Bugfix/sphics slh

GOVERNANCE.md

@@ -0,0 +1,130 @@
+# Governance
+
+## Basic principles
+
+This project aims to operate by the following principles:
+
+- **Openness**: The project will be open in its operation, open to contributions, and produce open source software.
+- **Respect**: The project will foster respectful interactions with all participants.
+- **Scientific integrity**: The project will follow advancements in cryptographic research and will be guided by standards and best practices.
+
+Decision making in the project will follow the principles above, and be governed first and foremost by reason and mutually respectful interaction between all participants.
+The project will aim to build consensus for decisions, and will where possible operate by the approach of [lazy consensus](https://community.apache.org/committers/decisionMaking.html).
+If decisions cannot be reached using lazy consensus, voting will be used to come to a resolution.
+
+## Community and Roles
+
+The OQS community is open to all who would like to participate in the project following its principles, including academic, industry, public sector, and individual contributors.
+
+The following roles exist in the project:
+
+### Users
+
+A **User** is a person or organization using software produced by the project.
+
+Responsibilities:
+
+- Abide by the [license][LICENSE.txt]
+- Consider participating in the project!
+
+### Community Members
+
+A **Community Member** is a User who interacts with the project, for example by participating in discussions on Github or mailing lists, or in project meetings.
+
+Responsibilities:
+
+- Follow the [code of conduct](CODE_OF_CONDUCT.md)
+
+### Contributors
+
+A **Contributor** is a Community Member who contributes directly to the project by submitting code or documentation, or actively participating in issues or pull requests on Github.
+
+### Committers
+
+A **Committer** is a Contributor with increased experience in the project who helps review pull requests and actively participates in discussions about the project. Committers will be members of the open-quantum-safe GitHub organization and will have "write" permissions in GitHub.
+
+Responsibilities:
+
+- Further the goals of the project.
+- Monitor and respond to GitHub issues.
+- Review and merge pull requests.
+- Assist with security releases when required.
+- Participate in discussions and project meetings.
+
+### Release managers
+
+A release manager is a Contributor versed in creating releases of the project.
+
+Responsibilities:
+
+- Manage the release cycle, incl. creation of suitable user documentation.
+- Execution of downstream tests ascertaining quality of releases.
+
+### Maintainers
+
+A **Maintainer** is a Committer who makes significant and sustained contributions to the project, and is committed to guiding the direction of the project. Maintainers will have "administrative" permissions in GitHub and thus are also able to act as Release managers.
+
+Responsibilities:
+
+- Oversee the overall project health and growth.
+- Lead communication for the project.
+- Define general and technical guidelines for the project.
+- Identify priorities.
+
+### Change of role
+
+Any Community Member may become a Contributor by creating a pull request (PR) and getting it successfully reviewed and merged by Committers.
+
+Any Contributor can become a Committer by contributing sufficient code and displaying deep subject matter knowledge in discussions such that a majority of Committers vote for this change of role. A Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of Committers.
+
+As such a voting decision may be considered subjective, Contributors striving to become Committers are encouraged to ask for advice from Committers/Maintainers as to what they can do to obtain this role. Baseline requirements for contributions are documented in [CONTRIBUTING.md](CONTRIBUTING.md). Any Contributor can create a discussion item to request a vote to become Committer.
+
+Any Committer can become a Maintainer by majority vote of voting Committers. A current Maintainer can veto such a vote. Such a veto can be overruled by a 2/3 majority of all Committers.
+
+A Maintainer is not permitted to remove another Maintainer's GitHub privileges.
+
+A Committer may be automatically moved to Contributor status if not actively contributing by discussion or PR review during the last 90 days or by voluntarily suspending this status (e.g., by taking a ["Leave of absence"](#leave-of-absence)). If a Maintainer loses or relinquishes the Committer status and, hence, the Maintainer status, the Committers have to determine whether a new Maintainer needs to be elected.
+
+Any person violating the [code of conduct](CODE_OF_CONDUCT.md), consistently not fulfilling the role responsibilities, or for other reasons can lose the role held if a simple majority of Committers votes for such removal and no Maintainer vetos that decision. If a Maintainer is to be removed from that role a 2/3 majority of Committers must agree.
+
+Depending on the reason for removal, a Maintainer may be converted to Emeritus status. Emeritus Maintainers may still be consulted on some project matters, and can be returned to Maintainer status if their availability changes and a simple majority of Committers agrees.
+
+### Leave of absence
+
+Any Committer may voluntarily step down from the role for a documented period of time, losing voting rights for that time period. The period is documented in this file next to the person's name below.  At the end of this time period, the Committer automatically regains their voting rights.
+
+A leave of absence may not be longer than a year. If the Committer needs to be away for longer than that, they must step down from that role unconditionally, and regaining that role becomes subject of normal procedures to become Committer, as described in ["Change of role"](#change-of-role) above.
+
+## Voting
+
+Change of role or changes to this document is subject to voting.
+
+Votes are to be executed by way of open GitHub discussions. No quorum is needed for votes open for 4 weeks. Urgent matters may be decided by majority vote among Maintainers or 2/3 majority by all Committers within an arbitrary voting period.
+
+## Current Maintainers and Committers
+
+### Maintainers
+
+@dstebila
+
+### Committers
+
+@geedo0
+@xuganyu96
+@andrewyounkers
+@alharrison
+
+### Release managers
+
+@geedo0
+@xuganyu96
+@andrewyounkers
+@alharrison
+
+### Emeritus Committers
+
+
+
+## Afterword
+
+*This governance document was based in part of the [Falco Project governance document](https://github.com/falcosecurity/evolution/blob/main/GOVERNANCE.md).

README.md

@@ -52,6 +52,12 @@ While at the time of this writing there are no vulnerabilities known in any of t
 
 We realize some parties may want to deploy quantum-safe cryptography prior to the conclusion of the standardization project.  We strongly recommend such attempts make use of so-called **hybrid cryptography**, in which quantum-safe public-key algorithms are combined with traditional public key algorithms (like RSA or elliptic curves) such that the solution is at least no less secure than existing traditional cryptography. This fork provides the ability to use hybrid cryptography.
 
+### PQ Offered in OpenSSH
+
+While current versions of (mainline) OpenSSH provide two PQ KEMs, sntrup761x25519-sha512 and mlkem768x25519-sha256, this may not be sufficient for an individual or an organization's use-case. Currently, OpenSSH does not offer a PQ digital signature algorithm or any pure PQ KEM algorithms. These may be needed for compliance efforts or other use-cases.
+
+In such cases, this fork provides a valuable reference and an implementation for interoperability testing. This allows implementors to have a common third-party to test against to help ensure that different implementors will be able to interoperate as the PQ landscape matures in SSH communication.
+
 ### Supported Algorithms
 
 If an algorithm is provided by liboqs but is not listed below, it can still be used in the fork through [either one of two ways](https://github.com/open-quantum-safe/openssh-portable/wiki/Using-liboqs-supported-algorithms-in-the-fork).
@@ -95,7 +101,7 @@ The following digital signature algorithms from liboqs are supported (assuming t
 - **Falcon**: `falcon512`\*, `falcon1024`\*, `falconpadded512`, `falconpadded1024`
 - **MAYO**: `mayo1`, `mayo2`\*, `mayo3`\*, `mayo5`\*
 - **ML-DSA**: `mldsa44`\*, `mldsa65`\*, `mldsa87`\*
-- **SPHINCS**: `sphincssha2128fsimple`\*, `sphincssha2128ssimple`, `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincssha2256fsimple`\*, `sphincssha2256ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple`
+- **SLH-DSA**: `slhdsapuresha2128f`\*, `slhdsasha2128ssimple`, `slhdsashake128fsimple`, `slhdsashake128ssimple`, `slhdsasha2192fsimple`, `slhdsasha2192ssimple`, `slhdsashake192fsimple`, `slhdsashake192ssimple`, `slhdsapuresha2256f`\*, `slhdsasha2256ssimple`, `slhdsashake256fsimple`, `slhdsashake256ssimple`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END -->
 
 
@@ -222,6 +228,8 @@ Contributors to this fork of OpenSSH include:
 - Goutam Tamvada (University of Waterloo)
 - Michael Baentsch
 - Gerardo Ravago (Amazon Web Services)
+- Alex Harrison (Cisco Systems)
+- Andrew Younkers (Cisco Systems)
 
 Contributors to an earlier OQS fork of OpenSSH included:
 

oqs-template/generate.yml

@@ -425,8 +425,8 @@ sigs:
         name: 'ecdsa_nistp521'
         openssl_nid: 'NID_secp521r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_128f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_pure_sha2_128f'
     enable: true
     level: 1
     mix_with:
@@ -437,8 +437,8 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_128s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_sha2_128s_simple'
     level: 1
     mix_with:
       -
@@ -448,8 +448,8 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_128f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_128f_simple'
     level: 1
     mix_with:
       -
@@ -459,8 +459,8 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_128s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_128s_simple'
     level: 1
     mix_with:
       -
@@ -470,65 +470,65 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_192f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_sha2_192f_simple'
     level: 3
     mix_with:
       -
         name: 'ecdsa_nistp384'
         openssl_nid: 'NID_secp384r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_192s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_sha2_192s_simple'
     level: 3
     mix_with:
       -
         name: 'ecdsa_nistp384'
         openssl_nid: 'NID_secp384r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_192f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_192f_simple'
     level: 3
     mix_with:
       -
         name: 'ecdsa_nistp384'
         openssl_nid: 'NID_secp384r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_192s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_192s_simple'
     level: 3
     mix_with:
       -
         name: 'ecdsa_nistp384'
         openssl_nid: 'NID_secp384r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_256f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_pure_sha2_256f'
     enable: true
     level: 5
     mix_with:
       -
         name: 'ecdsa_nistp521'
         openssl_nid: 'NID_secp521r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_sha2_256s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_sha2_256s_simple'
     level: 5
     mix_with:
       -
         name: 'ecdsa_nistp521'
         openssl_nid: 'NID_secp521r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_256f_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_256f_simple'
     level: 5
     mix_with:
       -
         name: 'ecdsa_nistp521'
         openssl_nid: 'NID_secp521r1'
   -
-    family: 'SPHINCS'
-    name: 'sphincs_shake_256s_simple'
+    family: 'SLH-DSA'
+    name: 'slh_dsa_shake_256s_simple'
     level: 5
     mix_with:
       -

oqs-test/try_connection.py

@@ -83,11 +83,11 @@
     "ssh-ecdsa-nistp256-falcon512",
     "ssh-falcon1024",
     "ssh-ecdsa-nistp521-falcon1024",
-    "ssh-sphincssha2128fsimple",
-    "ssh-rsa3072-sphincssha2128fsimple",
-    "ssh-ecdsa-nistp256-sphincssha2128fsimple",
-    "ssh-sphincssha2256fsimple",
-    "ssh-ecdsa-nistp521-sphincssha2256fsimple",
+    "ssh-slhdsapuresha2128f",
+    "ssh-rsa3072-slhdsapuresha2128f",
+    "ssh-ecdsa-nistp256-slhdsapuresha2128f",
+    "ssh-slhdsapuresha2256f",
+    "ssh-ecdsa-nistp521-slhdsapuresha2256f",
     "ssh-mldsa-44",
     "ssh-rsa3072-mldsa-44",
     "ssh-ecdsa-nistp256-mldsa-44",

oqs-utils.c

@@ -5,7 +5,7 @@ int oqs_utils_is_rsa_hybrid(int keytype) {
 ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_START
         case KEY_RSA3072_FALCON_512:
             return 1;
-        case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE:
+        case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F:
             return 1;
         case KEY_RSA3072_ML_DSA_44:
             return 1;
@@ -23,9 +23,9 @@ int oqs_utils_is_ecdsa_hybrid(int keytype) {
             return 1;
         case KEY_ECDSA_NISTP521_FALCON_1024:
             return 1;
-        case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE:
+        case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F:
             return 1;
-        case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE:
+        case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F:
             return 1;
         case KEY_ECDSA_NISTP256_ML_DSA_44:
             return 1;

oqs-utils.h

@@ -9,8 +9,8 @@
 #define CASE_KEY_OQS \
 	case KEY_FALCON_512: \
 	case KEY_FALCON_1024: \
-	case KEY_SPHINCS_SHA2_128F_SIMPLE: \
-	case KEY_SPHINCS_SHA2_256F_SIMPLE: \
+	case KEY_SLH_DSA_PURE_SHA2_128F: \
+	case KEY_SLH_DSA_PURE_SHA2_256F: \
 	case KEY_ML_DSA_44: \
 	case KEY_ML_DSA_65: \
 	case KEY_ML_DSA_87: \
@@ -20,15 +20,15 @@
 
 #define CASE_KEY_RSA_HYBRID \
 	case KEY_RSA3072_FALCON_512: \
-	case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: \
+	case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: \
 	case KEY_RSA3072_ML_DSA_44: \
 	case KEY_RSA3072_MAYO_2
 
 #define CASE_KEY_ECDSA_HYBRID \
 	case KEY_ECDSA_NISTP256_FALCON_512: \
 	case KEY_ECDSA_NISTP521_FALCON_1024: \
-	case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: \
-	case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: \
+	case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: \
+	case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: \
 	case KEY_ECDSA_NISTP256_ML_DSA_44: \
 	case KEY_ECDSA_NISTP384_ML_DSA_65: \
 	case KEY_ECDSA_NISTP521_ML_DSA_87: \

pathnames.h

@@ -45,11 +45,11 @@
 #define _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_falcon512_key"
 #define _PATH_HOST_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_falcon1024_key"
 #define _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_falcon1024_key"
-#define _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2128fsimple_key"
-#define _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_rsa3072_sphincssha2128fsimple_key"
-#define _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_sphincssha2128fsimple_key"
-#define _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2256fsimple_key"
-#define _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_sphincssha2256fsimple_key"
+#define _PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_slhdsapuresha2128f_key"
+#define _PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_rsa3072_slhdsapuresha2128f_key"
+#define _PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_slhdsapuresha2128f_key"
+#define _PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE SSHDIR "/ssh_host_slhdsapuresha2256f_key"
+#define _PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_slhdsapuresha2256f_key"
 #define _PATH_HOST_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_mldsa44_key"
 #define _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_rsa3072_mldsa44_key"
 #define _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_mldsa44_key"
@@ -122,11 +122,11 @@
 #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_falcon512"
 #define _PATH_SSH_CLIENT_ID_FALCON_1024 _PATH_SSH_USER_DIR "/id_falcon1024"
 #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_falcon1024"
-#define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2128fsimple"
-#define _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_rsa3072_sphincssha2128fsimple"
-#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_sphincssha2128fsimple"
-#define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2256fsimple"
-#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_sphincssha2256fsimple"
+#define _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_slhdsapuresha2128f"
+#define _PATH_SSH_CLIENT_ID_RSA3072_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_rsa3072_slhdsapuresha2128f"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_slhdsapuresha2128f"
+#define _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_256F _PATH_SSH_USER_DIR "/id_slhdsapuresha2256f"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_slhdsapuresha2256f"
 #define _PATH_SSH_CLIENT_ID_ML_DSA_44 _PATH_SSH_USER_DIR "/id_mldsa44"
 #define _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44 _PATH_SSH_USER_DIR "/id_rsa3072_mldsa44"
 #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_mldsa44"