Merge pull request #5444 from anhu/PQ_get_curve_name

Bugfix: wolfSSL_get_curve_name() will now print post-quantum group names.
2022-08-09 16:53:55 -07:00 · 2022-08-09 16:53:55 -07:00 · eceee6ac95
parent fa97923005 57dc263d05
commit eceee6ac95
2 changed files with 74 additions and 0 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -20251,6 +20251,72 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
    if (ssl == NULL)
        return NULL;

+#if defined(WOLFSSL_TLS13) && defined(HAVE_PQC)
+    /* Check for post-quantum groups. Return now because we do not want the ECC
+     * check to override this result in the case of a hybrid. */
+    if (IsAtLeastTLSv1_3(ssl->version)) {
+        switch (ssl->namedGroup) {
+#ifdef HAVE_LIBOQS
+        case WOLFSSL_KYBER_LEVEL1:
+            return "KYBER_LEVEL1";
+        case WOLFSSL_KYBER_LEVEL3:
+            return "KYBER_LEVEL3";
+        case WOLFSSL_KYBER_LEVEL5:
+            return "KYBER_LEVEL5";
+        case WOLFSSL_NTRU_HPS_LEVEL1:
+            return "NTRU_HPS_LEVEL1";
+        case WOLFSSL_NTRU_HPS_LEVEL3:
+            return "NTRU_HPS_LEVEL3";
+        case WOLFSSL_NTRU_HPS_LEVEL5:
+            return "NTRU_HPS_LEVEL5";
+        case WOLFSSL_NTRU_HRSS_LEVEL3:
+            return "NTRU_HRSS_LEVEL3";
+        case WOLFSSL_SABER_LEVEL1:
+            return "SABER_LEVEL1";
+        case WOLFSSL_SABER_LEVEL3:
+            return "SABER_LEVEL3";
+        case WOLFSSL_SABER_LEVEL5:
+            return "SABER_LEVEL5";
+        case WOLFSSL_KYBER_90S_LEVEL1:
+            return "KYBER_90S_LEVEL1";
+        case WOLFSSL_KYBER_90S_LEVEL3:
+            return "KYBER_90S_LEVEL3";
+        case WOLFSSL_KYBER_90S_LEVEL5:
+            return "KYBER_90S_LEVEL5";
+        case WOLFSSL_P256_NTRU_HPS_LEVEL1:
+            return "P256_NTRU_HPS_LEVEL1";
+        case WOLFSSL_P384_NTRU_HPS_LEVEL3:
+            return "P384_NTRU_HPS_LEVEL3";
+        case WOLFSSL_P521_NTRU_HPS_LEVEL5:
+            return "P521_NTRU_HPS_LEVEL5";
+        case WOLFSSL_P384_NTRU_HRSS_LEVEL3:
+            return "P384_NTRU_HRSS_LEVEL3";
+        case WOLFSSL_P256_SABER_LEVEL1:
+            return "P256_SABER_LEVEL1";
+        case WOLFSSL_P384_SABER_LEVEL3:
+            return "P384_SABER_LEVEL3";
+        case WOLFSSL_P521_SABER_LEVEL5:
+            return "P521_SABER_LEVEL5";
+        case WOLFSSL_P256_KYBER_LEVEL1:
+            return "P256_KYBER_LEVEL1";
+        case WOLFSSL_P384_KYBER_LEVEL3:
+            return "P384_KYBER_LEVEL3";
+        case WOLFSSL_P521_KYBER_LEVEL5:
+            return "P521_KYBER_LEVEL5";
+        case WOLFSSL_P256_KYBER_90S_LEVEL1:
+            return "P256_KYBER_90S_LEVEL1";
+        case WOLFSSL_P384_KYBER_90S_LEVEL3:
+            return "P384_KYBER_90S_LEVEL3";
+        case WOLFSSL_P521_KYBER_90S_LEVEL5:
+            return "P521_KYBER_90S_LEVEL5";
+#elif defined(HAVE_PQM4)
+        case WOLFSSL_KYBER_LEVEL1:
+            return "KYBER_LEVEL1";
+#endif
+        }
+    }
+
+#endif /* WOLFSSL_TLS13 && HAVE_PQC */
 #ifdef HAVE_FFDHE
    if (ssl->namedGroup != 0) {
        cName = wolfssl_ffdhe_name(ssl->namedGroup);
--- a/src/tls.c
+++ b/src/tls.c
@ -8710,6 +8710,10 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
        keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen +
                                   kem->length_ciphertext);
        ciphertext = NULL;
+
+        /* Set namedGroup so wolfSSL_get_curve_name() can function properly on
+         * the server side. */
+        ssl->namedGroup = keyShareEntry->group;
    }

    TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap);
@ -8837,6 +8841,10 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
        keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen +
                                   PQM4_CIPHERTEXT_LENGTH);
        ciphertext = NULL;
+
+        /* Set namedGroup so wolfSSL_get_curve_name() can function properly on
+         * the server side. */
+        ssl->namedGroup = keyShareEntry->group;
    }

    TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap);