Merge pull request #7924 from anhu/pqm4_purge

Get rid of pqm4 in favour our own Kyber/MLDSA implementation
2024-09-06 12:00:26 -07:00 · 2024-09-06 12:00:26 -07:00 · 80a63a3fce
parent 945f97636a 844d0ec558
commit 80a63a3fce
11 changed files with 70 additions and 105 deletions
--- a/IDE/STM32Cube/default_conf.ftl
+++ b/IDE/STM32Cube/default_conf.ftl
@ -334,15 +334,6 @@ extern ${variable.value} ${variable.name};
    #define NO_SESSION_CACHE
 #endif

-/* Post Quantum
- * Note: PQM4 is compatible with STM32. The project can be found at:
- * https://github.com/mupq/pqm4
- */
-#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
-    #define HAVE_PQM4
-#endif
-
-
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@ -534,6 +525,33 @@ extern ${variable.value} ${variable.name};
    #define NO_MD5
 #endif

+/* ------------------------------------------------------------------------- */
+/* Post-Quantum Crypto */
+/* ------------------------------------------------------------------------- */
+/* NOTE: this is after the hashing section to override the potential SHA3 undef
+ * above. */
+#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
+#undef  WOLFSSL_EXPERIMENTAL_SETTINGS
+#define WOLFSSL_EXPERIMENTAL_SETTINGS
+
+#undef  WOLFSSL_HAVE_KYBER
+#define WOLFSSL_HAVE_KYBER
+
+#undef  WOLFSSL_WC_KYBER
+#define WOLFSSL_WC_KYBER
+
+#undef  WOLFSSL_NO_SHAKE128
+#undef  WOLFSSL_SHAKE128
+#define WOLFSSL_SHAKE128
+
+#undef  WOLFSSL_NO_SHAKE256
+#undef  WOLFSSL_SHAKE256
+#define WOLFSSL_SHAKE256
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+#endif /* WOLF_CONF_KYBER */
+
 /* ------------------------------------------------------------------------- */
 /* Crypto Acceleration */
 /* ------------------------------------------------------------------------- */
--- a/IDE/STM32Cube/wolfssl_example.c
+++ b/IDE/STM32Cube/wolfssl_example.c
@ -1750,7 +1750,7 @@ static int tls13_uart_client(void)

    wolfSSL_SetIOReadCtx(ssl, tbuf);

-#ifdef HAVE_PQC
+#ifdef WOLFSSL_HAVE_KYBER
    if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
        printf("wolfSSL_UseKeyShare Error!!");
    }
--- a/examples/configs/user_settings_stm32.h
+++ b/examples/configs/user_settings_stm32.h
@ -119,8 +119,8 @@ extern "C" {
 /*---------- WOLF_CONF_TEST -----------*/
 #define WOLF_CONF_TEST      1

-/*---------- WOLF_CONF_PQM4 -----------*/
-#define WOLF_CONF_PQM4      0
+/*---------- WOLF_CONF_KYBER -----------*/
+#define WOLF_CONF_kYBER      0

 /* ------------------------------------------------------------------------- */
 /* Hardware platform */
@ -373,14 +373,6 @@ extern "C" {
    #define NO_SESSION_CACHE
 #endif

-/* Post Quantum
- * Note: PQM4 is compatible with STM32. The project can be found at:
- * https://github.com/mupq/pqm4
- */
-#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
-    #define HAVE_PQM4
-#endif
-
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@ -576,6 +568,35 @@ extern "C" {
    #define NO_MD5
 #endif

+/* ------------------------------------------------------------------------- */
+/* Post-Quantum Crypto */
+/* ------------------------------------------------------------------------- */
+
+/*
+ * NOTE: this is after the hashing section to override the potential SHA3 undef
+ * above. */
+#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
+#undef  WOLFSSL_EXPERIMENTAL_SETTINGS
+#define WOLFSSL_EXPERIMENTAL_SETTINGS
+
+#undef  WOLFSSL_HAVE_KYBER
+#define WOLFSSL_HAVE_KYBER
+
+#undef  WOLFSSL_WC_KYBER
+#define WOLFSSL_WC_KYBER
+
+#undef  WOLFSSL_NO_SHAKE128
+#undef  WOLFSSL_SHAKE128
+#define WOLFSSL_SHAKE128
+
+#undef  WOLFSSL_NO_SHAKE256
+#undef  WOLFSSL_SHAKE256
+#define WOLFSSL_SHAKE256
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+#endif /* WOLF_CONF_KYBER */
+
 /* ------------------------------------------------------------------------- */
 /* Benchmark / Test */
 /* ------------------------------------------------------------------------- */
--- a/src/ssl.c
+++ b/src/ssl.c
@ -14439,9 +14439,6 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
            return "P384_KYBER_LEVEL3";
        case WOLFSSL_P521_KYBER_LEVEL5:
            return "P521_KYBER_LEVEL5";
-#elif defined(HAVE_PQM4)
-        case WOLFSSL_KYBER_LEVEL1:
-            return "KYBER_LEVEL1";
 #elif defined(WOLFSSL_WC_KYBER)
    #ifdef WOLFSSL_KYBER512
        case WOLFSSL_KYBER_LEVEL1:
--- a/src/tls.c
+++ b/src/tls.c
@ -52,7 +52,7 @@
    #include <wolfssl/wolfcrypt/kyber.h>
 #ifdef WOLFSSL_WC_KYBER
    #include <wolfssl/wolfcrypt/wc_kyber.h>
-#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#elif defined(HAVE_LIBOQS)
    #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
@ -9458,9 +9458,6 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
            }
            break;
        }
-    #elif defined(HAVE_PQM4)
-        case WOLFSSL_KYBER_LEVEL1:
-            break;
    #endif
 #endif
        default:
@ -9529,8 +9526,6 @@ static const word16 preferredGroup[] = {
    WOLFSSL_P256_KYBER_LEVEL1,
    WOLFSSL_P384_KYBER_LEVEL3,
    WOLFSSL_P521_KYBER_LEVEL5,
-#elif defined(HAVE_PQM4)
-    WOLFSSL_KYBER_LEVEL1,
 #endif
    WOLFSSL_NAMED_GROUP_INVALID
 };
@ -13171,8 +13166,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
    if (ret == WOLFSSL_SUCCESS)
        ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_LEVEL5,
                                     ssl->heap);
-#elif defined(HAVE_PQM4)
-    ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap);
 #endif /* HAVE_LIBOQS */
 #endif /* WOLFSSL_HAVE_KYBER */

--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@ -172,7 +172,7 @@
    #ifdef WOLFSSL_WC_KYBER
        #include <wolfssl/wolfcrypt/wc_kyber.h>
    #endif
-    #if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+    #if defined(HAVE_LIBOQS)
        #include <wolfssl/wolfcrypt/ext_kyber.h>
    #endif
 #endif
--- a/wolfcrypt/src/ext_kyber.c
+++ b/wolfcrypt/src/ext_kyber.c
@ -168,12 +168,6 @@ int wc_KyberKey_PrivateKeySize(KyberKey* key, word32* len)
        }
    }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    (void)key;
-    if (ret == 0) {
-        *len = PQM4_PRIVATE_KEY_LENGTH;
-    }
-#endif /* HAVE_PQM4 */

    return ret;
 }
@ -216,12 +210,6 @@ int wc_KyberKey_PublicKeySize(KyberKey* key, word32* len)
        }
    }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    (void)key;
-    if (ret == 0) {
-        *len = PQM4_PUBLIC_KEY_LENGTH;
-    }
-#endif /* HAVE_PQM4 */

    return ret;
 }
@ -264,12 +252,6 @@ int wc_KyberKey_CipherTextSize(KyberKey* key, word32* len)
        }
    }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    (void)key;
-    if (ret == 0) {
-        *len = PQM4_CIPHERTEXT_LENGTH;
-    }
-#endif /* HAVE_PQM4 */

    return ret;
 }
@ -301,7 +283,7 @@ int wc_KyberKey_SharedSecretSize(KyberKey* key, word32* len)
 /**
 * Make a Kyber key object using a random number generator.
 *
- * NOTE: rng is ignored. OQS and PQM4 don't use our RNG.
+ * NOTE: rng is ignored. OQS doesn't use our RNG.
 *
 * @param  [in, out]  key   Kyber key ovject.
 * @param  [in]       rng   Random number generator.
@ -362,14 +344,6 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng)
    wolfSSL_liboqsRngMutexUnlock();
    OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    if (ret == 0) {
-        if (crypto_kem_keypair(key->pub, key->priv) != 0) {
-            WOLFSSL_MSG("PQM4 keygen failure");
-            ret = BAD_FUNC_ARG;
-        }
-    }
-#endif /* HAVE_PQM4 */

    if (ret != 0) {
        ForceZero(key, sizeof(*key));
@ -394,7 +368,7 @@ int wc_KyberKey_MakeKeyWithRandom(KyberKey* key, const unsigned char* rand,
 {
    (void)rand;
    (void)len;
-    /* OQS and PQM4 don't support external randomness. */
+    /* OQS doesn't support external randomness. */
    return wc_KyberKey_MakeKey(key, NULL);
 }

@ -471,14 +445,6 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss,
    wolfSSL_liboqsRngMutexUnlock();
    OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    if (ret == 0) {
-        if (crypto_kem_enc(ct, ss, key->pub) != 0) {
-            WOLFSSL_MSG("PQM4 Encapsulation failure.");
-            ret = BAD_FUNC_ARG;
-        }
-    }
-#endif /* HAVE_PQM4 */

    return ret;
 }
@ -501,7 +467,7 @@ int wc_KyberKey_EncapsulateWithRandom(KyberKey* key, unsigned char* ct,
 {
    (void)rand;
    (void)len;
-    /* OQS and PQM4 don't support external randomness. */
+    /* OQS doesn't support external randomness. */
    return wc_KyberKey_Encapsulate(key, ct, ss, NULL);
 }

@ -577,14 +543,6 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,

    OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
-    if (ret == 0) {
-        if (crypto_kem_dec(ss, ct, key->priv) != 0) {
-            WOLFSSL_MSG("PQM4 Decapsulation failure.");
-            ret = BAD_FUNC_ARG;
-        }
-    }
-#endif /* HAVE_PQM4 */

    return ret;

--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -314,7 +314,7 @@ const byte const_byte_array[] = "A+Gd\0\0\0";
 #ifdef WOLFSSL_WC_KYBER
    #include <wolfssl/wolfcrypt/wc_kyber.h>
 #endif
-#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#if defined(HAVE_LIBOQS)
    #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
@ -37758,7 +37758,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void)
 #endif /* HAVE_ED448 */

 #ifdef WOLFSSL_HAVE_KYBER
-#ifdef WOLFSSL_WC_KYBER /* OQS and PQM4 do not support KATs */
+#ifdef WOLFSSL_WC_KYBER /* OQS does not support KATs */
 #ifdef WOLFSSL_KYBER512
 static wc_test_ret_t kyber512_kat(void)
 {
--- a/wolfssl/wolfcrypt/cryptocb.h
+++ b/wolfssl/wolfcrypt/cryptocb.h
@ -75,7 +75,7 @@
    #include <wolfssl/wolfcrypt/kyber.h>
 #ifdef WOLFSSL_WC_KYBER
    #include <wolfssl/wolfcrypt/wc_kyber.h>
-#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#elif defined(HAVE_LIBOQS)
    #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
--- a/wolfssl/wolfcrypt/ext_kyber.h
+++ b/wolfssl/wolfcrypt/ext_kyber.h
@ -29,8 +29,8 @@
 #ifdef WOLFSSL_HAVE_KYBER
 #include <wolfssl/wolfcrypt/kyber.h>

-#if !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4)
-#error "This code requires liboqs or pqm4"
+#if !defined(HAVE_LIBOQS)
+#error "This code requires liboqs"
 #endif

 #if defined(WOLFSSL_WC_KYBER)
@ -41,15 +41,6 @@
    #include <oqs/kem.h>
    #define EXT_KYBER_MAX_PRIV_SZ OQS_KEM_kyber_1024_length_secret_key
    #define EXT_KYBER_MAX_PUB_SZ  OQS_KEM_kyber_1024_length_public_key
-#elif defined(HAVE_PQM4)
-    #include "api_kyber.h"
-    #define PQM4_PUBLIC_KEY_LENGTH    CRYPTO_PUBLICKEYBYTES
-    #define PQM4_PRIVATE_KEY_LENGTH   CRYPTO_SECRETKEYBYTES
-    #define PQM4_SHARED_SECRET_LENGTH CRYPTO_BYTES
-    #define PQM4_CIPHERTEXT_LENGTH    CRYPTO_CIPHERTEXTBYTES
-
-    #define EXT_KYBER_MAX_PRIV_SZ PQM4_PRIVATE_KEY_LENGTH
-    #define EXT_KYBER_MAX_PUB_SZ  PQM4_PUBLIC_KEY_LENGTH
 #endif

 struct KyberKey {
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@ -3514,14 +3514,6 @@ extern void uITRON4_free(void *p) ;
 #endif
 #endif

-#ifdef HAVE_PQM4
-#define HAVE_PQC
-#define WOLFSSL_HAVE_KYBER
-#define WOLFSSL_KYBER512
-#define WOLFSSL_NO_KYBER768
-#define WOLFSSL_NO_KYBER1024
-#endif
-
 #if (defined(HAVE_LIBOQS) ||                                            \
     defined(HAVE_LIBXMSS) ||                                           \
     defined(HAVE_LIBLMS) ||                                            \
@ -3530,15 +3522,10 @@ extern void uITRON4_free(void *p) ;
    #error Experimental settings without WOLFSSL_EXPERIMENTAL_SETTINGS
 #endif

-#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4) && \
-    !defined(WOLFSSL_HAVE_KYBER)
+#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(WOLFSSL_HAVE_KYBER)
 #error Please do not define HAVE_PQC yourself.
 #endif

-#if defined(HAVE_PQC) && defined(HAVE_LIBOQS) && defined(HAVE_PQM4)
-#error Please do not define both HAVE_LIBOQS and HAVE_PQM4.
-#endif
-
 #if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
    !defined(WOLFSSL_DTLS_CH_FRAG)
 #warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \