mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-04 00:00:14 -04:00
oqs: Update to NIST round 3 KEM candidates
This commit is contained in:
Andreas Steffen
parent
f22788b39f
commit
7908fbc531
11
NEWS
11
NEWS
@ -1,3 +1,14 @@
|
||||
strongswan-6.0
|
||||
--------------
|
||||
|
||||
- Support of multiple post-quantum key exchanges using the IKE_INTERMEDIATE
|
||||
message (draft-ietf-ipsecme-ikev2-intermediate) and the Additional Key
|
||||
Exchange 1..7 transform types (draft-ietf-ipsecme-ikev2-multiple-ke).
|
||||
|
||||
- New oqs and frodo plugins support NIST round 3 submission and alternate
|
||||
KEM candidates.
|
||||
|
||||
|
||||
strongswan-5.9.2
|
||||
----------------
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
* Copyright (C) 2010-2020 Tobias Brunner
|
||||
* Copyright (C) 2005-2010 Martin Willi
|
||||
* Copyright (C) 2005 Jan Hutter
|
||||
* Copyright (C) 2016-2019 Andreas Steffen
|
||||
* Copyright (C) 2016-2020 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
@ -57,27 +57,10 @@ ENUM_NEXT(key_exchange_method_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL,
|
||||
"NTRU_256");
|
||||
ENUM_NEXT(key_exchange_method_names, NH_128_BIT, NH_128_BIT, NTRU_256_BIT,
|
||||
"NEWHOPE_128");
|
||||
ENUM_NEXT(key_exchange_method_names, KE_BIKE1_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"BIKE1_L1",
|
||||
"BIKE1_L3",
|
||||
"BIKE1_L5",
|
||||
"BIKE2_L1",
|
||||
"BIKE2_L3",
|
||||
"BIKE2_L5",
|
||||
"BIKE3_L1",
|
||||
"BIKE3_L3",
|
||||
"BIKE3_L5",
|
||||
"FRODO_AES_L1",
|
||||
"FRODO_AES_L3",
|
||||
"FRODO_AES_L5",
|
||||
"FRODO_SHAKE_L1",
|
||||
"FRODO_SHAKE_L3",
|
||||
"FRODO_SHAKE_L5",
|
||||
ENUM_NEXT(key_exchange_method_names, KE_KYBER_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"KYBER_L1",
|
||||
"KYBER_L3",
|
||||
"KYBER_L5",
|
||||
"NEWHOPE_L1",
|
||||
"NEWHOPE_L5",
|
||||
"NTRU_HPS_L1",
|
||||
"NTRU_HPS_L3",
|
||||
"NTRU_HPS_L5",
|
||||
@ -85,6 +68,18 @@ ENUM_NEXT(key_exchange_method_names, KE_BIKE1_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"SABER_L1",
|
||||
"SABER_L3",
|
||||
"SABER_L5",
|
||||
"BIKE_L1",
|
||||
"BIKE_L3",
|
||||
"BIKE_L5",
|
||||
"FRODO_AES_L1",
|
||||
"FRODO_AES_L3",
|
||||
"FRODO_AES_L5",
|
||||
"FRODO_SHAKE_L1",
|
||||
"FRODO_SHAKE_L3",
|
||||
"FRODO_SHAKE_L5",
|
||||
"HQC_L1",
|
||||
"HQC_L3",
|
||||
"HQC_L5",
|
||||
"SIKE_L1",
|
||||
"SIKE_L2",
|
||||
"SIKE_L3",
|
||||
@ -129,27 +124,10 @@ ENUM_NEXT(key_exchange_method_names_short, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL
|
||||
"ntru256");
|
||||
ENUM_NEXT(key_exchange_method_names_short, NH_128_BIT, NH_128_BIT, NTRU_256_BIT,
|
||||
"newhope128");
|
||||
ENUM_NEXT(key_exchange_method_names_short, KE_BIKE1_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"bike11",
|
||||
"bike13",
|
||||
"bike15",
|
||||
"bike21",
|
||||
"bike23",
|
||||
"bike25",
|
||||
"bike31",
|
||||
"bike33",
|
||||
"bike35",
|
||||
"frodoa1",
|
||||
"frodoa3",
|
||||
"frodoa5",
|
||||
"frodos1",
|
||||
"frodos3",
|
||||
"frodos5",
|
||||
ENUM_NEXT(key_exchange_method_names_short, KE_KYBER_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"kyber1",
|
||||
"kyber3",
|
||||
"kyber5",
|
||||
"newhope1",
|
||||
"newhope5",
|
||||
"ntrup1",
|
||||
"ntrup3",
|
||||
"ntrup5",
|
||||
@ -157,6 +135,18 @@ ENUM_NEXT(key_exchange_method_names_short, KE_BIKE1_L1, KE_SIKE_L5, NH_128_BIT,
|
||||
"saber1",
|
||||
"saber3",
|
||||
"saber5",
|
||||
"bike1",
|
||||
"bike3",
|
||||
"bike5",
|
||||
"frodoa1",
|
||||
"frodoa3",
|
||||
"frodoa5",
|
||||
"frodos1",
|
||||
"frodos3",
|
||||
"frodos5",
|
||||
"hqc1",
|
||||
"hqc3",
|
||||
"hqc5",
|
||||
"sike1",
|
||||
"sike2",
|
||||
"sike3",
|
||||
@ -687,26 +677,9 @@ bool key_exchange_is_kem(key_exchange_method_t ke)
|
||||
{
|
||||
switch (ke)
|
||||
{
|
||||
case KE_BIKE1_L1:
|
||||
case KE_BIKE1_L3:
|
||||
case KE_BIKE1_L5:
|
||||
case KE_BIKE2_L1:
|
||||
case KE_BIKE2_L3:
|
||||
case KE_BIKE2_L5:
|
||||
case KE_BIKE3_L1:
|
||||
case KE_BIKE3_L3:
|
||||
case KE_BIKE3_L5:
|
||||
case KE_FRODO_AES_L1:
|
||||
case KE_FRODO_AES_L3:
|
||||
case KE_FRODO_AES_L5:
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
case KE_KYBER_L1:
|
||||
case KE_KYBER_L3:
|
||||
case KE_KYBER_L5:
|
||||
case KE_NEWHOPE_L1:
|
||||
case KE_NEWHOPE_L5:
|
||||
case KE_NTRU_HPS_L1:
|
||||
case KE_NTRU_HPS_L3:
|
||||
case KE_NTRU_HPS_L5:
|
||||
@ -714,6 +687,18 @@ bool key_exchange_is_kem(key_exchange_method_t ke)
|
||||
case KE_SABER_L1:
|
||||
case KE_SABER_L3:
|
||||
case KE_SABER_L5:
|
||||
case KE_BIKE_L1:
|
||||
case KE_BIKE_L3:
|
||||
case KE_BIKE_L5:
|
||||
case KE_HQC_L1:
|
||||
case KE_HQC_L3:
|
||||
case KE_HQC_L5:
|
||||
case KE_FRODO_AES_L1:
|
||||
case KE_FRODO_AES_L3:
|
||||
case KE_FRODO_AES_L5:
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
case KE_SIKE_L1:
|
||||
case KE_SIKE_L2:
|
||||
case KE_SIKE_L3:
|
||||
@ -783,26 +768,9 @@ bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value)
|
||||
case NTRU_192_BIT:
|
||||
case NTRU_256_BIT:
|
||||
case NH_128_BIT:
|
||||
case KE_BIKE1_L1:
|
||||
case KE_BIKE1_L3:
|
||||
case KE_BIKE1_L5:
|
||||
case KE_BIKE2_L1:
|
||||
case KE_BIKE2_L3:
|
||||
case KE_BIKE2_L5:
|
||||
case KE_BIKE3_L1:
|
||||
case KE_BIKE3_L3:
|
||||
case KE_BIKE3_L5:
|
||||
case KE_FRODO_AES_L1:
|
||||
case KE_FRODO_AES_L3:
|
||||
case KE_FRODO_AES_L5:
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
case KE_KYBER_L1:
|
||||
case KE_KYBER_L3:
|
||||
case KE_KYBER_L5:
|
||||
case KE_NEWHOPE_L1:
|
||||
case KE_NEWHOPE_L5:
|
||||
case KE_NTRU_HPS_L1:
|
||||
case KE_NTRU_HPS_L3:
|
||||
case KE_NTRU_HPS_L5:
|
||||
@ -810,6 +778,18 @@ bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value)
|
||||
case KE_SABER_L1:
|
||||
case KE_SABER_L3:
|
||||
case KE_SABER_L5:
|
||||
case KE_BIKE_L1:
|
||||
case KE_BIKE_L3:
|
||||
case KE_BIKE_L5:
|
||||
case KE_FRODO_AES_L1:
|
||||
case KE_FRODO_AES_L3:
|
||||
case KE_FRODO_AES_L5:
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
case KE_HQC_L1:
|
||||
case KE_HQC_L3:
|
||||
case KE_HQC_L5:
|
||||
case KE_SIKE_L1:
|
||||
case KE_SIKE_L2:
|
||||
case KE_SIKE_L3:
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
* Copyright (C) 2010-2020 Tobias Brunner
|
||||
* Copyright (C) 2005-2007 Martin Willi
|
||||
* Copyright (C) 2005 Jan Hutter
|
||||
* Copyright (C) 2016-2019 Andreas Steffen
|
||||
* Copyright (C) 2016-2020 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
@ -73,38 +73,34 @@ enum key_exchange_method_t {
|
||||
NTRU_192_BIT = 1032,
|
||||
NTRU_256_BIT = 1033,
|
||||
NH_128_BIT = 1040,
|
||||
/** NIST round 2 KEM candidates, in PRIVATE USE */
|
||||
KE_BIKE1_L1 = 1050,
|
||||
KE_BIKE1_L3 = 1051,
|
||||
KE_BIKE1_L5 = 1052,
|
||||
KE_BIKE2_L1 = 1053,
|
||||
KE_BIKE2_L3 = 1054,
|
||||
KE_BIKE2_L5 = 1055,
|
||||
KE_BIKE3_L1 = 1056,
|
||||
KE_BIKE3_L3 = 1057,
|
||||
KE_BIKE3_L5 = 1058,
|
||||
KE_FRODO_AES_L1 = 1059,
|
||||
KE_FRODO_AES_L3 = 1060,
|
||||
KE_FRODO_AES_L5 = 1061,
|
||||
KE_FRODO_SHAKE_L1 = 1062,
|
||||
KE_FRODO_SHAKE_L3 = 1063,
|
||||
KE_FRODO_SHAKE_L5 = 1064,
|
||||
KE_KYBER_L1 = 1065,
|
||||
KE_KYBER_L3 = 1066,
|
||||
KE_KYBER_L5 = 1067,
|
||||
KE_NEWHOPE_L1 = 1068,
|
||||
KE_NEWHOPE_L5 = 1069,
|
||||
KE_NTRU_HPS_L1 = 1070,
|
||||
KE_NTRU_HPS_L3 = 1071,
|
||||
KE_NTRU_HPS_L5 = 1072,
|
||||
KE_NTRU_HRSS_L3 = 1073,
|
||||
KE_SABER_L1 = 1074,
|
||||
KE_SABER_L3 = 1075,
|
||||
KE_SABER_L5 = 1076,
|
||||
KE_SIKE_L1 = 1077,
|
||||
KE_SIKE_L2 = 1078,
|
||||
KE_SIKE_L3 = 1079,
|
||||
KE_SIKE_L5 = 1080,
|
||||
/** NIST round 3 KEM candidates, in PRIVATE USE */
|
||||
KE_KYBER_L1 = 1050,
|
||||
KE_KYBER_L3 = 1051,
|
||||
KE_KYBER_L5 = 1052,
|
||||
KE_NTRU_HPS_L1 = 1053,
|
||||
KE_NTRU_HPS_L3 = 1054,
|
||||
KE_NTRU_HPS_L5 = 1055,
|
||||
KE_NTRU_HRSS_L3 = 1056,
|
||||
KE_SABER_L1 = 1057,
|
||||
KE_SABER_L3 = 1058,
|
||||
KE_SABER_L5 = 1059,
|
||||
/** NIST alternative KEM candidates, in PRIVATE USE */
|
||||
KE_BIKE_L1 = 1060,
|
||||
KE_BIKE_L3 = 1061,
|
||||
KE_BIKE_L5 = 1062,
|
||||
KE_FRODO_AES_L1 = 1063,
|
||||
KE_FRODO_AES_L3 = 1064,
|
||||
KE_FRODO_AES_L5 = 1065,
|
||||
KE_FRODO_SHAKE_L1 = 1066,
|
||||
KE_FRODO_SHAKE_L3 = 1067,
|
||||
KE_FRODO_SHAKE_L5 = 1068,
|
||||
KE_HQC_L1 = 1069,
|
||||
KE_HQC_L3 = 1070,
|
||||
KE_HQC_L5 = 1071,
|
||||
KE_SIKE_L1 = 1072,
|
||||
KE_SIKE_L2 = 1073,
|
||||
KE_SIKE_L3 = 1074,
|
||||
KE_SIKE_L5 = 1075,
|
||||
/** MODP group with custom generator/prime */
|
||||
/** internally used DH group with additional parameters g and p, outside
|
||||
* of PRIVATE USE (i.e. IKEv2 DH group range) so it can't be negotiated */
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
%{
|
||||
/*
|
||||
* Copyright (C) 2009-2013 Andreas Steffen
|
||||
* Copyright (C) 2009-2020 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
@ -179,30 +179,9 @@ ntru128, KEY_EXCHANGE_METHOD, NTRU_128_BIT, 0
|
||||
ntru192, KEY_EXCHANGE_METHOD, NTRU_192_BIT, 0
|
||||
ntru256, KEY_EXCHANGE_METHOD, NTRU_256_BIT, 0
|
||||
newhope128, KEY_EXCHANGE_METHOD, NH_128_BIT, 0
|
||||
newhope1, KEY_EXCHANGE_METHOD, KE_NEWHOPE_L1, 0
|
||||
newhope5, KEY_EXCHANGE_METHOD, KE_NEWHOPE_L5, 0
|
||||
frodoa1, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L1, 0
|
||||
frodoa3, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L3, 0
|
||||
frodoa5, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L5, 0
|
||||
frodos1, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L1, 0
|
||||
frodos3, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L3, 0
|
||||
frodos5, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L5, 0
|
||||
kyber1, KEY_EXCHANGE_METHOD, KE_KYBER_L1, 0
|
||||
kyber3, KEY_EXCHANGE_METHOD, KE_KYBER_L3, 0
|
||||
kyber5, KEY_EXCHANGE_METHOD, KE_KYBER_L5, 0
|
||||
bike11, KEY_EXCHANGE_METHOD, KE_BIKE1_L1, 0
|
||||
bike13, KEY_EXCHANGE_METHOD, KE_BIKE1_L3, 0
|
||||
bike15, KEY_EXCHANGE_METHOD, KE_BIKE1_L5, 0
|
||||
bike21, KEY_EXCHANGE_METHOD, KE_BIKE2_L1, 0
|
||||
bike23, KEY_EXCHANGE_METHOD, KE_BIKE2_L3, 0
|
||||
bike25, KEY_EXCHANGE_METHOD, KE_BIKE2_L5, 0
|
||||
bike31, KEY_EXCHANGE_METHOD, KE_BIKE3_L1, 0
|
||||
bike33, KEY_EXCHANGE_METHOD, KE_BIKE3_L3, 0
|
||||
bike35, KEY_EXCHANGE_METHOD, KE_BIKE3_L5, 0
|
||||
sike1, KEY_EXCHANGE_METHOD, KE_SIKE_L1, 0
|
||||
sike2, KEY_EXCHANGE_METHOD, KE_SIKE_L2, 0
|
||||
sike3, KEY_EXCHANGE_METHOD, KE_SIKE_L3, 0
|
||||
sike5, KEY_EXCHANGE_METHOD, KE_SIKE_L5, 0
|
||||
ntrup1, KEY_EXCHANGE_METHOD, KE_NTRU_HPS_L1, 0
|
||||
ntrup3, KEY_EXCHANGE_METHOD, KE_NTRU_HPS_L3, 0
|
||||
ntrup5, KEY_EXCHANGE_METHOD, KE_NTRU_HPS_L5, 0
|
||||
@ -210,5 +189,21 @@ ntrur3, KEY_EXCHANGE_METHOD, KE_NTRU_HRSS_L3, 0
|
||||
saber1, KEY_EXCHANGE_METHOD, KE_SABER_L1, 0
|
||||
saber3, KEY_EXCHANGE_METHOD, KE_SABER_L3, 0
|
||||
saber5, KEY_EXCHANGE_METHOD, KE_SABER_L5, 0
|
||||
bike1, KEY_EXCHANGE_METHOD, KE_BIKE_L1, 0
|
||||
bike3, KEY_EXCHANGE_METHOD, KE_BIKE_L3, 0
|
||||
bike5, KEY_EXCHANGE_METHOD, KE_BIKE_L5, 0
|
||||
frodoa1, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L1, 0
|
||||
frodoa3, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L3, 0
|
||||
frodoa5, KEY_EXCHANGE_METHOD, KE_FRODO_AES_L5, 0
|
||||
frodos1, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L1, 0
|
||||
frodos3, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L3, 0
|
||||
frodos5, KEY_EXCHANGE_METHOD, KE_FRODO_SHAKE_L5, 0
|
||||
hqc1, KEY_EXCHANGE_METHOD, KE_HQC_L1, 0
|
||||
hqc3, KEY_EXCHANGE_METHOD, KE_HQC_L3, 0
|
||||
hqc5, KEY_EXCHANGE_METHOD, KE_HQC_L5, 0
|
||||
sike1, KEY_EXCHANGE_METHOD, KE_SIKE_L1, 0
|
||||
sike2, KEY_EXCHANGE_METHOD, KE_SIKE_L2, 0
|
||||
sike3, KEY_EXCHANGE_METHOD, KE_SIKE_L3, 0
|
||||
sike5, KEY_EXCHANGE_METHOD, KE_SIKE_L5, 0
|
||||
noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0
|
||||
esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2018-2019 Andreas Steffen
|
||||
* Copyright (C) 2018-2020 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann,
|
||||
@ -231,24 +231,6 @@ oqs_kem_t *oqs_kem_create(key_exchange_method_t method)
|
||||
|
||||
switch (method)
|
||||
{
|
||||
case KE_FRODO_AES_L1:
|
||||
kem_alg = OQS_KEM_alg_frodokem_640_aes;
|
||||
break;
|
||||
case KE_FRODO_AES_L3:
|
||||
kem_alg = OQS_KEM_alg_frodokem_976_aes;
|
||||
break;
|
||||
case KE_FRODO_AES_L5:
|
||||
kem_alg = OQS_KEM_alg_frodokem_1344_aes;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
kem_alg = OQS_KEM_alg_frodokem_640_shake;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
kem_alg = OQS_KEM_alg_frodokem_976_shake;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
kem_alg = OQS_KEM_alg_frodokem_1344_shake;
|
||||
break;
|
||||
case KE_KYBER_L1:
|
||||
kem_alg = OQS_KEM_alg_kyber_512;
|
||||
break;
|
||||
@ -258,12 +240,6 @@ oqs_kem_t *oqs_kem_create(key_exchange_method_t method)
|
||||
case KE_KYBER_L5:
|
||||
kem_alg = OQS_KEM_alg_kyber_1024;
|
||||
break;
|
||||
case KE_NEWHOPE_L1:
|
||||
kem_alg = OQS_KEM_alg_newhope_512cca;
|
||||
break;
|
||||
case KE_NEWHOPE_L5:
|
||||
kem_alg = OQS_KEM_alg_newhope_1024cca;
|
||||
break;
|
||||
case KE_NTRU_HPS_L1:
|
||||
kem_alg = OQS_KEM_alg_ntru_hps2048509;
|
||||
break;
|
||||
@ -285,6 +261,24 @@ oqs_kem_t *oqs_kem_create(key_exchange_method_t method)
|
||||
case KE_SABER_L5:
|
||||
kem_alg = OQS_KEM_alg_saber_firesaber;
|
||||
break;
|
||||
case KE_FRODO_AES_L1:
|
||||
kem_alg = OQS_KEM_alg_frodokem_640_aes;
|
||||
break;
|
||||
case KE_FRODO_AES_L3:
|
||||
kem_alg = OQS_KEM_alg_frodokem_976_aes;
|
||||
break;
|
||||
case KE_FRODO_AES_L5:
|
||||
kem_alg = OQS_KEM_alg_frodokem_1344_aes;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L1:
|
||||
kem_alg = OQS_KEM_alg_frodokem_640_shake;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L3:
|
||||
kem_alg = OQS_KEM_alg_frodokem_976_shake;
|
||||
break;
|
||||
case KE_FRODO_SHAKE_L5:
|
||||
kem_alg = OQS_KEM_alg_frodokem_1344_shake;
|
||||
break;
|
||||
case KE_SIKE_L1:
|
||||
kem_alg = OQS_KEM_alg_sike_p434;
|
||||
break;
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2018-2019 Andreas Steffen
|
||||
* Copyright (C) 2018-2020 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
@ -45,17 +45,9 @@ METHOD(plugin_t, get_features, int,
|
||||
static plugin_feature_t f[] = {
|
||||
/* KEM-based key exchange methods */
|
||||
PLUGIN_REGISTER(KE, oqs_kem_create),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_KYBER_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_KYBER_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_KYBER_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_NEWHOPE_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_NEWHOPE_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_NTRU_HPS_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_NTRU_HPS_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_NTRU_HPS_L5),
|
||||
@ -63,6 +55,12 @@ METHOD(plugin_t, get_features, int,
|
||||
PLUGIN_PROVIDE(KE, KE_SABER_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_SABER_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_SABER_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_AES_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L3),
|
||||
PLUGIN_PROVIDE(KE, KE_FRODO_SHAKE_L5),
|
||||
PLUGIN_PROVIDE(KE, KE_SIKE_L1),
|
||||
PLUGIN_PROVIDE(KE, KE_SIKE_L2),
|
||||
PLUGIN_PROVIDE(KE, KE_SIKE_L3),
|
||||
|
||||
@ -21,7 +21,26 @@
|
||||
|
||||
#include <time.h>
|
||||
|
||||
const int count = 10;
|
||||
const int count = 20;
|
||||
|
||||
/**
|
||||
* Skip non-supported KE algorithms
|
||||
*/
|
||||
static bool unsupported(key_exchange_method_t method)
|
||||
{
|
||||
switch(method)
|
||||
{
|
||||
case KE_BIKE_L1:
|
||||
case KE_BIKE_L3:
|
||||
case KE_BIKE_L5:
|
||||
case KE_HQC_L1:
|
||||
case KE_HQC_L3:
|
||||
case KE_HQC_L5:
|
||||
return TRUE;
|
||||
default:
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
START_TEST(test_oqs_good)
|
||||
{
|
||||
@ -31,6 +50,11 @@ START_TEST(test_oqs_good)
|
||||
struct timespec start, stop;
|
||||
int k;
|
||||
|
||||
if (unsupported(method))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start);
|
||||
for (k = 0; k < count; k++)
|
||||
{
|
||||
@ -94,8 +118,13 @@ START_TEST(test_oqs_wrong)
|
||||
key_exchange_t *i_ke, *r_ke;
|
||||
key_exchange_method_t method = _i;
|
||||
|
||||
if (unsupported(method))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
/* test non-kem method */
|
||||
if (method == KE_BIKE1_L1)
|
||||
if (method == KE_KYBER_L1)
|
||||
{
|
||||
ck_assert(!oqs_kem_create(CURVE_25519));
|
||||
}
|
||||
@ -148,6 +177,10 @@ START_TEST(test_oqs_fail_i)
|
||||
char buf_ff[16384];
|
||||
chunk_t i_msg, r_msg, fail_msg;
|
||||
|
||||
if (unsupported(method))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
memset(buf_ff, 0xff, sizeof(buf_ff));
|
||||
fail_msg = chunk_create(buf_ff, sizeof(buf_ff));
|
||||
@ -186,6 +219,11 @@ START_TEST(test_oqs_fail_r)
|
||||
char buf_ff[18432];
|
||||
chunk_t i_msg, fail_msg;
|
||||
|
||||
if (unsupported(method))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
memset(buf_ff, 0xff, sizeof(buf_ff));
|
||||
fail_msg = chunk_create(buf_ff, sizeof(buf_ff));
|
||||
|
||||
@ -222,19 +260,19 @@ Suite *oqs_suite_create()
|
||||
|
||||
tc = tcase_create("good");
|
||||
test_case_set_timeout(tc, 30);
|
||||
tcase_add_loop_test(tc, test_oqs_good, KE_BIKE1_L1, KE_SIKE_L5 + 1);
|
||||
tcase_add_loop_test(tc, test_oqs_good, KE_KYBER_L1, KE_SIKE_L5 + 1);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("wrong");
|
||||
tcase_add_loop_test(tc, test_oqs_wrong, KE_BIKE1_L1, KE_SIKE_L5 + 1);
|
||||
tcase_add_loop_test(tc, test_oqs_wrong, KE_KYBER_L1, KE_SIKE_L5 + 1);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("fail_i");
|
||||
tcase_add_loop_test(tc, test_oqs_fail_i, KE_BIKE1_L1, KE_SIKE_L5 + 1);
|
||||
tcase_add_loop_test(tc, test_oqs_fail_i, KE_KYBER_L1, KE_SIKE_L5 + 1);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("fail_r");
|
||||
tcase_add_loop_test(tc, test_oqs_fail_r, KE_BIKE1_L1, KE_SIKE_L5 + 1);
|
||||
tcase_add_loop_test(tc, test_oqs_fail_r, KE_KYBER_L1, KE_SIKE_L5 + 1);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
return s;
|
||||
|
||||
@ -53,7 +53,6 @@ libstrongswan_test_vectors_la_SOURCES = \
|
||||
test_vectors/curve448.c \
|
||||
test_vectors/ke_frodo.c \
|
||||
test_vectors/ke_kyber.c \
|
||||
test_vectors/ke_newhope.c \
|
||||
test_vectors/ke_ntru.c \
|
||||
test_vectors/ke_saber.c \
|
||||
test_vectors/ke_sike.c \
|
||||
|
||||
@ -390,14 +390,6 @@ TEST_VECTOR_KE(ke_kyber_l5_0)
|
||||
TEST_VECTOR_KE(ke_kyber_l5_1)
|
||||
TEST_VECTOR_KE(ke_kyber_l5_2)
|
||||
TEST_VECTOR_KE(ke_kyber_l5_3)
|
||||
TEST_VECTOR_KE(ke_newhope_l1_0)
|
||||
TEST_VECTOR_KE(ke_newhope_l1_1)
|
||||
TEST_VECTOR_KE(ke_newhope_l1_2)
|
||||
TEST_VECTOR_KE(ke_newhope_l1_3)
|
||||
TEST_VECTOR_KE(ke_newhope_l5_0)
|
||||
TEST_VECTOR_KE(ke_newhope_l5_1)
|
||||
TEST_VECTOR_KE(ke_newhope_l5_2)
|
||||
TEST_VECTOR_KE(ke_newhope_l5_3)
|
||||
TEST_VECTOR_KE(ke_ntru_hps_l1_0)
|
||||
TEST_VECTOR_KE(ke_ntru_hps_l1_1)
|
||||
TEST_VECTOR_KE(ke_ntru_hps_l1_2)
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Loading…
x
Reference in New Issue
Block a user