Comments (4)
Thanks for this report. Unfortunately, oqsprovider
does not modify any key representation but simply "shuffles around" (the openssl provider APIs) completely opaque binary blobs/what's provided by liboqs
(APIs). And that in turn takes its code from the pqcrystals repository. So tagging @bhess as the contact person to that code base for comment as to whether it's permissible to retain an unused parameter as NULL or whether it indeed has to be left away. What might be helpful is a reference to the specifications (pertaining to Dilithium and its key representation format) that you have been using when implementing your CA code, @stauro79 such as to compare the relevant parts.
from oqs-provider.
It could be due to this line in oqsprovider which requires the algorithm parameters to be absent:
@stauro79, if you are following draft-ietf-lamps-dilithium-certificates, the parameters are defined as ABSENT.
from oqs-provider.
It could be due to this line in oqsprovider which requires the algorithm parameters to be absent:
Thanks very much for the analysis, @danvangeest . This is code "grand-fathered" in to oqs-prrovider from the old openssl111 6 years ago from here.
@stauro79, if you are following draft-ietf-lamps-dilithium-certificates, the parameters are defined as ABSENT.
The first version of the spec above has been done 4 years after this code, but indeed AFAIK this code and any specs pertaining to it ever were in contradiction.
Hence, I'll close this issue in a few days unless @stauro79 provides another spec pointer documenting a different understanding.
from oqs-provider.
Closing as per above
from oqs-provider.
Related Issues (20)
- Update SPECIFICATIONS.md HOT 2
- Too many advertised sig algs cause TLS server hang-up HOT 103
- Custom OID by environment variable offset misalignment HOT 3
- Error initializing dilithium2 context HOT 2
- OpenSSL Git Link in fullbuild.sh HOT 2
- Dilithium cert is not recognized HOT 1
- Is p256_dilithium3 supported ? HOT 3
- CircleCI tests failing on main HOT 10
- Too many agruments to function 'mkdir' on Windows HOT 2
- Guard against wrong CI feedback HOT 1
- Not able to decrypt certificate private key (generated using PQC algorithm) HOT 2
- Target install does nothing with static oqsprovider.a library HOT 2
- Build static library only without tests nor examples.
- Not able to read dilithium private key using PEM_read_bio_PrivateKey routine HOT 4
- Can't cross compile on Linux for Windows HOT 2
- Support deterministic key generation HOT 8
- Convert EVP_PKEY to uint8_t HOT 1
- Generate a Kyber Certificate HOT 1
- Do project self-assessment
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oqs-provider.