mirror of https://github.com/wolfSSL/wolfssl.git
Merge pull request #7924 from anhu/pqm4_purge
Get rid of pqm4 in favour our own Kyber/MLDSA implementationpull/7953/head
commit
80a63a3fce
|
@ -334,15 +334,6 @@ extern ${variable.value} ${variable.name};
|
|||
#define NO_SESSION_CACHE
|
||||
#endif
|
||||
|
||||
/* Post Quantum
|
||||
* Note: PQM4 is compatible with STM32. The project can be found at:
|
||||
* https://github.com/mupq/pqm4
|
||||
*/
|
||||
#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
|
||||
#define HAVE_PQM4
|
||||
#endif
|
||||
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Crypto */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
@ -534,6 +525,33 @@ extern ${variable.value} ${variable.name};
|
|||
#define NO_MD5
|
||||
#endif
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Post-Quantum Crypto */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* NOTE: this is after the hashing section to override the potential SHA3 undef
|
||||
* above. */
|
||||
#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
|
||||
#undef WOLFSSL_EXPERIMENTAL_SETTINGS
|
||||
#define WOLFSSL_EXPERIMENTAL_SETTINGS
|
||||
|
||||
#undef WOLFSSL_HAVE_KYBER
|
||||
#define WOLFSSL_HAVE_KYBER
|
||||
|
||||
#undef WOLFSSL_WC_KYBER
|
||||
#define WOLFSSL_WC_KYBER
|
||||
|
||||
#undef WOLFSSL_NO_SHAKE128
|
||||
#undef WOLFSSL_SHAKE128
|
||||
#define WOLFSSL_SHAKE128
|
||||
|
||||
#undef WOLFSSL_NO_SHAKE256
|
||||
#undef WOLFSSL_SHAKE256
|
||||
#define WOLFSSL_SHAKE256
|
||||
|
||||
#undef WOLFSSL_SHA3
|
||||
#define WOLFSSL_SHA3
|
||||
#endif /* WOLF_CONF_KYBER */
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Crypto Acceleration */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
|
|
@ -1750,7 +1750,7 @@ static int tls13_uart_client(void)
|
|||
|
||||
wolfSSL_SetIOReadCtx(ssl, tbuf);
|
||||
|
||||
#ifdef HAVE_PQC
|
||||
#ifdef WOLFSSL_HAVE_KYBER
|
||||
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
|
||||
printf("wolfSSL_UseKeyShare Error!!");
|
||||
}
|
||||
|
|
|
@ -119,8 +119,8 @@ extern "C" {
|
|||
/*---------- WOLF_CONF_TEST -----------*/
|
||||
#define WOLF_CONF_TEST 1
|
||||
|
||||
/*---------- WOLF_CONF_PQM4 -----------*/
|
||||
#define WOLF_CONF_PQM4 0
|
||||
/*---------- WOLF_CONF_KYBER -----------*/
|
||||
#define WOLF_CONF_kYBER 0
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Hardware platform */
|
||||
|
@ -373,14 +373,6 @@ extern "C" {
|
|||
#define NO_SESSION_CACHE
|
||||
#endif
|
||||
|
||||
/* Post Quantum
|
||||
* Note: PQM4 is compatible with STM32. The project can be found at:
|
||||
* https://github.com/mupq/pqm4
|
||||
*/
|
||||
#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
|
||||
#define HAVE_PQM4
|
||||
#endif
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Crypto */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
@ -576,6 +568,35 @@ extern "C" {
|
|||
#define NO_MD5
|
||||
#endif
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Post-Quantum Crypto */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
/*
|
||||
* NOTE: this is after the hashing section to override the potential SHA3 undef
|
||||
* above. */
|
||||
#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
|
||||
#undef WOLFSSL_EXPERIMENTAL_SETTINGS
|
||||
#define WOLFSSL_EXPERIMENTAL_SETTINGS
|
||||
|
||||
#undef WOLFSSL_HAVE_KYBER
|
||||
#define WOLFSSL_HAVE_KYBER
|
||||
|
||||
#undef WOLFSSL_WC_KYBER
|
||||
#define WOLFSSL_WC_KYBER
|
||||
|
||||
#undef WOLFSSL_NO_SHAKE128
|
||||
#undef WOLFSSL_SHAKE128
|
||||
#define WOLFSSL_SHAKE128
|
||||
|
||||
#undef WOLFSSL_NO_SHAKE256
|
||||
#undef WOLFSSL_SHAKE256
|
||||
#define WOLFSSL_SHAKE256
|
||||
|
||||
#undef WOLFSSL_SHA3
|
||||
#define WOLFSSL_SHA3
|
||||
#endif /* WOLF_CONF_KYBER */
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* Benchmark / Test */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
|
|
@ -14439,9 +14439,6 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
|
|||
return "P384_KYBER_LEVEL3";
|
||||
case WOLFSSL_P521_KYBER_LEVEL5:
|
||||
return "P521_KYBER_LEVEL5";
|
||||
#elif defined(HAVE_PQM4)
|
||||
case WOLFSSL_KYBER_LEVEL1:
|
||||
return "KYBER_LEVEL1";
|
||||
#elif defined(WOLFSSL_WC_KYBER)
|
||||
#ifdef WOLFSSL_KYBER512
|
||||
case WOLFSSL_KYBER_LEVEL1:
|
||||
|
|
|
@ -52,7 +52,7 @@
|
|||
#include <wolfssl/wolfcrypt/kyber.h>
|
||||
#ifdef WOLFSSL_WC_KYBER
|
||||
#include <wolfssl/wolfcrypt/wc_kyber.h>
|
||||
#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
|
||||
#elif defined(HAVE_LIBOQS)
|
||||
#include <wolfssl/wolfcrypt/ext_kyber.h>
|
||||
#endif
|
||||
#endif
|
||||
|
@ -9458,9 +9458,6 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
|
|||
}
|
||||
break;
|
||||
}
|
||||
#elif defined(HAVE_PQM4)
|
||||
case WOLFSSL_KYBER_LEVEL1:
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
default:
|
||||
|
@ -9529,8 +9526,6 @@ static const word16 preferredGroup[] = {
|
|||
WOLFSSL_P256_KYBER_LEVEL1,
|
||||
WOLFSSL_P384_KYBER_LEVEL3,
|
||||
WOLFSSL_P521_KYBER_LEVEL5,
|
||||
#elif defined(HAVE_PQM4)
|
||||
WOLFSSL_KYBER_LEVEL1,
|
||||
#endif
|
||||
WOLFSSL_NAMED_GROUP_INVALID
|
||||
};
|
||||
|
@ -13171,8 +13166,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
|||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_LEVEL5,
|
||||
ssl->heap);
|
||||
#elif defined(HAVE_PQM4)
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap);
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#endif /* WOLFSSL_HAVE_KYBER */
|
||||
|
||||
|
|
|
@ -172,7 +172,7 @@
|
|||
#ifdef WOLFSSL_WC_KYBER
|
||||
#include <wolfssl/wolfcrypt/wc_kyber.h>
|
||||
#endif
|
||||
#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
|
||||
#if defined(HAVE_LIBOQS)
|
||||
#include <wolfssl/wolfcrypt/ext_kyber.h>
|
||||
#endif
|
||||
#endif
|
||||
|
|
|
@ -168,12 +168,6 @@ int wc_KyberKey_PrivateKeySize(KyberKey* key, word32* len)
|
|||
}
|
||||
}
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
(void)key;
|
||||
if (ret == 0) {
|
||||
*len = PQM4_PRIVATE_KEY_LENGTH;
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -216,12 +210,6 @@ int wc_KyberKey_PublicKeySize(KyberKey* key, word32* len)
|
|||
}
|
||||
}
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
(void)key;
|
||||
if (ret == 0) {
|
||||
*len = PQM4_PUBLIC_KEY_LENGTH;
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -264,12 +252,6 @@ int wc_KyberKey_CipherTextSize(KyberKey* key, word32* len)
|
|||
}
|
||||
}
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
(void)key;
|
||||
if (ret == 0) {
|
||||
*len = PQM4_CIPHERTEXT_LENGTH;
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -301,7 +283,7 @@ int wc_KyberKey_SharedSecretSize(KyberKey* key, word32* len)
|
|||
/**
|
||||
* Make a Kyber key object using a random number generator.
|
||||
*
|
||||
* NOTE: rng is ignored. OQS and PQM4 don't use our RNG.
|
||||
* NOTE: rng is ignored. OQS doesn't use our RNG.
|
||||
*
|
||||
* @param [in, out] key Kyber key ovject.
|
||||
* @param [in] rng Random number generator.
|
||||
|
@ -362,14 +344,6 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng)
|
|||
wolfSSL_liboqsRngMutexUnlock();
|
||||
OQS_KEM_free(kem);
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
if (ret == 0) {
|
||||
if (crypto_kem_keypair(key->pub, key->priv) != 0) {
|
||||
WOLFSSL_MSG("PQM4 keygen failure");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
if (ret != 0) {
|
||||
ForceZero(key, sizeof(*key));
|
||||
|
@ -394,7 +368,7 @@ int wc_KyberKey_MakeKeyWithRandom(KyberKey* key, const unsigned char* rand,
|
|||
{
|
||||
(void)rand;
|
||||
(void)len;
|
||||
/* OQS and PQM4 don't support external randomness. */
|
||||
/* OQS doesn't support external randomness. */
|
||||
return wc_KyberKey_MakeKey(key, NULL);
|
||||
}
|
||||
|
||||
|
@ -471,14 +445,6 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss,
|
|||
wolfSSL_liboqsRngMutexUnlock();
|
||||
OQS_KEM_free(kem);
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
if (ret == 0) {
|
||||
if (crypto_kem_enc(ct, ss, key->pub) != 0) {
|
||||
WOLFSSL_MSG("PQM4 Encapsulation failure.");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -501,7 +467,7 @@ int wc_KyberKey_EncapsulateWithRandom(KyberKey* key, unsigned char* ct,
|
|||
{
|
||||
(void)rand;
|
||||
(void)len;
|
||||
/* OQS and PQM4 don't support external randomness. */
|
||||
/* OQS doesn't support external randomness. */
|
||||
return wc_KyberKey_Encapsulate(key, ct, ss, NULL);
|
||||
}
|
||||
|
||||
|
@ -577,14 +543,6 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,
|
|||
|
||||
OQS_KEM_free(kem);
|
||||
#endif /* HAVE_LIBOQS */
|
||||
#ifdef HAVE_PQM4
|
||||
if (ret == 0) {
|
||||
if (crypto_kem_dec(ss, ct, key->priv) != 0) {
|
||||
WOLFSSL_MSG("PQM4 Decapsulation failure.");
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_PQM4 */
|
||||
|
||||
return ret;
|
||||
|
||||
|
|
|
@ -314,7 +314,7 @@ const byte const_byte_array[] = "A+Gd\0\0\0";
|
|||
#ifdef WOLFSSL_WC_KYBER
|
||||
#include <wolfssl/wolfcrypt/wc_kyber.h>
|
||||
#endif
|
||||
#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
|
||||
#if defined(HAVE_LIBOQS)
|
||||
#include <wolfssl/wolfcrypt/ext_kyber.h>
|
||||
#endif
|
||||
#endif
|
||||
|
@ -37758,7 +37758,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void)
|
|||
#endif /* HAVE_ED448 */
|
||||
|
||||
#ifdef WOLFSSL_HAVE_KYBER
|
||||
#ifdef WOLFSSL_WC_KYBER /* OQS and PQM4 do not support KATs */
|
||||
#ifdef WOLFSSL_WC_KYBER /* OQS does not support KATs */
|
||||
#ifdef WOLFSSL_KYBER512
|
||||
static wc_test_ret_t kyber512_kat(void)
|
||||
{
|
||||
|
|
|
@ -75,7 +75,7 @@
|
|||
#include <wolfssl/wolfcrypt/kyber.h>
|
||||
#ifdef WOLFSSL_WC_KYBER
|
||||
#include <wolfssl/wolfcrypt/wc_kyber.h>
|
||||
#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
|
||||
#elif defined(HAVE_LIBOQS)
|
||||
#include <wolfssl/wolfcrypt/ext_kyber.h>
|
||||
#endif
|
||||
#endif
|
||||
|
|
|
@ -29,8 +29,8 @@
|
|||
#ifdef WOLFSSL_HAVE_KYBER
|
||||
#include <wolfssl/wolfcrypt/kyber.h>
|
||||
|
||||
#if !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4)
|
||||
#error "This code requires liboqs or pqm4"
|
||||
#if !defined(HAVE_LIBOQS)
|
||||
#error "This code requires liboqs"
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_WC_KYBER)
|
||||
|
@ -41,15 +41,6 @@
|
|||
#include <oqs/kem.h>
|
||||
#define EXT_KYBER_MAX_PRIV_SZ OQS_KEM_kyber_1024_length_secret_key
|
||||
#define EXT_KYBER_MAX_PUB_SZ OQS_KEM_kyber_1024_length_public_key
|
||||
#elif defined(HAVE_PQM4)
|
||||
#include "api_kyber.h"
|
||||
#define PQM4_PUBLIC_KEY_LENGTH CRYPTO_PUBLICKEYBYTES
|
||||
#define PQM4_PRIVATE_KEY_LENGTH CRYPTO_SECRETKEYBYTES
|
||||
#define PQM4_SHARED_SECRET_LENGTH CRYPTO_BYTES
|
||||
#define PQM4_CIPHERTEXT_LENGTH CRYPTO_CIPHERTEXTBYTES
|
||||
|
||||
#define EXT_KYBER_MAX_PRIV_SZ PQM4_PRIVATE_KEY_LENGTH
|
||||
#define EXT_KYBER_MAX_PUB_SZ PQM4_PUBLIC_KEY_LENGTH
|
||||
#endif
|
||||
|
||||
struct KyberKey {
|
||||
|
|
|
@ -3514,14 +3514,6 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_PQM4
|
||||
#define HAVE_PQC
|
||||
#define WOLFSSL_HAVE_KYBER
|
||||
#define WOLFSSL_KYBER512
|
||||
#define WOLFSSL_NO_KYBER768
|
||||
#define WOLFSSL_NO_KYBER1024
|
||||
#endif
|
||||
|
||||
#if (defined(HAVE_LIBOQS) || \
|
||||
defined(HAVE_LIBXMSS) || \
|
||||
defined(HAVE_LIBLMS) || \
|
||||
|
@ -3530,15 +3522,10 @@ extern void uITRON4_free(void *p) ;
|
|||
#error Experimental settings without WOLFSSL_EXPERIMENTAL_SETTINGS
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4) && \
|
||||
!defined(WOLFSSL_HAVE_KYBER)
|
||||
#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(WOLFSSL_HAVE_KYBER)
|
||||
#error Please do not define HAVE_PQC yourself.
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_PQC) && defined(HAVE_LIBOQS) && defined(HAVE_PQM4)
|
||||
#error Please do not define both HAVE_LIBOQS and HAVE_PQM4.
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
|
||||
!defined(WOLFSSL_DTLS_CH_FRAG)
|
||||
#warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \
|
||||
|
|
Loading…
Reference in New Issue