Skip to content

Commit

Permalink
Kyber/ML-KEM: make both available
Browse files Browse the repository at this point in the history 
Make Kyber and ML-KEM individually available as well as at the same
time.
Modified TLS layer to support both Kyber and ML-KEM.
Added new identifiers in TLS layer for ML-KEM.
  • Loading branch information
@SparkiDev
SparkiDev committed Nov 4, 2024
1 parent 24003b2 commit c7c586a
Show file tree
Hide file tree
Showing 19 changed files with 1,375 additions and 253 deletions.
5 changes: 5 additions & 0 deletions IDE/STM32Cube/wolfssl_example.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1751,6 +1751,11 @@ static int tls13_uart_client(void)
wolfSSL_SetIOReadCtx(ssl, tbuf);

#ifdef WOLFSSL_HAVE_KYBER
#ifndef WOLFSSL_NO_ML_KEM
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ML_KEM_512) != WOLFSSL_SUCCESS) {
printf("wolfSSL_UseKeyShare Error!!");
}
#else
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
printf("wolfSSL_UseKeyShare Error!!");
}
Expand Down
36 changes: 27 additions & 9 deletions configure.ac
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1276,6 +1276,7 @@ AC_ARG_ENABLE([kyber],
)

ENABLED_WC_KYBER=no
ENABLED_ML_KEM=yes
for v in `echo $ENABLED_KYBER | tr "," " "`
do
case $v in
Expand All @@ -1301,6 +1302,10 @@ do
original)
ENABLED_ORIGINAL=yes
;;
original-only)
ENABLED_ORIGINAL=yes
ENABLED_ML_KEM=no
;;
*)
AC_MSG_ERROR([Invalid choice for KYBER []: $ENABLED_KYBER.])
break;;
Expand All @@ -1317,17 +1322,30 @@ then
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_WC_KYBER"
fi

if test "$ENABLED_KYBER512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
fi
if test "$ENABLED_KYBER768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
fi
if test "$ENABLED_KYBER1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
fi
if test "$ENABLED_ORIGINAL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KYBER_ORIGINAL"
if test "$ENABLED_KYBER512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
fi
if test "$ENABLED_KYBER768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
fi
if test "$ENABLED_KYBER1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
fi
fi
if test "$ENABLED_ML_KEM" = "yes"; then
if test "$ENABLED_KYBER512" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_512"
fi
if test "$ENABLED_KYBER768" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_768"
fi
if test "$ENABLED_KYBER1024" = ""; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM_1024"
fi
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_ML_KEM"
fi

if test "$ENABLED_WC_KYBER" = "yes"
Expand Down
10 changes: 10 additions & 0 deletions examples/benchmark/tls_bench.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -288,12 +288,22 @@ static struct group_info groups[] = {
{ WOLFSSL_FFDHE_6144, "FFDHE_6144" },
{ WOLFSSL_FFDHE_8192, "FFDHE_8192" },
#ifdef HAVE_PQC
#ifndef WOLFSSL_NO_ML_KEM
{ WOLFSSL_ML_KEM_512, "ML_KEM_512" },
{ WOLFSSL_ML_KEM_768, "ML_KEM_768" },
{ WOLFSSL_ML_KEM_1024, "ML_KEM_1024" },
{ WOLFSSL_P256_ML_KEM_512, "P256_ML_KEM_512" },
{ WOLFSSL_P384_ML_KEM_768, "P384_ML_KEM_768" },
{ WOLFSSL_P521_ML_KEM_1024, "P521_ML_KEM_1024" },
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
{ WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" },
{ WOLFSSL_KYBER_LEVEL3, "KYBER_LEVEL3" },
{ WOLFSSL_KYBER_LEVEL5, "KYBER_LEVEL5" },
{ WOLFSSL_P256_KYBER_LEVEL1, "P256_KYBER_LEVEL1" },
{ WOLFSSL_P384_KYBER_LEVEL3, "P384_KYBER_LEVEL3" },
{ WOLFSSL_P521_KYBER_LEVEL5, "P521_KYBER_LEVEL5" },
#endif
#endif
{ 0, NULL }
};
Expand Down
70 changes: 66 additions & 4 deletions examples/client/client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -398,6 +398,45 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
if (usePqc) {
int group = 0;

#ifndef WOLFSSL_NO_ML_KEM
#ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "ML_KEM_512") == 0) {
group = WOLFSSL_ML_KEM_512;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "ML_KEM_768") == 0) {
group = WOLFSSL_ML_KEM_768;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "ML_KEM_1024") == 0) {
group = WOLFSSL_ML_KEM_1024;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) {
group = WOLFSSL_P256_ML_KEM_512;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) {
group = WOLFSSL_P384_ML_KEM_768;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) {
group = WOLFSSL_P521_ML_KEM_1024;
}
else
#endif
#endif /* WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_KYBER_ORIGINAL
#ifndef WOLFSSL_NO_KYBER512
if (XSTRCMP(pqcAlg, "KYBER_LEVEL1") == 0) {
group = WOLFSSL_KYBER_LEVEL1;
Expand Down Expand Up @@ -434,6 +473,7 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
}
else
#endif
#endif /* WOLFSSL_KYBER_ORIGINAL */
{
err_sys("invalid post-quantum KEM specified");
}
Expand Down Expand Up @@ -1330,8 +1370,19 @@ static const char* client_usage_msg[][77] = {
" SSLv3(0) - TLS1.3(4)\n", /* 68 */
#endif
#ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n"
" KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 69 */
"--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512,"
"\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n"
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
"P256_KYBER_LEVEL1,\n"
" P384_KYBER_LEVEL3, P521_KYBER_LEVEL5\n"
#endif
"",
/* 69 */
#endif
#ifdef WOLFSSL_SRTP
"--srtp <profile> (default is SRTP_AES128_CM_SHA1_80)\n", /* 70 */
Expand Down Expand Up @@ -1564,8 +1615,19 @@ static const char* client_usage_msg[][77] = {
" SSLv3(0) - TLS1.3(4)\n", /* 68 */
#endif
#ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n"
" KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 69 */
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512,"
"\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n"
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
"P256_KYBER_LEVEL1,\n"
" P384_KYBER_LEVEL3, P521_KYBER_LEVEL5\n"
#endif
"",
/* 69 */
#endif
#ifdef WOLFSSL_SRTP
"--srtp <profile> (デフォルトは SRTP_AES128_CM_SHA1_80)\n", /* 70 */
Expand Down
70 changes: 66 additions & 4 deletions examples/server/server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -712,6 +712,45 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
else if (usePqc == 1) {
#ifdef HAVE_PQC
groups[count] = 0;
#ifndef WOLFSSL_NO_ML_KEM
#ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "ML_KEM_512") == 0) {
groups[count] = WOLFSSL_ML_KEM_512;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "ML_KEM_768") == 0) {
groups[count] = WOLFSSL_ML_KEM_768;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "ML_KEM_1024") == 0) {
groups[count] = WOLFSSL_ML_KEM_1024;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_512
if (XSTRCMP(pqcAlg, "P256_ML_KEM_512") == 0) {
groups[count] = WOLFSSL_P256_ML_KEM_512;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_768
if (XSTRCMP(pqcAlg, "P384_ML_KEM_768") == 0) {
groups[count] = WOLFSSL_P384_ML_KEM_768;
}
else
#endif
#ifndef WOLFSSL_NO_ML_KEM_1024
if (XSTRCMP(pqcAlg, "P521_ML_KEM_1024") == 0) {
groups[count] = WOLFSSL_P521_ML_KEM_1024;
}
else
#endif
#endif /* WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_KYBER_ORIGINAL
#ifndef WOLFSSL_NO_KYBER512
if (XSTRCMP(pqcAlg, "KYBER_LEVEL1") == 0) {
groups[count] = WOLFSSL_KYBER_LEVEL1;
Expand Down Expand Up @@ -748,6 +787,7 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
}
else
#endif
#endif
{
err_sys("invalid post-quantum KEM specified");
}
Expand Down Expand Up @@ -980,8 +1020,19 @@ static const char* server_usage_msg[][65] = {
" SSLv3(0) - TLS1.3(4)\n", /* 59 */
#endif
#ifdef HAVE_PQC
"--pqc <alg> Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n"
" KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5] \n", /* 60 */
"--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512,"
"\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n"
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
"P256_KYBER_LEVEL1,\n"
" P384_KYBER_LEVEL3, P521_KYBER_LEVEL5\n"
#endif
"",
/* 60 */
#endif
#ifdef WOLFSSL_SRTP
"--srtp <profile> (default is SRTP_AES128_CM_SHA1_80)\n", /* 61 */
Expand Down Expand Up @@ -1172,8 +1223,19 @@ static const char* server_usage_msg[][65] = {
" SSLv3(0) - TLS1.3(4)\n", /* 59 */
#endif
#ifdef HAVE_PQC
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n"
" KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 60 */
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024, P256_ML_KEM_512,"
"\n"
" P384_ML_KEM_768, P521_ML_KEM_1024\n"
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
" KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
"P256_KYBER_LEVEL1,\n"
" P384_KYBER_LEVEL3, P521_KYBER_LEVEL5\n"
#endif
"",
/* 60 */
#endif
#ifdef WOLFSSL_SRTP
"--srtp <profile> (デフォルトはSRTP_AES128_CM_SHA1_80)\n", /* 61 */
Expand Down
66 changes: 65 additions & 1 deletion src/ssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3297,6 +3297,17 @@ static int isValidCurveGroup(word16 name)
case WOLFSSL_FFDHE_8192:

#ifdef WOLFSSL_HAVE_KYBER
#ifndef WOLFSSL_NO_ML_KEM
case WOLFSSL_ML_KEM_512:
case WOLFSSL_ML_KEM_768:
case WOLFSSL_ML_KEM_1024:
#if defined(WOLFSSL_WC_KYBER) || defined(HAVE_LIBOQS)
case WOLFSSL_P256_ML_KEM_512:
case WOLFSSL_P384_ML_KEM_768:
case WOLFSSL_P521_ML_KEM_1024:
#endif
#endif /* !WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_KYBER_ORIGINAL
case WOLFSSL_KYBER_LEVEL1:
case WOLFSSL_KYBER_LEVEL3:
case WOLFSSL_KYBER_LEVEL5:
Expand All @@ -3305,6 +3316,7 @@ static int isValidCurveGroup(word16 name)
case WOLFSSL_P384_KYBER_LEVEL3:
case WOLFSSL_P521_KYBER_LEVEL5:
#endif
#endif /* WOLFSSL_KYBER_ORIGINAL */
#endif
return 1;

Expand Down Expand Up @@ -14541,6 +14553,42 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
* check to override this result in the case of a hybrid. */
if (IsAtLeastTLSv1_3(ssl->version)) {
switch (ssl->namedGroup) {
#ifndef WOLFSSL_NO_ML_KEM
#ifdef HAVE_LIBOQS
case WOLFSSL_ML_KEM_512:
return "ML_KEM_512";
case WOLFSSL_ML_KEM_768:
return "ML_KEM_768";
case WOLFSSL_ML_KEM_1024:
return "ML_KEM_1024";
case WOLFSSL_P256_ML_KEM_512:
return "P256_ML_KEM_512";
case WOLFSSL_P384_ML_KEM_768:
return "P384_ML_KEM_768";
case WOLFSSL_P521_ML_KEM_1024:
return "P521_ML_KEM_1024";
#elif defined(WOLFSSL_WC_KYBER)
#ifdef WOLFSSL_WC_ML_KEM_512
case WOLFSSL_ML_KEM_512:
return "ML_KEM_512";
case WOLFSSL_P256_ML_KEM_512:
return "P256_ML_KEM_512";
#endif
#ifdef WOLFSSL_WC_ML_KEM_768
case WOLFSSL_ML_KEM_768:
return "ML_KEM_768";
case WOLFSSL_P384_ML_KEM_768:
return "P384_ML_KEM_768";
#endif
#ifdef WOLFSSL_WC_ML_KEM_1024
case WOLFSSL_ML_KEM_1024:
return "ML_KEM_1024";
case WOLFSSL_P521_ML_KEM_1024:
return "P521_ML_KEM_1024";
#endif
#endif
#endif
#ifdef WOLFSSL_KYBER_ORIGINAL
#ifdef HAVE_LIBOQS
case WOLFSSL_KYBER_LEVEL1:
return "KYBER_LEVEL1";
Expand Down Expand Up @@ -14573,6 +14621,7 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
case WOLFSSL_P521_KYBER_LEVEL5:
return "P521_KYBER_LEVEL5";
#endif
#endif
#endif
}
}
Expand Down Expand Up @@ -21899,6 +21948,20 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
{CURVE_NAME("X448"), NID_X448, WOLFSSL_ECC_X448},
#endif
#ifdef WOLFSSL_HAVE_KYBER
#ifndef WOLFSSL_NO_ML_KEM
{CURVE_NAME("ML_KEM_512"), WOLFSSL_ML_KEM_512, WOLFSSL_ML_KEM_512},
{CURVE_NAME("ML_KEM_768"), WOLFSSL_ML_KEM_768, WOLFSSL_ML_KEM_768},
{CURVE_NAME("ML_KEM_1024"), WOLFSSL_ML_KEM_1024, WOLFSSL_ML_KEM_1024},
#if (defined(WOLFSSL_WC_KYBER) || defined(HAVE_LIBOQS)) && defined(HAVE_ECC)
{CURVE_NAME("P256_ML_KEM_512"), WOLFSSL_P256_ML_KEM_512,
WOLFSSL_P256_ML_KEM_512},
{CURVE_NAME("P384_ML_KEM_768"), WOLFSSL_P384_ML_KEM_768,
WOLFSSL_P384_ML_KEM_768},
{CURVE_NAME("P521_ML_KEM_1024"), WOLFSSL_P521_ML_KEM_1024,
WOLFSSL_P521_ML_KEM_1024},
#endif
#endif /* !WOLFSSL_NO_ML_KEM */
#ifdef WOLFSSL_KYBER_ORIGINAL
{CURVE_NAME("KYBER_LEVEL1"), WOLFSSL_KYBER_LEVEL1, WOLFSSL_KYBER_LEVEL1},
{CURVE_NAME("KYBER_LEVEL3"), WOLFSSL_KYBER_LEVEL3, WOLFSSL_KYBER_LEVEL3},
{CURVE_NAME("KYBER_LEVEL5"), WOLFSSL_KYBER_LEVEL5, WOLFSSL_KYBER_LEVEL5},
Expand All @@ -21907,7 +21970,8 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
{CURVE_NAME("P384_KYBER_LEVEL3"), WOLFSSL_P384_KYBER_LEVEL3, WOLFSSL_P384_KYBER_LEVEL3},
{CURVE_NAME("P521_KYBER_LEVEL5"), WOLFSSL_P521_KYBER_LEVEL5, WOLFSSL_P521_KYBER_LEVEL5},
#endif
#endif
#endif /* WOLFSSL_KYBER_ORIGINAL */
#endif /* WOLFSSL_HAVE_KYBER */
#ifdef WOLFSSL_SM2
{CURVE_NAME("SM2"), NID_sm2, WOLFSSL_ECC_SM2P256V1},
#endif
Expand Down
Loading

0 comments on commit c7c586a

Please sign in to comment.