-
Notifications
You must be signed in to change notification settings - Fork 74
/
oqs-Linux.patch
283 lines (275 loc) · 14 KB
/
oqs-Linux.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
diff --git a/net/cert/cert_verify_proc.cc b/net/cert/cert_verify_proc.cc
index d3a3436e3d..d7e949a474 100644
--- a/net/cert/cert_verify_proc.cc
+++ b/net/cert/cert_verify_proc.cc
@@ -88,6 +88,19 @@ const int kRsaKeySizes[] = {512, 768, 1024, 1536, 2048,
// return P-224, P-256, P-384, or P-521, and the verifier will reject P-224.
const int kEcdsaKeySizes[] = {163, 192, 224, 233, 256, 283, 384, 409, 521, 571};
+template<typename C, typename T>
+bool ArrayContains(C && c, T t) {
+ return std::find(std::begin(c), std::end(c), t) != std::end(c);
+}
+const X509Certificate::PublicKeyType OqsSigTypes[] = {
+ X509Certificate::kPublicKeyTypeDilithium,
+ X509Certificate::kPublicKeyTypeFalcon,
+ X509Certificate::kPublicKeyTypeMLDSA,
+ X509Certificate::kPublicKeyTypeSPHINCSSHA2,
+ X509Certificate::kPublicKeyTypeSPHINCSSHAKE,
+ X509Certificate::kPublicKeyTypeMAYO,
+ X509Certificate::kPublicKeyTypeCROSS};
+
const char* CertTypeToString(X509Certificate::PublicKeyType cert_type) {
switch (cert_type) {
case X509Certificate::kPublicKeyTypeUnknown:
@@ -96,6 +109,20 @@ const char* CertTypeToString(X509Certificate::PublicKeyType cert_type) {
return "RSA";
case X509Certificate::kPublicKeyTypeECDSA:
return "ECDSA";
+ case X509Certificate::kPublicKeyTypeDilithium:
+ return "Dilithium";
+ case X509Certificate::kPublicKeyTypeFalcon:
+ return "Falcon";
+ case X509Certificate::kPublicKeyTypeMLDSA:
+ return "ML-DSA";
+ case X509Certificate::kPublicKeyTypeSPHINCSSHA2:
+ return "SPHINCSSHA2";
+ case X509Certificate::kPublicKeyTypeSPHINCSSHAKE:
+ return "SPHINCSSHAKE";
+ case X509Certificate::kPublicKeyTypeMAYO:
+ return "MAYO";
+ case X509Certificate::kPublicKeyTypeCROSS:
+ return "CROSS";
}
NOTREACHED();
}
@@ -128,6 +155,8 @@ void RecordPublicKeyHistogram(const char* chain_position,
base::CustomHistogram::ArrayToCustomEnumRanges(kRsaKeySizes),
base::HistogramBase::kUmaTargetedHistogramFlag);
break;
+ default:
+ break;
}
counter->Add(size_bits);
}
@@ -166,7 +195,7 @@ bool ExaminePublicKeys(const scoped_refptr<X509Certificate>& cert,
cert->valid_expiry() >= kBaselineKeysizeEffectiveDate;
X509Certificate::GetPublicKeyInfo(cert->cert_buffer(), &size_bits, &type);
- if (should_histogram) {
+ if (!ArrayContains(OqsSigTypes, type) && should_histogram) {
RecordPublicKeyHistogram(kLeafCert, baseline_keysize_applies, size_bits,
type);
}
@@ -178,7 +207,7 @@ bool ExaminePublicKeys(const scoped_refptr<X509Certificate>& cert,
for (size_t i = 0; i < intermediates.size(); ++i) {
X509Certificate::GetPublicKeyInfo(intermediates[i].get(), &size_bits,
&type);
- if (should_histogram) {
+ if (!ArrayContains(OqsSigTypes, type) && should_histogram) {
RecordPublicKeyHistogram(
(i < intermediates.size() - 1) ? kIntermediateCert : kRootCert,
baseline_keysize_applies,
@@ -304,6 +333,37 @@ void RecordTrustAnchorHistogram(const HashValueVector& spki_hashes,
case bssl::SignatureAlgorithm::kRsaPssSha256:
case bssl::SignatureAlgorithm::kRsaPssSha384:
case bssl::SignatureAlgorithm::kRsaPssSha512:
+ case bssl::SignatureAlgorithm::kCrossrsdp128balanced:
+ case bssl::SignatureAlgorithm::kMayo1:
+ case bssl::SignatureAlgorithm::kDilithium2:
+ case bssl::SignatureAlgorithm::kMldsa44:
+ case bssl::SignatureAlgorithm::kP256_mldsa44:
+ case bssl::SignatureAlgorithm::kFalcon512:
+ case bssl::SignatureAlgorithm::kRsa3072_falcon512:
+ case bssl::SignatureAlgorithm::kFalconpadded512:
+ case bssl::SignatureAlgorithm::kSphincssha2128fsimple:
+ case bssl::SignatureAlgorithm::kSphincssha2128ssimple:
+ case bssl::SignatureAlgorithm::kSphincsshake128fsimple:
+ case bssl::SignatureAlgorithm::kSphincsshake128ssimple:
+ case bssl::SignatureAlgorithm::kMayo2:
+ case bssl::SignatureAlgorithm::kMayo3:
+ case bssl::SignatureAlgorithm::kDilithium3:
+ case bssl::SignatureAlgorithm::kMldsa65:
+ case bssl::SignatureAlgorithm::kP384_mldsa65:
+ case bssl::SignatureAlgorithm::kSphincssha2192fsimple:
+ case bssl::SignatureAlgorithm::kSphincssha2192ssimple:
+ case bssl::SignatureAlgorithm::kSphincsshake192fsimple:
+ case bssl::SignatureAlgorithm::kSphincsshake192ssimple:
+ case bssl::SignatureAlgorithm::kMayo5:
+ case bssl::SignatureAlgorithm::kDilithium5:
+ case bssl::SignatureAlgorithm::kMldsa87:
+ case bssl::SignatureAlgorithm::kP521_mldsa87:
+ case bssl::SignatureAlgorithm::kFalcon1024:
+ case bssl::SignatureAlgorithm::kFalconpadded1024:
+ case bssl::SignatureAlgorithm::kSphincssha2256fsimple:
+ case bssl::SignatureAlgorithm::kSphincssha2256ssimple:
+ case bssl::SignatureAlgorithm::kSphincsshake256fsimple:
+ case bssl::SignatureAlgorithm::kSphincsshake256ssimple:
return true;
}
diff --git a/net/cert/x509_certificate.cc b/net/cert/x509_certificate.cc
index 8e33d78b27..2b3586f598 100644
--- a/net/cert/x509_certificate.cc
+++ b/net/cert/x509_certificate.cc
@@ -630,6 +630,51 @@ void X509Certificate::GetPublicKeyInfo(const CRYPTO_BUFFER* cert_buffer,
case EVP_PKEY_EC:
*type = kPublicKeyTypeECDSA;
break;
+ case EVP_PKEY_MLDSA44:
+ case EVP_PKEY_P256_MLDSA44:
+ case EVP_PKEY_MLDSA65:
+ case EVP_PKEY_P384_MLDSA65:
+ case EVP_PKEY_MLDSA87:
+ case EVP_PKEY_P521_MLDSA87:
+ *type = kPublicKeyTypeMLDSA;
+ break;
+ case EVP_PKEY_DILITHIUM2:
+ case EVP_PKEY_DILITHIUM3:
+ case EVP_PKEY_DILITHIUM5:
+ *type = kPublicKeyTypeDilithium;
+ break;
+ case EVP_PKEY_FALCON512:
+ case EVP_PKEY_RSA3072_FALCON512:
+ case EVP_PKEY_FALCONPADDED512:
+ case EVP_PKEY_FALCON1024:
+ case EVP_PKEY_FALCONPADDED1024:
+ *type = kPublicKeyTypeFalcon;
+ break;
+ case EVP_PKEY_MAYO1:
+ case EVP_PKEY_MAYO2:
+ case EVP_PKEY_MAYO3:
+ case EVP_PKEY_MAYO5:
+ *type = kPublicKeyTypeMAYO;
+ break;
+ case EVP_PKEY_CROSSRSDP128BALANCED:
+ *type = kPublicKeyTypeCROSS;
+ break;
+ case EVP_PKEY_SPHINCSSHA2128FSIMPLE:
+ case EVP_PKEY_SPHINCSSHA2128SSIMPLE:
+ case EVP_PKEY_SPHINCSSHA2192FSIMPLE:
+ case EVP_PKEY_SPHINCSSHA2192SSIMPLE:
+ case EVP_PKEY_SPHINCSSHA2256FSIMPLE:
+ case EVP_PKEY_SPHINCSSHA2256SSIMPLE:
+ *type = kPublicKeyTypeSPHINCSSHA2;
+ break;
+ case EVP_PKEY_SPHINCSSHAKE128FSIMPLE:
+ case EVP_PKEY_SPHINCSSHAKE128SSIMPLE:
+ case EVP_PKEY_SPHINCSSHAKE192FSIMPLE:
+ case EVP_PKEY_SPHINCSSHAKE192SSIMPLE:
+ case EVP_PKEY_SPHINCSSHAKE256FSIMPLE:
+ case EVP_PKEY_SPHINCSSHAKE256SSIMPLE:
+ *type = kPublicKeyTypeSPHINCSSHAKE;
+ break;
}
*size_bits = base::saturated_cast<size_t>(EVP_PKEY_bits(pkey.get()));
}
diff --git a/net/cert/x509_certificate.h b/net/cert/x509_certificate.h
index 60470fdd71..fd525c263d 100644
--- a/net/cert/x509_certificate.h
+++ b/net/cert/x509_certificate.h
@@ -45,6 +45,13 @@ class NET_EXPORT X509Certificate
kPublicKeyTypeUnknown,
kPublicKeyTypeRSA,
kPublicKeyTypeECDSA,
+ kPublicKeyTypeMAYO,
+ kPublicKeyTypeCROSS,
+ kPublicKeyTypeDilithium,
+ kPublicKeyTypeFalcon,
+ kPublicKeyTypeMLDSA,
+ kPublicKeyTypeSPHINCSSHA2,
+ kPublicKeyTypeSPHINCSSHAKE
};
enum Format {
diff --git a/net/quic/quic_session_pool.cc b/net/quic/quic_session_pool.cc
index 21ac1bd8a4..9457d58254 100644
--- a/net/quic/quic_session_pool.cc
+++ b/net/quic/quic_session_pool.cc
@@ -425,12 +425,17 @@ QuicSessionPool::QuicCryptoClientConfigOwner::QuicCryptoClientConfigOwner(
base::Unretained(this)));
if (quic_session_pool_->ssl_config_service_->GetSSLContextConfig()
.PostQuantumKeyAgreementEnabled()) {
- uint16_t postquantum_group =
- base::FeatureList::IsEnabled(features::kUseMLKEM)
- ? SSL_GROUP_X25519_MLKEM768
- : SSL_GROUP_X25519_KYBER768_DRAFT00;
- config_.set_preferred_groups({postquantum_group, SSL_GROUP_X25519,
- SSL_GROUP_SECP256R1, SSL_GROUP_SECP384R1});
+ config_.set_preferred_groups({
+ // We temporarily enable both X25519_MLKEM768 and X25519_Kyber768
+ SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
+ SSL_GROUP_MLKEM512, SSL_GROUP_P256_MLKEM512, SSL_GROUP_X25519_MLKEM512, SSL_GROUP_MLKEM768, SSL_GROUP_P256_MLKEM768, SSL_GROUP_P384_MLKEM768, SSL_GROUP_MLKEM1024, SSL_GROUP_P384_MLKEM1024, SSL_GROUP_P521_MLKEM1024,
+ SSL_GROUP_FRODO640AES, SSL_GROUP_P256_FRODO640AES, SSL_GROUP_X25519_FRODO640AES, SSL_GROUP_FRODO976AES, SSL_GROUP_P384_FRODO976AES, SSL_GROUP_FRODO1344AES, SSL_GROUP_P521_FRODO1344AES,
+ SSL_GROUP_FRODO640SHAKE, SSL_GROUP_P256_FRODO640SHAKE, SSL_GROUP_X25519_FRODO640SHAKE, SSL_GROUP_FRODO976SHAKE, SSL_GROUP_P384_FRODO976SHAKE, SSL_GROUP_FRODO1344SHAKE, SSL_GROUP_P521_FRODO1344SHAKE,
+ SSL_GROUP_KYBER512, SSL_GROUP_P256_KYBER512, SSL_GROUP_X25519_KYBER512, SSL_GROUP_KYBER768, SSL_GROUP_P256_KYBER768, SSL_GROUP_P384_KYBER768, SSL_GROUP_KYBER1024, SSL_GROUP_P521_KYBER1024,
+ SSL_GROUP_BIKEL1, SSL_GROUP_P256_BIKEL1, SSL_GROUP_X25519_BIKEL1, SSL_GROUP_BIKEL3, SSL_GROUP_P384_BIKEL3, SSL_GROUP_BIKEL5, SSL_GROUP_P521_BIKEL5,
+ SSL_GROUP_HQC128, SSL_GROUP_P256_HQC128, SSL_GROUP_X25519_HQC128, SSL_GROUP_HQC192, SSL_GROUP_P384_HQC192, SSL_GROUP_HQC256, SSL_GROUP_P521_HQC256,
+ SSL_GROUP_X25519, SSL_GROUP_SECP256R1, SSL_GROUP_SECP384R1
+ });
}
}
QuicSessionPool::QuicCryptoClientConfigOwner::~QuicCryptoClientConfigOwner() {
diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc
index 786d1c08aa..b48563e758 100644
--- a/net/socket/ssl_client_socket_impl.cc
+++ b/net/socket/ssl_client_socket_impl.cc
@@ -645,12 +645,16 @@ int SSLClientSocketImpl::Init() {
}
if (context_->config().PostQuantumKeyAgreementEnabled()) {
- const uint16_t postquantum_group =
- base::FeatureList::IsEnabled(features::kUseMLKEM)
- ? SSL_GROUP_X25519_MLKEM768
- : SSL_GROUP_X25519_KYBER768_DRAFT00;
- const uint16_t kGroups[] = {postquantum_group, SSL_GROUP_X25519,
- SSL_GROUP_SECP256R1, SSL_GROUP_SECP384R1};
+ const uint16_t kGroups[] = {
+ // We temporarily enable both X25519_MLKEM768 and X25519_Kyber768
+ SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
+ SSL_GROUP_MLKEM512, SSL_GROUP_P256_MLKEM512, SSL_GROUP_X25519_MLKEM512, SSL_GROUP_MLKEM768, SSL_GROUP_P256_MLKEM768, SSL_GROUP_P384_MLKEM768, SSL_GROUP_MLKEM1024, SSL_GROUP_P384_MLKEM1024, SSL_GROUP_P521_MLKEM1024,
+ SSL_GROUP_FRODO640AES, SSL_GROUP_P256_FRODO640AES, SSL_GROUP_X25519_FRODO640AES, SSL_GROUP_FRODO976AES, SSL_GROUP_P384_FRODO976AES, SSL_GROUP_FRODO1344AES, SSL_GROUP_P521_FRODO1344AES,
+ SSL_GROUP_FRODO640SHAKE, SSL_GROUP_P256_FRODO640SHAKE, SSL_GROUP_X25519_FRODO640SHAKE, SSL_GROUP_FRODO976SHAKE, SSL_GROUP_P384_FRODO976SHAKE, SSL_GROUP_FRODO1344SHAKE, SSL_GROUP_P521_FRODO1344SHAKE,
+ SSL_GROUP_KYBER512, SSL_GROUP_P256_KYBER512, SSL_GROUP_X25519_KYBER512, SSL_GROUP_KYBER768, SSL_GROUP_P256_KYBER768, SSL_GROUP_P384_KYBER768, SSL_GROUP_KYBER1024, SSL_GROUP_P521_KYBER1024,
+ SSL_GROUP_BIKEL1, SSL_GROUP_P256_BIKEL1, SSL_GROUP_X25519_BIKEL1, SSL_GROUP_BIKEL3, SSL_GROUP_P384_BIKEL3, SSL_GROUP_BIKEL5, SSL_GROUP_P521_BIKEL5,
+ SSL_GROUP_HQC128, SSL_GROUP_P256_HQC128, SSL_GROUP_X25519_HQC128, SSL_GROUP_HQC192, SSL_GROUP_P384_HQC192, SSL_GROUP_HQC256, SSL_GROUP_P521_HQC256,
+ SSL_GROUP_X25519, SSL_GROUP_SECP256R1, SSL_GROUP_SECP384R1};
if (!SSL_set1_group_ids(ssl_.get(), kGroups, std::size(kGroups))) {
return ERR_UNEXPECTED;
}
@@ -752,6 +756,13 @@ int SSLClientSocketImpl::Init() {
SSL_SIGN_RSA_PKCS1_SHA256, SSL_SIGN_ECDSA_SECP384R1_SHA384,
SSL_SIGN_RSA_PSS_RSAE_SHA384, SSL_SIGN_RSA_PKCS1_SHA384,
SSL_SIGN_RSA_PSS_RSAE_SHA512, SSL_SIGN_RSA_PKCS1_SHA512,
+ SSL_SIGN_MLDSA44, SSL_SIGN_P256_MLDSA44, SSL_SIGN_MLDSA65, SSL_SIGN_P384_MLDSA65, SSL_SIGN_MLDSA87, SSL_SIGN_P521_MLDSA87,
+ SSL_SIGN_FALCON512, SSL_SIGN_RSA3072_FALCON512, SSL_SIGN_FALCONPADDED512, SSL_SIGN_FALCON1024, SSL_SIGN_FALCONPADDED1024,
+ SSL_SIGN_MAYO1, SSL_SIGN_MAYO2, SSL_SIGN_MAYO3, SSL_SIGN_MAYO5,
+ SSL_SIGN_SPHINCSSHA2128FSIMPLE, SSL_SIGN_SPHINCSSHA2128SSIMPLE, SSL_SIGN_SPHINCSSHA2192FSIMPLE, SSL_SIGN_SPHINCSSHA2192SSIMPLE, SSL_SIGN_SPHINCSSHA2256FSIMPLE, SSL_SIGN_SPHINCSSHA2256SSIMPLE,
+ SSL_SIGN_SPHINCSSHAKE128FSIMPLE, SSL_SIGN_SPHINCSSHAKE128SSIMPLE, SSL_SIGN_SPHINCSSHAKE192FSIMPLE, SSL_SIGN_SPHINCSSHAKE192SSIMPLE, SSL_SIGN_SPHINCSSHAKE256FSIMPLE, SSL_SIGN_SPHINCSSHAKE256SSIMPLE,
+ SSL_SIGN_CROSSRSDP128BALANCED,
+ SSL_SIGN_DILITHIUM2, SSL_SIGN_DILITHIUM3, SSL_SIGN_DILITHIUM5
};
if (!SSL_set_verify_algorithm_prefs(ssl_.get(), kVerifyPrefs,
std::size(kVerifyPrefs))) {
diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn
index 52e239f60f..7d550f8166 100644
--- a/third_party/boringssl/BUILD.gn
+++ b/third_party/boringssl/BUILD.gn
@@ -17,7 +17,7 @@ if (enable_rust) {
# Config for us and everybody else depending on BoringSSL.
config("external_config") {
- include_dirs = [ "src/include" ]
+ include_dirs = [ "src/include", "src/oqs/include" ]
if (is_component_build) {
defines = [ "BORINGSSL_SHARED_LIBRARY" ]
}
@@ -46,7 +46,7 @@ config("no_asm_config") {
# unexport pki_internal_headers.
all_sources = bcm_internal_headers + bcm_sources + crypto_internal_headers +
crypto_sources + ssl_internal_headers + ssl_sources + pki_sources
-all_headers = crypto_headers + ssl_headers + pki_headers + pki_internal_headers
+all_headers = crypto_headers + ssl_headers + pki_headers + pki_internal_headers + oqs_headers
if (enable_rust) {
rust_bindgen("raw_bssl_sys_bindings") {
@@ -145,6 +145,7 @@ component("boringssl") {
sources = rebase_path(all_sources, ".", "src")
public = rebase_path(all_headers, ".", "src")
friend = [ ":*" ]
+ libs = [ "//third_party/boringssl/src/oqs/lib/liboqs.a" ]
deps = [ "//third_party/boringssl/src/third_party/fiat:fiat_license" ]
# Mark boringssl_asm as a public dependency so the OPENSSL_NO_ASM