Rename sphincs algs to follow upstream #6576
Conversation
|
Can one of the admins verify this patch? |
|
I cannot compile with cmake (passing |
|
Hi @iyanmv , Thank you so much for creating this pull request. I must admit to having lost track of liboqs updates. Its great news that they have had a new release. Can I ask you about your project and what you are doing with wolfSSL and liboqs? I've had a look at your changes and they look fine to me! Before we can continue with the process, we will need you sign a contributor agreement. Would you be willing to read over and sign the contributor agreement? If so, please send a message to support@wolfssl.com requesting to become a wolfSSL contributor. Please also reference this PR in your message to support@wolfssl.com Warm regards, Anthony |
|
By the way, I don't think wolfSSL library's cmake infrastructure supports |
|
Oh, my colleague has corrected me. We do have it in there. I apologize for misleading you. |
|
Hi @anhu
I'm running some benchmarks using the NIST PQC candidates, and I learned about wolfSSL from this paper. I was curious so I wanted to try to replicate some of their results.
Alright! I will send the email now. |
|
Hi @iyanmv , Ah, yes, I know the authors of that paper quite well. You might be interested in our integration with the PQM4 library on STM32. You can have a look here: https://github.com/wolfSSL/wolfssl-examples/tree/master/pq/stm32 If visuals are better for you, please have a look at this YouTube video that talk about it in depth: https://www.youtube.com/watch?v=OK6MKXYiVBY Warm regards, Anthony |
|
@iyanmv has been approved as a wolfSSL contributor |
|
Oooh. Just ran
|
|
|
|
I think verification fails because the keys saved and defined in certs_test.h that are used for the benchmark are incompatible with the latest implementation of SPHINCS+ by the PQClean, which was updated in this PR in liboqs. If you point me in the right direction (maybe you have a script to generate those keys?) I can update I quickly tried replacing one with this small program: #include<oqs/oqs.h>
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key, OQS_SIG *sig)
{
if (sig != NULL) {
OQS_MEM_secure_free(secret_key, sig->length_secret_key);
}
OQS_MEM_insecure_free(public_key);
OQS_SIG_free(sig);
}
int create_keys(const char *method_name)
{
OQS_SIG *sig = NULL;
uint8_t *public_key = NULL;
uint8_t *secret_key = NULL;
OQS_STATUS rc;
sig = OQS_SIG_new(method_name);
if (sig == NULL) {
fprintf(stderr, "OQS_SIG_new failed!\n");
return OQS_ERROR;
}
public_key = malloc(sig->length_public_key);
secret_key = malloc(sig->length_secret_key);
if ((public_key == NULL) || (secret_key == NULL)) {
fprintf(stderr, "ERROR: malloc failed!\n");
cleanup_heap(public_key, secret_key, sig);
return OQS_ERROR;
}
rc = OQS_SIG_keypair(sig, public_key, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_keypair failed!\n");
cleanup_heap(public_key, secret_key, sig);
return OQS_ERROR;
}
printf("Key:\n");
for (size_t i=0; i<sig->length_secret_key; ++i) {
printf("0x%02X, ", secret_key[i]);
}
for (size_t i=0; i<sig->length_public_key; ++i) {
printf("0x%02X, ", public_key[i]);
}
printf("\n");
printf("%s keypair generation succeeded!\n", method_name);
cleanup_heap(public_key, secret_key, sig);
return OQS_SUCCESS;
}
int main()
{
OQS_STATUS ret;
ret = create_keys("SPHINCS+-SHAKE-128f-simple");
if (ret != OQS_SUCCESS) {
fprintf(stderr, "ERROR!\n");
return EXIT_FAILURE;
}
return EXIT_SUCCESS;
}But now I get a |
|
Oh, I think I understood now. I will include new keys in this PR in a bit. |
|
Why aren't there any methods in the WOLFSSL_API
int wc_sphincs_generate_key(sphincs_key* key);(Sorry if this is a stupid question, I'm not familiar with wolfSSL. Are users supposed to generate keys with other libraries?) |
|
Hi @iyanmv ,
Its not a stupid question at all. Generally, for signature schemes we use OQS's fork of OpenSSL to generate the certificates. Please see this script: https://github.com/wolfSSL/osp/blob/master/oqs/generate_sphincs_chains.sh The main reason is that no one has requested generation as a feature yet. Warm regards, Anthony |
Oh! That would have been so useful. I guess I did a similar thing, but using OpenSSL 3 and the oqs-provider instead of the OQS OpenSSL 1.1.1 fork. But I also had to manually enable some algs and re-run the
I see. I have implemented a quick function in this branch. If you think it makes sense, I can open a new PR and work on it after we are done with this. I don't think it would take a lot of time. Also, I guess it would help me to get more familiar with wolfSSL. Cheers |
|
Thank you for this: It was a copy and paste failure on my part! |
This also adds new keys for SPHINCS+. The reason is that SPHINCS+ was updated to 3.1 in liboqs (open-quantum-safe/liboqs/pull/1420), and old keys are incompatible with the new implementation. Keys were generated using the oqs-provider for OpenSSL 3 openssl genpkey \ -provider default -provider oqsprovider \ -algorithm sphincsshake128fsimple \ -outform der \ -out bench_sphincs_fast_level1_key.der And certs_test.h was updated using xxd xxd -i -c 10 -u bench_sphincs_fast_level1_key.der This was repeated for the 6 variants of SPHINCS+ that wolfSSL supports.
wolfssl/certs_test.h
Outdated
| 0xCC, 0xF4, 0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D, | ||
| 0xC2, 0x9E, 0xD1, 0xB4, 0x12 | ||
| 0X30, 0X71, 0X02, 0X01, 0X00, 0X30, 0X08, 0X06, 0X06, 0X2B, | ||
| 0XCE, 0X0F, 0X06, 0X07, 0X0D, 0X04, 0X62, 0X04, 0X60, 0XD8, |
There was a problem hiding this comment.
Why did these keys change? Seems like a change to Shake would not require the test keys to change?
There was a problem hiding this comment.
To be honest, I have no idea. But I can replicate the issue using liboqs 0.7.2 to generate some keys, and then trying to verify with liboqs 0.8.0.
|
OK to test |
|
Apparently there was a change/update to the round 3 submission. |
|
@anhu I forgot to squash the last commit with the suggested change. Should I do it or wait until checks are completed? |
|
@iyanmv , I think no action is required from you. a single extra commit is fine. |
|
Retest this please |
|
Our liboqs CI test is failing now. @anhu or @bandi13 seems like we will need to update the liboqs version in our CI to get this to pass then merge? |
|
Jenkins retest this please. |
Regarding this. Is this tested in the CI pipeline? If so, how is it done? I'm trying to run this (basically just the PKGBUILD from Arch Linux modified with build() {
local cmake_options=(
-DCMAKE_INSTALL_PREFIX=/usr
-DCMAKE_BUILD_TYPE=None
-DWOLFSSL_CURVE25519=ON
-DWOLFSSL_CURVE448=ON
-DWOLFSSL_ED25519=ON
-DWOLFSSL_ED448=ON
-DWOLFSSL_REPRODUCIBLE_BUILD=ON
-DWOLFSSL_OQS=ON
-DWARNING_C_FLAGS="$CFLAGS"
-Wno-dev
-B build
-S $_pkgname-$pkgver-stable
)
cmake "${cmake_options[@]}"
cmake --build build --verbose
}But I get multiple undefined reference errors. |
|
I think some logic is missing in diff --git a/cmake/functions.cmake b/cmake/functions.cmake
index e77991ea1..f0fc48c2e 100644
--- a/cmake/functions.cmake
+++ b/cmake/functions.cmake
@@ -195,6 +195,9 @@ function(generate_build_flags)
endif()
if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
set(BUILD_FALCON "yes" PARENT_SCOPE)
+ set(BUILD_SPHINCS "yes" PARENT_SCOPE)
+ set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
+ set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
endif()
set(BUILD_INLINE ${WOLFSSL_INLINE} PARENT_SCOPE)
if(WOLFSSL_OCSP OR WOLFSSL_USER_SETTINGS)
@@ -804,6 +807,18 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/falcon.c)
endif()
+ if(BUILD_SPHINCS)
+ list(APPEND LIB_SOURCES wolfcrypt/src/sphincs.c)
+ endif()
+
+ if(BUILD_DILITHIUM)
+ list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
+ endif()
+
+ if(BUILD_EXT_KYBER)
+ list(APPEND LIB_SOURCES wolfcrypt/src/ext_kyber.c)
+ endif()
+
if(BUILD_LIBZ)
list(APPEND LIB_SOURCES wolfcrypt/src/compress.c)
endif()
|
|
@iyanmv , Ha! You beat me to it. I just noticed that the list of files being built did not include the post-quantum algorithm files. Anthony |
wolfSSLGH-5407 already included falcon.c, but now we also add sphincs.c, dilithium.c and ext_kyber.c to avoid undefined reference errors.
Sure! Will do in a minute. |
Description
liboqs 0.8 renamed sphincs-shake256-X to sphincs-shake-X.
Testing
I tried to compile wolfSSL with
--with-liboqsand it failed. After these changes, it compiles again.Checklist