Falcon Update April 2024

README.md

@@ -89,7 +89,7 @@ The following quantum-safe digital signature algorithms from liboqs are supporte
 
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_START -->
 - **CRYSTALS-DILITHIUM**: `dilithium3`, `dilithium5`
-- **Falcon**: `falcon512`, `falcon1024`
+- **Falcon**: `falcon512`, `falconpadded512`, `falcon1024`, `falconpadded1024`
 - **ML-DSA**: `mldsa44`, `mldsa65`, `mldsa87`
 - **SPHINCS-SHA2**: `sphincssha2128fsimple`, `sphincssha2128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincssha2256fsimple`, `sphincssha2256ssimple`
 - **SPHINCS-SHAKE**: `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple`

crypto/evp/evp.c

@@ -238,8 +238,12 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
       return &mldsa87_asn1_meth;
     case EVP_PKEY_FALCON512:
       return &falcon512_asn1_meth;
+    case EVP_PKEY_FALCONPADDED512:
+      return &falconpadded512_asn1_meth;
     case EVP_PKEY_FALCON1024:
       return &falcon1024_asn1_meth;
+    case EVP_PKEY_FALCONPADDED1024:
+      return &falconpadded1024_asn1_meth;
     case EVP_PKEY_SPHINCSSHA2128FSIMPLE:
       return &sphincssha2128fsimple_asn1_meth;
     case EVP_PKEY_SPHINCSSHA2128SSIMPLE:

crypto/evp/evp_asn1.c

@@ -82,7 +82,9 @@ static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = {
     &mldsa65_asn1_meth,
     &mldsa87_asn1_meth,
     &falcon512_asn1_meth,
+    &falconpadded512_asn1_meth,
     &falcon1024_asn1_meth,
+    &falconpadded1024_asn1_meth,
     &sphincssha2128fsimple_asn1_meth,
     &sphincssha2128ssimple_asn1_meth,
     &sphincssha2192fsimple_asn1_meth,

crypto/evp/evp_ctx.c

@@ -79,7 +79,9 @@ static const EVP_PKEY_METHOD *const evp_methods[] = {
     &mldsa65_pkey_meth,
     &mldsa87_pkey_meth,
     &falcon512_pkey_meth,
+    &falconpadded512_pkey_meth,
     &falcon1024_pkey_meth,
+    &falconpadded1024_pkey_meth,
     &sphincssha2128fsimple_pkey_meth,
     &sphincssha2128ssimple_pkey_meth,
     &sphincssha2192fsimple_pkey_meth,

crypto/evp/internal.h

@@ -308,7 +308,9 @@ extern const EVP_PKEY_ASN1_METHOD mldsa44_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD mldsa65_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD mldsa87_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD falcon512_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD falconpadded512_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD falcon1024_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD falconpadded1024_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD sphincssha2128fsimple_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD sphincssha2128ssimple_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD sphincssha2192fsimple_asn1_meth;
@@ -336,7 +338,9 @@ extern const EVP_PKEY_METHOD mldsa44_pkey_meth;
 extern const EVP_PKEY_METHOD mldsa65_pkey_meth;
 extern const EVP_PKEY_METHOD mldsa87_pkey_meth;
 extern const EVP_PKEY_METHOD falcon512_pkey_meth;
+extern const EVP_PKEY_METHOD falconpadded512_pkey_meth;
 extern const EVP_PKEY_METHOD falcon1024_pkey_meth;
+extern const EVP_PKEY_METHOD falconpadded1024_pkey_meth;
 extern const EVP_PKEY_METHOD sphincssha2128fsimple_pkey_meth;
 extern const EVP_PKEY_METHOD sphincssha2128ssimple_pkey_meth;
 extern const EVP_PKEY_METHOD sphincssha2192fsimple_pkey_meth;

crypto/evp/p_oqs.c

@@ -154,7 +154,9 @@ DEFINE_OQS_PKEY_METHODS(mldsa44, OQS_SIG_alg_ml_dsa_44, EVP_PKEY_MLDSA44)
 DEFINE_OQS_PKEY_METHODS(mldsa65, OQS_SIG_alg_ml_dsa_65, EVP_PKEY_MLDSA65)
 DEFINE_OQS_PKEY_METHODS(mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_MLDSA87)
 DEFINE_OQS_PKEY_METHODS(falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_FALCON512)
+DEFINE_OQS_PKEY_METHODS(falconpadded512, OQS_SIG_alg_falcon_padded_512, EVP_PKEY_FALCONPADDED512)
 DEFINE_OQS_PKEY_METHODS(falcon1024, OQS_SIG_alg_falcon_1024, EVP_PKEY_FALCON1024)
+DEFINE_OQS_PKEY_METHODS(falconpadded1024, OQS_SIG_alg_falcon_padded_1024, EVP_PKEY_FALCONPADDED1024)
 DEFINE_OQS_PKEY_METHODS(sphincssha2128fsimple, OQS_SIG_alg_sphincs_sha2_128f_simple, EVP_PKEY_SPHINCSSHA2128FSIMPLE)
 DEFINE_OQS_PKEY_METHODS(sphincssha2128ssimple, OQS_SIG_alg_sphincs_sha2_128s_simple, EVP_PKEY_SPHINCSSHA2128SSIMPLE)
 DEFINE_OQS_PKEY_METHODS(sphincssha2192fsimple, OQS_SIG_alg_sphincs_sha2_192f_simple, EVP_PKEY_SPHINCSSHA2192FSIMPLE)

crypto/evp/p_oqs_asn1.c

@@ -239,10 +239,16 @@ DEFINE_OQS_ASN1_METHODS(mldsa87, OQS_SIG_alg_ml_dsa_87, EVP_PKEY_MLDSA87)
 DEFINE_OQS_PKEY_ASN1_METHOD(mldsa87, EVP_PKEY_MLDSA87, OID(0x2B, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0B, 0x0C, 0x08, 0x07))
 
 DEFINE_OQS_ASN1_METHODS(falcon512, OQS_SIG_alg_falcon_512, EVP_PKEY_FALCON512)
-DEFINE_OQS_PKEY_ASN1_METHOD(falcon512, EVP_PKEY_FALCON512, OID(0x2B, 0xCE, 0x0F, 0x03, 0x06))
+DEFINE_OQS_PKEY_ASN1_METHOD(falcon512, EVP_PKEY_FALCON512, OID(0x2B, 0xCE, 0x0F, 0x03, 0x0B))
+
+DEFINE_OQS_ASN1_METHODS(falconpadded512, OQS_SIG_alg_falcon_padded_512, EVP_PKEY_FALCONPADDED512)
+DEFINE_OQS_PKEY_ASN1_METHOD(falconpadded512, EVP_PKEY_FALCONPADDED512, OID(0x2B, 0xCE, 0x0F, 0x03, 0x10))
 
 DEFINE_OQS_ASN1_METHODS(falcon1024, OQS_SIG_alg_falcon_1024, EVP_PKEY_FALCON1024)
-DEFINE_OQS_PKEY_ASN1_METHOD(falcon1024, EVP_PKEY_FALCON1024, OID(0x2B, 0xCE, 0x0F, 0x03, 0x09))
+DEFINE_OQS_PKEY_ASN1_METHOD(falcon1024, EVP_PKEY_FALCON1024, OID(0x2B, 0xCE, 0x0F, 0x03, 0x0E))
+
+DEFINE_OQS_ASN1_METHODS(falconpadded1024, OQS_SIG_alg_falcon_padded_1024, EVP_PKEY_FALCONPADDED1024)
+DEFINE_OQS_PKEY_ASN1_METHOD(falconpadded1024, EVP_PKEY_FALCONPADDED1024, OID(0x2B, 0xCE, 0x0F, 0x03, 0x13))
 
 DEFINE_OQS_ASN1_METHODS(sphincssha2128fsimple, OQS_SIG_alg_sphincs_sha2_128f_simple, EVP_PKEY_SPHINCSSHA2128FSIMPLE)
 DEFINE_OQS_PKEY_ASN1_METHOD(sphincssha2128fsimple, EVP_PKEY_SPHINCSSHA2128FSIMPLE, OID(0x2B, 0xCE, 0x0F, 0x06, 0x04, 0x0D))

crypto/obj/obj_dat.h

@@ -57,7 +57,7 @@
 /* This file is generated by crypto/obj/objects.go. */
 
 
-#define NUM_NID 1243
+#define NUM_NID 1245
 
 static const uint8_t kObjectData[] = {
     /* NID_rsadsi */
@@ -7166,13 +7166,13 @@ static const uint8_t kObjectData[] = {
     0xce,
     0x0f,
     0x03,
-    0x06,
+    0x0b,
     /* NID_falcon1024 */
     0x2b,
     0xce,
     0x0f,
     0x03,
-    0x09,
+    0x0e,
     /* NID_dilithium5 */
     0x2b,
     0x06,
@@ -7305,6 +7305,18 @@ static const uint8_t kObjectData[] = {
     0x0c,
     0x08,
     0x07,
+    /* NID_falconpadded512 */
+    0x2b,
+    0xce,
+    0x0f,
+    0x03,
+    0x10,
+    /* NID_falconpadded1024 */
+    0x2b,
+    0xce,
+    0x0f,
+    0x03,
+    0x13,
 };
 
 static const ASN1_OBJECT kObjects[NUM_NID] = {
@@ -9247,6 +9259,10 @@ static const ASN1_OBJECT kObjects[NUM_NID] = {
     {"mldsa44", "mldsa44", NID_mldsa44, 11, &kObjectData[6311], 0},
     {"mldsa65", "mldsa65", NID_mldsa65, 11, &kObjectData[6322], 0},
     {"mldsa87", "mldsa87", NID_mldsa87, 11, &kObjectData[6333], 0},
+    {"falconpadded512", "falconpadded512", NID_falconpadded512, 5,
+     &kObjectData[6344], 0},
+    {"falconpadded1024", "falconpadded1024", NID_falconpadded1024, 5,
+     &kObjectData[6349], 0},
 };
 
 static const uint16_t kNIDsInShortNameOrder[] = {
@@ -9596,6 +9612,8 @@ static const uint16_t kNIDsInShortNameOrder[] = {
     867 /* facsimileTelephoneNumber */,
     1146 /* falcon1024 */,
     1145 /* falcon512 */,
+    1244 /* falconpadded1024 */,
+    1243 /* falconpadded512 */,
     462 /* favouriteDrink */,
     857 /* freshestCRL */,
     453 /* friendlyCountry */,
@@ -10621,6 +10639,8 @@ static const uint16_t kNIDsInLongNameOrder[] = {
     867 /* facsimileTelephoneNumber */,
     1146 /* falcon1024 */,
     1145 /* falcon512 */,
+    1244 /* falconpadded1024 */,
+    1243 /* falconpadded512 */,
     462 /* favouriteDrink */,
     453 /* friendlyCountry */,
     490 /* friendlyCountryName */,
@@ -11286,8 +11306,8 @@ static const uint16_t kNIDsInLongNameOrder[] = {
 static const uint16_t kNIDsInOIDOrder[] = {
     434 /* 0.9 (OBJ_data) */,
     182 /* 1.2 (OBJ_member_body) */,
-    379 /* 1.3 (OBJ_org) */,
     676 /* 1.3 (OBJ_identified_organization) */,
+    379 /* 1.3 (OBJ_org) */,
     11 /* 2.5 (OBJ_X500) */,
     647 /* 2.23 (OBJ_international_organizations) */,
     380 /* 1.3.6 (OBJ_dod) */,
@@ -11569,8 +11589,10 @@ static const uint16_t kNIDsInOIDOrder[] = {
     732 /* 1.3.132.0.37 (OBJ_sect409r1) */,
     733 /* 1.3.132.0.38 (OBJ_sect571k1) */,
     734 /* 1.3.132.0.39 (OBJ_sect571r1) */,
-    1145 /* 1.3.9999.3.6 (OBJ_falcon512) */,
-    1146 /* 1.3.9999.3.9 (OBJ_falcon1024) */,
+    1145 /* 1.3.9999.3.11 (OBJ_falcon512) */,
+    1146 /* 1.3.9999.3.14 (OBJ_falcon1024) */,
+    1243 /* 1.3.9999.3.16 (OBJ_falconpadded512) */,
+    1244 /* 1.3.9999.3.19 (OBJ_falconpadded1024) */,
     624 /* 2.23.42.3.0.0 (OBJ_set_rootKeyThumb) */,
     625 /* 2.23.42.3.0.1 (OBJ_set_addPolicy) */,
     626 /* 2.23.42.3.2.1 (OBJ_setAttr_Token_EMV) */,

crypto/obj/obj_mac.num

@@ -1013,3 +1013,5 @@ p521_mlkem1024		1239
 mldsa44		1240
 mldsa65		1241
 mldsa87		1242
+falconpadded512		1243
+falconpadded1024		1244

crypto/obj/obj_xref.c

@@ -97,7 +97,9 @@ static const nid_triple kTriples[] = {
     {NID_mldsa65, NID_sha384, NID_mldsa65},
     {NID_mldsa87, NID_sha512, NID_mldsa87},
     {NID_falcon512, NID_sha256, NID_falcon512},
+    {NID_falconpadded512, NID_sha256, NID_falconpadded512},
     {NID_falcon1024, NID_sha512, NID_falcon1024},
+    {NID_falconpadded1024, NID_sha512, NID_falconpadded1024},
     {NID_sphincssha2128fsimple, NID_sha256, NID_sphincssha2128fsimple},
     {NID_sphincssha2128ssimple, NID_sha256, NID_sphincssha2128ssimple},
     {NID_sphincssha2192fsimple, NID_sha384, NID_sphincssha2192fsimple},

crypto/obj/objects.txt

@@ -1410,8 +1410,10 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
 1 3 6 1 4 1 2 267 12 4 4 : mldsa44 : mldsa44
 1 3 6 1 4 1 2 267 12 6 5 : mldsa65 : mldsa65
 1 3 6 1 4 1 2 267 12 8 7 : mldsa87 : mldsa87
-1 3 9999 3 6 : falcon512 : falcon512
-1 3 9999 3 9 : falcon1024 : falcon1024
+1 3 9999 3 11 : falcon512 : falcon512
+1 3 9999 3 16 : falconpadded512 : falconpadded512
+1 3 9999 3 14 : falcon1024 : falcon1024
+1 3 9999 3 19 : falconpadded1024 : falconpadded1024
 1 3 9999 6 4 13 : sphincssha2128fsimple : sphincssha2128fsimple
 1 3 9999 6 4 16 : sphincssha2128ssimple : sphincssha2128ssimple
 1 3 9999 6 5 10 : sphincssha2192fsimple : sphincssha2192fsimple

crypto/x509/algorithm.c

@@ -102,7 +102,9 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
       pkey_id == EVP_PKEY_MLDSA65 ||
       pkey_id == EVP_PKEY_MLDSA87 ||
       pkey_id == EVP_PKEY_FALCON512 ||
+      pkey_id == EVP_PKEY_FALCONPADDED512 ||
       pkey_id == EVP_PKEY_FALCON1024 ||
+      pkey_id == EVP_PKEY_FALCONPADDED1024 ||
       pkey_id == EVP_PKEY_SPHINCSSHA2128FSIMPLE ||
       pkey_id == EVP_PKEY_SPHINCSSHA2128SSIMPLE ||
       pkey_id == EVP_PKEY_SPHINCSSHA2192FSIMPLE ||

include/openssl/evp.h

@@ -190,7 +190,9 @@ OPENSSL_EXPORT EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey);
 #define EVP_PKEY_MLDSA65 NID_mldsa65
 #define EVP_PKEY_MLDSA87 NID_mldsa87
 #define EVP_PKEY_FALCON512 NID_falcon512
+#define EVP_PKEY_FALCONPADDED512 NID_falconpadded512
 #define EVP_PKEY_FALCON1024 NID_falcon1024
+#define EVP_PKEY_FALCONPADDED1024 NID_falconpadded1024
 #define EVP_PKEY_SPHINCSSHA2128FSIMPLE NID_sphincssha2128fsimple
 #define EVP_PKEY_SPHINCSSHA2128SSIMPLE NID_sphincssha2128ssimple
 #define EVP_PKEY_SPHINCSSHA2192FSIMPLE NID_sphincssha2192fsimple
@@ -212,7 +214,9 @@ OPENSSL_EXPORT EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey);
    (pkey_id == NID_mldsa65) || \
    (pkey_id == NID_mldsa87) || \
    (pkey_id == NID_falcon512) || \
+   (pkey_id == NID_falconpadded512) || \
    (pkey_id == NID_falcon1024) || \
+   (pkey_id == NID_falconpadded1024) || \
    (pkey_id == NID_sphincssha2128fsimple) || \
    (pkey_id == NID_sphincssha2128ssimple) || \
    (pkey_id == NID_sphincssha2192fsimple) || \

include/openssl/nid.h

@@ -4340,12 +4340,12 @@ extern "C" {
 #define SN_falcon512 "falcon512"
 #define LN_falcon512 "falcon512"
 #define NID_falcon512 1145
-#define OBJ_falcon512 1L, 3L, 9999L, 3L, 6L
+#define OBJ_falcon512 1L, 3L, 9999L, 3L, 11L
 
 #define SN_falcon1024 "falcon1024"
 #define LN_falcon1024 "falcon1024"
 #define NID_falcon1024 1146
-#define OBJ_falcon1024 1L, 3L, 9999L, 3L, 9L
+#define OBJ_falcon1024 1L, 3L, 9999L, 3L, 14L
 
 #define SN_dilithium5 "dilithium5"
 #define LN_dilithium5 "dilithium5"
@@ -4478,6 +4478,16 @@ extern "C" {
 #define NID_mldsa87 1242
 #define OBJ_mldsa87 1L, 3L, 6L, 1L, 4L, 1L, 2L, 267L, 12L, 8L, 7L
 
+#define SN_falconpadded512 "falconpadded512"
+#define LN_falconpadded512 "falconpadded512"
+#define NID_falconpadded512 1243
+#define OBJ_falconpadded512 1L, 3L, 9999L, 3L, 16L
+
+#define SN_falconpadded1024 "falconpadded1024"
+#define LN_falconpadded1024 "falconpadded1024"
+#define NID_falconpadded1024 1244
+#define OBJ_falconpadded1024 1L, 3L, 9999L, 3L, 19L
+
 
 #if defined(__cplusplus)
 } /* extern C */

include/openssl/ssl.h

@@ -1077,8 +1077,10 @@ OPENSSL_EXPORT int SSL_set_ocsp_response(SSL *ssl,
 #define SSL_SIGN_MLDSA44 0xfed0
 #define SSL_SIGN_MLDSA65 0xfed1
 #define SSL_SIGN_MLDSA87 0xfed2
-#define SSL_SIGN_FALCON512 0xfeae
-#define SSL_SIGN_FALCON1024 0xfeb1
+#define SSL_SIGN_FALCON512 0xfed7
+#define SSL_SIGN_FALCONPADDED512 0xfedc
+#define SSL_SIGN_FALCON1024 0xfeda
+#define SSL_SIGN_FALCONPADDED1024 0xfedf
 #define SSL_SIGN_SPHINCSSHA2128FSIMPLE 0xfeb3
 #define SSL_SIGN_SPHINCSSHA2128SSIMPLE 0xfeb6
 #define SSL_SIGN_SPHINCSSHA2192FSIMPLE 0xfeb9

oqs_scripts/test_with_interop_server.py

@@ -63,7 +63,9 @@
         'mldsa65',
         'mldsa87',
         'falcon512',
+        'falconpadded512',
         'falcon1024',
+        'falconpadded1024',
         'sphincssha2128fsimple',
         'sphincssha2128ssimple',
         'sphincssha2192fsimple',

oqs_scripts/try_handshake.py

@@ -66,7 +66,9 @@
         'mldsa65',
         'mldsa87',
         'falcon512',
+        'falconpadded512',
         'falcon1024',
+        'falconpadded1024',
         'sphincssha2128fsimple',
         'sphincssha2128ssimple',
         'sphincssha2192fsimple',

oqs_template/generate.yml

@@ -165,18 +165,34 @@ sigs:
   -
     family: 'Falcon'
     name: 'falcon512'
-    oid: '1 3 9999 3 6'
-    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x06'
+    oid: '1 3 9999 3 11'
+    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x0B'
     oqs_meth: 'OQS_SIG_alg_falcon_512'
-    code_point: '0xfeae'
+    code_point: '0xfed7'
+    claimed_security_level: '1'
+  -
+    family: 'Falcon'
+    name: 'falconpadded512'
+    oid: '1 3 9999 3 16'
+    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x10'
+    oqs_meth: 'OQS_SIG_alg_falcon_padded_512'
+    code_point: '0xfedc'
     claimed_security_level: '1'
   -
     family: 'Falcon'
     name: 'falcon1024'
-    oid: '1 3 9999 3 9'
-    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x09'
+    oid: '1 3 9999 3 14'
+    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x0E'
     oqs_meth: 'OQS_SIG_alg_falcon_1024'
-    code_point: '0xfeb1'
+    code_point: '0xfeda'
+    claimed_security_level: '5'
+  -
+    family: 'Falcon'
+    name: 'falconpadded1024'
+    oid: '1 3 9999 3 19'
+    oid_encoded: '0x2B, 0xCE, 0x0F, 0x03, 0x13'
+    oqs_meth: 'OQS_SIG_alg_falcon_padded_1024'
+    code_point: '0xfedf'
     claimed_security_level: '5'
   -
     family: 'SPHINCS-SHA2'

pki/signature_algorithm.cc

@@ -130,8 +130,10 @@ const uint8_t kOidDilithium5[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b
 const uint8_t kOidMldsa44[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x04, 0x04};
 const uint8_t kOidMldsa65[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x06, 0x05};
 const uint8_t kOidMldsa87[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x08, 0x07};
-const uint8_t kOidFalcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x06};
-const uint8_t kOidFalcon1024[] = {0x2b, 0xce, 0x0f, 0x03, 0x09};
+const uint8_t kOidFalcon512[] = {0x2b, 0xce, 0x0f, 0x03, 0x0b};
+const uint8_t kOidFalconpadded512[] = {0x2b, 0xce, 0x0f, 0x03, 0x10};
+const uint8_t kOidFalcon1024[] = {0x2b, 0xce, 0x0f, 0x03, 0x0e};
+const uint8_t kOidFalconpadded1024[] = {0x2b, 0xce, 0x0f, 0x03, 0x13};
 const uint8_t kOidSphincssha2128fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x0d};
 const uint8_t kOidSphincssha2128ssimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x04, 0x10};
 const uint8_t kOidSphincssha2192fsimple[] = {0x2b, 0xce, 0x0f, 0x06, 0x05, 0x0a};
@@ -421,9 +423,15 @@ std::optional<SignatureAlgorithm> ParseSignatureAlgorithm(
   if (oid == der::Input(kOidFalcon512)) {
     return SignatureAlgorithm::kFalcon512;
   }
+  if (oid == der::Input(kOidFalconpadded512)) {
+    return SignatureAlgorithm::kFalconpadded512;
+  }
   if (oid == der::Input(kOidFalcon1024)) {
     return SignatureAlgorithm::kFalcon1024;
   }
+  if (oid == der::Input(kOidFalconpadded1024)) {
+    return SignatureAlgorithm::kFalconpadded1024;
+  }
   if (oid == der::Input(kOidSphincssha2128fsimple)) {
     return SignatureAlgorithm::kSphincssha2128fsimple;
   }
@@ -499,6 +507,7 @@ std::optional<DigestAlgorithm> GetTlsServerEndpointDigestAlgorithm(
     case SignatureAlgorithm::kDilithium2:
     case SignatureAlgorithm::kMldsa44:
     case SignatureAlgorithm::kFalcon512:
+    case SignatureAlgorithm::kFalconpadded512:
     case SignatureAlgorithm::kSphincssha2128fsimple:
     case SignatureAlgorithm::kSphincssha2128ssimple:
     case SignatureAlgorithm::kSphincsshake128fsimple:
@@ -516,6 +525,7 @@ std::optional<DigestAlgorithm> GetTlsServerEndpointDigestAlgorithm(
     case SignatureAlgorithm::kDilithium5:
     case SignatureAlgorithm::kMldsa87:
     case SignatureAlgorithm::kFalcon1024:
+    case SignatureAlgorithm::kFalconpadded1024:
     case SignatureAlgorithm::kSphincssha2256fsimple:
     case SignatureAlgorithm::kSphincssha2256ssimple:
     case SignatureAlgorithm::kSphincsshake256fsimple: