- }
-
- ret = _gnutls_asn1_encode_pqc_alg(c2, params, oid,
- _gnutls_get_pqc_alg_version(params));
- if (ret < 0)
- goto cleanup;
-
- return GNUTLS_E_SUCCESS;
-
cleanup:
asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
return _gnutls_asn1_encode_falcon(c2, params);
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
- return _gnutls_asn1_encode_sphincs(c2, params);
#endif
default:
return GNUTLS_E_UNIMPLEMENTED_FEATURE;
pk_algorithm != GNUTLS_PK_ML_DSA_65 &&
pk_algorithm != GNUTLS_PK_ML_DSA_87 &&
pk_algorithm != GNUTLS_PK_EXP_FALCON512 &&
- pk_algorithm != GNUTLS_PK_EXP_FALCON1024 &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_128F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_128S &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_192F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_192S &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_256F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHA2_256S &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_128F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_128S &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_192F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_192S &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_256F &&
- pk_algorithm != GNUTLS_PK_EXP_SPHINCS_SHAKE_256S
+ pk_algorithm != GNUTLS_PK_EXP_FALCON1024
#endif
) {
/* RSA, EdDSA and PQ algorithms do not use parameters */
return 0;
-error:
- asn1_delete_structure2(pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
- gnutls_pk_params_clear(&pkey->params);
- gnutls_pk_params_release(&pkey->params);
- return result;
-}
-
-static const struct pqc_algorithm_version_st sphincs_versions[] = {
- { '\x01', GNUTLS_PK_EXP_SPHINCS_SHA2_128F,
- OQS_SIG_sphincs_sha2_128f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_128f_simple_length_public_key },
- { '\x02', GNUTLS_PK_EXP_SPHINCS_SHA2_128S,
- OQS_SIG_sphincs_sha2_128s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_128s_simple_length_public_key },
- { '\x03', GNUTLS_PK_EXP_SPHINCS_SHA2_192F,
- OQS_SIG_sphincs_sha2_192f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_192f_simple_length_public_key },
- { '\x04', GNUTLS_PK_EXP_SPHINCS_SHA2_192S,
- OQS_SIG_sphincs_sha2_192s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_192s_simple_length_public_key },
- { '\x05', GNUTLS_PK_EXP_SPHINCS_SHA2_256F,
- OQS_SIG_sphincs_sha2_256f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_256f_simple_length_public_key },
- { '\x06', GNUTLS_PK_EXP_SPHINCS_SHA2_256S,
- OQS_SIG_sphincs_sha2_256s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_256s_simple_length_public_key },
- { '\x07', GNUTLS_PK_EXP_SPHINCS_SHAKE_128F,
- OQS_SIG_sphincs_shake_128f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_128f_simple_length_public_key },
- { '\x08', GNUTLS_PK_EXP_SPHINCS_SHAKE_128S,
- OQS_SIG_sphincs_shake_128s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_128s_simple_length_public_key },
- { '\x09', GNUTLS_PK_EXP_SPHINCS_SHAKE_192F,
- OQS_SIG_sphincs_shake_192f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_192f_simple_length_public_key },
- { '\x0a', GNUTLS_PK_EXP_SPHINCS_SHAKE_192S,
- OQS_SIG_sphincs_shake_192s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_192s_simple_length_public_key },
- { '\x0b', GNUTLS_PK_EXP_SPHINCS_SHAKE_256F,
- OQS_SIG_sphincs_shake_256f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_256f_simple_length_public_key },
- { '\x0c', GNUTLS_PK_EXP_SPHINCS_SHAKE_256S,
- OQS_SIG_sphincs_shake_256s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_256s_simple_length_public_key },
-
- { '\x00', GNUTLS_PK_UNKNOWN, 0, 0 }
-};
-
-static int _gnutls_set_sphincs_params(const uint8_t *version,
- gnutls_x509_privkey_t pkey)
-{
- const struct pqc_algorithm_version_st *v = sphincs_versions;
- while (v->algorithm != GNUTLS_PK_UNKNOWN && v->version != *version)
- v++;
-
- pkey->params.raw_priv.size = v->secret_key_length;
- pkey->params.raw_pub.size = v->public_key_length;
- pkey->params.params_nr = SPHINCS_PRIVATE_PARAMS;
- pkey->params.algo = v->algorithm;
-
- if (v->algorithm == GNUTLS_PK_UNKNOWN)
- return GNUTLS_E_UNKNOWN_ALGORITHM;
-
- return 0;
-}
-
-int _gnutls_privkey_decode_sphincs_key(asn1_node *pkey_asn,
- const gnutls_datum_t *raw_key,
- gnutls_x509_privkey_t pkey)
-{
- int result;
- uint8_t version;
-
- gnutls_pk_params_init(&pkey->params);
-
- if ((result = asn1_create_element(_gnutls_get_gnutls_asn(),
- "GNUTLS.SphincsPrivateKey",
- pkey_asn)) != ASN1_SUCCESS) {
- gnutls_assert();
- return _gnutls_asn2err(result);
- }
-
- result = _gnutls_decode_pqc_keys(pkey_asn, raw_key, pkey, &version);
- if (result < 0)
- goto error;
-
- result = _gnutls_set_sphincs_params(&version, pkey);
- if (result < 0)
- goto error;
-
- return 0;
-
error:
asn1_delete_structure2(pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
gnutls_pk_params_clear(&pkey->params);
#ifdef HAVE_LIBOQS
#define PEM_KEY_ML_DSA "ML-DSA PRIVATE KEY"
#define PEM_KEY_FALCON "FALCON PRIVATE KEY"
-#define PEM_KEY_SPHINCS "SPHINCS PRIVATE KEY"
#endif
#define PEM_KEY_PKCS8 "PRIVATE KEY"
key->params.algo =
GNUTLS_PK_EXP_FALCON512;
}
- } else if (left > sizeof(PEM_KEY_SPHINCS) &&
- memcmp(ptr, PEM_KEY_SPHINCS,
- sizeof(PEM_KEY_SPHINCS) -
- 1) == 0) {
- result = _gnutls_fbase64_decode(
- PEM_KEY_SPHINCS, begin_ptr,
- left, &_data);
- if (result >= 0) {
- key->params.algo =
- GNUTLS_PK_EXP_SPHINCS_SHA2_128F;
- }
#endif
}
result = _gnutls_privkey_decode_falcon_key(&key->key, &_data,
key);
- if (result < 0) {
- gnutls_assert();
- key->key = NULL;
- }
- } else if (key->params.algo == GNUTLS_PK_EXP_SPHINCS_SHA2_128F) {
- result = _gnutls_privkey_decode_sphincs_key(&key->key, &_data,
- key);
-
if (result < 0) {
gnutls_assert();
key->key = NULL;
sizeof(PEM_KEY_ML_DSA) - 1) == 0) ||
(left > sizeof(PEM_KEY_FALCON) &&
memcmp(ptr, PEM_KEY_FALCON,
- sizeof(PEM_KEY_FALCON) - 1) == 0) ||
- (left > sizeof(PEM_KEY_SPHINCS) &&
- memcmp(ptr, PEM_KEY_SPHINCS,
- sizeof(PEM_KEY_SPHINCS) - 1) == 0)
+ sizeof(PEM_KEY_FALCON) - 1) == 0)
#endif
) {
head_enc = 0;
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
return PEM_KEY_FALCON;
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
- return PEM_KEY_SPHINCS;
#endif
default:
return "UNKNOWN";
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
ret = _gnutls_x509_encode_string(
ASN1_ETYPE_OCTET_STRING, pkey->params.raw_priv.data,
pkey->params.raw_priv.size + pkey->params.raw_pub.size,
OQS_SIG_falcon_512_length_public_key },
{ GNUTLS_PK_EXP_FALCON1024, OQS_SIG_falcon_1024_length_secret_key,
OQS_SIG_falcon_1024_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_128F,
- OQS_SIG_sphincs_sha2_128f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_128f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_128S,
- OQS_SIG_sphincs_sha2_128s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_128s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_192F,
- OQS_SIG_sphincs_sha2_192f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_192f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_192S,
- OQS_SIG_sphincs_sha2_192s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_192s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_256F,
- OQS_SIG_sphincs_sha2_256f_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_256f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHA2_256S,
- OQS_SIG_sphincs_sha2_256s_simple_length_secret_key,
- OQS_SIG_sphincs_sha2_256s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_128F,
- OQS_SIG_sphincs_shake_128f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_128f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_128S,
- OQS_SIG_sphincs_shake_128s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_128s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_192F,
- OQS_SIG_sphincs_shake_192f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_192f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_192S,
- OQS_SIG_sphincs_shake_192s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_192s_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_256F,
- OQS_SIG_sphincs_shake_256f_simple_length_secret_key,
- OQS_SIG_sphincs_shake_256f_simple_length_public_key },
- { GNUTLS_PK_EXP_SPHINCS_SHAKE_256S,
- OQS_SIG_sphincs_shake_256s_simple_length_secret_key,
- OQS_SIG_sphincs_shake_256s_simple_length_public_key },
{ GNUTLS_PK_UNKNOWN, 0, 0 }
};
case GNUTLS_PK_ML_DSA_87:
case GNUTLS_PK_EXP_FALCON512:
case GNUTLS_PK_EXP_FALCON1024:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHA2_256S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_128S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_192S:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256F:
- case GNUTLS_PK_EXP_SPHINCS_SHAKE_256S:
result = _decode_pkcs8_pqc_alg_key(pkcs8_asn, pkey, oid);
break;
#endif
const gnutls_datum_t *raw_key,
gnutls_x509_privkey_t pkey);
-int _gnutls_privkey_decode_sphincs_key(asn1_node *pkey_asn,
- const gnutls_datum_t *raw_key,
- gnutls_x509_privkey_t pkey);
#endif
int _gnutls_privkey_decode_eddsa_key(asn1_node *pkey_asn,
void doit(void)
{
gnutls_x509_privkey_t pkey, dst;
- int ret, i;
+ int ret, algorithm, i;
gnutls_fips140_context_t fips_context;
ret = global_init();
algorithm == GNUTLS_PK_MLKEM768)
continue;
+ if (algorithm == GNUTLS_PK_GOST_01 ||
+ algorithm == GNUTLS_PK_GOST_12_256 ||
+ algorithm == GNUTLS_PK_GOST_12_512) {
+ /* Skip GOST algorithms:
+ * - If they are disabled by ./configure option
+ * - Or in FIPS140 mode
+ */
+#ifdef ENABLE_GOST
+ if (gnutls_fips140_mode_enabled())
+ continue;
+#else
+ continue;
+#endif
+ }
+
ret = gnutls_x509_privkey_init(&pkey);
if (ret < 0) {
fail("gnutls_x509_privkey_init: %d\n", ret);
FIPS_PUSH_CONTEXT();
ret = gnutls_x509_privkey_generate(
- pkey, *algorithm,
- gnutls_sec_param_to_pk_bits(*algorithm,
+ pkey, algorithm,
+ gnutls_sec_param_to_pk_bits(algorithm,
sec_param[i]),
0);
if (ret < 0) {
fail("gnutls_x509_privkey_generate (%s-%d): %s (%d)\n",
- gnutls_pk_algorithm_get_name(*algorithm),
- gnutls_sec_param_to_pk_bits(*algorithm,
+ gnutls_pk_algorithm_get_name(algorithm),
+ gnutls_sec_param_to_pk_bits(algorithm,
sec_param[i]),
gnutls_strerror(ret), ret);
} else if (debug) {
success("Key[%s] generation ok: %d\n",
- gnutls_pk_algorithm_get_name(
- *algorithm),
+ gnutls_pk_algorithm_get_name(algorithm),
ret);
}
- if (is_approved_pk_algo(*algorithm)) {
+ if (is_approved_pk_algo(algorithm)) {
FIPS_POP_CONTEXT(APPROVED);
} else {
FIPS_POP_CONTEXT(NOT_APPROVED);
ret = gnutls_x509_privkey_verify_params(pkey);
if (ret < 0) {
fail("gnutls_x509_privkey_generate (%s): %s (%d)\n",
- gnutls_pk_algorithm_get_name(*algorithm),
+ gnutls_pk_algorithm_get_name(algorithm),
gnutls_strerror(ret), ret);
}
ret = gnutls_x509_privkey_cpy(dst, pkey);
if (ret < 0) {
fail("gnutls_x509_privkey_cpy (%s): %s (%d)\n",
- gnutls_pk_algorithm_get_name(*algorithm),
+ gnutls_pk_algorithm_get_name(algorithm),
gnutls_strerror(ret), ret);
}
ret = gnutls_x509_privkey_verify_params(pkey);
if (ret < 0) {
fail("gnutls_x509_privkey_generate after cpy (%s): %s (%d)\n",
- gnutls_pk_algorithm_get_name(*algorithm),
+ gnutls_pk_algorithm_get_name(algorithm),
gnutls_strerror(ret), ret);
}
/* RSA-OAEP doesn't support signing */
- if (*algorithm == GNUTLS_PK_RSA_OAEP) {
+ if (algorithm == GNUTLS_PK_RSA_OAEP) {
goto end;
}
FIPS_PUSH_CONTEXT();
- sign_verify_data(*algorithm, pkey);
- if (is_approved_pk_algo(*algorithm)) {
+ sign_verify_data(algorithm, pkey);
+ if (is_approved_pk_algo(algorithm)) {
FIPS_POP_CONTEXT(APPROVED);
} else {
FIPS_POP_CONTEXT(NOT_APPROVED);
}
FIPS_PUSH_CONTEXT();
- sign_verify_data(*algorithm, dst);
- if (is_approved_pk_algo(*algorithm)) {
+ sign_verify_data(algorithm, dst);
+ if (is_approved_pk_algo(algorithm)) {
FIPS_POP_CONTEXT(APPROVED);
} else {
FIPS_POP_CONTEXT(NOT_APPROVED);
gnutls_x509_privkey_deinit(pkey);
gnutls_x509_privkey_deinit(dst);
success("Generated key with %s-%d\n",
- gnutls_pk_algorithm_get_name(*algorithm),
- gnutls_sec_param_to_pk_bits(*algorithm,
+ gnutls_pk_algorithm_get_name(algorithm),
+ gnutls_sec_param_to_pk_bits(algorithm,
sec_param[i]));
}
}
projects / thirdparty / gnutls.git / commitdiff
