diff --git a/README.md b/README.md index d7cdd28d561e..4497f980479e 100644 --- a/README.md +++ b/README.md @@ -101,7 +101,7 @@ The following digital signature algorithms from liboqs are supported (assuming t - **Falcon**: `falcon512`\*, `falcon1024`\*, `falconpadded512`, `falconpadded1024` - **MAYO**: `mayo1`, `mayo2`\*, `mayo3`\*, `mayo5`\* - **ML-DSA**: `mldsa44`\*, `mldsa65`\*, `mldsa87`\* -- **SPHINCS**: `sphincssha2128fsimple`\*, `sphincssha2128ssimple`, `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincssha2256fsimple`\*, `sphincssha2256ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple` +- **SLH-DSA**: `slhdsapuresha2128f`\*, `slhdsasha2128ssimple`, `slhdsashake128fsimple`, `slhdsashake128ssimple`, `slhdsasha2192fsimple`, `slhdsasha2192ssimple`, `slhdsashake192fsimple`, `slhdsashake192ssimple`, `slhdsapuresha2256f`\*, `slhdsasha2256ssimple`, `slhdsashake256fsimple`, `slhdsashake256ssimple` diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 7fa17562499f..992e67750cc1 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -425,8 +425,8 @@ sigs: name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - - family: 'SPHINCS' - name: 'sphincs_sha2_128f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_pure_sha2_128f' enable: true level: 1 mix_with: @@ -437,8 +437,8 @@ sigs: name: 'ecdsa_nistp256' openssl_nid: 'NID_X9_62_prime256v1' - - family: 'SPHINCS' - name: 'sphincs_sha2_128s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_sha2_128s_simple' level: 1 mix_with: - @@ -448,8 +448,8 @@ sigs: name: 'ecdsa_nistp256' openssl_nid: 'NID_X9_62_prime256v1' - - family: 'SPHINCS' - name: 'sphincs_shake_128f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_128f_simple' level: 1 mix_with: - @@ -459,8 +459,8 @@ sigs: name: 'ecdsa_nistp256' openssl_nid: 'NID_X9_62_prime256v1' - - family: 'SPHINCS' - name: 'sphincs_shake_128s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_128s_simple' level: 1 mix_with: - @@ -470,40 +470,40 @@ sigs: name: 'ecdsa_nistp256' openssl_nid: 'NID_X9_62_prime256v1' - - family: 'SPHINCS' - name: 'sphincs_sha2_192f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_sha2_192f_simple' level: 3 mix_with: - name: 'ecdsa_nistp384' openssl_nid: 'NID_secp384r1' - - family: 'SPHINCS' - name: 'sphincs_sha2_192s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_sha2_192s_simple' level: 3 mix_with: - name: 'ecdsa_nistp384' openssl_nid: 'NID_secp384r1' - - family: 'SPHINCS' - name: 'sphincs_shake_192f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_192f_simple' level: 3 mix_with: - name: 'ecdsa_nistp384' openssl_nid: 'NID_secp384r1' - - family: 'SPHINCS' - name: 'sphincs_shake_192s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_192s_simple' level: 3 mix_with: - name: 'ecdsa_nistp384' openssl_nid: 'NID_secp384r1' - - family: 'SPHINCS' - name: 'sphincs_sha2_256f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_pure_sha2_256f' enable: true level: 5 mix_with: @@ -511,24 +511,24 @@ sigs: name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - - family: 'SPHINCS' - name: 'sphincs_sha2_256s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_sha2_256s_simple' level: 5 mix_with: - name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - - family: 'SPHINCS' - name: 'sphincs_shake_256f_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_256f_simple' level: 5 mix_with: - name: 'ecdsa_nistp521' openssl_nid: 'NID_secp521r1' - - family: 'SPHINCS' - name: 'sphincs_shake_256s_simple' + family: 'SLH-DSA' + name: 'slh_dsa_shake_256s_simple' level: 5 mix_with: - diff --git a/oqs-test/try_connection.py b/oqs-test/try_connection.py index bcffc44e8b34..d139932f5612 100644 --- a/oqs-test/try_connection.py +++ b/oqs-test/try_connection.py @@ -83,11 +83,11 @@ "ssh-ecdsa-nistp256-falcon512", "ssh-falcon1024", "ssh-ecdsa-nistp521-falcon1024", - "ssh-sphincssha2128fsimple", - "ssh-rsa3072-sphincssha2128fsimple", - "ssh-ecdsa-nistp256-sphincssha2128fsimple", - "ssh-sphincssha2256fsimple", - "ssh-ecdsa-nistp521-sphincssha2256fsimple", + "ssh-slhdsapuresha2128f", + "ssh-rsa3072-slhdsapuresha2128f", + "ssh-ecdsa-nistp256-slhdsapuresha2128f", + "ssh-slhdsapuresha2256f", + "ssh-ecdsa-nistp521-slhdsapuresha2256f", "ssh-mldsa-44", "ssh-rsa3072-mldsa-44", "ssh-ecdsa-nistp256-mldsa-44", diff --git a/oqs-utils.c b/oqs-utils.c index 2ca75ab7c513..e423cde00db5 100644 --- a/oqs-utils.c +++ b/oqs-utils.c @@ -5,7 +5,7 @@ int oqs_utils_is_rsa_hybrid(int keytype) { ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_START case KEY_RSA3072_FALCON_512: return 1; - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: return 1; case KEY_RSA3072_ML_DSA_44: return 1; @@ -23,9 +23,9 @@ int oqs_utils_is_ecdsa_hybrid(int keytype) { return 1; case KEY_ECDSA_NISTP521_FALCON_1024: return 1; - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: return 1; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: return 1; case KEY_ECDSA_NISTP256_ML_DSA_44: return 1; diff --git a/oqs-utils.h b/oqs-utils.h index 5225a7d85927..e57bf252de36 100644 --- a/oqs-utils.h +++ b/oqs-utils.h @@ -9,8 +9,8 @@ #define CASE_KEY_OQS \ case KEY_FALCON_512: \ case KEY_FALCON_1024: \ - case KEY_SPHINCS_SHA2_128F_SIMPLE: \ - case KEY_SPHINCS_SHA2_256F_SIMPLE: \ + case KEY_SLH_DSA_PURE_SHA2_128F: \ + case KEY_SLH_DSA_PURE_SHA2_256F: \ case KEY_ML_DSA_44: \ case KEY_ML_DSA_65: \ case KEY_ML_DSA_87: \ @@ -20,15 +20,15 @@ #define CASE_KEY_RSA_HYBRID \ case KEY_RSA3072_FALCON_512: \ - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: \ + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: \ case KEY_RSA3072_ML_DSA_44: \ case KEY_RSA3072_MAYO_2 #define CASE_KEY_ECDSA_HYBRID \ case KEY_ECDSA_NISTP256_FALCON_512: \ case KEY_ECDSA_NISTP521_FALCON_1024: \ - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: \ - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: \ + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: \ + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: \ case KEY_ECDSA_NISTP256_ML_DSA_44: \ case KEY_ECDSA_NISTP384_ML_DSA_65: \ case KEY_ECDSA_NISTP521_ML_DSA_87: \ diff --git a/pathnames.h b/pathnames.h index 6dfa4a4d9343..dae53d176ddd 100644 --- a/pathnames.h +++ b/pathnames.h @@ -45,11 +45,11 @@ #define _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_falcon512_key" #define _PATH_HOST_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_falcon1024_key" #define _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_falcon1024_key" -#define _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2128fsimple_key" -#define _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_rsa3072_sphincssha2128fsimple_key" -#define _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_sphincssha2128fsimple_key" -#define _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincssha2256fsimple_key" -#define _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_sphincssha2256fsimple_key" +#define _PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_slhdsapuresha2128f_key" +#define _PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_rsa3072_slhdsapuresha2128f_key" +#define _PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_slhdsapuresha2128f_key" +#define _PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE SSHDIR "/ssh_host_slhdsapuresha2256f_key" +#define _PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_slhdsapuresha2256f_key" #define _PATH_HOST_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_mldsa44_key" #define _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_rsa3072_mldsa44_key" #define _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_mldsa44_key" @@ -122,11 +122,11 @@ #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_falcon512" #define _PATH_SSH_CLIENT_ID_FALCON_1024 _PATH_SSH_USER_DIR "/id_falcon1024" #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_falcon1024" -#define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2128fsimple" -#define _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_rsa3072_sphincssha2128fsimple" -#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_sphincssha2128fsimple" -#define _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincssha2256fsimple" -#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_sphincssha2256fsimple" +#define _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_slhdsapuresha2128f" +#define _PATH_SSH_CLIENT_ID_RSA3072_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_rsa3072_slhdsapuresha2128f" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_slhdsapuresha2128f" +#define _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_256F _PATH_SSH_USER_DIR "/id_slhdsapuresha2256f" +#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_slhdsapuresha2256f" #define _PATH_SSH_CLIENT_ID_ML_DSA_44 _PATH_SSH_USER_DIR "/id_mldsa44" #define _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44 _PATH_SSH_USER_DIR "/id_rsa3072_mldsa44" #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_mldsa44" diff --git a/readconf.c b/readconf.c index 52eacb8353c2..5721efb3666b 100644 --- a/readconf.c +++ b/readconf.c @@ -2908,8 +2908,8 @@ fill_default_options(Options * options) ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILES_START add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_512, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_1024, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_128F, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_256F, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_44, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_65, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ML_DSA_87, 0); @@ -2918,14 +2918,14 @@ fill_default_options(Options * options) add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_MAYO_5, 0); #ifdef WITH_OPENSSL add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_SLH_DSA_PURE_SHA2_128F, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2, 0); #ifdef OPENSSL_HAS_ECC add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87, 0); diff --git a/regress/Makefile b/regress/Makefile index b32d4bd82ef1..2a0d3d3be567 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -152,7 +152,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \ t8.out t8.out.pub t9.out t9.out.pub \ timestamp testdata user_*key* user_ca* user_key* \ - *dilith* *falco* *picni* *sphincs* \ + *dilith* *falco* *picni* *sphincs* *slh-dsa* *slhdsa* \ ecdsa-sha2-nistp* sk-* ssh-dss* ssh-rsa* ssh-ed25519* \ host.sk-* copy authkeys_orig sshd_config_minimal check-perm mkdtemp diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh index 4ed0ba6d4ac4..9a0bbace8dd3 100644 --- a/regress/keygen-comment.sh +++ b/regress/keygen-comment.sh @@ -34,8 +34,8 @@ for fmt in '' RFC4716 PKCS8 PEM; do ##### OQS_TEMPLATE_FRAGMENT_EXCLUDE_OQS_ALGS_START *falcon512*) test -z "$oldfmt" || continue ;; *falcon1024*) test -z "$oldfmt" || continue ;; - *sphincssha2128fsimple*) test -z "$oldfmt" || continue ;; - *sphincssha2256fsimple*) test -z "$oldfmt" || continue ;; + *slhdsapuresha2128f*) test -z "$oldfmt" || continue ;; + *slhdsapuresha2256f*) test -z "$oldfmt" || continue ;; *mldsa-44*) test -z "$oldfmt" || continue ;; *mldsa-65*) test -z "$oldfmt" || continue ;; *mldsa-87*) test -z "$oldfmt" || continue ;; diff --git a/servconf.c b/servconf.c index db2973261964..27a917911aad 100644 --- a/servconf.c +++ b/servconf.c @@ -318,9 +318,9 @@ fill_default_server_options(ServerOptions *options) servconf_add_hostkey("[default]", 0, options, _PATH_HOST_FALCON_1024_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ML_DSA_44_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, @@ -337,7 +337,7 @@ fill_default_server_options(ServerOptions *options) servconf_add_hostkey("[default]", 0, options, _PATH_HOST_RSA3072_FALCON_512_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, @@ -348,9 +348,9 @@ fill_default_server_options(ServerOptions *options) servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 0); + _PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, 0); servconf_add_hostkey("[default]", 0, options, diff --git a/sk-api.h b/sk-api.h index 7f9feb4902c3..a075b854ab72 100644 --- a/sk-api.h +++ b/sk-api.h @@ -36,11 +36,11 @@ #define SSH_SK_ECDSA_NISTP256_FALCON_512 0x04 #define SSH_SK_FALCON_1024 0x05 #define SSH_SK_ECDSA_NISTP521_FALCON_1024 0x06 -#define SSH_SK_SPHINCS_SHA2_128F_SIMPLE 0x07 -#define SSH_SK_RSA3072_SPHINCS_SHA2_128F_SIMPLE 0x08 -#define SSH_SK_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE 0x09 -#define SSH_SK_SPHINCS_SHA2_256F_SIMPLE 0x0A -#define SSH_SK_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE 0x0B +#define SSH_SK_SLH_DSA_PURE_SHA2_128F 0x07 +#define SSH_SK_RSA3072_SLH_DSA_PURE_SHA2_128F 0x08 +#define SSH_SK_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F 0x09 +#define SSH_SK_SLH_DSA_PURE_SHA2_256F 0x0A +#define SSH_SK_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F 0x0B #define SSH_SK_ML_DSA_44 0x0C #define SSH_SK_RSA3072_ML_DSA_44 0x0D #define SSH_SK_ECDSA_NISTP256_ML_DSA_44 0x0E diff --git a/ssh-add.c b/ssh-add.c index 8a49d491c8f3..16f6b613e7e7 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -90,8 +90,8 @@ static char *default_files[] = { ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_ID_FILES_START _PATH_SSH_CLIENT_ID_FALCON_512, _PATH_SSH_CLIENT_ID_FALCON_1024, - _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE, - _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE, + _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_128F, + _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_256F, _PATH_SSH_CLIENT_ID_ML_DSA_44, _PATH_SSH_CLIENT_ID_ML_DSA_65, _PATH_SSH_CLIENT_ID_ML_DSA_87, @@ -100,14 +100,14 @@ static char *default_files[] = { _PATH_SSH_CLIENT_ID_MAYO_5, #ifdef WITH_OPENSSL _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512, - _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE, + _PATH_SSH_CLIENT_ID_RSA3072_SLH_DSA_PURE_SHA2_128F, _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44, _PATH_SSH_CLIENT_ID_RSA3072_MAYO_2, #ifdef OPENSSL_HAS_ECC _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512, _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024, - _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, - _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F, + _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F, _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44, _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_ML_DSA_65, _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_ML_DSA_87, diff --git a/ssh-keygen.c b/ssh-keygen.c index 9bf70a4f0dd3..2ab802e80726 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -212,7 +212,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) case KEY_ECDSA_NISTP521_FALCON_1024: *bitsp = 521; break; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: *bitsp = 521; break; case KEY_ECDSA_NISTP384_ML_DSA_65: @@ -318,11 +318,11 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_FALCON_1024: name = _PATH_SSH_CLIENT_ID_FALCON_1024; break; - case KEY_SPHINCS_SHA2_128F_SIMPLE: - name = _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_128F_SIMPLE; + case KEY_SLH_DSA_PURE_SHA2_128F: + name = _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_128F; break; - case KEY_SPHINCS_SHA2_256F_SIMPLE: - name = _PATH_SSH_CLIENT_ID_SPHINCS_SHA2_256F_SIMPLE; + case KEY_SLH_DSA_PURE_SHA2_256F: + name = _PATH_SSH_CLIENT_ID_SLH_DSA_PURE_SHA2_256F; break; case KEY_ML_DSA_44: name = _PATH_SSH_CLIENT_ID_ML_DSA_44; @@ -346,8 +346,8 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_RSA3072_FALCON_512: name = _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512; break; - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - name = _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_SHA2_128F_SIMPLE; + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: + name = _PATH_SSH_CLIENT_ID_RSA3072_SLH_DSA_PURE_SHA2_128F; break; case KEY_RSA3072_ML_DSA_44: name = _PATH_SSH_CLIENT_ID_RSA3072_ML_DSA_44; @@ -362,11 +362,11 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_ECDSA_NISTP521_FALCON_1024: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024; break; - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: - name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE; + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F; break; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: - name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE; + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: + name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F; break; case KEY_ECDSA_NISTP256_ML_DSA_44: name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_ML_DSA_44; @@ -1134,8 +1134,8 @@ do_gen_all_hostkeys(struct passwd *pw) ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_TYPES_START { "falcon512", "FALCON_512", _PATH_HOST_FALCON_512_KEY_FILE }, { "falcon1024", "FALCON_1024", _PATH_HOST_FALCON_1024_KEY_FILE }, - { "sphincssha2128fsimple", "SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, - { "sphincssha2256fsimple", "SPHINCS_SHA2_256F_SIMPLE", _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE }, + { "slhdsapuresha2128f", "SLH_DSA_PURE_SHA2_128F", _PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE }, + { "slhdsapuresha2256f", "SLH_DSA_PURE_SHA2_256F", _PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE }, { "mldsa-44", "ML_DSA_44", _PATH_HOST_ML_DSA_44_KEY_FILE }, { "mldsa-65", "ML_DSA_65", _PATH_HOST_ML_DSA_65_KEY_FILE }, { "mldsa-87", "ML_DSA_87", _PATH_HOST_ML_DSA_87_KEY_FILE }, @@ -1144,14 +1144,14 @@ do_gen_all_hostkeys(struct passwd *pw) { "mayo5", "MAYO_5", _PATH_HOST_MAYO_5_KEY_FILE }, #ifdef WITH_OPENSSL { "rsa3072_falcon512", "RSA3072_FALCON_512", _PATH_HOST_RSA3072_FALCON_512_KEY_FILE }, - { "rsa3072_sphincssha2128fsimple", "RSA3072_SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, + { "rsa3072_slhdsapuresha2128f", "RSA3072_SLH_DSA_PURE_SHA2_128F", _PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE }, { "rsa3072_mldsa-44", "RSA3072_ML_DSA_44", _PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE }, { "rsa3072_mayo2", "RSA3072_MAYO_2", _PATH_HOST_RSA3072_MAYO_2_KEY_FILE }, #ifdef OPENSSL_HAS_ECC { "ecdsa_nistp256_falcon512", "ECDSA_NISTP256_FALCON_512", _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE }, { "ecdsa_nistp521_falcon1024", "ECDSA_NISTP521_FALCON_1024", _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE }, - { "ecdsa_nistp256_sphincssha2128fsimple", "ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE", _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE }, - { "ecdsa_nistp521_sphincssha2256fsimple", "ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE", _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE }, + { "ecdsa_nistp256_slhdsapuresha2128f", "ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F", _PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE }, + { "ecdsa_nistp521_slhdsapuresha2256f", "ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F", _PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE }, { "ecdsa_nistp256_mldsa-44", "ECDSA_NISTP256_ML_DSA_44", _PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE }, { "ecdsa_nistp384_mldsa-65", "ECDSA_NISTP384_ML_DSA_65", _PATH_HOST_ECDSA_NISTP384_ML_DSA_65_KEY_FILE }, { "ecdsa_nistp521_mldsa-87", "ECDSA_NISTP521_ML_DSA_87", _PATH_HOST_ECDSA_NISTP521_ML_DSA_87_KEY_FILE }, @@ -1659,8 +1659,8 @@ do_change_comment(struct passwd *pw, const char *identity_comment) ///// OQS_TEMPLATE_FRAGMENT_CHECK_PRIVATE_KEY_TYPE_START private->type != KEY_FALCON_512 && private->type != KEY_FALCON_1024 && - private->type != KEY_SPHINCS_SHA2_128F_SIMPLE && - private->type != KEY_SPHINCS_SHA2_256F_SIMPLE && + private->type != KEY_SLH_DSA_PURE_SHA2_128F && + private->type != KEY_SLH_DSA_PURE_SHA2_256F && private->type != KEY_ML_DSA_44 && private->type != KEY_ML_DSA_65 && private->type != KEY_ML_DSA_87 && @@ -1669,14 +1669,14 @@ do_change_comment(struct passwd *pw, const char *identity_comment) private->type != KEY_MAYO_5 && #ifdef WITH_OPENSSL private->type != KEY_RSA3072_FALCON_512 && - private->type != KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE && + private->type != KEY_RSA3072_SLH_DSA_PURE_SHA2_128F && private->type != KEY_RSA3072_ML_DSA_44 && private->type != KEY_RSA3072_MAYO_2 && #ifdef OPENSSL_HAS_ECC private->type != KEY_ECDSA_NISTP256_FALCON_512 && private->type != KEY_ECDSA_NISTP521_FALCON_1024 && - private->type != KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE && - private->type != KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE && + private->type != KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F && + private->type != KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F && private->type != KEY_ECDSA_NISTP256_ML_DSA_44 && private->type != KEY_ECDSA_NISTP384_ML_DSA_65 && private->type != KEY_ECDSA_NISTP521_ML_DSA_87 && @@ -3926,19 +3926,19 @@ main(int argc, char **argv) _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, rr_hostname, + _PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE, rr_hostname, print_generic, opts, nopts); n += do_print_resource_record(pw, _PATH_HOST_ML_DSA_44_KEY_FILE, rr_hostname, diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 0ba5693489d6..24329e518283 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -70,11 +70,11 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_ECDSA_NISTP256_FALCON_512 ((uint64_t)1<<9) #define KT_FALCON_1024 ((uint64_t)1<<10) #define KT_ECDSA_NISTP521_FALCON_1024 ((uint64_t)1<<11) -#define KT_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<12) -#define KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<13) -#define KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE ((uint64_t)1<<14) -#define KT_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<15) -#define KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE ((uint64_t)1<<16) +#define KT_SLH_DSA_PURE_SHA2_128F ((uint64_t)1<<12) +#define KT_RSA3072_SLH_DSA_PURE_SHA2_128F ((uint64_t)1<<13) +#define KT_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F ((uint64_t)1<<14) +#define KT_SLH_DSA_PURE_SHA2_256F ((uint64_t)1<<15) +#define KT_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F ((uint64_t)1<<16) #define KT_ML_DSA_44 ((uint64_t)1<<17) #define KT_RSA3072_ML_DSA_44 ((uint64_t)1<<18) #define KT_ECDSA_NISTP256_ML_DSA_44 ((uint64_t)1<<19) @@ -101,11 +101,11 @@ uint64_t get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519|KT_ECDSA_SK|KT_ED25519_SK|\ KT_ECDSA_NISTP256_FALCON_512 | \ KT_FALCON_1024 | \ KT_ECDSA_NISTP521_FALCON_1024 | \ - KT_SPHINCS_SHA2_128F_SIMPLE | \ - KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE | \ - KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE | \ - KT_SPHINCS_SHA2_256F_SIMPLE | \ - KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE | \ + KT_SLH_DSA_PURE_SHA2_128F | \ + KT_RSA3072_SLH_DSA_PURE_SHA2_128F | \ + KT_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F | \ + KT_SLH_DSA_PURE_SHA2_256F | \ + KT_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F | \ KT_ML_DSA_44 | \ KT_RSA3072_ML_DSA_44 | \ KT_ECDSA_NISTP256_ML_DSA_44 | \ @@ -325,11 +325,11 @@ keygrab_ssh2(con *c) case KT_FALCON_1024: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-falcon1024"; break; - case KT_SPHINCS_SHA2_128F_SIMPLE: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincssha2128fsimple"; + case KT_SLH_DSA_PURE_SHA2_128F: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-slhdsapuresha2128f"; break; - case KT_SPHINCS_SHA2_256F_SIMPLE: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincssha2256fsimple"; + case KT_SLH_DSA_PURE_SHA2_256F: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-slhdsapuresha2256f"; break; case KT_ML_DSA_44: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-mldsa-44"; @@ -353,8 +353,8 @@ keygrab_ssh2(con *c) case KT_RSA3072_FALCON_512: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-falcon512"; break; - case KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-sphincssha2128fsimple"; + case KT_RSA3072_SLH_DSA_PURE_SHA2_128F: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-slhdsapuresha2128f"; break; case KT_RSA3072_ML_DSA_44: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-mldsa-44"; @@ -369,11 +369,11 @@ keygrab_ssh2(con *c) case KT_ECDSA_NISTP521_FALCON_1024: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-falcon1024"; break; - case KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-sphincssha2128fsimple"; + case KT_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-slhdsapuresha2128f"; break; - case KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-sphincssha2256fsimple"; + case KT_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-slhdsapuresha2256f"; break; case KT_ECDSA_NISTP256_ML_DSA_44: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-mldsa-44"; @@ -954,20 +954,20 @@ main(int argc, char **argv) case KEY_ECDSA_NISTP521_FALCON_1024: get_keytypes |= KT_ECDSA_NISTP521_FALCON_1024; break; - case KEY_SPHINCS_SHA2_128F_SIMPLE: - get_keytypes |= KT_SPHINCS_SHA2_128F_SIMPLE; + case KEY_SLH_DSA_PURE_SHA2_128F: + get_keytypes |= KT_SLH_DSA_PURE_SHA2_128F; break; - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - get_keytypes |= KT_RSA3072_SPHINCS_SHA2_128F_SIMPLE; + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: + get_keytypes |= KT_RSA3072_SLH_DSA_PURE_SHA2_128F; break; - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: - get_keytypes |= KT_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE; + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: + get_keytypes |= KT_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F; break; - case KEY_SPHINCS_SHA2_256F_SIMPLE: - get_keytypes |= KT_SPHINCS_SHA2_256F_SIMPLE; + case KEY_SLH_DSA_PURE_SHA2_256F: + get_keytypes |= KT_SLH_DSA_PURE_SHA2_256F; break; - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: - get_keytypes |= KT_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE; + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: + get_keytypes |= KT_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F; break; case KEY_ML_DSA_44: get_keytypes |= KT_ML_DSA_44; diff --git a/ssh-keysign.c b/ssh-keysign.c index 94f97c6c1bad..8cb6c134ab64 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -211,11 +211,11 @@ main(int argc, char **argv) key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_FALCON_1024_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ML_DSA_44_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, O_RDONLY); diff --git a/ssh-oqs.c b/ssh-oqs.c index 726f6fdcd426..602bcb65a71c 100644 --- a/ssh-oqs.c +++ b/ssh-oqs.c @@ -54,11 +54,11 @@ static size_t oqs_sig_pk_len(int type) case KEY_ECDSA_NISTP256_FALCON_512:return OQS_SIG_falcon_512_length_public_key; case KEY_FALCON_1024: case KEY_ECDSA_NISTP521_FALCON_1024:return OQS_SIG_falcon_1024_length_public_key; - case KEY_SPHINCS_SHA2_128F_SIMPLE: - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE:return OQS_SIG_sphincs_sha2_128f_simple_length_public_key; - case KEY_SPHINCS_SHA2_256F_SIMPLE: - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE:return OQS_SIG_sphincs_sha2_256f_simple_length_public_key; + case KEY_SLH_DSA_PURE_SHA2_128F: + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F:return OQS_SIG_slh_dsa_pure_sha2_128f_length_public_key; + case KEY_SLH_DSA_PURE_SHA2_256F: + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F:return OQS_SIG_slh_dsa_pure_sha2_256f_length_public_key; case KEY_ML_DSA_44: case KEY_RSA3072_ML_DSA_44: case KEY_ECDSA_NISTP256_ML_DSA_44:return OQS_SIG_ml_dsa_44_length_public_key; @@ -90,13 +90,13 @@ static size_t oqs_sig_sk_len(int type) case KEY_FALCON_1024: case KEY_ECDSA_NISTP521_FALCON_1024: return OQS_SIG_falcon_1024_length_secret_key; - case KEY_SPHINCS_SHA2_128F_SIMPLE: - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: - return OQS_SIG_sphincs_sha2_128f_simple_length_secret_key; - case KEY_SPHINCS_SHA2_256F_SIMPLE: - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: - return OQS_SIG_sphincs_sha2_256f_simple_length_secret_key; + case KEY_SLH_DSA_PURE_SHA2_128F: + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: + return OQS_SIG_slh_dsa_pure_sha2_128f_length_secret_key; + case KEY_SLH_DSA_PURE_SHA2_256F: + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: + return OQS_SIG_slh_dsa_pure_sha2_256f_length_secret_key; case KEY_ML_DSA_44: case KEY_RSA3072_ML_DSA_44: case KEY_ECDSA_NISTP256_ML_DSA_44: @@ -720,10 +720,10 @@ const struct sshkey_impl sshkey_falcon1024_impl = { /* .funcs = */ &sshkey_falcon1024_funcs, }; /*--------------------------------------------------- - * SPHINCS_SHA2_128F_SIMPLE METHODS + * SLH_DSA_PURE_SHA2_128F METHODS *--------------------------------------------------- */ -static int ssh_sphincssha2128fsimple_generate(struct sshkey *k, int bits) +static int ssh_slhdsapuresha2128f_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -731,10 +731,10 @@ static int ssh_sphincssha2128fsimple_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_sphincs_sha2_128f_simple_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_slh_dsa_pure_sha2_128f_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_sphincssha2128fsimple_sign(struct sshkey *key, +int ssh_slhdsapuresha2128f_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -744,16 +744,16 @@ int ssh_sphincssha2128fsimple_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_slh_dsa_pure_sha2_128f); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "sphincssha2128fsimple", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "slhdsapuresha2128f", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_sphincssha2128fsimple_verify(const struct sshkey *key, +int ssh_slhdsapuresha2128f_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -762,16 +762,16 @@ int ssh_sphincssha2128fsimple_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_128f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_slh_dsa_pure_sha2_128f); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "sphincssha2128fsimple", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "slhdsapuresha2128f", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_slhdsapuresha2128f_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -780,28 +780,28 @@ static const struct sshkey_impl_funcs sshkey_sphincssha2128fsimple_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_sphincssha2128fsimple_generate, + /* .generate = */ ssh_slhdsapuresha2128f_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_sphincssha2128fsimple_sign, - /* .verify = */ ssh_sphincssha2128fsimple_verify, + /* .sign = */ ssh_slhdsapuresha2128f_sign, + /* .verify = */ ssh_slhdsapuresha2128f_verify, }; -const struct sshkey_impl sshkey_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-sphincssha2128fsimple", - /* .shortname = */ "SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_slhdsapuresha2128f_impl = { + /* .name = */ "ssh-slhdsapuresha2128f", + /* .shortname = */ "SLHDSAPURESHA2128F", /* .sigalg = */ NULL, - /* .type = */ KEY_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_SLH_DSA_PURE_SHA2_128F, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_slhdsapuresha2128f_funcs, }; /*--------------------------------------------------- - * SPHINCS_SHA2_256F_SIMPLE METHODS + * SLH_DSA_PURE_SHA2_256F METHODS *--------------------------------------------------- */ -static int ssh_sphincssha2256fsimple_generate(struct sshkey *k, int bits) +static int ssh_slhdsapuresha2256f_generate(struct sshkey *k, int bits) { k->oqs_pk_len = oqs_sig_pk_len(k->type); k->oqs_sk_len = oqs_sig_sk_len(k->type); @@ -809,10 +809,10 @@ static int ssh_sphincssha2256fsimple_generate(struct sshkey *k, int bits) (k->oqs_sk = malloc(k->oqs_sk_len)) == NULL) { return SSH_ERR_ALLOC_FAIL; } - return OQS_SIG_sphincs_sha2_256f_simple_keypair(k->oqs_pk, k->oqs_sk); + return OQS_SIG_slh_dsa_pure_sha2_256f_keypair(k->oqs_pk, k->oqs_sk); } -int ssh_sphincssha2256fsimple_sign(struct sshkey *key, +int ssh_slhdsapuresha2256f_sign(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, @@ -822,16 +822,16 @@ int ssh_sphincssha2256fsimple_sign(struct sshkey *key, const char *sk_pin, u_int compat) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_slh_dsa_pure_sha2_256f); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_sign(sig, "sphincssha2256fsimple", key, sigp, lenp, data, datalen, compat); + int r = oqs_sign(sig, "slhdsapuresha2256f", key, sigp, lenp, data, datalen, compat); OQS_SIG_free(sig); return r; } -int ssh_sphincssha2256fsimple_verify(const struct sshkey *key, +int ssh_slhdsapuresha2256f_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, @@ -840,16 +840,16 @@ int ssh_sphincssha2256fsimple_verify(const struct sshkey *key, u_int compat, struct sshkey_sig_details **detailsp) { - OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_sha2_256f_simple); + OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_slh_dsa_pure_sha2_256f); if (sig == NULL) { return SSH_ERR_ALLOC_FAIL; } - int r = oqs_verify(sig, "sphincssha2256fsimple", key, signature, signaturelen, data, datalen, compat); + int r = oqs_verify(sig, "slhdsapuresha2256f", key, signature, signaturelen, data, datalen, compat); OQS_SIG_free(sig); return r; } -static const struct sshkey_impl_funcs sshkey_sphincssha2256fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_slhdsapuresha2256f_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -858,22 +858,22 @@ static const struct sshkey_impl_funcs sshkey_sphincssha2256fsimple_funcs = { /* .ssh_deserialize_public = */ ssh_generic_deserialize_public, /* .ssh_serialize_private = */ ssh_generic_serialize_private, /* .ssh_deserialize_private = */ ssh_generic_deserialize_private, - /* .generate = */ ssh_sphincssha2256fsimple_generate, + /* .generate = */ ssh_slhdsapuresha2256f_generate, /* .copy_public = */ ssh_generic_copy_public, - /* .sign = */ ssh_sphincssha2256fsimple_sign, - /* .verify = */ ssh_sphincssha2256fsimple_verify, + /* .sign = */ ssh_slhdsapuresha2256f_sign, + /* .verify = */ ssh_slhdsapuresha2256f_verify, }; -const struct sshkey_impl sshkey_sphincssha2256fsimple_impl = { - /* .name = */ "ssh-sphincssha2256fsimple", - /* .shortname = */ "SPHINCSSHA2256FSIMPLE", +const struct sshkey_impl sshkey_slhdsapuresha2256f_impl = { + /* .name = */ "ssh-slhdsapuresha2256f", + /* .shortname = */ "SLHDSAPURESHA2256F", /* .sigalg = */ NULL, - /* .type = */ KEY_SPHINCS_SHA2_256F_SIMPLE, + /* .type = */ KEY_SLH_DSA_PURE_SHA2_256F, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_sphincssha2256fsimple_funcs, + /* .funcs = */ &sshkey_slhdsapuresha2256f_funcs, }; /*--------------------------------------------------- * ML_DSA_44 METHODS @@ -1371,7 +1371,7 @@ const struct sshkey_impl sshkey_rsa3072_falcon512_impl = { /* .keybits = */ 0, /* .funcs = */ &sshkey_rsa3072_falcon512_funcs, }; -static const struct sshkey_impl_funcs sshkey_rsa3072_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_rsa3072_slhdsapuresha2128f_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1386,16 +1386,16 @@ static const struct sshkey_impl_funcs sshkey_rsa3072_sphincssha2128fsimple_funcs /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_rsa3072_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-rsa3072-sphincssha2128fsimple", - /* .shortname = */ "RSA3072_SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_rsa3072_slhdsapuresha2128f_impl = { + /* .name = */ "ssh-rsa3072-slhdsapuresha2128f", + /* .shortname = */ "RSA3072_SLHDSAPURESHA2128F", /* .sigalg = */ NULL, - /* .type = */ KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_RSA3072_SLH_DSA_PURE_SHA2_128F, /* .nid = */ 0, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_rsa3072_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_rsa3072_slhdsapuresha2128f_funcs, }; static const struct sshkey_impl_funcs sshkey_rsa3072_mldsa44_funcs = { /* .size = */ ssh_generic_size, @@ -1502,7 +1502,7 @@ const struct sshkey_impl sshkey_ecdsanistp521_falcon1024_impl = { /* .keybits = */ 0, /* .funcs = */ &sshkey_ecdsanistp521_falcon1024_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp256_sphincssha2128fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp256_slhdsapuresha2128f_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1517,18 +1517,18 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp256_sphincssha2128fsimple /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp256_sphincssha2128fsimple_impl = { - /* .name = */ "ssh-ecdsa-nistp256-sphincssha2128fsimple", - /* .shortname = */ "ECDSA_NISTP256_SPHINCSSHA2128FSIMPLE", +const struct sshkey_impl sshkey_ecdsanistp256_slhdsapuresha2128f_impl = { + /* .name = */ "ssh-ecdsa-nistp256-slhdsapuresha2128f", + /* .shortname = */ "ECDSA_NISTP256_SLHDSAPURESHA2128F", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, + /* .type = */ KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F, /* .nid = */ NID_X9_62_prime256v1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp256_sphincssha2128fsimple_funcs, + /* .funcs = */ &sshkey_ecdsanistp256_slhdsapuresha2128f_funcs, }; -static const struct sshkey_impl_funcs sshkey_ecdsanistp521_sphincssha2256fsimple_funcs = { +static const struct sshkey_impl_funcs sshkey_ecdsanistp521_slhdsapuresha2256f_funcs = { /* .size = */ ssh_generic_size, /* .alloc = */ ssh_generic_alloc, /* .cleanup = */ ssh_generic_cleanup, @@ -1543,16 +1543,16 @@ static const struct sshkey_impl_funcs sshkey_ecdsanistp521_sphincssha2256fsimple /* .verify = */ ssh_generic_verify, }; -const struct sshkey_impl sshkey_ecdsanistp521_sphincssha2256fsimple_impl = { - /* .name = */ "ssh-ecdsa-nistp521-sphincssha2256fsimple", - /* .shortname = */ "ECDSA_NISTP521_SPHINCSSHA2256FSIMPLE", +const struct sshkey_impl sshkey_ecdsanistp521_slhdsapuresha2256f_impl = { + /* .name = */ "ssh-ecdsa-nistp521-slhdsapuresha2256f", + /* .shortname = */ "ECDSA_NISTP521_SLHDSAPURESHA2256F", /* .sigalg = */ NULL, - /* .type = */ KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + /* .type = */ KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F, /* .nid = */ NID_secp521r1, /* .cert = */ 0, /* .sigonly = */ 0, /* .keybits = */ 0, - /* .funcs = */ &sshkey_ecdsanistp521_sphincssha2256fsimple_funcs, + /* .funcs = */ &sshkey_ecdsanistp521_slhdsapuresha2256f_funcs, }; static const struct sshkey_impl_funcs sshkey_ecdsanistp256_mldsa44_funcs = { /* .size = */ ssh_generic_size, @@ -1749,14 +1749,14 @@ const struct sshkey_impl *oqs_pq_sshkey_impl(const struct sshkey *k) case KEY_ECDSA_NISTP521_FALCON_1024: impl = &sshkey_falcon1024_impl; break; - case KEY_SPHINCS_SHA2_128F_SIMPLE: - case KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE: - case KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE: - impl = &sshkey_sphincssha2128fsimple_impl; + case KEY_SLH_DSA_PURE_SHA2_128F: + case KEY_RSA3072_SLH_DSA_PURE_SHA2_128F: + case KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F: + impl = &sshkey_slhdsapuresha2128f_impl; break; - case KEY_SPHINCS_SHA2_256F_SIMPLE: - case KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE: - impl = &sshkey_sphincssha2256fsimple_impl; + case KEY_SLH_DSA_PURE_SHA2_256F: + case KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F: + impl = &sshkey_slhdsapuresha2256f_impl; break; case KEY_ML_DSA_44: case KEY_RSA3072_ML_DSA_44: diff --git a/ssh-rsa.c b/ssh-rsa.c index 626cb1bb5c65..fae8a096bd4a 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -337,7 +337,7 @@ rsa_hash_id_from_ident(const char *ident) /* OQS-note: Currently, only L1 algorithms support RSA hybrids */ ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_START strcmp(ident, "ssh-rsa3072-falcon512") == 0 || - strcmp(ident, "ssh-rsa3072-sphincssha2128fsimple") == 0 || + strcmp(ident, "ssh-rsa3072-slhdsapuresha2128f") == 0 || strcmp(ident, "ssh-rsa3072-mldsa-44") == 0 || strcmp(ident, "ssh-rsa3072-mayo2") == 0) ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_END diff --git a/ssh.c b/ssh.c index be64a2d35944..c677476f1257 100644 --- a/ssh.c +++ b/ssh.c @@ -1782,11 +1782,11 @@ main(int ac, char **av) L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, 12); L_PUBKEY(_PATH_HOST_FALCON_1024_KEY_FILE, 13); L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 14); - L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 15); - L_PUBKEY(_PATH_HOST_RSA3072_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 16); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE_KEY_FILE, 17); - L_PUBKEY(_PATH_HOST_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 18); - L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE_KEY_FILE, 19); + L_PUBKEY(_PATH_HOST_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 15); + L_PUBKEY(_PATH_HOST_RSA3072_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 16); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F_KEY_FILE, 17); + L_PUBKEY(_PATH_HOST_SLH_DSA_PURE_SHA2_256F_KEY_FILE, 18); + L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F_KEY_FILE, 19); L_PUBKEY(_PATH_HOST_ML_DSA_44_KEY_FILE, 20); L_PUBKEY(_PATH_HOST_RSA3072_ML_DSA_44_KEY_FILE, 21); L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_ML_DSA_44_KEY_FILE, 22); diff --git a/sshkey.c b/sshkey.c index 0f1dfc318795..cc6c2e68584d 100644 --- a/sshkey.c +++ b/sshkey.c @@ -119,8 +119,8 @@ extern const struct sshkey_impl sshkey_rsa_sha512_cert_impl; ///// OQS_TEMPLATE_FRAGMENT_EXTERN_KEY_IMPLS_START extern const struct sshkey_impl sshkey_falcon512_impl; extern const struct sshkey_impl sshkey_falcon1024_impl; -extern const struct sshkey_impl sshkey_sphincssha2128fsimple_impl; -extern const struct sshkey_impl sshkey_sphincssha2256fsimple_impl; +extern const struct sshkey_impl sshkey_slhdsapuresha2128f_impl; +extern const struct sshkey_impl sshkey_slhdsapuresha2256f_impl; extern const struct sshkey_impl sshkey_mldsa44_impl; extern const struct sshkey_impl sshkey_mldsa65_impl; extern const struct sshkey_impl sshkey_mldsa87_impl; @@ -130,14 +130,14 @@ extern const struct sshkey_impl sshkey_mayo5_impl; #ifdef WITH_OPENSSL extern const struct sshkey_impl sshkey_rsa3072_falcon512_impl; -extern const struct sshkey_impl sshkey_rsa3072_sphincssha2128fsimple_impl; +extern const struct sshkey_impl sshkey_rsa3072_slhdsapuresha2128f_impl; extern const struct sshkey_impl sshkey_rsa3072_mldsa44_impl; extern const struct sshkey_impl sshkey_rsa3072_mayo2_impl; #ifdef OPENSSL_HAS_ECC extern const struct sshkey_impl sshkey_ecdsanistp256_falcon512_impl; extern const struct sshkey_impl sshkey_ecdsanistp521_falcon1024_impl; -extern const struct sshkey_impl sshkey_ecdsanistp256_sphincssha2128fsimple_impl; -extern const struct sshkey_impl sshkey_ecdsanistp521_sphincssha2256fsimple_impl; +extern const struct sshkey_impl sshkey_ecdsanistp256_slhdsapuresha2128f_impl; +extern const struct sshkey_impl sshkey_ecdsanistp521_slhdsapuresha2256f_impl; extern const struct sshkey_impl sshkey_ecdsanistp256_mldsa44_impl; extern const struct sshkey_impl sshkey_ecdsanistp384_mldsa65_impl; extern const struct sshkey_impl sshkey_ecdsanistp521_mldsa87_impl; @@ -181,8 +181,8 @@ const struct sshkey_impl * const keyimpls[] = { ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEYTYPES_START &sshkey_falcon512_impl, &sshkey_falcon1024_impl, - &sshkey_sphincssha2128fsimple_impl, - &sshkey_sphincssha2256fsimple_impl, + &sshkey_slhdsapuresha2128f_impl, + &sshkey_slhdsapuresha2256f_impl, &sshkey_mldsa44_impl, &sshkey_mldsa65_impl, &sshkey_mldsa87_impl, @@ -191,14 +191,14 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_mayo5_impl, #ifdef WITH_OPENSSL &sshkey_rsa3072_falcon512_impl, - &sshkey_rsa3072_sphincssha2128fsimple_impl, + &sshkey_rsa3072_slhdsapuresha2128f_impl, &sshkey_rsa3072_mldsa44_impl, &sshkey_rsa3072_mayo2_impl, #ifdef OPENSSL_HAS_ECC &sshkey_ecdsanistp256_falcon512_impl, &sshkey_ecdsanistp521_falcon1024_impl, - &sshkey_ecdsanistp256_sphincssha2128fsimple_impl, - &sshkey_ecdsanistp521_sphincssha2256fsimple_impl, + &sshkey_ecdsanistp256_slhdsapuresha2128f_impl, + &sshkey_ecdsanistp521_slhdsapuresha2256f_impl, &sshkey_ecdsanistp256_mldsa44_impl, &sshkey_ecdsanistp384_mldsa65_impl, &sshkey_ecdsanistp521_mldsa87_impl, diff --git a/sshkey.h b/sshkey.h index 9dfdda0065a7..d55b2fe35107 100644 --- a/sshkey.h +++ b/sshkey.h @@ -77,11 +77,11 @@ enum sshkey_types { KEY_ECDSA_NISTP256_FALCON_512, KEY_FALCON_1024, KEY_ECDSA_NISTP521_FALCON_1024, - KEY_SPHINCS_SHA2_128F_SIMPLE, - KEY_RSA3072_SPHINCS_SHA2_128F_SIMPLE, - KEY_ECDSA_NISTP256_SPHINCS_SHA2_128F_SIMPLE, - KEY_SPHINCS_SHA2_256F_SIMPLE, - KEY_ECDSA_NISTP521_SPHINCS_SHA2_256F_SIMPLE, + KEY_SLH_DSA_PURE_SHA2_128F, + KEY_RSA3072_SLH_DSA_PURE_SHA2_128F, + KEY_ECDSA_NISTP256_SLH_DSA_PURE_SHA2_128F, + KEY_SLH_DSA_PURE_SHA2_256F, + KEY_ECDSA_NISTP521_SLH_DSA_PURE_SHA2_256F, KEY_ML_DSA_44, KEY_RSA3072_ML_DSA_44, KEY_ECDSA_NISTP256_ML_DSA_44,