Get rid of pqm4 in favour our own Kyber/MLDSA implementation

IDE/STM32Cube/default_conf.ftl

@@ -334,15 +334,6 @@ extern ${variable.value} ${variable.name};
  #define NO_SESSION_CACHE
 #endif
 
-/* Post Quantum
- * Note: PQM4 is compatible with STM32. The project can be found at:
- * https://github.com/mupq/pqm4
- */
-#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
- #define HAVE_PQM4
-#endif
-
-
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@@ -534,6 +525,33 @@ extern ${variable.value} ${variable.name};
  #define NO_MD5
 #endif
 
+/* ------------------------------------------------------------------------- */
+/* Post-Quantum Crypto */
+/* ------------------------------------------------------------------------- */
+/* NOTE: this is after the hashing section to override the potential SHA3 undef
+ * above. */
+#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
+#undef WOLFSSL_EXPERIMENTAL_SETTINGS
+#define WOLFSSL_EXPERIMENTAL_SETTINGS
+
+#undef WOLFSSL_HAVE_KYBER
+#define WOLFSSL_HAVE_KYBER
+
+#undef WOLFSSL_WC_KYBER
+#define WOLFSSL_WC_KYBER
+
+#undef WOLFSSL_NO_SHAKE128
+#undef WOLFSSL_SHAKE128
+#define WOLFSSL_SHAKE128
+
+#undef WOLFSSL_NO_SHAKE256
+#undef WOLFSSL_SHAKE256
+#define WOLFSSL_SHAKE256
+
+#undef WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+#endif /* WOLF_CONF_KYBER */
+
 /* ------------------------------------------------------------------------- */
 /* Crypto Acceleration */
 /* ------------------------------------------------------------------------- */

IDE/STM32Cube/wolfssl_example.c

@@ -1750,7 +1750,7 @@ static int tls13_uart_client(void)
 
  wolfSSL_SetIOReadCtx(ssl, tbuf);
 
-#ifdef HAVE_PQC
+#ifdef WOLFSSL_HAVE_KYBER
  if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
  printf("wolfSSL_UseKeyShare Error!!");
  }

examples/configs/user_settings_stm32.h

@@ -119,8 +119,8 @@ extern "C" {
 /*---------- WOLF_CONF_TEST -----------*/
 #define WOLF_CONF_TEST 1
 
-/*---------- WOLF_CONF_PQM4 -----------*/
-#define WOLF_CONF_PQM4 0
+/*---------- WOLF_CONF_KYBER -----------*/
+#define WOLF_CONF_kYBER 0
 
 /* ------------------------------------------------------------------------- */
 /* Hardware platform */
@@ -373,14 +373,6 @@ extern "C" {
  #define NO_SESSION_CACHE
 #endif
 
-/* Post Quantum
- * Note: PQM4 is compatible with STM32. The project can be found at:
- * https://github.com/mupq/pqm4
- */
-#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
- #define HAVE_PQM4
-#endif
-
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@@ -576,6 +568,35 @@ extern "C" {
  #define NO_MD5
 #endif
 
+/* ------------------------------------------------------------------------- */
+/* Post-Quantum Crypto */
+/* ------------------------------------------------------------------------- */
+
+/*
+ * NOTE: this is after the hashing section to override the potential SHA3 undef
+ * above. */
+#if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1
+#undef WOLFSSL_EXPERIMENTAL_SETTINGS
+#define WOLFSSL_EXPERIMENTAL_SETTINGS
+
+#undef WOLFSSL_HAVE_KYBER
+#define WOLFSSL_HAVE_KYBER
+
+#undef WOLFSSL_WC_KYBER
+#define WOLFSSL_WC_KYBER
+
+#undef WOLFSSL_NO_SHAKE128
+#undef WOLFSSL_SHAKE128
+#define WOLFSSL_SHAKE128
+
+#undef WOLFSSL_NO_SHAKE256
+#undef WOLFSSL_SHAKE256
+#define WOLFSSL_SHAKE256
+
+#undef WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+#endif /* WOLF_CONF_KYBER */
+
 /* ------------------------------------------------------------------------- */
 /* Benchmark / Test */
 /* ------------------------------------------------------------------------- */

src/ssl.c

@@ -14367,9 +14367,6 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
  return "P384_KYBER_LEVEL3";
  case WOLFSSL_P521_KYBER_LEVEL5:
  return "P521_KYBER_LEVEL5";
-#elif defined(HAVE_PQM4)
- case WOLFSSL_KYBER_LEVEL1:
- return "KYBER_LEVEL1";
 #elif defined(WOLFSSL_WC_KYBER)
  #ifdef WOLFSSL_KYBER512
  case WOLFSSL_KYBER_LEVEL1:

src/tls.c

@@ -52,7 +52,7 @@
  #include <wolfssl/wolfcrypt/kyber.h>
 #ifdef WOLFSSL_WC_KYBER
  #include <wolfssl/wolfcrypt/wc_kyber.h>
-#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#elif defined(HAVE_LIBOQS)
  #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
@@ -9458,9 +9458,6 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
  }
  break;
  }
- #elif defined(HAVE_PQM4)
- case WOLFSSL_KYBER_LEVEL1:
- break;
  #endif
 #endif
  default:
@@ -9529,8 +9526,6 @@ static const word16 preferredGroup[] = {
  WOLFSSL_P256_KYBER_LEVEL1,
  WOLFSSL_P384_KYBER_LEVEL3,
  WOLFSSL_P521_KYBER_LEVEL5,
-#elif defined(HAVE_PQM4)
- WOLFSSL_KYBER_LEVEL1,
 #endif
  WOLFSSL_NAMED_GROUP_INVALID
 };
@@ -13166,8 +13161,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
  if (ret == WOLFSSL_SUCCESS)
  ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_LEVEL5,
  ssl->heap);
-#elif defined(HAVE_PQM4)
- ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap);
 #endif /* HAVE_LIBOQS */
 #endif /* WOLFSSL_HAVE_KYBER */
 

wolfcrypt/benchmark/benchmark.c

@@ -172,7 +172,7 @@
  #ifdef WOLFSSL_WC_KYBER
  #include <wolfssl/wolfcrypt/wc_kyber.h>
  #endif
- #if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+ #if defined(HAVE_LIBOQS)
  #include <wolfssl/wolfcrypt/ext_kyber.h>
  #endif
 #endif

wolfcrypt/src/ext_kyber.c

@@ -168,12 +168,6 @@ int wc_KyberKey_PrivateKeySize(KyberKey* key, word32* len)
  }
  }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- (void)key;
- if (ret == 0) {
- *len = PQM4_PRIVATE_KEY_LENGTH;
- }
-#endif /* HAVE_PQM4 */
 
  return ret;
 }
@@ -216,12 +210,6 @@ int wc_KyberKey_PublicKeySize(KyberKey* key, word32* len)
  }
  }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- (void)key;
- if (ret == 0) {
- *len = PQM4_PUBLIC_KEY_LENGTH;
- }
-#endif /* HAVE_PQM4 */
 
  return ret;
 }
@@ -264,12 +252,6 @@ int wc_KyberKey_CipherTextSize(KyberKey* key, word32* len)
  }
  }
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- (void)key;
- if (ret == 0) {
- *len = PQM4_CIPHERTEXT_LENGTH;
- }
-#endif /* HAVE_PQM4 */
 
  return ret;
 }
@@ -301,7 +283,7 @@ int wc_KyberKey_SharedSecretSize(KyberKey* key, word32* len)
 /**
  * Make a Kyber key object using a random number generator.
  *
- * NOTE: rng is ignored. OQS and PQM4 don't use our RNG.
+ * NOTE: rng is ignored. OQS doesn't use our RNG.
  *
  * @param [in, out] key Kyber key ovject.
  * @param [in] rng Random number generator.
@@ -362,14 +344,6 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng)
  wolfSSL_liboqsRngMutexUnlock();
  OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- if (ret == 0) {
- if (crypto_kem_keypair(key->pub, key->priv) != 0) {
- WOLFSSL_MSG("PQM4 keygen failure");
- ret = BAD_FUNC_ARG;
- }
- }
-#endif /* HAVE_PQM4 */
 
  if (ret != 0) {
  ForceZero(key, sizeof(*key));
@@ -394,7 +368,7 @@ int wc_KyberKey_MakeKeyWithRandom(KyberKey* key, const unsigned char* rand,
 {
  (void)rand;
  (void)len;
- /* OQS and PQM4 don't support external randomness. */
+ /* OQS doesn't support external randomness. */
  return wc_KyberKey_MakeKey(key, NULL);
 }
 
@@ -471,14 +445,6 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss,
  wolfSSL_liboqsRngMutexUnlock();
  OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- if (ret == 0) {
- if (crypto_kem_enc(ct, ss, key->pub) != 0) {
- WOLFSSL_MSG("PQM4 Encapsulation failure.");
- ret = BAD_FUNC_ARG;
- }
- }
-#endif /* HAVE_PQM4 */
 
  return ret;
 }
@@ -501,7 +467,7 @@ int wc_KyberKey_EncapsulateWithRandom(KyberKey* key, unsigned char* ct,
 {
  (void)rand;
  (void)len;
- /* OQS and PQM4 don't support external randomness. */
+ /* OQS doesn't support external randomness. */
  return wc_KyberKey_Encapsulate(key, ct, ss, NULL);
 }
 
@@ -577,14 +543,6 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,
 
  OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
-#ifdef HAVE_PQM4
- if (ret == 0) {
- if (crypto_kem_dec(ss, ct, key->priv) != 0) {
- WOLFSSL_MSG("PQM4 Decapsulation failure.");
- ret = BAD_FUNC_ARG;
- }
- }
-#endif /* HAVE_PQM4 */
 
  return ret;
 

wolfcrypt/test/test.c

@@ -314,7 +314,7 @@ const byte const_byte_array[] = "A+Gd\0\0\0";
 #ifdef WOLFSSL_WC_KYBER
  #include <wolfssl/wolfcrypt/wc_kyber.h>
 #endif
-#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#if defined(HAVE_LIBOQS)
  #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
@@ -37758,7 +37758,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void)
 #endif /* HAVE_ED448 */
 
 #ifdef WOLFSSL_HAVE_KYBER
-#ifdef WOLFSSL_WC_KYBER /* OQS and PQM4 do not support KATs */
+#ifdef WOLFSSL_WC_KYBER /* OQS does not support KATs */
 #ifdef WOLFSSL_KYBER512
 static wc_test_ret_t kyber512_kat(void)
 {

wolfssl/wolfcrypt/cryptocb.h

@@ -75,7 +75,7 @@
  #include <wolfssl/wolfcrypt/kyber.h>
 #ifdef WOLFSSL_WC_KYBER
  #include <wolfssl/wolfcrypt/wc_kyber.h>
-#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+#elif defined(HAVE_LIBOQS)
  #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif

wolfssl/wolfcrypt/ext_kyber.h

@@ -29,8 +29,8 @@
 #ifdef WOLFSSL_HAVE_KYBER
 #include <wolfssl/wolfcrypt/kyber.h>
 
-#if !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4)
-#error "This code requires liboqs or pqm4"
+#if !defined(HAVE_LIBOQS)
+#error "This code requires liboqs"
 #endif
 
 #if defined(WOLFSSL_WC_KYBER)
@@ -41,15 +41,6 @@
  #include <oqs/kem.h>
  #define EXT_KYBER_MAX_PRIV_SZ OQS_KEM_kyber_1024_length_secret_key
  #define EXT_KYBER_MAX_PUB_SZ OQS_KEM_kyber_1024_length_public_key
-#elif defined(HAVE_PQM4)
- #include "api_kyber.h"
- #define PQM4_PUBLIC_KEY_LENGTH CRYPTO_PUBLICKEYBYTES
- #define PQM4_PRIVATE_KEY_LENGTH CRYPTO_SECRETKEYBYTES
- #define PQM4_SHARED_SECRET_LENGTH CRYPTO_BYTES
- #define PQM4_CIPHERTEXT_LENGTH CRYPTO_CIPHERTEXTBYTES
-
- #define EXT_KYBER_MAX_PRIV_SZ PQM4_PRIVATE_KEY_LENGTH
- #define EXT_KYBER_MAX_PUB_SZ PQM4_PUBLIC_KEY_LENGTH
 #endif
 
 struct KyberKey {

wolfssl/wolfcrypt/settings.h

@@ -3514,14 +3514,6 @@ extern void uITRON4_free(void *p) ;
 #endif
 #endif
 
-#ifdef HAVE_PQM4
-#define HAVE_PQC
-#define WOLFSSL_HAVE_KYBER
-#define WOLFSSL_KYBER512
-#define WOLFSSL_NO_KYBER768
-#define WOLFSSL_NO_KYBER1024
-#endif
-
 #if (defined(HAVE_LIBOQS) || \
  defined(HAVE_LIBXMSS) || \
  defined(HAVE_LIBLMS) || \
@@ -3530,15 +3522,10 @@ extern void uITRON4_free(void *p) ;
  #error Experimental settings without WOLFSSL_EXPERIMENTAL_SETTINGS
 #endif
 
-#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4) && \
- !defined(WOLFSSL_HAVE_KYBER)
+#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(WOLFSSL_HAVE_KYBER)
 #error Please do not define HAVE_PQC yourself.
 #endif
 
-#if defined(HAVE_PQC) && defined(HAVE_LIBOQS) && defined(HAVE_PQM4)
-#error Please do not define both HAVE_LIBOQS and HAVE_PQM4.
-#endif
-
 #if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
  !defined(WOLFSSL_DTLS_CH_FRAG)
 #warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \