From 41553d859e692620ef232ca9a5af406803578c78 Mon Sep 17 00:00:00 2001 From: Massimiliano Pala Date: Wed, 16 Aug 2023 18:58:01 -0600 Subject: [PATCH] Intermediate Save. Fixed compilation errors on MacOS. Fix for test #11 to remove trying finding Quantum-Safe algorithms' methods when OQS support has not been detected. --- src/libpki/datatypes.h | 3 + src/libpki/openssl/pki_oid_defs.h | 9 +- src/libpki/openssl/pqc/pqc_defs.h | 13 ++- src/openssl/composite/composite_ctx.c | 19 ++-- src/openssl/pki_algor.c | 100 ++++++++++-------- src/openssl/pki_id.c | 4 + src/openssl/pki_keypair.c | 2 +- src/openssl/pki_keyparams.c | 14 +++ src/openssl/pqc/pqc_asn1_meth.c | 7 +- src/openssl/pqc/pqc_asn1_meth.h | 13 ++- src/openssl/pqc/pqc_data_st.h | 25 +++-- src/openssl/pqc/pqc_init.c | 13 ++- src/openssl/pqc/pqc_pkey_meth.c | 6 +- src/openssl/pqc/pqc_pkey_meth.h | 7 ++ src/openssl/pqc/pqc_tools.c | 4 + src/openssl/pqc/pqc_tools.h | 7 ++ ...ameth_traditional_pqc_composite_explicit.c | 15 ++- 17 files changed, 180 insertions(+), 81 deletions(-) diff --git a/src/libpki/datatypes.h b/src/libpki/datatypes.h index 51ebdfd7..885da2fb 100644 --- a/src/libpki/datatypes.h +++ b/src/libpki/datatypes.h @@ -9,6 +9,9 @@ #ifndef _LIBPKI_PKI_DATATYPES_H #define _LIBPKI_PKI_DATATYPES_H +// Include the library configuration +#include + #ifndef _LIBPKI_COMPAT_H # include #endif diff --git a/src/libpki/openssl/pki_oid_defs.h b/src/libpki/openssl/pki_oid_defs.h index e5ca45f4..221c3ae5 100644 --- a/src/libpki/openssl/pki_oid_defs.h +++ b/src/libpki/openssl/pki_oid_defs.h @@ -6,15 +6,18 @@ * Released under OpenCA LICENSE */ +#ifndef _LIBPKI_OID_DEFS_H +#define _LIBPKI_OID_DEFS_H + +// Include the library configuration +#include + #ifdef ENABLE_OQS # ifndef OQS_H # include # endif #endif -#ifndef _LIBPKI_OID_DEFS_H -#define _LIBPKI_OID_DEFS_H - // GENERAL # define LEVEL_OF_ASSURANCE_OID "1.3.6.1.4.1.18227.50.1" # define LEVEL_OF_ASSURANCE_NAME "levelOfAssurance" diff --git a/src/libpki/openssl/pqc/pqc_defs.h b/src/libpki/openssl/pqc/pqc_defs.h index f4bc44ce..04f11605 100644 --- a/src/libpki/openssl/pqc/pqc_defs.h +++ b/src/libpki/openssl/pqc/pqc_defs.h @@ -6,13 +6,18 @@ * Released under OpenCA LICENSE */ -#ifndef OQS_H -#include -#endif - #ifndef _LIBPKI_PQC_DEFS_H #define _LIBPKI_PQC_DEFS_H +// Include the library configuration +#include + +#ifdef ENABLE_OQS +# ifndef OQS_H +# include +# endif +#endif + // =============== // OQS definitions // =============== diff --git a/src/openssl/composite/composite_ctx.c b/src/openssl/composite/composite_ctx.c index 397d19d5..eed71d09 100644 --- a/src/openssl/composite/composite_ctx.c +++ b/src/openssl/composite/composite_ctx.c @@ -312,7 +312,7 @@ int COMPOSITE_CTX_explicit_algors_new0(COMPOSITE_CTX * ctx, const COMPOSITE_KEY_STACK * const components, X509_ALGORS ** algors) { - int sk_num = 0; + int stack_elements_num = 0; // Number of elements in the stack X509_ALGORS * sk = NULL; @@ -343,8 +343,8 @@ int COMPOSITE_CTX_explicit_algors_new0(COMPOSITE_CTX * ctx, } // Gets the number of components - if ((sk_num = COMPOSITE_KEY_STACK_num(components)) < 2) { - PKI_DEBUG("Insufficient number of components in the key stack (%d)", sk_num); + if ((stack_elements_num = COMPOSITE_KEY_STACK_num(components)) < 2) { + PKI_DEBUG("Insufficient number of components in the key stack (%d)", stack_elements_num); return PKI_ERR; } @@ -545,8 +545,8 @@ int COMPOSITE_CTX_explicit_algors_new0(COMPOSITE_CTX * ctx, } break; case PKI_SCHEME_COMPOSITE_EXPLICIT_DILITHIUM5_FALCON1024_P521: { - if (sk_num != 3) { - PKI_DEBUG("Insufficient number of components in the key stack (%d)", sk_num); + if (stack_elements_num != 3) { + PKI_DEBUG("Insufficient number of components in the key stack (%d)", stack_elements_num); return PKI_ERR; } // Dilithium5 component @@ -568,8 +568,8 @@ int COMPOSITE_CTX_explicit_algors_new0(COMPOSITE_CTX * ctx, } break; case PKI_SCHEME_COMPOSITE_EXPLICIT_DILITHIUM5_FALCON1024_RSA: { - if (sk_num != 3) { - PKI_DEBUG("Insufficient number of components in the key stack (%d)", sk_num); + if (stack_elements_num != 3) { + PKI_DEBUG("Insufficient number of components in the key stack (%d)", stack_elements_num); return PKI_ERR; } // Dilithium5 component @@ -596,8 +596,11 @@ int COMPOSITE_CTX_explicit_algors_new0(COMPOSITE_CTX * ctx, return PKI_ERR; } + int algor_num = sk_X509_ALGOR_num(sk); + int components_num = COMPOSITE_KEY_STACK_num(components); + // Checks the number of components and algorithms to be the same - if (sk_X509_ALGOR_num(sk) != COMPOSITE_KEY_STACK_num(components)) { + if (algor_num != components_num) { PKI_DEBUG("Number of components (%d) and algorithms (%d) do not match", COMPOSITE_KEY_STACK_num(components), sk_X509_ALGOR_num(ctx->sig_algs)); sk_X509_ALGOR_pop_free(sk, X509_ALGOR_free); diff --git a/src/openssl/pki_algor.c b/src/openssl/pki_algor.c index 3ec4b687..38df5fc8 100644 --- a/src/openssl/pki_algor.c +++ b/src/openssl/pki_algor.c @@ -434,6 +434,8 @@ int PKI_SCHEME_ID_is_post_quantum(PKI_SCHEME_ID id) { switch (id) { +#ifdef ENABLE_OQS + // Signature #ifdef OQS_ENABLE_SIG_DILITHIUM case PKI_SCHEME_DILITHIUM: @@ -466,6 +468,8 @@ int PKI_SCHEME_ID_is_post_quantum(PKI_SCHEME_ID id) { // Nothing to do } break; +#endif // End of ENABLE_OQS + default: // Non-Post Quantum return PKI_ERR; @@ -1184,6 +1188,8 @@ PKI_SCHEME_ID PKI_SCHEME_ID_get_by_name(const char * data, int *classic_sec_bits return PKI_SCHEME_UNKNOWN; } +#ifdef ENABLE_OQS + // Explicit Composite - DILITHIUM3-P256 if (str_cmp_ex(data, OPENCA_ALG_PKEY_EXP_COMP_EXPLICIT_DILITHIUM3_P256_SHA256_OID, 0, 1) == 0 || str_cmp_ex(data, OPENCA_ALG_PKEY_EXP_COMP_EXPLICIT_DILITHIUM3_P256_SHA256_NAME, 0, 1) == 0 || @@ -1295,39 +1301,6 @@ PKI_SCHEME_ID PKI_SCHEME_ID_get_by_name(const char * data, int *classic_sec_bits str_cmp_ex(data, "D5-F1024-RSA", 0, 1) == 0 || str_cmp_ex(data, "DILITHIUM5-FALCON1024-RSA", 0, 1) == 0) { ret = PKI_SCHEME_COMPOSITE_EXPLICIT_DILITHIUM5_FALCON1024_RSA; - // RSA Option - } else if (str_cmp_ex(data, "RSA", 0, 1) == 0) { - ret = PKI_SCHEME_RSA; - // RSA-PSS Option - } else if (str_cmp_ex(data, "RSAPSS", 0, 1) == 0 || - str_cmp_ex(data, "RSA-PSS", 0, 1) == 0) { - ret = PKI_SCHEME_RSAPSS; - // ED 25519 Option - } else if (str_cmp_ex(data, "ED25519", 0, 1) == 0) { - ret = PKI_SCHEME_ED25519; - // X25519 Option - } else if (str_cmp_ex(data, "X25519", 0, 1) == 0) { - ret = PKI_SCHEME_X25519; - // ED 448 Option - } else if (str_cmp_ex(data, "ED448", 0, 1) == 0) { - ret = PKI_SCHEME_ED448; - // X448 Option - } else if (str_cmp_ex(data, "X448", 0, 1) == 0) { - ret = PKI_SCHEME_X448; - // EC Option - } else if (str_cmp_ex(data, "EC", 0, 1) == 0 || - str_cmp_ex(data, "ECDSA", 0, 1) == 0 || - str_cmp_ex(data, "B128", 0, 1) == 0 || - str_cmp_ex(data, "B192", 0, 1) == 0 || - str_cmp_ex(data, "B256", 0, 1) == 0 || - str_cmp_ex(data, "Brainpool", 9, 1) == 0 || - str_cmp_ex(data, "P256", 0, 1) == 0 || - str_cmp_ex(data, "P384", 0, 1) == 0 || - str_cmp_ex(data, "P512", 0, 1) == 0) { - ret = PKI_SCHEME_ECDSA; - // DSA - } else if (str_cmp_ex(data, "DSA", 0, 1) == 0) { - ret = PKI_SCHEME_DSA; } else if (str_cmp_ex(data, "DILITHIUMX3", 0, 1) == 0) { ret = PKI_SCHEME_DILITHIUMX3; } else if (str_cmp_ex(data, "DILITHIUM2", 0, 1) == 0) { @@ -1365,17 +1338,60 @@ PKI_SCHEME_ID PKI_SCHEME_ID_get_by_name(const char * data, int *classic_sec_bits ret = PKI_SCHEME_KYBER; } - if (!ret) { - // Some debugging - PKI_DEBUG("Cannot Convert [%s] into a recognized OID.", data); +#endif + + // Checks for Traditional Crypto + // ============================= + + if (ret == PKI_SCHEME_UNKNOWN) { + // RSA Option + if (str_cmp_ex(data, "RSA", 0, 1) == 0) { + ret = PKI_SCHEME_RSA; + // RSA-PSS Option + } else if (str_cmp_ex(data, "RSAPSS", 0, 1) == 0 || + str_cmp_ex(data, "RSA-PSS", 0, 1) == 0) { + ret = PKI_SCHEME_RSAPSS; + // ED 25519 Option + } else if (str_cmp_ex(data, "ED25519", 0, 1) == 0) { + ret = PKI_SCHEME_ED25519; + // X25519 Option + } else if (str_cmp_ex(data, "X25519", 0, 1) == 0) { + ret = PKI_SCHEME_X25519; + // ED 448 Option + } else if (str_cmp_ex(data, "ED448", 0, 1) == 0) { + ret = PKI_SCHEME_ED448; + // X448 Option + } else if (str_cmp_ex(data, "X448", 0, 1) == 0) { + ret = PKI_SCHEME_X448; + // EC Option + } else if (str_cmp_ex(data, "EC", 0, 1) == 0 || + str_cmp_ex(data, "ECDSA", 0, 1) == 0 || + str_cmp_ex(data, "B128", 0, 1) == 0 || + str_cmp_ex(data, "B192", 0, 1) == 0 || + str_cmp_ex(data, "B256", 0, 1) == 0 || + str_cmp_ex(data, "Brainpool", 9, 1) == 0 || + str_cmp_ex(data, "P256", 0, 1) == 0 || + str_cmp_ex(data, "P384", 0, 1) == 0 || + str_cmp_ex(data, "P512", 0, 1) == 0) { + ret = PKI_SCHEME_ECDSA; + // DSA + } else if (str_cmp_ex(data, "DSA", 0, 1) == 0) { + ret = PKI_SCHEME_DSA; + } } - // Checks if we need to retrieve the default security bits - if (default_sec_bits) { - // Returns the security bits for the scheme - if (PKI_ERR == PKI_SCHEME_ID_security_bits(ret, classic_sec_bits, quantum_sec_bits)) { - PKI_DEBUG("Cannot get security bits for scheme %d", ret); - return PKI_SCHEME_UNKNOWN; + // Checks if we found the scheme + if (ret == PKI_SCHEME_UNKNOWN) { + // Some debugging + PKI_DEBUG("Cannot Convert [%s] into a recognized OID.", data); + } else { + // Checks if we need to retrieve the default security bits + if (default_sec_bits) { + // Returns the security bits for the scheme + if (PKI_ERR == PKI_SCHEME_ID_security_bits(ret, classic_sec_bits, quantum_sec_bits)) { + PKI_DEBUG("Cannot get security bits for scheme %d", ret); + return PKI_SCHEME_UNKNOWN; + } } } diff --git a/src/openssl/pki_id.c b/src/openssl/pki_id.c index 773fd417..5a1816c0 100644 --- a/src/openssl/pki_id.c +++ b/src/openssl/pki_id.c @@ -195,6 +195,8 @@ int PKI_ID_is_pqc(PKI_ID id, PKI_SCHEME_ID * scheme_id) { // Checks the PKEY / Signatures switch (id) { +#ifdef ENABLE_PQC + // Signature Algorithms case NID_dilithium2: case NID_dilithium3: @@ -260,6 +262,8 @@ int PKI_ID_is_pqc(PKI_ID id, PKI_SCHEME_ID * scheme_id) { return PKI_OK; } break; +#endif // End of ENABLE_PQC + default: break; } diff --git a/src/openssl/pki_keypair.c b/src/openssl/pki_keypair.c index 797918f7..78012d88 100644 --- a/src/openssl/pki_keypair.c +++ b/src/openssl/pki_keypair.c @@ -926,7 +926,7 @@ int PKI_X509_KEYPAIR_get_curve(const PKI_X509_KEYPAIR *kp) { } // Retrieves the EC key - EC_KEY * ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)kp->value); + EC_KEY * ec = (EC_KEY *)EVP_PKEY_get0_EC_KEY((EVP_PKEY *)kp->value); if (!ec) { PKI_ERROR(PKI_ERR_POINTER_NULL, NULL); return PKI_ERR; diff --git a/src/openssl/pki_keyparams.c b/src/openssl/pki_keyparams.c index fe414515..74169346 100644 --- a/src/openssl/pki_keyparams.c +++ b/src/openssl/pki_keyparams.c @@ -790,6 +790,8 @@ int PKI_KEYPARAMS_set_oqs_key_params(PKI_KEYPARAMS * kp, PKI_ALGOR_OQS_PARAM alg /*! \brief Sets the bits size for key generation */ int PKI_KEYPARAMS_add_key(PKI_KEYPARAMS * kp, PKI_X509_KEYPAIR * key) { +#ifdef ENABLE_COMPOSITE + int add_key_id = -1; int last_key_id = -1; int next_required_id = -1; @@ -840,6 +842,8 @@ int PKI_KEYPARAMS_add_key(PKI_KEYPARAMS * kp, PKI_X509_KEYPAIR * key) { next_required_id = 0; // No Required ID (any can work) } break; +#ifdef ENABLE_OQS + case PKI_SCHEME_COMPOSITE_EXPLICIT_DILITHIUM3_RSA: { // NID_dilithium3 @@ -1064,6 +1068,8 @@ int PKI_KEYPARAMS_add_key(PKI_KEYPARAMS * kp, PKI_X509_KEYPAIR * key) { return PKI_ERR; } } break; + +#endif // End of ENABLE_OQS default: { // Not Handled @@ -1088,6 +1094,14 @@ int PKI_KEYPARAMS_add_key(PKI_KEYPARAMS * kp, PKI_X509_KEYPAIR * key) { // All Done return PKI_OK; + +#else + + // No Composite Support + return PKI_ERR; + +#endif // End of ENABLE_COMPOSITE + } /*! \brief Sets the k_of_n parameter for Composite keys */ diff --git a/src/openssl/pqc/pqc_asn1_meth.c b/src/openssl/pqc/pqc_asn1_meth.c index 21555e9f..ab3249a9 100644 --- a/src/openssl/pqc/pqc_asn1_meth.c +++ b/src/openssl/pqc/pqc_asn1_meth.c @@ -1,8 +1,7 @@ - -#ifndef _LIBPKI_PQC_AMETH_LOCAL_H #include "pqc_asn1_meth.h" -#endif + +#ifdef ENABLE_OQS // =========== // AMETH Tools @@ -514,3 +513,5 @@ int oqs_ameth_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { // DEFINE_OQS_EVP_METHODS(sphincssha256128frobust, NID_sphincssha256128frobust, "sphincssha256128frobust", "OpenSSL SPHINCS+-SHA256-128f-robust algorithm") // DEFINE_OQS_EVP_METHODS(sphincsshake256128frobust, NID_sphincsshake256128frobust, "sphincsshake256128frobust", "OpenSSL SPHINCS+-SHAKE256-128f-robust algorithm") // ///// OQS_TEMPLATE_FRAGMENT_DEFINE_OQS_EVP_METHS_END + +#endif // End of ENABLE_OQS \ No newline at end of file diff --git a/src/openssl/pqc/pqc_asn1_meth.h b/src/openssl/pqc/pqc_asn1_meth.h index 9e6cf1a5..8718222f 100644 --- a/src/openssl/pqc/pqc_asn1_meth.h +++ b/src/openssl/pqc/pqc_asn1_meth.h @@ -2,6 +2,11 @@ #ifndef _LIBPKI_PQC_AMETH_LOCAL_H #define _LIBPKI_PQC_AMETH_LOCAL_H +// Include the library configuration +#include + +#ifdef ENABLE_OQS + #ifndef _LIBPKI_OS_H #include #endif @@ -22,6 +27,10 @@ #include "pqc_tools.h" #endif +#ifndef HEADER_OPENSSL_TYPES_H +#include +#endif + #ifndef HEADER_ERR_H #include #endif @@ -127,4 +136,6 @@ int oqs_ameth_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2); END_C_DECLS -# endif // End of _LIBPKI_PQC_AMETH_LOCAL_H +# endif // End of ENABLE_OQS + +#endif // End of _LIBPKI_PQC_AMETH_LOCAL_H diff --git a/src/openssl/pqc/pqc_data_st.h b/src/openssl/pqc/pqc_data_st.h index 3fd6c91b..b528dc76 100644 --- a/src/openssl/pqc/pqc_data_st.h +++ b/src/openssl/pqc/pqc_data_st.h @@ -1,16 +1,21 @@ #ifndef _LIBPKI_PQC_LOCAL_H #define _LIBPKI_PQC_LOCAL_H -#include -#include +// Include the library configuration +#include -#ifndef OQS_H -#include -#endif +# ifdef ENABLE_OQS -#ifndef LIBPKI_X509_DATA_ST_H -#include "../internal/x509_data_st.h" -#endif +# include +# include + +# ifndef OQS_H +# include +# endif + +# ifndef LIBPKI_X509_DATA_ST_H +# include "../internal/x509_data_st.h" +# endif BEGIN_C_DECLS @@ -45,4 +50,6 @@ typedef enum { END_C_DECLS -# endif // End of _LIBPKI_PQC_LOCAL_H \ No newline at end of file +# endif // End of ENABLE_OQS + +#endif // End of _LIBPKI_PQC_LOCAL_H \ No newline at end of file diff --git a/src/openssl/pqc/pqc_init.c b/src/openssl/pqc/pqc_init.c index 7ee24f74..442f9e84 100644 --- a/src/openssl/pqc/pqc_init.c +++ b/src/openssl/pqc/pqc_init.c @@ -1,4 +1,9 @@ +// Include the library configuration +#include + +#ifdef ENABLE_OQS + #ifndef _LIBPKI_LOG_H #include #endif @@ -248,7 +253,7 @@ EVP_PKEY_ASN1_METHOD * PKI_PQC_PKEY_ASN1_METH_new(int nid, // All Done return a_meth; -}; +} int PKI_PQC_ALG_new(const char * name, int flags) { @@ -309,7 +314,7 @@ int PKI_PQC_ALG_new(const char * name, int flags) { // All Done return PKI_OK; -}; +} int PKI_PQC_init() { @@ -323,4 +328,6 @@ int PKI_PQC_init() { // All Done return PKI_OK; -}; \ No newline at end of file +} + +#endif // End of ENABLE_OQS diff --git a/src/openssl/pqc/pqc_pkey_meth.c b/src/openssl/pqc/pqc_pkey_meth.c index c1f1f9eb..d832cc65 100644 --- a/src/openssl/pqc/pqc_pkey_meth.c +++ b/src/openssl/pqc/pqc_pkey_meth.c @@ -1,8 +1,8 @@ -#ifndef _LIBPKI_PQC_AMETH_LOCAL_H #include "pqc_pkey_meth.h" -#endif + +#ifdef ENABLE_OQS #ifndef _LIBPKI_LOG_H #include @@ -451,3 +451,5 @@ int pkey_oqs_digestverify(EVP_MD_CTX *ctx, const unsigned char *sig, int pkey_oqs_digestcustom(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { return 1; } + +#endif // End of ENABLE_OQS diff --git a/src/openssl/pqc/pqc_pkey_meth.h b/src/openssl/pqc/pqc_pkey_meth.h index e69a7943..60294a25 100644 --- a/src/openssl/pqc/pqc_pkey_meth.h +++ b/src/openssl/pqc/pqc_pkey_meth.h @@ -2,6 +2,11 @@ #ifndef _LIBPKI_PQC_PKEY_METH_LOCAL_H #define _LIBPKI_PQC_PKEY_METH_LOCAL_H +// Include the library configuration +#include + +#ifdef ENABLE_OQS + #ifndef _LIBPKI_OS_H #include #endif @@ -74,4 +79,6 @@ int pkey_oqs_digestcustom(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); END_C_DECLS +#endif // End of ENABLE_OQS + #endif // End of _LIBPKI_PQC_PKEY_METH_LOCAL_H diff --git a/src/openssl/pqc/pqc_tools.c b/src/openssl/pqc/pqc_tools.c index c83e4302..4ad1a886 100644 --- a/src/openssl/pqc/pqc_tools.c +++ b/src/openssl/pqc/pqc_tools.c @@ -5,6 +5,8 @@ // Functions // ========= +#ifdef ENABLE_OQS + int oqssl_sig_nids_list[] = { ///// OQS_TEMPLATE_FRAGMENT_LIST_KNOWN_NIDS_START NID_dilithium2, @@ -453,3 +455,5 @@ int oqs_int_update(EVP_MD_CTX *ctx, const void *data, size_t count) } return 1; } + +#endif // End of ENABLE_OQS \ No newline at end of file diff --git a/src/openssl/pqc/pqc_tools.h b/src/openssl/pqc/pqc_tools.h index d4f4abc3..0dad9609 100644 --- a/src/openssl/pqc/pqc_tools.h +++ b/src/openssl/pqc/pqc_tools.h @@ -2,6 +2,11 @@ #ifndef _LIBPKI_PQC_TOOLS_H #define _LIBPKI_PQC_TOOLS_H +// Include the library configuration +#include + +#ifdef ENABLE_OQS + #ifndef _LIBPKI_OS_H #include #endif @@ -70,4 +75,6 @@ int oqs_int_update(EVP_MD_CTX *ctx, const void *data, size_t count); END_C_DECLS +#endif // End of ENABLE_OQS + #endif // End of _LIBPKI_PQC_TOOLS_H diff --git a/src/tests/11_ameth_traditional_pqc_composite_explicit.c b/src/tests/11_ameth_traditional_pqc_composite_explicit.c index bc65b67a..3d479498 100644 --- a/src/tests/11_ameth_traditional_pqc_composite_explicit.c +++ b/src/tests/11_ameth_traditional_pqc_composite_explicit.c @@ -61,7 +61,7 @@ int subtest1() { int idx = 0; int arr[22] = { 0x0 }; - printf(" - Subtest 1: ASN1 method find\n"); + printf(" - Subtest 1: ASN1 method find\n"); // Populate the array with the algorithm IDs arr[idx++] = PKI_ALGOR_ID_RSA; @@ -78,6 +78,8 @@ int subtest1() { #ifdef ENABLE_COMPOSITE // Generic Composite arr[idx++] = PKI_ID_get_by_name("COMPOSITE"); + +#ifdef ENABLE_OQS // Explicit Composite arr[idx++] = PKI_ID_get_by_name("DILITHIUM3-RSA-SHA256"); arr[idx++] = PKI_ID_get_by_name("DILITHIUM3-P256-SHA256"); @@ -93,22 +95,25 @@ int subtest1() { arr[idx++] = PKI_ID_get_by_name("FALCON512-RSA-SHA256"); arr[idx++] = PKI_ID_get_by_name("DILITHIUM5-FALCON1024-P512-SHA512"); arr[idx++] = PKI_ID_get_by_name("DILITHIUM5-FALCON1024-RSA-SHA256"); +#endif #endif const EVP_PKEY_ASN1_METHOD *ameth_one; // const EVP_PKEY_ASN1_METHOD *ameth_two; - for (int idx = 0; idx < 11; idx++) { - ameth_one = EVP_PKEY_asn1_find(NULL, arr[idx]); + for (int i = 0; i < idx; i++) { + printf(" + Method %s ...: ", PKI_ID_get_txt(arr[i])); + ameth_one = EVP_PKEY_asn1_find(NULL, arr[i]); if (!ameth_one) { printf("ERROR, can not find method for %s (%d)!\n", - PKI_ID_get_txt(arr[idx]), arr[idx]); + PKI_ID_get_txt(arr[i]), arr[i]); exit(1); } + printf("Ok\n"); } // Info - printf(" - Subtest 1: Passed\n\n"); + printf(" - Subtest 1: Passed\n\n"); // All Done return 1;