diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index 606276ade01..f59503faa53 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -438,8 +438,6 @@ add_library( ex_data.c hpke/hpke.c hrss/hrss.c - kem/kem.c - kem/kem_methods.c kyber/kyber512r3_ref.c kyber/kyber768r3_ref.c kyber/kyber1024r3_ref.c diff --git a/crypto/evp_extra/evp_extra_test.cc b/crypto/evp_extra/evp_extra_test.cc index 75b20d8de05..981c059cffa 100644 --- a/crypto/evp_extra/evp_extra_test.cc +++ b/crypto/evp_extra/evp_extra_test.cc @@ -34,8 +34,8 @@ #include "../test/test_util.h" #include "../internal.h" -#include "../kem/internal.h" #include "../fipsmodule/evp/internal.h" +#include "../fipsmodule/kem/internal.h" // kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you diff --git a/crypto/kem/README.md b/crypto/fipsmodule/kem/README.md similarity index 100% rename from crypto/kem/README.md rename to crypto/fipsmodule/kem/README.md diff --git a/crypto/fipsmodule/kem/kem.c b/crypto/fipsmodule/kem/kem.c index 275ff781d65..2b81935b1e2 100644 --- a/crypto/fipsmodule/kem/kem.c +++ b/crypto/fipsmodule/kem/kem.c @@ -3,7 +3,7 @@ #include -#include "../../kem/internal.h" +#include "../../kyber/kem_kyber.h" #include "../delocate.h" #include "../ml_kem/ml_kem.h" #include "internal.h" @@ -169,7 +169,6 @@ DEFINE_LOCAL_DATA(KEM, KEM_ml_kem_1024) { } const KEM *KEM_find_kem_by_nid(int nid) { - switch (nid) { case NID_MLKEM512: return KEM_ml_kem_512(); @@ -177,19 +176,16 @@ const KEM *KEM_find_kem_by_nid(int nid) { return KEM_ml_kem_768(); case NID_MLKEM1024: return KEM_ml_kem_1024(); + // Try legacy KEMs. + case NID_KYBER512_R3: + return get_legacy_kem_kyber512_r3(); + case NID_KYBER768_R3: + return get_legacy_kem_kyber768_r3(); + case NID_KYBER1024_R3: + return get_legacy_kem_kyber1024_r3(); default: - break; - } - - // We couldn't match a known KEM. Try legacy KEMs. - const KEM *legacy_kems = get_legacy_kems(); - for (size_t i = 0; i < AWSLC_NUM_LEGACY_KEMS; i++) { - if (legacy_kems[i].nid == nid) { - return &legacy_kems[i]; - } + return NULL; } - - return NULL; } KEM_KEY *KEM_KEY_new(void) { diff --git a/crypto/kem/internal.h b/crypto/kem/internal.h deleted file mode 100644 index 863ffc79e67..00000000000 --- a/crypto/kem/internal.h +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 OR ISC - -#ifndef AWSLC_HEADER_KEM_LEGACY_INTERNAL_H -#define AWSLC_HEADER_KEM_LEGACY_INTERNAL_H - -#include - -#include "../fipsmodule/kem/internal.h" - -#if defined(__cplusplus) -extern "C" { -#endif - -#define AWSLC_NUM_LEGACY_KEMS 3 - -extern const KEM_METHOD kem_kyber512r3_method; -extern const KEM_METHOD kem_kyber768r3_method; -extern const KEM_METHOD kem_kyber1024r3_method; - -const KEM *get_legacy_kems(void); - -#if defined(__cplusplus) -} // extern C -#endif - -#endif diff --git a/crypto/kem/kem.c b/crypto/kem/kem.c deleted file mode 100644 index e89a61cb532..00000000000 --- a/crypto/kem/kem.c +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 OR ISC - -#include -#include -#include -#include - -#include "../fipsmodule/delocate.h" -#include "../fipsmodule/kem/internal.h" -#include "../internal.h" -#include "internal.h" -#include "../kyber/kem_kyber.h" -#include "../fipsmodule/ml_kem/ml_kem.h" - - -// The KEM parameters listed below are taken from corresponding specifications. -// These are legacy KEMs before the NIST PQC project finalized its -// recommendations. -// -// Kyber: - https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf -// - Implemented as specified in Round 3 of NIST PQC project. - -#define AWSLC_NUM_LEGACY_KEMS 3 - -static const uint8_t kOIDKyber512r3[] = {0xff, 0xff, 0xff, 0xff}; -static const uint8_t kOIDKyber768r3[] = {0xff, 0xff, 0xff, 0xff}; -static const uint8_t kOIDKyber1024r3[] = {0xff, 0xff, 0xff, 0xff}; - -const KEM legacy_kems[AWSLC_NUM_LEGACY_KEMS] = { - { - NID_KYBER512_R3, // kem.nid - kOIDKyber512r3, // kem.oid - sizeof(kOIDKyber512r3), // kem.oid_len - "Kyber512 Round-3", // kem.comment - KYBER512_R3_PUBLIC_KEY_BYTES, // kem.public_key_len - KYBER512_R3_SECRET_KEY_BYTES, // kem.secret_key_len - KYBER512_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len - KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len - KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len - KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_kyber512r3_method, // kem.method - }, - { - NID_KYBER768_R3, // kem.nid - kOIDKyber768r3, // kem.oid - sizeof(kOIDKyber768r3), // kem.oid_len - "Kyber768 Round-3", // kem.comment - KYBER768_R3_PUBLIC_KEY_BYTES, // kem.public_key_len - KYBER768_R3_SECRET_KEY_BYTES, // kem.secret_key_len - KYBER768_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len - KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len - KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len - KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_kyber768r3_method, // kem.method - }, - { - NID_KYBER1024_R3, // kem.nid - kOIDKyber1024r3, // kem.oid - sizeof(kOIDKyber1024r3), // kem.oid_len - "Kyber1024 Round-3", // kem.comment - KYBER1024_R3_PUBLIC_KEY_BYTES, // kem.public_key_len - KYBER1024_R3_SECRET_KEY_BYTES, // kem.secret_key_len - KYBER1024_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len - KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len - KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len - KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_kyber1024r3_method, // kem.method - }, -}; - -const KEM *get_legacy_kems(void) { - return legacy_kems; -} diff --git a/crypto/kem/kem_methods.c b/crypto/kem/kem_methods.c deleted file mode 100644 index 3081a83ec03..00000000000 --- a/crypto/kem/kem_methods.c +++ /dev/null @@ -1,125 +0,0 @@ -// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 OR ISC - -#include - -#include "../fipsmodule/delocate.h" -#include "../internal.h" -#include "internal.h" - -#include "../kyber/kem_kyber.h" -#include "../fipsmodule/ml_kem/ml_kem.h" - -static int kyber512r3_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return kyber512r3_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int kyber512r3_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return kyber512r3_keypair(public_key, secret_key) == 0; -} - -static int kyber512r3_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return kyber512r3_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int kyber512r3_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return kyber512r3_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int kyber512r3_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return kyber512r3_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_kyber512r3_method = { - kyber512r3_keygen_deterministic, - kyber512r3_keygen, - kyber512r3_encaps_deterministic, - kyber512r3_encaps, - kyber512r3_decaps, -}; - -static int kyber768r3_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return kyber768r3_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int kyber768r3_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return kyber768r3_keypair(public_key, secret_key) == 0; -} - -static int kyber768r3_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return kyber768r3_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int kyber768r3_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return kyber768r3_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int kyber768r3_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return kyber768r3_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_kyber768r3_method = { - kyber768r3_keygen_deterministic, - kyber768r3_keygen, - kyber768r3_encaps_deterministic, - kyber768r3_encaps, - kyber768r3_decaps, -}; - -static int kyber1024r3_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return kyber1024r3_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int kyber1024r3_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return kyber1024r3_keypair(public_key, secret_key) == 0; -} - -static int kyber1024r3_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return kyber1024r3_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int kyber1024r3_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return kyber1024r3_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int kyber1024r3_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return kyber1024r3_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_kyber1024r3_method = { - kyber1024r3_keygen_deterministic, - kyber1024r3_keygen, - kyber1024r3_encaps_deterministic, - kyber1024r3_encaps, - kyber1024r3_decaps, -}; diff --git a/crypto/kyber/kem_kyber.c b/crypto/kyber/kem_kyber.c index c267f80d41b..5482c556d52 100644 --- a/crypto/kyber/kem_kyber.c +++ b/crypto/kyber/kem_kyber.c @@ -3,100 +3,188 @@ #include "../evp_extra/internal.h" #include "../fipsmodule/evp/internal.h" +#include "../fipsmodule/kem/internal.h" #include "kem_kyber.h" #include "pqcrystals_kyber_ref_common/api.h" -// Note: These methods currently default to using the reference code for Kyber. -// In a future where AWS-LC has optimized options available, those can be -// conditionally (or based on compile-time flags) called here, depending on -// platform support. +// Legacy KEM drivers for kyber. +// The reference pqcrystals_kyber* inverts our usual convention of success (1) +// and fails (0). Define wrappers to handle that. -int kyber512r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber512_ref_keypair_derand(public_key, secret_key, seed); +static int kyber512r3_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return pqcrystals_kyber512_ref_keypair_derand(public_key, secret_key, seed) == 0; } -int kyber512r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */) { - return pqcrystals_kyber512_ref_keypair(public_key, secret_key); +static int kyber512r3_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return pqcrystals_kyber512_ref_keypair(public_key, secret_key) == 0; } -int kyber512r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber512_ref_enc_derand(ciphertext, shared_secret, public_key, seed); +static int kyber512r3_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return pqcrystals_kyber512_ref_enc_derand(ciphertext, shared_secret, public_key, seed) == 0; } -int kyber512r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */) { - return pqcrystals_kyber512_ref_enc(ciphertext, shared_secret, public_key); +static int kyber512r3_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return pqcrystals_kyber512_ref_enc(ciphertext, shared_secret, public_key) == 0; } -int kyber512r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */) { - return pqcrystals_kyber512_ref_dec(shared_secret, ciphertext, secret_key); +static int kyber512r3_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return pqcrystals_kyber512_ref_dec(shared_secret, ciphertext, secret_key) == 0; } -int kyber768r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber768_ref_keypair_derand(public_key, secret_key, seed); +const KEM_METHOD kem_kyber512r3_method = { + kyber512r3_keygen_deterministic, + kyber512r3_keygen, + kyber512r3_encaps_deterministic, + kyber512r3_encaps, + kyber512r3_decaps, +}; + +static int kyber768r3_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return pqcrystals_kyber768_ref_keypair_derand(public_key, secret_key, seed) == 0; } -int kyber768r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */) { - return pqcrystals_kyber768_ref_keypair(public_key, secret_key); +static int kyber768r3_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return pqcrystals_kyber768_ref_keypair(public_key, secret_key) == 0; } -int kyber768r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber768_ref_enc_derand(ciphertext, shared_secret, public_key, seed); +static int kyber768r3_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return pqcrystals_kyber768_ref_enc_derand(ciphertext, shared_secret, public_key, seed) == 0; } -int kyber768r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */) { - return pqcrystals_kyber768_ref_enc(ciphertext, shared_secret, public_key); +static int kyber768r3_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return pqcrystals_kyber768_ref_enc(ciphertext, shared_secret, public_key) == 0; } -int kyber768r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */) { - return pqcrystals_kyber768_ref_dec(shared_secret, ciphertext, secret_key); +static int kyber768r3_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return pqcrystals_kyber768_ref_dec(shared_secret, ciphertext, secret_key) == 0; } -int kyber1024r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber1024_ref_keypair_derand(public_key, secret_key, seed); +const KEM_METHOD kem_kyber768r3_method = { + kyber768r3_keygen_deterministic, + kyber768r3_keygen, + kyber768r3_encaps_deterministic, + kyber768r3_encaps, + kyber768r3_decaps, +}; + +static int kyber1024r3_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return pqcrystals_kyber1024_ref_keypair_derand(public_key, secret_key, seed) == 0; } -int kyber1024r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */) { - return pqcrystals_kyber1024_ref_keypair(public_key, secret_key); +static int kyber1024r3_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return pqcrystals_kyber1024_ref_keypair(public_key, secret_key) == 0; } -int kyber1024r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */) { - return pqcrystals_kyber1024_ref_enc_derand(ciphertext, shared_secret, public_key, seed); +static int kyber1024r3_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return pqcrystals_kyber1024_ref_enc_derand(ciphertext, shared_secret, public_key, seed) == 0; } -int kyber1024r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */) { - return pqcrystals_kyber1024_ref_enc(ciphertext, shared_secret, public_key); +static int kyber1024r3_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return pqcrystals_kyber1024_ref_enc(ciphertext, shared_secret, public_key) == 0; } -int kyber1024r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */) { - return pqcrystals_kyber1024_ref_dec(shared_secret, ciphertext, secret_key); +static int kyber1024r3_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return pqcrystals_kyber1024_ref_dec(shared_secret, ciphertext, secret_key) == 0; +} + +const KEM_METHOD kem_kyber1024r3_method = { + kyber1024r3_keygen_deterministic, + kyber1024r3_keygen, + kyber1024r3_encaps_deterministic, + kyber1024r3_encaps, + kyber1024r3_decaps, +}; + +// The KEM parameters listed below are taken from corresponding specifications. +// These are legacy KEMs before the NIST PQC project finalized its +// recommendations. +// +// Kyber: +// Implemented as specified in Round 3 of the NIST PQC project +// https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf. +// OIDs will maintain placeholder values until implementation is deleted. + +static const uint8_t kOIDKyber512r3[] = {0xff, 0xff, 0xff, 0xff}; +static const uint8_t kOIDKyber768r3[] = {0xff, 0xff, 0xff, 0xff}; +static const uint8_t kOIDKyber1024r3[] = {0xff, 0xff, 0xff, 0xff}; + +const KEM legacy_kem_kyber512_r3 = { + NID_KYBER512_R3, // kem.nid + kOIDKyber512r3, // kem.oid + sizeof(kOIDKyber512r3), // kem.oid_len + "Kyber512 Round-3", // kem.comment + KYBER512_R3_PUBLIC_KEY_BYTES, // kem.public_key_len + KYBER512_R3_SECRET_KEY_BYTES, // kem.secret_key_len + KYBER512_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len + KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len + KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len + KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len + &kem_kyber512r3_method, // kem.method +}; +const KEM * get_legacy_kem_kyber512_r3(void) { + return &legacy_kem_kyber512_r3; +} + +const KEM legacy_kem_kyber768_r3 = { + NID_KYBER768_R3, // kem.nid + kOIDKyber768r3, // kem.oid + sizeof(kOIDKyber768r3), // kem.oid_len + "Kyber768 Round-3", // kem.comment + KYBER768_R3_PUBLIC_KEY_BYTES, // kem.public_key_len + KYBER768_R3_SECRET_KEY_BYTES, // kem.secret_key_len + KYBER768_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len + KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len + KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len + KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len + &kem_kyber768r3_method, // kem.method +}; +const KEM * get_legacy_kem_kyber768_r3(void) { + return &legacy_kem_kyber768_r3; +} + +const KEM legacy_kem_kyber1024_r3 = { + NID_KYBER1024_R3, // kem.nid + kOIDKyber1024r3, // kem.oid + sizeof(kOIDKyber1024r3), // kem.oid_len + "Kyber1024 Round-3", // kem.comment + KYBER1024_R3_PUBLIC_KEY_BYTES, // kem.public_key_len + KYBER1024_R3_SECRET_KEY_BYTES, // kem.secret_key_len + KYBER1024_R3_CIPHERTEXT_BYTES, // kem.ciphertext_len + KYBER_R3_SHARED_SECRET_LEN, // kem.shared_secret_len + KYBER_R3_KEYGEN_SEED_LEN, // kem.keygen_seed_len + KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len + &kem_kyber1024r3_method, // kem.method +}; +const KEM * get_legacy_kem_kyber1024_r3(void) { + return &legacy_kem_kyber1024_r3; } diff --git a/crypto/kyber/kem_kyber.h b/crypto/kyber/kem_kyber.h index 77328dc8b92..41384693eb7 100644 --- a/crypto/kyber/kem_kyber.h +++ b/crypto/kyber/kem_kyber.h @@ -9,6 +9,8 @@ #include #include +#include "../fipsmodule/kem/internal.h" + #define KYBER_R3_SHARED_SECRET_LEN 32 #define KYBER_R3_KEYGEN_SEED_LEN 64 #define KYBER_R3_ENCAPS_SEED_LEN 32 @@ -25,65 +27,9 @@ #define KYBER1024_R3_SECRET_KEY_BYTES 3168 #define KYBER1024_R3_CIPHERTEXT_BYTES 1568 -int kyber512r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */); - -int kyber512r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */); - -int kyber512r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */); - -int kyber512r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */); - -int kyber512r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */); - -int kyber768r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */); - -int kyber768r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */); - -int kyber768r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */); - -int kyber768r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */); - -int kyber768r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */); - -int kyber1024r3_keypair_deterministic(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */, - const uint8_t *seed /* IN */); - -int kyber1024r3_keypair(uint8_t *public_key /* OUT */, - uint8_t *secret_key /* OUT */); - -int kyber1024r3_encapsulate_deterministic(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */, - const uint8_t *seed /* IN */); - -int kyber1024r3_encapsulate(uint8_t *ciphertext /* OUT */, - uint8_t *shared_secret /* OUT */, - const uint8_t *public_key /* IN */); - -int kyber1024r3_decapsulate(uint8_t *shared_secret /* OUT */, - const uint8_t *ciphertext /* IN */, - const uint8_t *secret_key /* IN */); +const KEM * get_legacy_kem_kyber512_r3(void); +const KEM * get_legacy_kem_kyber768_r3(void); +const KEM * get_legacy_kem_kyber1024_r3(void); #endif diff --git a/ssl/ssl_key_share.cc b/ssl/ssl_key_share.cc index 7a5b2c7bbc8..caefce8eab4 100644 --- a/ssl/ssl_key_share.cc +++ b/ssl/ssl_key_share.cc @@ -33,7 +33,6 @@ #include "internal.h" #include "../crypto/internal.h" -#include "../crypto/kem/internal.h" #include "../crypto/fipsmodule/ec/internal.h" #include "../crypto/kyber/kem_kyber.h" diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index 07bf5ff61b2..6d2150d5219 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -47,7 +47,6 @@ #include "../crypto/test/test_util.h" #include "internal.h" #include "../crypto/kyber/kem_kyber.h" -#include "../crypto/kem/internal.h" #include "../crypto/fipsmodule/ec/internal.h" #if defined(OPENSSL_WINDOWS)