From b34a0080a3947604ec6044bd941f896470840536 Mon Sep 17 00:00:00 2001 From: Torben Hansen <50673096+torben-hansen@users.noreply.github.com> Date: Thu, 5 Sep 2024 07:44:54 -0700 Subject: [PATCH 1/2] Move KEM API and ML-KEM definitions to FIPS module --- crypto/evp_extra/p_kem.c | 2 +- crypto/evp_extra/p_kem_asn1.c | 2 +- crypto/fipsmodule/bcm.c | 1 + crypto/fipsmodule/kem/internal.h | 94 +++++++++++ crypto/fipsmodule/kem/kem.c | 270 +++++++++++++++++++++++++++++++ crypto/kem/internal.h | 84 +--------- crypto/kem/kem.c | 143 +--------------- crypto/kem/kem_methods.c | 114 ------------- 8 files changed, 380 insertions(+), 330 deletions(-) create mode 100644 crypto/fipsmodule/kem/internal.h create mode 100644 crypto/fipsmodule/kem/kem.c diff --git a/crypto/evp_extra/p_kem.c b/crypto/evp_extra/p_kem.c index 48cdcbf058..11395ad01b 100644 --- a/crypto/evp_extra/p_kem.c +++ b/crypto/evp_extra/p_kem.c @@ -8,7 +8,7 @@ #include "../fipsmodule/evp/internal.h" #include "../fipsmodule/delocate.h" -#include "../kem/internal.h" +#include "../fipsmodule/kem/internal.h" #include "../internal.h" #include "internal.h" diff --git a/crypto/evp_extra/p_kem_asn1.c b/crypto/evp_extra/p_kem_asn1.c index d6ca05676e..74fb8ffb77 100644 --- a/crypto/evp_extra/p_kem_asn1.c +++ b/crypto/evp_extra/p_kem_asn1.c @@ -6,7 +6,7 @@ #include #include "../fipsmodule/evp/internal.h" -#include "../kem/internal.h" +#include "../fipsmodule/kem/internal.h" #include "../internal.h" #include "internal.h" diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c index a3743de3b7..083247b89e 100644 --- a/crypto/fipsmodule/bcm.c +++ b/crypto/fipsmodule/bcm.c @@ -120,6 +120,7 @@ #include "hmac/hmac.c" #include "kdf/kbkdf.c" #include "kdf/sskdf.c" +#include "kem/kem.c" #include "md4/md4.c" #include "md5/md5.c" #include "ml_kem/ml_kem.c" diff --git a/crypto/fipsmodule/kem/internal.h b/crypto/fipsmodule/kem/internal.h new file mode 100644 index 0000000000..d0765043a2 --- /dev/null +++ b/crypto/fipsmodule/kem/internal.h @@ -0,0 +1,94 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 OR ISC + +#ifndef AWSLC_HEADER_KEM_INTERNAL_H +#define AWSLC_HEADER_KEM_INTERNAL_H + +#include + + +#if defined(__cplusplus) +extern "C" { +#endif + +// KEM_METHOD structure and helper functions. +typedef struct { + int (*keygen_deterministic)(uint8_t *ctx, + uint8_t *pkey, + const uint8_t *seed); + + int (*keygen)(uint8_t *public_key, + uint8_t *secret_key); + + int (*encaps_deterministic)(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed); + + int (*encaps)(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key); + + int (*decaps)(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key); +} KEM_METHOD; + +// KEM structure and helper functions. +typedef struct { + int nid; + const uint8_t *oid; + uint8_t oid_len; + const char *comment; + size_t public_key_len; + size_t secret_key_len; + size_t ciphertext_len; + size_t shared_secret_len; + size_t keygen_seed_len; + size_t encaps_seed_len; + const KEM_METHOD *method; +} KEM; + +// KEM_KEY structure and helper functions. +struct kem_key_st { + const KEM *kem; + uint8_t *public_key; + uint8_t *secret_key; +}; + +const KEM *KEM_find_kem_by_nid(int nid); + +KEM_KEY *KEM_KEY_new(void); +int KEM_KEY_init(KEM_KEY *key, const KEM *kem); +void KEM_KEY_free(KEM_KEY *key); +const KEM *KEM_KEY_get0_kem(KEM_KEY* key); + +// KEM_KEY_set_raw_public_key function allocates the public key buffer +// within the given |key| and copies the contents of |in| to it. +// +// NOTE: No checks are done in this function, the caller has to ensure +// that the pointers are valid and |in| has the correct size. +int KEM_KEY_set_raw_public_key(KEM_KEY *key, const uint8_t *in); + +// KEM_KEY_set_raw_secret_key function allocates the secret key buffer +// within the given |key| and copies the contents of |in| to it. +// +// NOTE: No checks are done in this function, the caller has to ensure +// that the pointers are valid and |in| has the correct size. +int KEM_KEY_set_raw_secret_key(KEM_KEY *key, const uint8_t *in); + +// KEM_KEY_set_raw_key function allocates the public and secret key buffers +// within the given |key| and copies the contents of |in_public| and +// |in_secret| to them. +// +// NOTE: No checks are done in this function, the caller has to ensure +// that the pointers are valid and |in_public| and |in_secret| +// have the correct size. +int KEM_KEY_set_raw_key(KEM_KEY *key, const uint8_t *in_public, + const uint8_t *in_secret); + +#if defined(__cplusplus) +} // extern C +#endif + +#endif // AWSLC_HEADER_KEM_TEST_INTERNAL_H diff --git a/crypto/fipsmodule/kem/kem.c b/crypto/fipsmodule/kem/kem.c new file mode 100644 index 0000000000..f21213df08 --- /dev/null +++ b/crypto/fipsmodule/kem/kem.c @@ -0,0 +1,270 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 OR ISC + +#include + +#include "../../kem/internal.h" +#include "../delocate.h" +#include "../ml_kem/ml_kem.h" +#include "internal.h" + +static const uint8_t kOIDMLKEM512[] = {0xff, 0xff, 0xff, 0xff}; +static const uint8_t kOIDMLKEM768[] = {0xff, 0xff, 0xff, 0xff}; +static const uint8_t kOIDMLKEM1024[] = {0xff, 0xff, 0xff, 0xff}; + +static int ml_kem_1024_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return ml_kem_1024_keypair_deterministic(public_key, secret_key, seed) == 0; +} + +static int ml_kem_1024_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return ml_kem_1024_keypair(public_key, secret_key) == 0; +} + +static int ml_kem_1024_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return ml_kem_1024_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; +} + +static int ml_kem_1024_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return ml_kem_1024_encapsulate(ciphertext, shared_secret, public_key) == 0; +} + +static int ml_kem_1024_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return ml_kem_1024_decapsulate(shared_secret, ciphertext, secret_key) == 0; +} + +DEFINE_LOCAL_DATA(KEM_METHOD, kem_ml_kem_1024_method) { + out->keygen_deterministic = ml_kem_1024_keygen_deterministic; + out->keygen = ml_kem_1024_keygen; + out->encaps_deterministic = ml_kem_1024_encaps_deterministic; + out->encaps = ml_kem_1024_encaps; + out->decaps = ml_kem_1024_decaps; +}; + +static int ml_kem_768_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return ml_kem_768_keypair_deterministic(public_key, secret_key, seed) == 0; +} + +static int ml_kem_768_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return ml_kem_768_keypair(public_key, secret_key) == 0; +} + +static int ml_kem_768_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return ml_kem_768_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; +} + +static int ml_kem_768_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return ml_kem_768_encapsulate(ciphertext, shared_secret, public_key) == 0; +} + +static int ml_kem_768_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return ml_kem_768_decapsulate(shared_secret, ciphertext, secret_key) == 0; +} + +DEFINE_LOCAL_DATA(KEM_METHOD, kem_ml_kem_768_method) { + out->keygen_deterministic = ml_kem_768_keygen_deterministic; + out->keygen = ml_kem_768_keygen; + out->encaps_deterministic = ml_kem_768_encaps_deterministic; + out->encaps = ml_kem_768_encaps; + out->decaps = ml_kem_768_decaps; +}; + +static int ml_kem_512_keygen_deterministic(uint8_t *public_key, + uint8_t *secret_key, + const uint8_t *seed) { + return ml_kem_512_keypair_deterministic(public_key, secret_key, seed) == 0; +} + +static int ml_kem_512_keygen(uint8_t *public_key, + uint8_t *secret_key) { + return ml_kem_512_keypair(public_key, secret_key) == 0; +} + +static int ml_kem_512_encaps_deterministic(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key, + const uint8_t *seed) { + return ml_kem_512_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; +} + +static int ml_kem_512_encaps(uint8_t *ciphertext, + uint8_t *shared_secret, + const uint8_t *public_key) { + return ml_kem_512_encapsulate(ciphertext, shared_secret, public_key) == 0; +} + +static int ml_kem_512_decaps(uint8_t *shared_secret, + const uint8_t *ciphertext, + const uint8_t *secret_key) { + return ml_kem_512_decapsulate(shared_secret, ciphertext, secret_key) == 0; +} + +DEFINE_LOCAL_DATA(KEM_METHOD, kem_ml_kem_512_method) { + out->keygen_deterministic = ml_kem_512_keygen_deterministic; + out->keygen = ml_kem_512_keygen; + out->encaps_deterministic = ml_kem_512_encaps_deterministic; + out->encaps = ml_kem_512_encaps; + out->decaps = ml_kem_512_decaps; +} + +DEFINE_LOCAL_DATA(KEM, KEM_ml_kem_512) { + out->nid = NID_MLKEM512; + out->oid = kOIDMLKEM512; + out->oid_len = sizeof(kOIDMLKEM512); + out->comment = "MLKEM512 "; + out->public_key_len = MLKEM512_PUBLIC_KEY_BYTES; + out->secret_key_len = MLKEM512_SECRET_KEY_BYTES; + out->ciphertext_len = MLKEM512_CIPHERTEXT_BYTES; + out->shared_secret_len = MLKEM512_SHARED_SECRET_LEN; + out->keygen_seed_len = MLKEM512_KEYGEN_SEED_LEN; + out->encaps_seed_len = MLKEM512_ENCAPS_SEED_LEN; + out->method = kem_ml_kem_512_method(); +} + +DEFINE_LOCAL_DATA(KEM, KEM_ml_kem_768) { + out->nid = NID_MLKEM768; + out->oid = kOIDMLKEM768; + out->oid_len = sizeof(kOIDMLKEM768); + out->comment = "MLKEM768 "; + out->public_key_len = MLKEM768_PUBLIC_KEY_BYTES; + out->secret_key_len = MLKEM768_SECRET_KEY_BYTES; + out->ciphertext_len = MLKEM768_CIPHERTEXT_BYTES; + out->shared_secret_len = MLKEM768_SHARED_SECRET_LEN; + out->keygen_seed_len = MLKEM768_KEYGEN_SEED_LEN; + out->encaps_seed_len = MLKEM768_ENCAPS_SEED_LEN; + out->method = kem_ml_kem_768_method(); +} + +DEFINE_LOCAL_DATA(KEM, KEM_ml_kem_1024) { + out->nid = NID_MLKEM1024; + out->oid = kOIDMLKEM1024; + out->oid_len = sizeof(kOIDMLKEM1024); + out->comment = "MLKEM1024 "; + out->public_key_len = MLKEM1024_PUBLIC_KEY_BYTES; + out->secret_key_len = MLKEM1024_SECRET_KEY_BYTES; + out->ciphertext_len = MLKEM1024_CIPHERTEXT_BYTES; + out->shared_secret_len = MLKEM1024_SHARED_SECRET_LEN; + out->keygen_seed_len = MLKEM1024_KEYGEN_SEED_LEN; + out->encaps_seed_len = MLKEM1024_ENCAPS_SEED_LEN; + out->method = kem_ml_kem_1024_method(); +} + +const KEM *KEM_find_kem_by_nid(int nid) { + + switch (nid) { + case NID_MLKEM512: + return KEM_ml_kem_512(); + case NID_MLKEM768: + return KEM_ml_kem_768(); + case NID_MLKEM1024: + return KEM_ml_kem_1024(); + default: + break; + } + + // We couldn't match a known KEM. Try legacy KEMs. + const KEM *legacy_kems = get_legacy_kems(); + for (size_t i = 0; i < AWSLC_NUM_LEGACY_KEMS; i++) { + if (legacy_kems[i].nid == nid) { + return &legacy_kems[i]; + } + } + + return NULL; +} + +KEM_KEY *KEM_KEY_new(void) { + KEM_KEY *ret = OPENSSL_zalloc(sizeof(KEM_KEY)); + if (ret == NULL) { + return NULL; + } + + return ret; +} + +static void KEM_KEY_clear(KEM_KEY *key) { + key->kem = NULL; + OPENSSL_free(key->public_key); + OPENSSL_free(key->secret_key); + key->public_key = NULL; + key->secret_key = NULL; +} + +int KEM_KEY_init(KEM_KEY *key, const KEM *kem) { + if (key == NULL || kem == NULL) { + return 0; + } + // If the key is already initialized clear it. + KEM_KEY_clear(key); + + key->kem = kem; + key->public_key = OPENSSL_malloc(kem->public_key_len); + key->secret_key = OPENSSL_malloc(kem->secret_key_len); + if (key->public_key == NULL || key->secret_key == NULL) { + KEM_KEY_clear(key); + return 0; + } + + return 1; +} + +void KEM_KEY_free(KEM_KEY *key) { + if (key == NULL) { + return; + } + KEM_KEY_clear(key); + OPENSSL_free(key); +} + +const KEM *KEM_KEY_get0_kem(KEM_KEY* key) { + return key->kem; +} + +int KEM_KEY_set_raw_public_key(KEM_KEY *key, const uint8_t *in) { + key->public_key = OPENSSL_memdup(in, key->kem->public_key_len); + if (key->public_key == NULL) { + return 0; + } + + return 1; +} + +int KEM_KEY_set_raw_secret_key(KEM_KEY *key, const uint8_t *in) { + key->secret_key = OPENSSL_memdup(in, key->kem->secret_key_len); + if (key->secret_key == NULL) { + return 0; + } + + return 1; +} + +int KEM_KEY_set_raw_key(KEM_KEY *key, const uint8_t *in_public, + const uint8_t *in_secret) { + key->public_key = OPENSSL_memdup(in_public, key->kem->public_key_len); + key->secret_key = OPENSSL_memdup(in_secret, key->kem->secret_key_len); + if (key->public_key == NULL || key->secret_key == NULL) { + KEM_KEY_clear(key); + return 0; + } + + return 1; +} diff --git a/crypto/kem/internal.h b/crypto/kem/internal.h index 3488bcb897..863ffc79e6 100644 --- a/crypto/kem/internal.h +++ b/crypto/kem/internal.h @@ -1,98 +1,24 @@ // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 OR ISC -#ifndef AWSLC_HEADER_KEM_INTERNAL_H -#define AWSLC_HEADER_KEM_INTERNAL_H +#ifndef AWSLC_HEADER_KEM_LEGACY_INTERNAL_H +#define AWSLC_HEADER_KEM_LEGACY_INTERNAL_H #include +#include "../fipsmodule/kem/internal.h" #if defined(__cplusplus) extern "C" { #endif -// KEM_METHOD structure and helper functions. -typedef struct { - int (*keygen_deterministic)(uint8_t *ctx, - uint8_t *pkey, - const uint8_t *seed); - - int (*keygen)(uint8_t *public_key, - uint8_t *secret_key); - - int (*encaps_deterministic)(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed); - - int (*encaps)(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key); - - int (*decaps)(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key); -} KEM_METHOD; +#define AWSLC_NUM_LEGACY_KEMS 3 extern const KEM_METHOD kem_kyber512r3_method; extern const KEM_METHOD kem_kyber768r3_method; extern const KEM_METHOD kem_kyber1024r3_method; -extern const KEM_METHOD kem_ml_kem_512_method; -extern const KEM_METHOD kem_ml_kem_768_method; -extern const KEM_METHOD kem_ml_kem_1024_method; - -// KEM structure and helper functions. -typedef struct { - const int nid; - const uint8_t *oid; - const uint8_t oid_len; - const char *comment; - const size_t public_key_len; - const size_t secret_key_len; - const size_t ciphertext_len; - const size_t shared_secret_len; - const size_t keygen_seed_len; - const size_t encaps_seed_len; - const KEM_METHOD *method; -} KEM; - -const KEM *KEM_find_kem_by_nid(int nid); - -// KEM_KEY structure and helper functions. -struct kem_key_st { - const KEM *kem; - uint8_t *public_key; - uint8_t *secret_key; -}; - -KEM_KEY *KEM_KEY_new(void); -int KEM_KEY_init(KEM_KEY *key, const KEM *kem); -void KEM_KEY_free(KEM_KEY *key); -const KEM *KEM_KEY_get0_kem(KEM_KEY* key); - -// KEM_KEY_set_raw_public_key function allocates the public key buffer -// within the given |key| and copies the contents of |in| to it. -// -// NOTE: No checks are done in this function, the caller has to ensure -// that the pointers are valid and |in| has the correct size. -int KEM_KEY_set_raw_public_key(KEM_KEY *key, const uint8_t *in); - -// KEM_KEY_set_raw_secret_key function allocates the secret key buffer -// within the given |key| and copies the contents of |in| to it. -// -// NOTE: No checks are done in this function, the caller has to ensure -// that the pointers are valid and |in| has the correct size. -int KEM_KEY_set_raw_secret_key(KEM_KEY *key, const uint8_t *in); -// KEM_KEY_set_raw_key function allocates the public and secret key buffers -// within the given |key| and copies the contents of |in_public| and -// |in_secret| to them. -// -// NOTE: No checks are done in this function, the caller has to ensure -// that the pointers are valid and |in_public| and |in_secret| -// have the correct size. -int KEM_KEY_set_raw_key(KEM_KEY *key, const uint8_t *in_public, - const uint8_t *in_secret); +const KEM *get_legacy_kems(void); #if defined(__cplusplus) } // extern C diff --git a/crypto/kem/kem.c b/crypto/kem/kem.c index 7426637198..e89a61cb53 100644 --- a/crypto/kem/kem.c +++ b/crypto/kem/kem.c @@ -7,6 +7,7 @@ #include #include "../fipsmodule/delocate.h" +#include "../fipsmodule/kem/internal.h" #include "../internal.h" #include "internal.h" #include "../kyber/kem_kyber.h" @@ -14,22 +15,19 @@ // The KEM parameters listed below are taken from corresponding specifications. +// These are legacy KEMs before the NIST PQC project finalized its +// recommendations. // // Kyber: - https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf -// - Kyber is not standardized yet, so we use the latest specification -// from Round 3 of NIST PQC project. +// - Implemented as specified in Round 3 of NIST PQC project. -#define AWSLC_NUM_BUILT_IN_KEMS 6 +#define AWSLC_NUM_LEGACY_KEMS 3 -// TODO(awslc): placeholder OIDs, replace with the real ones when available. static const uint8_t kOIDKyber512r3[] = {0xff, 0xff, 0xff, 0xff}; static const uint8_t kOIDKyber768r3[] = {0xff, 0xff, 0xff, 0xff}; static const uint8_t kOIDKyber1024r3[] = {0xff, 0xff, 0xff, 0xff}; -static const uint8_t kOIDMLKEM512[] = {0xff, 0xff, 0xff, 0xff}; -static const uint8_t kOIDMLKEM768[] = {0xff, 0xff, 0xff, 0xff}; -static const uint8_t kOIDMLKEM1024[] = {0xff, 0xff, 0xff, 0xff}; -static const KEM built_in_kems[AWSLC_NUM_BUILT_IN_KEMS] = { +const KEM legacy_kems[AWSLC_NUM_LEGACY_KEMS] = { { NID_KYBER512_R3, // kem.nid kOIDKyber512r3, // kem.oid @@ -43,7 +41,6 @@ static const KEM built_in_kems[AWSLC_NUM_BUILT_IN_KEMS] = { KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len &kem_kyber512r3_method, // kem.method }, - { NID_KYBER768_R3, // kem.nid kOIDKyber768r3, // kem.oid @@ -57,7 +54,6 @@ static const KEM built_in_kems[AWSLC_NUM_BUILT_IN_KEMS] = { KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len &kem_kyber768r3_method, // kem.method }, - { NID_KYBER1024_R3, // kem.nid kOIDKyber1024r3, // kem.oid @@ -71,131 +67,8 @@ static const KEM built_in_kems[AWSLC_NUM_BUILT_IN_KEMS] = { KYBER_R3_ENCAPS_SEED_LEN, // kem.encaps_seed_len &kem_kyber1024r3_method, // kem.method }, - { - NID_MLKEM512, // kem.nid - kOIDMLKEM512, // kem.oid - sizeof(kOIDMLKEM512), // kem.oid_len - "MLKEM512 ", // kem.comment - MLKEM512_PUBLIC_KEY_BYTES, // kem.public_key_len - MLKEM512_SECRET_KEY_BYTES, // kem.secret_key_len - MLKEM512_CIPHERTEXT_BYTES, // kem.ciphertext_len - MLKEM512_SHARED_SECRET_LEN, // kem.shared_secret_len - MLKEM512_KEYGEN_SEED_LEN, // kem.keygen_seed_len - MLKEM512_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_ml_kem_512_method, // kem.method - }, - { - NID_MLKEM768, // kem.nid - kOIDMLKEM768, // kem.oid - sizeof(kOIDMLKEM768), // kem.oid_len - "MLKEM768 ", // kem.comment - MLKEM768_PUBLIC_KEY_BYTES, // kem.public_key_len - MLKEM768_SECRET_KEY_BYTES, // kem.secret_key_len - MLKEM768_CIPHERTEXT_BYTES, // kem.ciphertext_len - MLKEM768_SHARED_SECRET_LEN, // kem.shared_secret_len - MLKEM768_KEYGEN_SEED_LEN, // kem.keygen_seed_len - MLKEM768_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_ml_kem_768_method, // kem.method - }, - { - NID_MLKEM1024, // kem.nid - kOIDMLKEM1024, // kem.oid - sizeof(kOIDMLKEM1024), // kem.oid_len - "MLKEM1024 ", // kem.comment - MLKEM1024_PUBLIC_KEY_BYTES, // kem.public_key_len - MLKEM1024_SECRET_KEY_BYTES, // kem.secret_key_len - MLKEM1024_CIPHERTEXT_BYTES, // kem.ciphertext_len - MLKEM1024_SHARED_SECRET_LEN, // kem.shared_secret_len - MLKEM1024_KEYGEN_SEED_LEN, // kem.keygen_seed_len - MLKEM1024_ENCAPS_SEED_LEN, // kem.encaps_seed_len - &kem_ml_kem_1024_method, // kem.method - }, }; -const KEM *KEM_find_kem_by_nid(int nid) { - const KEM *ret = NULL; - for (size_t i = 0; i < AWSLC_NUM_BUILT_IN_KEMS; i++) { - if (built_in_kems[i].nid == nid) { - ret = &built_in_kems[i]; - break; - } - } - return ret; -} - -KEM_KEY *KEM_KEY_new(void) { - KEM_KEY *ret = OPENSSL_zalloc(sizeof(KEM_KEY)); - if (ret == NULL) { - return NULL; - } - - return ret; -} - -static void KEM_KEY_clear(KEM_KEY *key) { - key->kem = NULL; - OPENSSL_free(key->public_key); - OPENSSL_free(key->secret_key); - key->public_key = NULL; - key->secret_key = NULL; -} - -int KEM_KEY_init(KEM_KEY *key, const KEM *kem) { - if (key == NULL || kem == NULL) { - return 0; - } - // If the key is already initialized clear it. - KEM_KEY_clear(key); - - key->kem = kem; - key->public_key = OPENSSL_malloc(kem->public_key_len); - key->secret_key = OPENSSL_malloc(kem->secret_key_len); - if (key->public_key == NULL || key->secret_key == NULL) { - KEM_KEY_clear(key); - return 0; - } - - return 1; -} - -void KEM_KEY_free(KEM_KEY *key) { - if (key == NULL) { - return; - } - KEM_KEY_clear(key); - OPENSSL_free(key); -} - -const KEM *KEM_KEY_get0_kem(KEM_KEY* key) { - return key->kem; -} - -int KEM_KEY_set_raw_public_key(KEM_KEY *key, const uint8_t *in) { - key->public_key = OPENSSL_memdup(in, key->kem->public_key_len); - if (key->public_key == NULL) { - return 0; - } - - return 1; -} - -int KEM_KEY_set_raw_secret_key(KEM_KEY *key, const uint8_t *in) { - key->secret_key = OPENSSL_memdup(in, key->kem->secret_key_len); - if (key->secret_key == NULL) { - return 0; - } - - return 1; -} - -int KEM_KEY_set_raw_key(KEM_KEY *key, const uint8_t *in_public, - const uint8_t *in_secret) { - key->public_key = OPENSSL_memdup(in_public, key->kem->public_key_len); - key->secret_key = OPENSSL_memdup(in_secret, key->kem->secret_key_len); - if (key->public_key == NULL || key->secret_key == NULL) { - KEM_KEY_clear(key); - return 0; - } - - return 1; +const KEM *get_legacy_kems(void) { + return legacy_kems; } diff --git a/crypto/kem/kem_methods.c b/crypto/kem/kem_methods.c index 7f82df8c5d..3081a83ec0 100644 --- a/crypto/kem/kem_methods.c +++ b/crypto/kem/kem_methods.c @@ -123,117 +123,3 @@ const KEM_METHOD kem_kyber1024r3_method = { kyber1024r3_encaps, kyber1024r3_decaps, }; - -static int ml_kem_512_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return ml_kem_512_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int ml_kem_512_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return ml_kem_512_keypair(public_key, secret_key) == 0; -} - -static int ml_kem_512_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return ml_kem_512_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int ml_kem_512_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return ml_kem_512_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int ml_kem_512_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return ml_kem_512_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_ml_kem_512_method = { - ml_kem_512_keygen_deterministic, - ml_kem_512_keygen, - ml_kem_512_encaps_deterministic, - ml_kem_512_encaps, - ml_kem_512_decaps, -}; - -static int ml_kem_768_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return ml_kem_768_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int ml_kem_768_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return ml_kem_768_keypair(public_key, secret_key) == 0; -} - -static int ml_kem_768_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return ml_kem_768_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int ml_kem_768_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return ml_kem_768_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int ml_kem_768_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return ml_kem_768_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_ml_kem_768_method = { - ml_kem_768_keygen_deterministic, - ml_kem_768_keygen, - ml_kem_768_encaps_deterministic, - ml_kem_768_encaps, - ml_kem_768_decaps, -}; - -static int ml_kem_1024_keygen_deterministic(uint8_t *public_key, - uint8_t *secret_key, - const uint8_t *seed) { - return ml_kem_1024_keypair_deterministic(public_key, secret_key, seed) == 0; -} - -static int ml_kem_1024_keygen(uint8_t *public_key, - uint8_t *secret_key) { - return ml_kem_1024_keypair(public_key, secret_key) == 0; -} - -static int ml_kem_1024_encaps_deterministic(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key, - const uint8_t *seed) { - return ml_kem_1024_encapsulate_deterministic(ciphertext, shared_secret, public_key, seed) == 0; -} - -static int ml_kem_1024_encaps(uint8_t *ciphertext, - uint8_t *shared_secret, - const uint8_t *public_key) { - return ml_kem_1024_encapsulate(ciphertext, shared_secret, public_key) == 0; -} - -static int ml_kem_1024_decaps(uint8_t *shared_secret, - const uint8_t *ciphertext, - const uint8_t *secret_key) { - return ml_kem_1024_decapsulate(shared_secret, ciphertext, secret_key) == 0; -} - -const KEM_METHOD kem_ml_kem_1024_method = { - ml_kem_1024_keygen_deterministic, - ml_kem_1024_keygen, - ml_kem_1024_encaps_deterministic, - ml_kem_1024_encaps, - ml_kem_1024_decaps, -}; From 0ff9af430797845e4e101f490ca495e816bf3b6d Mon Sep 17 00:00:00 2001 From: Torben Hansen <50673096+torben-hansen@users.noreply.github.com> Date: Thu, 5 Sep 2024 10:53:49 -0700 Subject: [PATCH 2/2] fix pedantic --- crypto/fipsmodule/kem/kem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/fipsmodule/kem/kem.c b/crypto/fipsmodule/kem/kem.c index f21213df08..275ff781d6 100644 --- a/crypto/fipsmodule/kem/kem.c +++ b/crypto/fipsmodule/kem/kem.c @@ -48,7 +48,7 @@ DEFINE_LOCAL_DATA(KEM_METHOD, kem_ml_kem_1024_method) { out->encaps_deterministic = ml_kem_1024_encaps_deterministic; out->encaps = ml_kem_1024_encaps; out->decaps = ml_kem_1024_decaps; -}; +} static int ml_kem_768_keygen_deterministic(uint8_t *public_key, uint8_t *secret_key, @@ -86,7 +86,7 @@ DEFINE_LOCAL_DATA(KEM_METHOD, kem_ml_kem_768_method) { out->encaps_deterministic = ml_kem_768_encaps_deterministic; out->encaps = ml_kem_768_encaps; out->decaps = ml_kem_768_decaps; -}; +} static int ml_kem_512_keygen_deterministic(uint8_t *public_key, uint8_t *secret_key,