From 78e34ff08c87cc8fa217b76453af5a97ee407f35 Mon Sep 17 00:00:00 2001
From: Basil Hess <bhe@zurich.ibm.com>
Date: Wed, 18 Sep 2024 23:27:47 -0700
Subject: [PATCH] Update x25519_mlkem768 code point

Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
---
 ALGORITHMS.md                          | 2 +-
 oqs-template/generate.yml              | 3 +--
 oqs-template/oqs-kem-info.md           | 2 +-
 oqsprov/oqsprov_capabilities.c         | 2 +-
 scripts/oqsprovider-externalinterop.sh | 4 +---
 5 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/ALGORITHMS.md b/ALGORITHMS.md
index 236cef8a..5f6a023f 100644
--- a/ALGORITHMS.md
+++ b/ALGORITHMS.md
@@ -44,7 +44,7 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | mlkem768 | 0x0768 | Yes | OQS_CODEPOINT_MLKEM768 |
 | p384_mlkem768 | 0x2F4C | Yes | OQS_CODEPOINT_P384_MLKEM768 |
 | x448_mlkem768 | 0x2FB7 | Yes | OQS_CODEPOINT_X448_MLKEM768 |
-| x25519_mlkem768 | 0x2FB8 | Yes | OQS_CODEPOINT_X25519_MLKEM768 |
+| x25519_mlkem768 | 0x11ec | Yes | OQS_CODEPOINT_X25519_MLKEM768 |
 | p256_mlkem768 | 4587 | Yes | OQS_CODEPOINT_P256_MLKEM768 |
 | mlkem1024 | 0x1024 | Yes | OQS_CODEPOINT_MLKEM1024 |
 | p521_mlkem1024 | 0x2F4D | Yes | OQS_CODEPOINT_P521_MLKEM1024 |
diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
index ee42c2ee..f3addb77 100644
--- a/oqs-template/generate.yml
+++ b/oqs-template/generate.yml
@@ -182,9 +182,8 @@ kems:
         - hybrid_group: "x448"
 # code point not standardized: Why? XXX
           nid: '0x2FB7'
-# To change when hybrid order change implemented, see https://github.com/open-quantum-safe/oqs-provider/issues/503
         - hybrid_group: "x25519"
-          nid: '0x2FB8'
+          nid: '0x11ec'
         - hybrid_group: "p256"
 # https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations
           nid: '4587'
diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md
index db953c5b..2c0620c8 100644
--- a/oqs-template/oqs-kem-info.md
+++ b/oqs-template/oqs-kem-info.md
@@ -92,7 +92,7 @@
 | ML-KEM         | ML-KEM                   | mlkem512       | FIPS203      |                    1 | 0x2F4B       | secp256_r1                       |
 | ML-KEM         | ML-KEM                   | mlkem512       | FIPS203      |                    1 | 0x2FB6       | x25519                           |
 | ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 0x0768       |                                  |
+| ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 0x11ec       | x25519                           |
 | ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 0x2F4C       | secp384_r1                       |
 | ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 0x2FB7       | x448                             |
-| ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 0x2FB8       | x25519                           |
 | ML-KEM         | ML-KEM                   | mlkem768       | FIPS203      |                    3 | 4587         | p256                             |
diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c
index d51631b0..1474fd44 100644
--- a/oqsprov/oqsprov_capabilities.c
+++ b/oqsprov/oqsprov_capabilities.c
@@ -78,7 +78,7 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = {
 
     {0x2F4C, 192, TLS1_3_VERSION, 0, -1, -1, 1},
     {0x2FB7, 192, TLS1_3_VERSION, 0, -1, -1, 1},
-    {0x2FB8, 192, TLS1_3_VERSION, 0, -1, -1, 1},
+    {0x11ec, 192, TLS1_3_VERSION, 0, -1, -1, 1},
     {4587, 192, TLS1_3_VERSION, 0, -1, -1, 1},
     {0x1024, 256, TLS1_3_VERSION, 0, -1, -1, 1},
 
diff --git a/scripts/oqsprovider-externalinterop.sh b/scripts/oqsprovider-externalinterop.sh
index 5a6e3129..5457a42d 100755
--- a/scripts/oqsprovider-externalinterop.sh
+++ b/scripts/oqsprovider-externalinterop.sh
@@ -29,9 +29,7 @@ fi
 # Ascertain algorithms are available:
 
 # skipping these tests for now as per https://mailarchive.ietf.org/arch/msg/tls/hli5ogDbUudAA4tZXskVbOqeor4
-# TBD replace with suitable ML-KEM hybrid tests as and when available XXX 
-
-exit 0
+# TBD replace with suitable ML-KEM hybrid tests as and when available XXX
 
 echo " Cloudflare:"