Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add code points for PADDED variant of Falcon [skip ci] #362

Merged
merged 7 commits into from
Mar 7, 2024
Merged

Add code points for PADDED variant of Falcon [skip ci] #362

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
5730820
Update generate.yml
SWilson4 Feb 29, 2024
22ad711
Update OIDs to reflect Falcon KAT changes
SWilson4 Mar 4, 2024
f0fc81d
Update generation script to handle new characters
SWilson4 Feb 29, 2024
fc55aac
Revert "Update generation script to handle new characters"
SWilson4 Mar 4, 2024
73f03fc
Run generate.py [skip ci]
SWilson4 Mar 5, 2024
3b77318
Update version string
SWilson4 Mar 6, 2024
abaa23a
Run clang-format
SWilson4 Mar 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 22 additions & 10 deletions ALGORITHMS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,11 +79,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
| p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65
| mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87
| p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87
| falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512
| p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512
| rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
| falcon1024 | 0xfeb1 |Yes| OQS_CODEPOINT_FALCON1024
| p521_falcon1024 | 0xfeb2 |Yes| OQS_CODEPOINT_P521_FALCON1024
| falcon512 | 0xfed7 |Yes| OQS_CODEPOINT_FALCON512
| p256_falcon512 | 0xfed8 |Yes| OQS_CODEPOINT_P256_FALCON512
| rsa3072_falcon512 | 0xfed9 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
| falconpadded512 | 0xfedc |Yes| OQS_CODEPOINT_FALCONPADDED512
| p256_falconpadded512 | 0xfedd |Yes| OQS_CODEPOINT_P256_FALCONPADDED512
| rsa3072_falconpadded512 | 0xfede |Yes| OQS_CODEPOINT_RSA3072_FALCONPADDED512
| falcon1024 | 0xfeda |Yes| OQS_CODEPOINT_FALCON1024
| p521_falcon1024 | 0xfedb |Yes| OQS_CODEPOINT_P521_FALCON1024
| falconpadded1024 | 0xfedf |Yes| OQS_CODEPOINT_FALCONPADDED1024
| p521_falconpadded1024 | 0xfee0 |Yes| OQS_CODEPOINT_P521_FALCONPADDED1024
| sphincssha2128fsimple | 0xfeb3 |Yes| OQS_CODEPOINT_SPHINCSSHA2128FSIMPLE
| p256_sphincssha2128fsimple | 0xfeb4 |Yes| OQS_CODEPOINT_P256_SPHINCSSHA2128FSIMPLE
| rsa3072_sphincssha2128fsimple | 0xfeb5 |Yes| OQS_CODEPOINT_RSA3072_SPHINCSSHA2128FSIMPLE
Expand Down Expand Up @@ -151,11 +156,16 @@ adapting the OIDs of all supported signature algorithms as per the table below.
| p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65
| mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87
| p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87
| falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512
| p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512
| rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512
| falcon1024 | 1.3.9999.3.9 |Yes| OQS_OID_FALCON1024
| p521_falcon1024 | 1.3.9999.3.10 |Yes| OQS_OID_P521_FALCON1024
| falcon512 | 1.3.9999.3.11 |Yes| OQS_OID_FALCON512
| p256_falcon512 | 1.3.9999.3.12 |Yes| OQS_OID_P256_FALCON512
| rsa3072_falcon512 | 1.3.9999.3.13 |Yes| OQS_OID_RSA3072_FALCON512
| falconpadded512 | 1.3.9999.3.16 |Yes| OQS_OID_FALCONPADDED512
| p256_falconpadded512 | 1.3.9999.3.17 |Yes| OQS_OID_P256_FALCONPADDED512
| rsa3072_falconpadded512 | 1.3.9999.3.18 |Yes| OQS_OID_RSA3072_FALCONPADDED512
| falcon1024 | 1.3.9999.3.14 |Yes| OQS_OID_FALCON1024
| p521_falcon1024 | 1.3.9999.3.15 |Yes| OQS_OID_P521_FALCON1024
| falconpadded1024 | 1.3.9999.3.19 |Yes| OQS_OID_FALCONPADDED1024
| p521_falconpadded1024 | 1.3.9999.3.20 |Yes| OQS_OID_P521_FALCONPADDED1024
| sphincssha2128fsimple | 1.3.9999.6.4.13 |Yes| OQS_OID_SPHINCSSHA2128FSIMPLE
| p256_sphincssha2128fsimple | 1.3.9999.6.4.14 |Yes| OQS_OID_P256_SPHINCSSHA2128FSIMPLE
| rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 |Yes| OQS_OID_RSA3072_SPHINCSSHA2128FSIMPLE
Expand Down Expand Up @@ -259,7 +269,9 @@ By setting environment variables, oqs-provider can be configured to encode keys
|`OQS_ENCODING_DILITHIUM3`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
|`OQS_ENCODING_DILITHIUM5`|`draft-uni-qsckeys-dilithium-00/sk-pk`|
|`OQS_ENCODING_FALCON512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCONPADDED512`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCON1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_FALCONPADDED1024`|`draft-uni-qsckeys-falcon-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2128FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2128SSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
|`OQS_ENCODING_SPHINCSSHA2192FSIMPLE`|`draft-uni-qsckeys-sphincsplus-00/sk-pk`|
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ This implementation makes available the following quantum safe algorithms:

- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\*
- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\*
- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\*
- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falconpadded512`\*, `p256_falconpadded512`\*, `rsa3072_falconpadded512`\*, `falcon1024`\*, `p521_falcon1024`\*, `falconpadded1024`\*, `p521_falconpadded1024`\*

- **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
- **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`
Expand Down
70 changes: 59 additions & 11 deletions oqs-template/generate.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -396,7 +396,7 @@ kem_nid_end: '0x0250'
kem_nid_hybrid_end: '0x2FFF'
# need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values

# Next free signature ID: 0xfed7
# Next free signature ID: 0xfee1
sigs:
# -
# iso (1)
Expand Down Expand Up @@ -578,20 +578,32 @@ sigs:
name: 'falcon512'
pretty_name: 'Falcon-512'
oqs_meth: 'OQS_SIG_alg_falcon_512'
oid: '1.3.9999.3.6'
code_point: '0xfeae'
oid: '1.3.9999.3.11'
code_point: '0xfed7'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.7',
'code_point': '0xfeaf'},
'oid': '1.3.9999.3.12',
'code_point': '0xfed8'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.8',
'code_point': '0xfeb0'}]
'oid': '1.3.9999.3.13',
'code_point': '0xfed9'}]
extra_nids:
old:
- implementation_version: PQClean Round 3 version labelled 20211101
nist-round: 3
oid: '1.3.9999.3.6'
code_point: '0xfeae'
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.7',
'code_point': '0xfeaf'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.8',
'code_point': '0xfeb0'}]
- implementation_version: NIST Round 3 submission
nist-round: 3
oid: '1.3.9999.3.1'
Expand All @@ -604,20 +616,44 @@ sigs:
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.3',
'code_point': '0xfe0d'}]
-
name: 'falconpadded512'
pretty_name: 'Falcon-padded-512'
oqs_meth: 'OQS_SIG_alg_falcon_padded_512'
oid: '1.3.9999.3.16'
code_point: '0xfedc'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p256',
'pretty_name': 'ECDSA p256',
'oid': '1.3.9999.3.17',
'code_point': '0xfedd'},
{'name': 'rsa3072',
'pretty_name': 'RSA3072',
'oid': '1.3.9999.3.18',
'code_point': '0xfede'}]
-
name: 'falcon1024'
pretty_name: 'Falcon-1024'
oqs_meth: 'OQS_SIG_alg_falcon_1024'
oid: '1.3.9999.3.9'
code_point: '0xfeb1'
oid: '1.3.9999.3.14'
code_point: '0xfeda'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.10',
'code_point': '0xfeb2'}]
'oid': '1.3.9999.3.15',
'code_point': '0xfedb'}]
extra_nids:
old:
- implementation_version: PQClean Round 3 version labelled 20211101
nist-round: 3
oid: '1.3.9999.3.9'
code_point: '0xfeb1'
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.10',
'code_point': '0xfeb2'}]
- implementation_version: NIST Round 3 submission
nist-round: 3
oid: '1.3.9999.3.4'
Expand All @@ -626,6 +662,18 @@ sigs:
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.5',
'code_point': '0xfe0f'}]
-
name: 'falconpadded1024'
pretty_name: 'Falcon-padded-1024'
oqs_meth: 'OQS_SIG_alg_falcon_padded_1024'
oid: '1.3.9999.3.19'
code_point: '0xfedf'
supported_encodings: ['draft-uni-qsckeys-falcon-00/sk-pk']
enable: true
mix_with: [{'name': 'p521',
'pretty_name': 'ECDSA p521',
'oid': '1.3.9999.3.20',
'code_point': '0xfee0'}]
-
family: 'SPHINCS-Haraka'
variants:
Expand Down
20 changes: 15 additions & 5 deletions oqs-template/oqs-sig-info.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,16 +14,26 @@
| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 |
| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 |
| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 |
| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 |
| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 |
| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 |
| falcon512 | 20211101 | 3 | 1 | 0xfed7 | 1.3.9999.3.11 |
| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfed8 | 1.3.9999.3.12 |
| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfed9 | 1.3.9999.3.13 |
| falcon512 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 |
| falcon512 **hybrid with** p256 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 |
| falcon512 **hybrid with** rsa3072 | PQClean Round 3 version labelled 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 |
| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 |
| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 |
| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 |
| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 |
| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 |
| falconpadded512 | 20211101 | 3 | 1 | 0xfedc | 1.3.9999.3.16 |
| falconpadded512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfedd | 1.3.9999.3.17 |
| falconpadded512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfede | 1.3.9999.3.18 |
| falcon1024 | 20211101 | 3 | 5 | 0xfeda | 1.3.9999.3.14 |
| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfedb | 1.3.9999.3.15 |
| falcon1024 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 |
| falcon1024 **hybrid with** p521 | PQClean Round 3 version labelled 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 |
| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 |
| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 |
| falconpadded1024 | 20211101 | 3 | 5 | 0xfedf | 1.3.9999.3.19 |
| falconpadded1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfee0 | 1.3.9999.3.20 |
| mldsa44 | ML-DSA-ipd | ipd | 1 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 |
| mldsa44 **hybrid with** p256 | ML-DSA-ipd | ipd | 1 | 0xfed3 | 1.3.9999.7.1 |
| mldsa44 **hybrid with** rsa3072 | ML-DSA-ipd | ipd | 1 | 0xfed4 | 1.3.9999.7.2 |
Expand Down
17 changes: 17 additions & 0 deletions oqsprov/oqs_decode_der2key.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -725,10 +725,27 @@ MAKE_DECODER(, "p256_falcon512", p256_falcon512, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "rsa3072_falcon512", rsa3072_falcon512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falconpadded512", falconpadded512, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "p256_falconpadded512", p256_falconpadded512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "rsa3072_falconpadded512", rsa3072_falconpadded512, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "falcon1024", falcon1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falcon1024", falcon1024, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "p521_falcon1024", p521_falcon1024, oqsx, SubjectPublicKeyInfo);
MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx, PrivateKeyInfo);
MAKE_DECODER(, "falconpadded1024", falconpadded1024, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "p521_falconpadded1024", p521_falconpadded1024, oqsx,
SubjectPublicKeyInfo);
MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx,
PrivateKeyInfo);
MAKE_DECODER(, "sphincssha2128fsimple", sphincssha2128fsimple, oqsx,
Expand Down
Loading
Loading