Add PQC #374
Draft
Add PQC #374
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
brett-warren-arm
force-pushed
the
postquantum
branch
2 times, most recently
from
bfdd06d
to
345da73
Compare
brett-warren-arm
force-pushed
the
postquantum
branch
from
345da73
to
5454164
Compare
OQS_KEM is a libOQS structure specifying a KEM algorithm and other associated data. For libOQS to interoperate with mbedTLS, this commit adds a context superstructure along with related functions. Signed-off-by: Brett Warren <[email protected]>
brett-warren-arm
force-pushed
the
postquantum
branch
from
5454164
to
a28acf7
Compare
Signed-off-by: Brett Warren <[email protected]>
mbedtls_ssl_conf_groups allows supported groups for key sharing to be configured via their IANA NamedGroup ID. This is added in anticipation of PQC and Hybrid key sharing algorithms being integrated into Mbed TLS. mbedtls_ssl_conf_curves is deprecated in favor of mbedtls_ssl_conf_groups. handshake_init has been modified to translate and copy curves configured via conf_curves into a heap allocatied array of NamedGroup IDs. This allows the refactoring of code interacting with conf_curve related variables (such as curve_list) to use NamedGroup IDs while retaining the deprecated API. Signed-off-by: Brett Warren <[email protected]>
Signed-off-by: Brett Warren <[email protected]>
Signed-off-by: Brett Warren <[email protected]>
Signed-off-by: Brett Warren <[email protected]>
Signed-off-by: Brett Warren <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a WIP pull request to add post-quantum cryptography to the key sharing mechanism.
Checklist of things as far as my small mind can see:
- Supported group ext (partially done) [ssl_tls13_client.c, ssl_tls13_server.c]
- Key share ext (partially done) [ssl_tls13_client.c, ssl_tls13_server.c]
- Early data ext (not started) [ssl_tls13_client.c, ssl_tls13_server.c]
- Key schedule changes (not started) [ssl_tls13_keys.c]
Scope of work ends when ephemeral secret is calculated at ssl_tls13_keys.c:985.
Eventually hybrid post-quantum will also be added.
Status
IN DEVELOPMENT
Requires Backporting
NO
Migrations
NO
Todos