From dfa44a9775b99b3277744c675adb437e1edb8c04 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Tue, 10 Dec 2024 16:29:20 +0100 Subject: [PATCH] Tracker for FIPS204 / ML-DSA (#568) * tracking fips204 Signed-off-by: Basil Hess * sync with liboqs Signed-off-by: Basil Hess * Update ML-DSA code points Signed-off-by: Basil Hess * Add references to OIDs and code points Signed-off-by: Basil Hess --------- Signed-off-by: Basil Hess --- ALGORITHMS.md | 48 ++++++++++++++-------------- oqs-template/generate.yml | 57 ++++++++++++++++++---------------- oqs-template/oqs-sig-info.md | 34 ++++++++++---------- oqsprov/oqsprov.c | 14 ++++----- oqsprov/oqsprov_capabilities.c | 36 ++++++++++----------- scripts/fullbuild.sh | 2 +- 6 files changed, 98 insertions(+), 93 deletions(-) diff --git a/ALGORITHMS.md b/ALGORITHMS.md index b7ef5929..0af1797d 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -72,26 +72,26 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p384_dilithium3 | 0xfea4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3 | dilithium5 | 0xfea5 |Yes| OQS_CODEPOINT_DILITHIUM5 | p521_dilithium5 | 0xfea6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5 -| mldsa44 | 0xfed0 |Yes| OQS_CODEPOINT_MLDSA44 -| p256_mldsa44 | 0xfed3 |Yes| OQS_CODEPOINT_P256_MLDSA44 -| rsa3072_mldsa44 | 0xfed4 |Yes| OQS_CODEPOINT_RSA3072_MLDSA44 -| mldsa44_pss2048 | 0xfee1 |Yes| OQS_CODEPOINT_MLDSA44_pss2048 -| mldsa44_rsa2048 | 0xfee2 |Yes| OQS_CODEPOINT_MLDSA44_rsa2048 -| mldsa44_ed25519 | 0xfee3 |Yes| OQS_CODEPOINT_MLDSA44_ed25519 -| mldsa44_p256 | 0xfee4 |Yes| OQS_CODEPOINT_MLDSA44_p256 +| mldsa44 | 0x0904 |Yes| OQS_CODEPOINT_MLDSA44 +| p256_mldsa44 | 0xff06 |Yes| OQS_CODEPOINT_P256_MLDSA44 +| rsa3072_mldsa44 | 0xff07 |Yes| OQS_CODEPOINT_RSA3072_MLDSA44 +| mldsa44_pss2048 | 0x090f |Yes| OQS_CODEPOINT_MLDSA44_pss2048 +| mldsa44_rsa2048 | 0x090c |Yes| OQS_CODEPOINT_MLDSA44_rsa2048 +| mldsa44_ed25519 | 0x090a |Yes| OQS_CODEPOINT_MLDSA44_ed25519 +| mldsa44_p256 | 0x0907 |Yes| OQS_CODEPOINT_MLDSA44_p256 | mldsa44_bp256 | 0xfee5 |Yes| OQS_CODEPOINT_MLDSA44_bp256 -| mldsa65 | 0xfed1 |Yes| OQS_CODEPOINT_MLDSA65 -| p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65 -| mldsa65_pss3072 | 0xfee6 |Yes| OQS_CODEPOINT_MLDSA65_pss3072 -| mldsa65_rsa3072 | 0xfee7 |Yes| OQS_CODEPOINT_MLDSA65_rsa3072 -| mldsa65_p256 | 0xfee8 |Yes| OQS_CODEPOINT_MLDSA65_p256 +| mldsa65 | 0x0905 |Yes| OQS_CODEPOINT_MLDSA65 +| p384_mldsa65 | 0xff08 |Yes| OQS_CODEPOINT_P384_MLDSA65 +| mldsa65_pss3072 | 0x0910 |Yes| OQS_CODEPOINT_MLDSA65_pss3072 +| mldsa65_rsa3072 | 0x090d |Yes| OQS_CODEPOINT_MLDSA65_rsa3072 +| mldsa65_p256 | 0x0908 |Yes| OQS_CODEPOINT_MLDSA65_p256 | mldsa65_bp256 | 0xfee9 |Yes| OQS_CODEPOINT_MLDSA65_bp256 -| mldsa65_ed25519 | 0xfeea |Yes| OQS_CODEPOINT_MLDSA65_ed25519 -| mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87 -| p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87 -| mldsa87_p384 | 0xfeeb |Yes| OQS_CODEPOINT_MLDSA87_p384 +| mldsa65_ed25519 | 0x090b |Yes| OQS_CODEPOINT_MLDSA65_ed25519 +| mldsa87 | 0x0906 |Yes| OQS_CODEPOINT_MLDSA87 +| p521_mldsa87 | 0xff09 |Yes| OQS_CODEPOINT_P521_MLDSA87 +| mldsa87_p384 | 0x0909 |Yes| OQS_CODEPOINT_MLDSA87_p384 | mldsa87_bp384 | 0xfeec |Yes| OQS_CODEPOINT_MLDSA87_bp384 -| mldsa87_ed448 | 0xfeed |Yes| OQS_CODEPOINT_MLDSA87_ed448 +| mldsa87_ed448 | 0x0912 |Yes| OQS_CODEPOINT_MLDSA87_ed448 | falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512 | p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512 | rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 @@ -190,23 +190,23 @@ discussed in https://github.com/open-quantum-safe/oqs-provider/issues/351. | p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3 | dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5 | p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5 -| mldsa44 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_MLDSA44 -| p256_mldsa44 | 1.3.9999.7.1 |Yes| OQS_OID_P256_MLDSA44 -| rsa3072_mldsa44 | 1.3.9999.7.2 |Yes| OQS_OID_RSA3072_MLDSA44 +| mldsa44 | 2.16.840.1.101.3.4.3.17 |Yes| OQS_OID_MLDSA44 +| p256_mldsa44 | 1.3.9999.7.5 |Yes| OQS_OID_P256_MLDSA44 +| rsa3072_mldsa44 | 1.3.9999.7.6 |Yes| OQS_OID_RSA3072_MLDSA44 | mldsa44_pss2048 | 2.16.840.1.114027.80.8.1.1 |Yes| OQS_OID_MLDSA44_pss2048 | mldsa44_rsa2048 | 2.16.840.1.114027.80.8.1.2 |Yes| OQS_OID_MLDSA44_rsa2048 | mldsa44_ed25519 | 2.16.840.1.114027.80.8.1.3 |Yes| OQS_OID_MLDSA44_ed25519 | mldsa44_p256 | 2.16.840.1.114027.80.8.1.4 |Yes| OQS_OID_MLDSA44_p256 | mldsa44_bp256 | 2.16.840.1.114027.80.8.1.5 |Yes| OQS_OID_MLDSA44_bp256 -| mldsa65 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_MLDSA65 -| p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65 +| mldsa65 | 2.16.840.1.101.3.4.3.18 |Yes| OQS_OID_MLDSA65 +| p384_mldsa65 | 1.3.9999.7.7 |Yes| OQS_OID_P384_MLDSA65 | mldsa65_pss3072 | 2.16.840.1.114027.80.8.1.6 |Yes| OQS_OID_MLDSA65_pss3072 | mldsa65_rsa3072 | 2.16.840.1.114027.80.8.1.7 |Yes| OQS_OID_MLDSA65_rsa3072 | mldsa65_p256 | 2.16.840.1.114027.80.8.1.8 |Yes| OQS_OID_MLDSA65_p256 | mldsa65_bp256 | 2.16.840.1.114027.80.8.1.9 |Yes| OQS_OID_MLDSA65_bp256 | mldsa65_ed25519 | 2.16.840.1.114027.80.8.1.10 |Yes| OQS_OID_MLDSA65_ed25519 -| mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87 -| p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87 +| mldsa87 | 2.16.840.1.101.3.4.3.19 |Yes| OQS_OID_MLDSA87 +| p521_mldsa87 | 1.3.9999.7.8 |Yes| OQS_OID_P521_MLDSA87 | mldsa87_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_MLDSA87_p384 | mldsa87_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_MLDSA87_bp384 | mldsa87_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_MLDSA87_ed448 diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 0f4bd1a9..8fb023ed 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -426,7 +426,7 @@ kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values -# Next free signature ID: 0xff06 +# Next free signature ID: 0xff0a sigs: # - # iso (1) @@ -575,6 +575,11 @@ sigs: 'pretty_name': 'ECDSA p521', 'oid': '1.3.9999.2.11.4', 'code_point': '0xfead'}] +# NIST OIDs see https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration +# Signature prefix 2.16.840.1.101.3.4.3. +# ML-DSA code points: https://datatracker.ietf.org/doc/draft-tls-westerbaan-mldsa/00 +# Composite-ML-DSA OIDs: https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/02/ +# Composite-ML-DSA code points: https://datatracker.ietf.org/doc/draft-reddy-tls-composite-mldsa/01 - family: 'ML-DSA' variants: @@ -582,37 +587,37 @@ sigs: name: 'mldsa44' pretty_name: 'ML-DSA-44' oqs_meth: 'OQS_SIG_alg_ml_dsa_44' - oid: '1.3.6.1.4.1.2.267.12.4.4' - code_point: '0xfed0' + oid: '2.16.840.1.101.3.4.3.17' + code_point: '0x0904' enable: true mix_with: [{'name': 'p256', 'pretty_name': 'ECDSA p256', - 'oid': '1.3.9999.7.1', - 'code_point': '0xfed3'}, + 'oid': '1.3.9999.7.5', + 'code_point': '0xff06'}, {'name': 'rsa3072', 'pretty_name': 'RSA3072', - 'oid': '1.3.9999.7.2', - 'code_point': '0xfed4'}] + 'oid': '1.3.9999.7.6', + 'code_point': '0xff07'}] composite: [{'name': 'pss2048', 'pretty_name': 'RSA PSS 2048', 'security': '112', 'oid': '2.16.840.1.114027.80.8.1.1', - 'code_point': '0xfee1'}, + 'code_point': '0x090f'}, {'name': 'rsa2048', - 'pretty_name': 'RSA2028', + 'pretty_name': 'RSA2048', 'security': '112', 'oid': '2.16.840.1.114027.80.8.1.2', - 'code_point': '0xfee2'}, + 'code_point': '0x090c'}, {'name': 'ed25519', 'pretty_name': 'ED25519', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.3', - 'code_point': '0xfee3'}, + 'code_point': '0x090a'}, {'name': 'p256', 'pretty_name': 'ECDSA p256', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.4', - 'code_point': '0xfee4'}, + 'code_point': '0x0907'}, {'name': 'bp256', 'pretty_name': 'ECDSA brainpoolP256r1', 'security': '256', @@ -622,28 +627,28 @@ sigs: name: 'mldsa65' pretty_name: 'ML-DSA-65' oqs_meth: 'OQS_SIG_alg_ml_dsa_65' - oid: '1.3.6.1.4.1.2.267.12.6.5' - code_point: '0xfed1' + oid: '2.16.840.1.101.3.4.3.18' + code_point: '0x0905' enable: true mix_with: [{'name': 'p384', 'pretty_name': 'ECDSA p384', - 'oid': '1.3.9999.7.3', - 'code_point': '0xfed5'}] + 'oid': '1.3.9999.7.7', + 'code_point': '0xff08'}] composite: [{'name': 'pss3072', 'pretty_name': 'RSA PSS 3072', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.6', - 'code_point': '0xfee6'}, + 'code_point': '0x0910'}, {'name': 'rsa3072', 'pretty_name': 'RSA 3072', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.7', - 'code_point': '0xfee7'}, + 'code_point': '0x090d'}, {'name': 'p256', 'pretty_name': 'ECDSA p256', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.8', - 'code_point': '0xfee8'}, + 'code_point': '0x0908'}, {'name': 'bp256', 'pretty_name': 'ECDSA brainpoolP256r1', 'security': '256', @@ -653,23 +658,23 @@ sigs: 'pretty_name': 'ED25519', 'security': '128', 'oid': '2.16.840.1.114027.80.8.1.10', - 'code_point': '0xfeea'}] + 'code_point': '0x090b'}] - name: 'mldsa87' pretty_name: 'ML-DSA-87' oqs_meth: 'OQS_SIG_alg_ml_dsa_87' - oid: '1.3.6.1.4.1.2.267.12.8.7' - code_point: '0xfed2' + oid: '2.16.840.1.101.3.4.3.19' + code_point: '0x0906' enable: true mix_with: [{'name': 'p521', 'pretty_name': 'ECDSA p521', - 'oid': '1.3.9999.7.4', - 'code_point': '0xfed6'}] + 'oid': '1.3.9999.7.8', + 'code_point': '0xff09'}] composite: [{'name': 'p384', 'pretty_name': 'ECDSA p384', 'security': '192', 'oid': '2.16.840.1.114027.80.8.1.11', - 'code_point': '0xfeeb'}, + 'code_point': '0x0909'}, {'name': 'bp384', 'pretty_name': 'ECDSA brainpoolP384r1', 'security': '384', @@ -679,7 +684,7 @@ sigs: 'pretty_name': 'ED448', 'security': '192', 'oid': '2.16.840.1.114027.80.8.1.13', - 'code_point': '0xfeed'}] + 'code_point': '0x0912'}] - # iso (1) # identified-organization (3) diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md index 787cf569..7ba2a85a 100644 --- a/oqs-template/oqs-sig-info.md +++ b/oqs-template/oqs-sig-info.md @@ -58,26 +58,26 @@ | mayo3 **hybrid with** p384 | https://doi.org/10.46586/tches.v2024.i2.252-275 | 1 | 3 | 0xfef4 | 1.3.9999.8.3.2 | | mayo5 | https://doi.org/10.46586/tches.v2024.i2.252-275 | 1 | 5 | 0xfef1 | 1.3.9999.8.5.1 | | mayo5 **hybrid with** p521 | https://doi.org/10.46586/tches.v2024.i2.252-275 | 1 | 5 | 0xfef5 | 1.3.9999.8.5.2 | -| mldsa44 | ML-DSA | FIPS204 | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 | -| mldsa44 **hybrid with** p256 | ML-DSA | FIPS204 | 1 | 0xfed3 | 1.3.9999.7.1 | -| mldsa44 **hybrid with** rsa3072 | ML-DSA | FIPS204 | 1 | 0xfed4 | 1.3.9999.7.2 | -| mldsa44 **composite with** pss2048 | ML-DSA | FIPS204 | 1 | 0xfee1 | 2.16.840.1.114027.80.8.1.1 | -| mldsa44 **composite with** rsa2048 | ML-DSA | FIPS204 | 1 | 0xfee2 | 2.16.840.1.114027.80.8.1.2 | -| mldsa44 **composite with** ed25519 | ML-DSA | FIPS204 | 1 | 0xfee3 | 2.16.840.1.114027.80.8.1.3 | -| mldsa44 **composite with** p256 | ML-DSA | FIPS204 | 1 | 0xfee4 | 2.16.840.1.114027.80.8.1.4 | +| mldsa44 | ML-DSA | FIPS204 | 1 | 0x0904 | 2.16.840.1.101.3.4.3.17 | +| mldsa44 **hybrid with** p256 | ML-DSA | FIPS204 | 1 | 0xff06 | 1.3.9999.7.5 | +| mldsa44 **hybrid with** rsa3072 | ML-DSA | FIPS204 | 1 | 0xff07 | 1.3.9999.7.6 | +| mldsa44 **composite with** pss2048 | ML-DSA | FIPS204 | 1 | 0x090f | 2.16.840.1.114027.80.8.1.1 | +| mldsa44 **composite with** rsa2048 | ML-DSA | FIPS204 | 1 | 0x090c | 2.16.840.1.114027.80.8.1.2 | +| mldsa44 **composite with** ed25519 | ML-DSA | FIPS204 | 1 | 0x090a | 2.16.840.1.114027.80.8.1.3 | +| mldsa44 **composite with** p256 | ML-DSA | FIPS204 | 1 | 0x0907 | 2.16.840.1.114027.80.8.1.4 | | mldsa44 **composite with** bp256 | ML-DSA | FIPS204 | 1 | 0xfee5 | 2.16.840.1.114027.80.8.1.5 | -| mldsa65 | ML-DSA | FIPS204 | 3 | 0xfed1 | 1.3.6.1.4.1.2.267.12.6.5 | -| mldsa65 **hybrid with** p384 | ML-DSA | FIPS204 | 3 | 0xfed5 | 1.3.9999.7.3 | -| mldsa65 **composite with** pss3072 | ML-DSA | FIPS204 | 3 | 0xfee6 | 2.16.840.1.114027.80.8.1.6 | -| mldsa65 **composite with** rsa3072 | ML-DSA | FIPS204 | 3 | 0xfee7 | 2.16.840.1.114027.80.8.1.7 | -| mldsa65 **composite with** p256 | ML-DSA | FIPS204 | 3 | 0xfee8 | 2.16.840.1.114027.80.8.1.8 | +| mldsa65 | ML-DSA | FIPS204 | 3 | 0x0905 | 2.16.840.1.101.3.4.3.18 | +| mldsa65 **hybrid with** p384 | ML-DSA | FIPS204 | 3 | 0xff08 | 1.3.9999.7.7 | +| mldsa65 **composite with** pss3072 | ML-DSA | FIPS204 | 3 | 0x0910 | 2.16.840.1.114027.80.8.1.6 | +| mldsa65 **composite with** rsa3072 | ML-DSA | FIPS204 | 3 | 0x090d | 2.16.840.1.114027.80.8.1.7 | +| mldsa65 **composite with** p256 | ML-DSA | FIPS204 | 3 | 0x0908 | 2.16.840.1.114027.80.8.1.8 | | mldsa65 **composite with** bp256 | ML-DSA | FIPS204 | 3 | 0xfee9 | 2.16.840.1.114027.80.8.1.9 | -| mldsa65 **composite with** ed25519 | ML-DSA | FIPS204 | 3 | 0xfeea | 2.16.840.1.114027.80.8.1.10 | -| mldsa87 | ML-DSA | FIPS204 | 5 | 0xfed2 | 1.3.6.1.4.1.2.267.12.8.7 | -| mldsa87 **hybrid with** p521 | ML-DSA | FIPS204 | 5 | 0xfed6 | 1.3.9999.7.4 | -| mldsa87 **composite with** p384 | ML-DSA | FIPS204 | 5 | 0xfeeb | 2.16.840.1.114027.80.8.1.11 | +| mldsa65 **composite with** ed25519 | ML-DSA | FIPS204 | 3 | 0x090b | 2.16.840.1.114027.80.8.1.10 | +| mldsa87 | ML-DSA | FIPS204 | 5 | 0x0906 | 2.16.840.1.101.3.4.3.19 | +| mldsa87 **hybrid with** p521 | ML-DSA | FIPS204 | 5 | 0xff09 | 1.3.9999.7.8 | +| mldsa87 **composite with** p384 | ML-DSA | FIPS204 | 5 | 0x0909 | 2.16.840.1.114027.80.8.1.11 | | mldsa87 **composite with** bp384 | ML-DSA | FIPS204 | 5 | 0xfeec | 2.16.840.1.114027.80.8.1.12 | -| mldsa87 **composite with** ed448 | ML-DSA | FIPS204 | 5 | 0xfeed | 2.16.840.1.114027.80.8.1.13 | +| mldsa87 **composite with** ed448 | ML-DSA | FIPS204 | 5 | 0x0912 | 2.16.840.1.114027.80.8.1.13 | | sphincsharaka128frobust | NIST Round 3 submission | 3 | 1 | 0xfe42 | 1.3.9999.6.1.1 | | sphincsharaka128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe43 | 1.3.9999.6.1.2 | | sphincsharaka128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe44 | 1.3.9999.6.1.3 | diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index 559e9826..16420531 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -181,11 +181,11 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "dilithium5", "1.3.9999.2.7.4", "p521_dilithium5", - "1.3.6.1.4.1.2.267.12.4.4", + "2.16.840.1.101.3.4.3.17", "mldsa44", - "1.3.9999.7.1", + "1.3.9999.7.5", "p256_mldsa44", - "1.3.9999.7.2", + "1.3.9999.7.6", "rsa3072_mldsa44", "2.16.840.1.114027.80.8.1.1", "mldsa44_pss2048", @@ -197,9 +197,9 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mldsa44_p256", "2.16.840.1.114027.80.8.1.5", "mldsa44_bp256", - "1.3.6.1.4.1.2.267.12.6.5", + "2.16.840.1.101.3.4.3.18", "mldsa65", - "1.3.9999.7.3", + "1.3.9999.7.7", "p384_mldsa65", "2.16.840.1.114027.80.8.1.6", "mldsa65_pss3072", @@ -211,9 +211,9 @@ const char *oqs_oid_alg_list[OQS_OID_CNT] = { "mldsa65_bp256", "2.16.840.1.114027.80.8.1.10", "mldsa65_ed25519", - "1.3.6.1.4.1.2.267.12.8.7", + "2.16.840.1.101.3.4.3.19", "mldsa87", - "1.3.9999.7.4", + "1.3.9999.7.8", "p521_mldsa87", "2.16.840.1.114027.80.8.1.11", "mldsa87_p384", diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index a809aa08..fb0c0df1 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -269,17 +269,17 @@ static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0}, {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0}, {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0}, - {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfed0, 128, TLS1_3_VERSION, 0}, - {0xfed3, 128, TLS1_3_VERSION, 0}, {0xfed4, 128, TLS1_3_VERSION, 0}, - {0xfee1, 128, TLS1_3_VERSION, 0}, {0xfee2, 128, TLS1_3_VERSION, 0}, - {0xfee3, 128, TLS1_3_VERSION, 0}, {0xfee4, 128, TLS1_3_VERSION, 0}, - {0xfee5, 128, TLS1_3_VERSION, 0}, {0xfed1, 192, TLS1_3_VERSION, 0}, - {0xfed5, 192, TLS1_3_VERSION, 0}, {0xfee6, 192, TLS1_3_VERSION, 0}, - {0xfee7, 192, TLS1_3_VERSION, 0}, {0xfee8, 192, TLS1_3_VERSION, 0}, - {0xfee9, 192, TLS1_3_VERSION, 0}, {0xfeea, 192, TLS1_3_VERSION, 0}, - {0xfed2, 256, TLS1_3_VERSION, 0}, {0xfed6, 256, TLS1_3_VERSION, 0}, - {0xfeeb, 256, TLS1_3_VERSION, 0}, {0xfeec, 256, TLS1_3_VERSION, 0}, - {0xfeed, 256, TLS1_3_VERSION, 0}, {0xfed7, 128, TLS1_3_VERSION, 0}, + {0xfea6, 256, TLS1_3_VERSION, 0}, {0x0904, 128, TLS1_3_VERSION, 0}, + {0xff06, 128, TLS1_3_VERSION, 0}, {0xff07, 128, TLS1_3_VERSION, 0}, + {0x090f, 128, TLS1_3_VERSION, 0}, {0x090c, 128, TLS1_3_VERSION, 0}, + {0x090a, 128, TLS1_3_VERSION, 0}, {0x0907, 128, TLS1_3_VERSION, 0}, + {0xfee5, 128, TLS1_3_VERSION, 0}, {0x0905, 192, TLS1_3_VERSION, 0}, + {0xff08, 192, TLS1_3_VERSION, 0}, {0x0910, 192, TLS1_3_VERSION, 0}, + {0x090d, 192, TLS1_3_VERSION, 0}, {0x0908, 192, TLS1_3_VERSION, 0}, + {0xfee9, 192, TLS1_3_VERSION, 0}, {0x090b, 192, TLS1_3_VERSION, 0}, + {0x0906, 256, TLS1_3_VERSION, 0}, {0xff09, 256, TLS1_3_VERSION, 0}, + {0x0909, 256, TLS1_3_VERSION, 0}, {0xfeec, 256, TLS1_3_VERSION, 0}, + {0x0912, 256, TLS1_3_VERSION, 0}, {0xfed7, 128, TLS1_3_VERSION, 0}, {0xfed8, 128, TLS1_3_VERSION, 0}, {0xfed9, 128, TLS1_3_VERSION, 0}, {0xfedc, 128, TLS1_3_VERSION, 0}, {0xfedd, 128, TLS1_3_VERSION, 0}, {0xfede, 128, TLS1_3_VERSION, 0}, {0xfeda, 256, TLS1_3_VERSION, 0}, @@ -660,11 +660,11 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { "1.3.9999.2.7.4", 6), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_44 - OQS_SIGALG_ENTRY(mldsa44, mldsa44, mldsa44, "1.3.6.1.4.1.2.267.12.4.4", 7), - OQS_SIGALG_ENTRY(p256_mldsa44, p256_mldsa44, p256_mldsa44, "1.3.9999.7.1", + OQS_SIGALG_ENTRY(mldsa44, mldsa44, mldsa44, "2.16.840.1.101.3.4.3.17", 7), + OQS_SIGALG_ENTRY(p256_mldsa44, p256_mldsa44, p256_mldsa44, "1.3.9999.7.5", 8), OQS_SIGALG_ENTRY(rsa3072_mldsa44, rsa3072_mldsa44, rsa3072_mldsa44, - "1.3.9999.7.2", 9), + "1.3.9999.7.6", 9), OQS_SIGALG_ENTRY(mldsa44_pss2048, mldsa44_pss2048, mldsa44_pss2048, "2.16.840.1.114027.80.8.1.1", 10), OQS_SIGALG_ENTRY(mldsa44_rsa2048, mldsa44_rsa2048, mldsa44_rsa2048, @@ -677,8 +677,8 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { "2.16.840.1.114027.80.8.1.5", 14), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_65 - OQS_SIGALG_ENTRY(mldsa65, mldsa65, mldsa65, "1.3.6.1.4.1.2.267.12.6.5", 15), - OQS_SIGALG_ENTRY(p384_mldsa65, p384_mldsa65, p384_mldsa65, "1.3.9999.7.3", + OQS_SIGALG_ENTRY(mldsa65, mldsa65, mldsa65, "2.16.840.1.101.3.4.3.18", 15), + OQS_SIGALG_ENTRY(p384_mldsa65, p384_mldsa65, p384_mldsa65, "1.3.9999.7.7", 16), OQS_SIGALG_ENTRY(mldsa65_pss3072, mldsa65_pss3072, mldsa65_pss3072, "2.16.840.1.114027.80.8.1.6", 17), @@ -692,8 +692,8 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { "2.16.840.1.114027.80.8.1.10", 21), #endif #ifdef OQS_ENABLE_SIG_ml_dsa_87 - OQS_SIGALG_ENTRY(mldsa87, mldsa87, mldsa87, "1.3.6.1.4.1.2.267.12.8.7", 22), - OQS_SIGALG_ENTRY(p521_mldsa87, p521_mldsa87, p521_mldsa87, "1.3.9999.7.4", + OQS_SIGALG_ENTRY(mldsa87, mldsa87, mldsa87, "2.16.840.1.101.3.4.3.19", 22), + OQS_SIGALG_ENTRY(p521_mldsa87, p521_mldsa87, p521_mldsa87, "1.3.9999.7.8", 23), OQS_SIGALG_ENTRY(mldsa87_p384, mldsa87_p384, mldsa87_p384, "2.16.840.1.114027.80.8.1.11", 24), diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index 41eb3b0b..e8a9bb67 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -40,7 +40,7 @@ else fi if [ -z "$OQS_LIBJADE_BUILD"]; then - export DOQS_LIBJADE_BUILD="-DOQS_LIBJADE_BUILD=ON" + export DOQS_LIBJADE_BUILD="-DOQS_LIBJADE_BUILD=OFF" else export DOQS_LIBJADE_BUILD="-DOQS_LIBJADE_BUILD=$OQS_LIBJADE_BUILD" fi