updated (O)IDs for interop test branch

open-quantum-safe · Sep 21, 2023 · 4588019 · 4588019
1 parent 9fffe3b
commit 4588019
Show file tree

Hide file tree

Showing 6 changed files with 150 additions and 80 deletions.
diff --git a/ALGORITHMS.md b/ALGORITHMS.md
@@ -28,16 +28,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p521_frodo1344aes | 0x2F04 | Yes | OQS_CODEPOINT_P521_FRODO1344AES |
 | frodo1344shake | 0x0205 | Yes | OQS_CODEPOINT_FRODO1344SHAKE |
 | p521_frodo1344shake | 0x2F05 | Yes | OQS_CODEPOINT_P521_FRODO1344SHAKE |
-| kyber512 | 0x023A | Yes | OQS_CODEPOINT_KYBER512 |
-| p256_kyber512 | 0x2F3A | Yes | OQS_CODEPOINT_P256_KYBER512 |
-| x25519_kyber512 | 0x2F39 | Yes | OQS_CODEPOINT_X25519_KYBER512 |
-| kyber768 | 0x023C | Yes | OQS_CODEPOINT_KYBER768 |
-| p384_kyber768 | 0x2F3C | Yes | OQS_CODEPOINT_P384_KYBER768 |
-| x448_kyber768 | 0x2F90 | Yes | OQS_CODEPOINT_X448_KYBER768 |
-| x25519_kyber768 | 0x6399 | Yes | OQS_CODEPOINT_X25519_KYBER768 |
-| p256_kyber768 | 0x639A | Yes | OQS_CODEPOINT_P256_KYBER768 |
-| kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 |
-| p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 |
+| kyber512 | 0x0244 | Yes | OQS_CODEPOINT_KYBER512 |
+| p256_kyber512 | 0x2F44 | Yes | OQS_CODEPOINT_P256_KYBER512 |
+| x25519_kyber512 | 0x2FB0 | Yes | OQS_CODEPOINT_X25519_KYBER512 |
+| kyber768 | 0x0245 | Yes | OQS_CODEPOINT_KYBER768 |
+| p384_kyber768 | 0x2F45 | Yes | OQS_CODEPOINT_P384_KYBER768 |
+| x448_kyber768 | 0x2FB1 | Yes | OQS_CODEPOINT_X448_KYBER768 |
+| x25519_kyber768 | 0x2FB2 | Yes | OQS_CODEPOINT_X25519_KYBER768 |
+| p256_kyber768 | 0x2FB3 | Yes | OQS_CODEPOINT_P256_KYBER768 |
+| kyber1024 | 0x0246 | Yes | OQS_CODEPOINT_KYBER1024 |
+| p521_kyber1024 | 0x2F46 | Yes | OQS_CODEPOINT_P521_KYBER1024 |
 | bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 |
 | p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 |
 | x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 |
@@ -54,13 +54,13 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | x448_hqc192 | 0x2FAD | Yes | OQS_CODEPOINT_X448_HQC192 |
 | hqc256 | 0x022E | Yes | OQS_CODEPOINT_HQC256 |
 | p521_hqc256 | 0x2F2E | Yes | OQS_CODEPOINT_P521_HQC256 |
-| dilithium2 | 0xfea0 |Yes| OQS_CODEPOINT_DILITHIUM2
-| p256_dilithium2 | 0xfea1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2
-| rsa3072_dilithium2 | 0xfea2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2
-| dilithium3 | 0xfea3 |Yes| OQS_CODEPOINT_DILITHIUM3
-| p384_dilithium3 | 0xfea4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3
-| dilithium5 | 0xfea5 |Yes| OQS_CODEPOINT_DILITHIUM5
-| p521_dilithium5 | 0xfea6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5
+| dilithium2 | 0xfed0 |Yes| OQS_CODEPOINT_DILITHIUM2
+| p256_dilithium2 | 0xfed1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2
+| rsa3072_dilithium2 | 0xfed2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2
+| dilithium3 | 0xfed3 |Yes| OQS_CODEPOINT_DILITHIUM3
+| p384_dilithium3 | 0xfed4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3
+| dilithium5 | 0xfed5 |Yes| OQS_CODEPOINT_DILITHIUM5
+| p521_dilithium5 | 0xfed6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5
 | falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512
 | p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512
 | rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
@@ -119,13 +119,13 @@ adapting the OIDs of all supported signature algorithms as per the table below.
 <!--- OQS_TEMPLATE_FRAGMENT_OIDS_START -->
 |Algorithm name |    default OID    | enabled | environment variable |
 |---------------|:-----------------:|:-------:|----------------------|
-| dilithium2 | 1.3.6.1.4.1.2.267.7.4.4 |Yes| OQS_OID_DILITHIUM2
-| p256_dilithium2 | 1.3.9999.2.7.1 |Yes| OQS_OID_P256_DILITHIUM2
-| rsa3072_dilithium2 | 1.3.9999.2.7.2 |Yes| OQS_OID_RSA3072_DILITHIUM2
-| dilithium3 | 1.3.6.1.4.1.2.267.7.6.5 |Yes| OQS_OID_DILITHIUM3
-| p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3
-| dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5
-| p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5
+| dilithium2 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_DILITHIUM2
+| p256_dilithium2 | 1.3.9999.2.7.5 |Yes| OQS_OID_P256_DILITHIUM2
+| rsa3072_dilithium2 | 1.3.9999.2.7.6 |Yes| OQS_OID_RSA3072_DILITHIUM2
+| dilithium3 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_DILITHIUM3
+| p384_dilithium3 | 1.3.9999.2.7.7 |Yes| OQS_OID_P384_DILITHIUM3
+| dilithium5 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_DILITHIUM5
+| p521_dilithium5 | 1.3.9999.2.7.8 |Yes| OQS_OID_P521_DILITHIUM5
 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512
 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512
 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -25,7 +25,7 @@ else()
   set(OQS_ADDL_SOCKET_LIBS "")
 endif()
 
-option(NOPUBKEY_IN_PRIVKEY "Do not include public keys in private key structures/PKCS#8 " OFF)
+option(NOPUBKEY_IN_PRIVKEY "Do not include public keys in private key structures/PKCS#8 " ON)
 if(${NOPUBKEY_IN_PRIVKEY})
     message(STATUS "Build will not store public keys alongside private keys in PKCS#8 structures")
     add_compile_definitions( NOPUBKEY_IN_PRIVKEY )

diff --git a/oqs-template/generate.py b/oqs-template/generate.py
@@ -239,4 +239,4 @@ def load_config(include_disabled_sigs=False):
 populate('README.md', config2, '<!---')
 print("All files generated")
 os.environ["LIBOQS_DOCS_DIR"]=os.path.join(os.environ["LIBOQS_SRC_DIR"], "docs")
-import generate_oid_nid_table
+#import generate_oid_nid_table
diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
@@ -1,5 +1,5 @@
 # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs
-# Next free plain KEM ID: 0x0244, p-hybrid: 0x2F44, X-hybrid: 0x2FB0
+# Next free plain KEM ID: 0x0247, p-hybrid: 0x2F47, X-hybrid: 0x2FB4
 kems:
   -
     family: 'FrodoKEM'
@@ -84,14 +84,25 @@ kems:
   -
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber512'
-    nid: '0x023A'
-    nid_hybrid: '0x2F3A'
+    nid: '0x0244'
+    nid_hybrid: '0x2F44'
     oqs_alg: 'OQS_KEM_alg_kyber_512'
     extra_nids:
       current:
         - hybrid_group: "x25519"
-          nid: '0x2F39'
+          nid: '0x2FB0'
       old:
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          nid: '0x023A'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: secp256_r1
+          nid: '0x2F3A'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: x25519
+          nid: '0x2F39'
         - implementation_version: NIST Round 2 submission
           nist-round: 2
           nid: '0x020F'
@@ -106,17 +117,32 @@ kems:
   -
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber768'
-    nid: '0x023C'
-    nid_hybrid: '0x2F3C'
+    nid: '0x0245'
+    nid_hybrid: '0x2F45'
     extra_nids:
       current:
         - hybrid_group: "x448"
-          nid: '0x2F90'
+          nid: '0x2FB1'
         - hybrid_group: "x25519"
-          nid: '0x6399'
+          nid: '0x2FB2'
         - hybrid_group: "p256"
-          nid: '0x639A'
+          nid: '0x2FB3'
       old:
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          nid: '0x023C'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: secp384_r1
+          nid: '0x2F3C'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: x25519
+          nid: '0x6399'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: x448
+          nid: '0x639A'
         - implementation_version: NIST Round 2 submission
           nist-round: 2
           nid: '0x0210'
@@ -128,10 +154,17 @@ kems:
   -
     family: 'CRYSTALS-Kyber'
     name_group: 'kyber1024'
-    nid: '0x023D'
-    nid_hybrid: '0x2F3D'
+    nid: '0x0246'
+    nid_hybrid: '0x2F46'
     extra_nids:
       old:
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          nid: '0x023D'
+        - implementation_version: NIST Round 3 submission
+          nist-round: 3
+          hybrid_group: secp521_r1
+          nid: '0x2F3D'
         - implementation_version: NIST Round 2 submission
           nist-round: 2
           nid: '0x0211'
@@ -320,7 +353,7 @@ kem_nid_end: '0x0250'
 kem_nid_hybrid_end: '0x2FFF'
 # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values
 
-# Next free signature ID: 0xfed0
+# Next free signature ID: 0xfed7
 sigs:
   # -
     # iso (1)
@@ -366,42 +399,79 @@ sigs:
         name: 'dilithium2'
         pretty_name: 'Dilithium2'
         oqs_meth: 'OQS_SIG_alg_dilithium_2'
-        oid: '1.3.6.1.4.1.2.267.7.4.4'
-        code_point: '0xfea0'
+        oid: '1.3.6.1.4.1.2.267.12.4.4'
+        code_point: '0xfed0'
         supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
         enable: true
         mix_with: [{'name': 'p256',
                     'pretty_name': 'ECDSA p256',
-                    'oid': '1.3.9999.2.7.1',
-                    'code_point': '0xfea1'},
+                    'oid': '1.3.9999.2.7.5',
+                    'code_point': '0xfed1'},
                    {'name': 'rsa3072',
                     'pretty_name': 'RSA3072',
-                    'oid': '1.3.9999.2.7.2',
-                    'code_point': '0xfea2'}]
+                    'oid': '1.3.9999.2.7.6',
+                    'code_point': '0xfed2'}]
+        extra_nids:
+          old:
+            - implementation_version: NIST Round 3 submission
+              nist-round: 3
+              oid: '1.3.6.1.4.1.2.267.7.4.4'
+              code_point: '0xfea0'
+              supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
+              mix_with: [{'name': 'p256',
+                          'pretty_name': 'ECDSA p256',
+                          'oid': '1.3.9999.2.7.1',
+                          'code_point': '0xfea1'},
+                         {'name': 'rsa3072',
+                          'pretty_name': 'RSA3072',
+                          'oid': '1.3.9999.2.7.2',
+                          'code_point': '0xfea2'}]
       -
         name: 'dilithium3'
         pretty_name: 'Dilithium3'
         oqs_meth: 'OQS_SIG_alg_dilithium_3'
-        oid: '1.3.6.1.4.1.2.267.7.6.5'
-        code_point: '0xfea3'
+        oid: '1.3.6.1.4.1.2.267.12.6.5'
+        code_point: '0xfed3'
         supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
         enable: true
         mix_with: [{'name': 'p384',
                     'pretty_name': 'ECDSA p384',
-                    'oid': '1.3.9999.2.7.3',
-                    'code_point': '0xfea4'}]
+                    'oid': '1.3.9999.2.7.7',
+                    'code_point': '0xfed4'}]
+        extra_nids:
+          old:
+            - implementation_version: NIST Round 3 submission
+              nist-round: 3
+              oid: '1.3.6.1.4.1.2.267.7.6.5'
+              code_point: '0xfea3'
+              supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
+              mix_with: [{'name': 'p384',
+                          'pretty_name': 'ECDSA p384',
+                          'oid': '1.3.9999.2.7.3',
+                          'code_point': '0xfea4'}]
       -
         name: 'dilithium5'
         pretty_name: 'Dilithium5'
         oqs_meth: 'OQS_SIG_alg_dilithium_5'
-        oid: '1.3.6.1.4.1.2.267.7.8.7'
-        code_point: '0xfea5'
+        oid: '1.3.6.1.4.1.2.267.12.8.7'
+        code_point: '0xfed5'
         supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
         enable: true
         mix_with: [{'name': 'p521',
                     'pretty_name': 'ECDSA p521',
-                    'oid': '1.3.9999.2.7.4',
-                    'code_point': '0xfea6'}]
+                    'oid': '1.3.9999.2.7.8',
+                    'code_point': '0xfed6'}]
+        extra_nids:
+          old:
+            - implementation_version: NIST Round 3 submission
+              nist-round: 3
+              oid: '1.3.6.1.4.1.2.267.7.8.7'
+              code_point: '0xfea5'
+              supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk']
+              mix_with: [{'name': 'p521',
+                          'pretty_name': 'ECDSA p521',
+                          'oid': '1.3.9999.2.7.4',
+                          'code_point': '0xfea6'}]
       -
         name: 'dilithium2_aes'
         pretty_name: 'Dilithium2_AES'

diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c
@@ -49,19 +49,19 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities;
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START
 #define OQS_OID_CNT 46
 const char *oqs_oid_alg_list[OQS_OID_CNT] = {
-    "1.3.6.1.4.1.2.267.7.4.4",
+    "1.3.6.1.4.1.2.267.12.4.4",
     "dilithium2",
-    "1.3.9999.2.7.1",
+    "1.3.9999.2.7.5",
     "p256_dilithium2",
-    "1.3.9999.2.7.2",
+    "1.3.9999.2.7.6",
     "rsa3072_dilithium2",
-    "1.3.6.1.4.1.2.267.7.6.5",
+    "1.3.6.1.4.1.2.267.12.6.5",
     "dilithium3",
-    "1.3.9999.2.7.3",
+    "1.3.9999.2.7.7",
     "p384_dilithium3",
-    "1.3.6.1.4.1.2.267.7.8.7",
+    "1.3.6.1.4.1.2.267.12.8.7",
     "dilithium5",
-    "1.3.9999.2.7.4",
+    "1.3.9999.2.7.8",
     "p521_dilithium5",
     "1.3.9999.3.6",
     "falcon512",

diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c
@@ -57,19 +57,19 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = {
     {0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1},
 
     {0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1},
 
-    {0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1},
 
-    {0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2FB2, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2FB3, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1},
 
-    {0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1},
     {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1},
 
     {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1},
@@ -231,10 +231,10 @@ typedef struct oqs_sigalg_constants_st {
 static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = {
     // ad-hoc assignments - take from OQS generate data structures
     ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_START
-    {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0},
-    {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0},
-    {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0},
-    {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0},
+    {0xfed0, 128, TLS1_3_VERSION, 0}, {0xfed1, 128, TLS1_3_VERSION, 0},
+    {0xfed2, 128, TLS1_3_VERSION, 0}, {0xfed3, 192, TLS1_3_VERSION, 0},
+    {0xfed4, 192, TLS1_3_VERSION, 0}, {0xfed5, 256, TLS1_3_VERSION, 0},
+    {0xfed6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0},
     {0xfeaf, 128, TLS1_3_VERSION, 0}, {0xfeb0, 128, TLS1_3_VERSION, 0},
     {0xfeb1, 256, TLS1_3_VERSION, 0}, {0xfeb2, 256, TLS1_3_VERSION, 0},
     {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0},
@@ -468,23 +468,23 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = {
 ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_START
 #    ifdef OQS_ENABLE_SIG_dilithium_2
     OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2,
-                     "1.3.6.1.4.1.2.267.7.4.4", 0),
+                     "1.3.6.1.4.1.2.267.12.4.4", 0),
     OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2,
-                     "1.3.9999.2.7.1", 1),
+                     "1.3.9999.2.7.5", 1),
     OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2,
-                     "1.3.9999.2.7.2", 2),
+                     "1.3.9999.2.7.6", 2),
 #    endif
 #    ifdef OQS_ENABLE_SIG_dilithium_3
     OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3,
-                     "1.3.6.1.4.1.2.267.7.6.5", 3),
+                     "1.3.6.1.4.1.2.267.12.6.5", 3),
     OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3,
-                     "1.3.9999.2.7.3", 4),
+                     "1.3.9999.2.7.7", 4),
 #    endif
 #    ifdef OQS_ENABLE_SIG_dilithium_5
     OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5,
-                     "1.3.6.1.4.1.2.267.7.8.7", 5),
+                     "1.3.6.1.4.1.2.267.12.8.7", 5),
     OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5,
-                     "1.3.9999.2.7.4", 6),
+                     "1.3.9999.2.7.8", 6),
 #    endif
 #    ifdef OQS_ENABLE_SIG_falcon_512
     OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 7),