remove resolving feature state of ML_KEM_INITIAL_PUBLIC_DRAFT again

clang format
rnpgp · Apr 2, 2024 · 58725b8 · 58725b8
1 parent a311eb9
commit 58725b8
Show file tree

Hide file tree

Showing 13 changed files with 57 additions and 70 deletions.
diff --git a/include/repgp/repgp_def.h b/include/repgp/repgp_def.h
@@ -231,7 +231,7 @@ typedef enum : uint8_t {
     PGP_PKA_ED25519 = 27, /* v6 / Crypto Refresh */
 #endif
 
-PGP_PKA_SM2 = 99,        /* SM2 encryption/signature schemes */
+    PGP_PKA_SM2 = 99, /* SM2 encryption/signature schemes */
 
 #if defined(ENABLE_PQC)
     /* PQC-ECC composite */

diff --git a/include/rnp/rnp.h b/include/rnp/rnp.h
@@ -1959,7 +1959,6 @@ RNP_API rnp_result_t rnp_key_get_alg(rnp_key_handle_t key, char **alg);
  */
 RNP_API rnp_result_t rnp_key_sphincsplus_get_param(rnp_key_handle_t handle, char **param);
 
-
 /** Get number of bits in the key. For EC-based keys it will return size of the curve.
  *
  * @param key key handle

diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt
@@ -184,7 +184,7 @@ if(CRYPTO_BACKEND_BOTAN)
   resolve_feature_state(ENABLE_TWOFISH "TWOFISH")
   resolve_feature_state(ENABLE_IDEA "IDEA")
   resolve_feature_state(ENABLE_CRYPTO_REFRESH "HKDF")
-  resolve_feature_state(ENABLE_PQC "KMAC;DILITHIUM;KYBER;ML_KEM_INITIAL_PUBLIC_DRAFT;SPHINCS_PLUS_WITH_SHA2;SPHINCS_PLUS_WITH_SHAKE")
+  resolve_feature_state(ENABLE_PQC "KMAC;DILITHIUM;KYBER;SPHINCS_PLUS_WITH_SHA2;SPHINCS_PLUS_WITH_SHAKE")
   resolve_feature_state(ENABLE_BLOWFISH "BLOWFISH")
   resolve_feature_state(ENABLE_CAST5 "CAST_128")
   resolve_feature_state(ENABLE_RIPEMD160 "RIPEMD_160")

diff --git a/src/lib/generate-key.cpp b/src/lib/generate-key.cpp
@@ -341,10 +341,10 @@ set_default_user_prefs(pgp_user_prefs_t &prefs)
           DEFAULT_COMPRESS_ALGS, DEFAULT_COMPRESS_ALGS + ARRAY_SIZE(DEFAULT_COMPRESS_ALGS)));
     }
 #if defined(ENABLE_CRYPTO_REFRESH)
-    if(prefs.aead_prefs.empty()) {
+    if (prefs.aead_prefs.empty()) {
         std::vector<uint8_t> algs;
-        for(auto aead_alg : DEFAULT_AEAD_ALGS) {
-            for(auto sym_alg : prefs.symm_algs) {
+        for (auto aead_alg : DEFAULT_AEAD_ALGS) {
+            for (auto sym_alg : prefs.symm_algs) {
                 algs.push_back(sym_alg);
                 algs.push_back(aead_alg);
             }

diff --git a/src/lib/pgp-key.cpp b/src/lib/pgp-key.cpp
@@ -586,9 +586,8 @@ pgp_user_prefs_t::set_aead_prefs(const std::vector<uint8_t> &algs)
 void
 pgp_user_prefs_t::add_aead_prefs(pgp_symm_alg_t sym_alg, pgp_aead_alg_t aead_alg)
 {
-    for(size_t i = 0; i < aead_prefs.size(); i+=2)
-    {
-        if(aead_prefs[i] == sym_alg && aead_prefs[i+1] == aead_alg) {
+    for (size_t i = 0; i < aead_prefs.size(); i += 2) {
+        if (aead_prefs[i] == sym_alg && aead_prefs[i + 1] == aead_alg) {
             return;
         }
     }

diff --git a/src/lib/rnp.cpp b/src/lib/rnp.cpp
@@ -221,14 +221,13 @@ static const id_str_pair hash_alg_map[] = {{PGP_HASH_MD5, RNP_ALGNAME_MD5},
                                            {0, NULL}};
 
 #if defined(ENABLE_PQC)
-static const id_str_pair sphincsplus_params_map[] = {
-    {sphincsplus_simple_128s, "128s"},
-    {sphincsplus_simple_128f, "128f"},
-    {sphincsplus_simple_192s, "192s"},
-    {sphincsplus_simple_192f, "192f"},
-    {sphincsplus_simple_256s, "256s"},
-    {sphincsplus_simple_256f, "256f"},
-    {0, NULL}};
+static const id_str_pair sphincsplus_params_map[] = {{sphincsplus_simple_128s, "128s"},
+                                                     {sphincsplus_simple_128f, "128f"},
+                                                     {sphincsplus_simple_192s, "192s"},
+                                                     {sphincsplus_simple_192f, "192f"},
+                                                     {sphincsplus_simple_256s, "256s"},
+                                                     {sphincsplus_simple_256f, "256f"},
+                                                     {0, NULL}};
 #endif
 
 static const id_str_pair s2k_type_map[] = {
@@ -6802,11 +6801,12 @@ try {
         return RNP_ERROR_NULL_POINTER;
     }
     pgp_key_t *key = get_key_prefer_public(handle);
-    if(key->alg() != PGP_PKA_SPHINCSPLUS_SHA2 && key->alg() != PGP_PKA_SPHINCSPLUS_SHAKE) {
+    if (key->alg() != PGP_PKA_SPHINCSPLUS_SHA2 && key->alg() != PGP_PKA_SPHINCSPLUS_SHAKE) {
         return RNP_ERROR_BAD_PARAMETERS;
     }
 
-    return get_map_value(sphincsplus_params_map, key->material().sphincsplus.pub.param(), param);
+    return get_map_value(
+      sphincsplus_params_map, key->material().sphincsplus.pub.param(), param);
 #else
     return RNP_ERROR_NOT_IMPLEMENTED;
 #endif

diff --git a/src/librepgp/stream-parse.cpp b/src/librepgp/stream-parse.cpp
@@ -1728,7 +1728,8 @@ encrypted_try_key(pgp_source_encrypted_param_t *param,
 #endif
 
 #if defined(ENABLE_PQC_DBG_LOG)
-    RNP_LOG_U8VEC("Session Key: %s", std::vector<uint8_t>(decbuf_sesskey, decbuf_sesskey + keylen));
+    RNP_LOG_U8VEC("Session Key: %s",
+                  std::vector<uint8_t>(decbuf_sesskey, decbuf_sesskey + keylen));
 #endif
 
 #if defined(ENABLE_CRYPTO_REFRESH) || defined(ENABLE_PQC)

diff --git a/src/librepgp/stream-sig.cpp b/src/librepgp/stream-sig.cpp
@@ -404,7 +404,7 @@ pgp_sig_subpkt_t::parse()
         break;
 #if defined(ENABLE_CRYPTO_REFRESH)
     case PGP_SIG_SUBPKT_PREFERRED_AEAD_CIPHERSUITES:
-        if(len % 2 != 0) {
+        if (len % 2 != 0) {
             RNP_LOG("AEAD Ciphersuite Preferences must contain an even number of bytes");
             return false;
         }
@@ -1864,11 +1864,10 @@ rnp_selfsig_cert_info_t::populate(pgp_signature_t &sig)
             sig.set_key_flags(key_flags);
         }
         return;
-    }
-    else if ((sig.version == PGP_V6) && (sig.type() == PGP_SIG_DIRECT)) {
+    } else if ((sig.version == PGP_V6) && (sig.type() == PGP_SIG_DIRECT)) {
         /* set some additional packets for v6 direct-key self signatures */
         sig.set_key_features(PGP_KEY_FEATURE_MDC | PGP_KEY_FEATURE_SEIPDV2);
-        if(!prefs.aead_prefs.empty()) {
+        if (!prefs.aead_prefs.empty()) {
             sig.set_preferred_aead_algs(prefs.aead_prefs);
         }
     }

diff --git a/src/librepgp/stream-write.cpp b/src/librepgp/stream-write.cpp
@@ -651,7 +651,8 @@ encrypted_add_recipient(pgp_write_handler_t *handler,
     }
 
 #if defined(ENABLE_PQC_DBG_LOG)
-    RNP_LOG_U8VEC("Session Key: %s", std::vector<uint8_t>(enckey.data(), enckey.data() + keylen));
+    RNP_LOG_U8VEC("Session Key: %s",
+                  std::vector<uint8_t>(enckey.data(), enckey.data() + keylen));
 #endif
 
     pgp_encrypted_material_t material;

diff --git a/src/rnp/fficli.cpp b/src/rnp/fficli.cpp
@@ -420,7 +420,7 @@ ffi_pass_callback_stdin(rnp_ffi_t        ffi,
         }
 
         rnp->reuse_password_for_subkey--;
-        if(rnp->reuse_password_for_subkey == 0) {
+        if (rnp->reuse_password_for_subkey == 0) {
             rnp_buffer_clear(rnp->reused_password, strnlen(rnp->reused_password, buf_len));
             free(rnp->reused_password);
             rnp->reused_password = NULL;
@@ -1376,10 +1376,9 @@ cli_rnp_print_key_info(FILE *fp, rnp_ffi_t ffi, rnp_key_handle_t key, bool psecr
     fprintf(fp, "%s", cli_rnp_normalize_key_alg(alg));
 #if defined(ENABLE_PQC)
     // in case of a SPHINCS+ key, also print the parameter set
-    char *param;
+    char *       param;
     rnp_result_t res = rnp_key_sphincsplus_get_param(key, &param);
-    if(res == RNP_SUCCESS)
-    {
+    if (res == RNP_SUCCESS) {
         fprintf(fp, "-%s", param);
         rnp_buffer_destroy(param);
     }
@@ -1546,9 +1545,9 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
     rnp_key_handle_t  primary = NULL;
     rnp_key_handle_t  subkey = NULL;
 #if defined(ENABLE_PQC)
-    rnp_key_handle_t  subkey2 = NULL;
+    rnp_key_handle_t subkey2 = NULL;
 #endif
-    bool              res = false;
+    bool res = false;
 
     if (rnp_op_generate_create(&genkey, rnp->ffi, cfg.get_cstr(CFG_KG_PRIMARY_ALG))) {
         ERR_MSG("Failed to initialize key generation.");
@@ -1644,8 +1643,8 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
 #endif
 #if defined(ENABLE_PQC)
     if (cfg.has(CFG_KG_SUBKEY_SPHINCSPLUS_PARAM) &&
-        rnp_op_generate_set_sphincsplus_param(
-          genkey, cfg.get_cstr(CFG_KG_SUBKEY_SPHINCSPLUS_PARAM))) {
+        rnp_op_generate_set_sphincsplus_param(genkey,
+                                              cfg.get_cstr(CFG_KG_SUBKEY_SPHINCSPLUS_PARAM))) {
         ERR_MSG("Failed to set sphincsplus parameter.");
         goto done;
     }
@@ -1656,11 +1655,11 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
     }
 
 #if defined(ENABLE_PQC)
-    if(cfg.has(CFG_KG_SUBKEY_2_ALG)) {
+    if (cfg.has(CFG_KG_SUBKEY_2_ALG)) {
         rnp_op_generate_destroy(genkey);
         genkey = NULL;
         if (rnp_op_generate_subkey_create(
-            &genkey, rnp->ffi, primary, cfg.get_cstr(CFG_KG_SUBKEY_2_ALG))) {
+              &genkey, rnp->ffi, primary, cfg.get_cstr(CFG_KG_SUBKEY_2_ALG))) {
             ERR_MSG("Failed to initialize subkey 2 generation.");
             goto done;
         }
@@ -1687,14 +1686,14 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
             ERR_MSG("Failed to set hash algorithm.");
             goto done;
         }
-    #if defined(ENABLE_CRYPTO_REFRESH)
+#if defined(ENABLE_CRYPTO_REFRESH)
         if (cfg.get_bool(CFG_KG_V6_KEY)) {
             rnp_op_generate_set_v6_key(genkey);
         }
-    #endif
+#endif
         if (cfg.has(CFG_KG_SUBKEY_2_SPHINCSPLUS_PARAM) &&
             rnp_op_generate_set_sphincsplus_param(
-            genkey, cfg.get_cstr(CFG_KG_SUBKEY_2_SPHINCSPLUS_PARAM))) {
+              genkey, cfg.get_cstr(CFG_KG_SUBKEY_2_SPHINCSPLUS_PARAM))) {
             ERR_MSG("Failed to set sphincsplus parameter.");
             goto done;
         }
@@ -1708,7 +1707,7 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
     // protect
 #if defined(ENABLE_PQC)
     for (auto key : {primary, subkey, subkey2}) {
-        if(!key) {
+        if (!key) {
             continue;
         }
 #else
@@ -1748,7 +1747,6 @@ cli_rnp_generate_key(cli_rnp_t *rnp, const char *username)
             cli_rnp_print_key_info(stdout, rnp->ffi, subkey2, true, false);
         }
 #endif
-
     }
     rnp_op_generate_destroy(genkey);
     rnp_key_handle_destroy(primary);

diff --git a/src/rnpkeys/tui.cpp b/src/rnpkeys/tui.cpp
@@ -154,18 +154,13 @@ ask_curve_name(FILE *input_fp)
 static std::string
 ask_sphincsplus_param_name(FILE *input_fp)
 {
-    std::vector<std::string> params = {"128f",
-        "128s",
-        "192f",
-        "192s",
-        "256f",
-        "256s"};
+    std::vector<std::string> params = {"128f", "128s", "192f", "192s", "256f", "256s"};
     std::vector<std::string> add_info = {"ML-KEM-768 + X25519",
-        "ML-KEM-768 + X25519",
-        "ML-KEM-1024 + ECDH-NIST-P-384",
-        "ML-KEM-1024 + ECDH-NIST-P-384",
-        "ML-KEM-1024 + ECDH-NIST-P-384",
-        "ML-KEM-1024 + ECDH-NIST-P-384"};
+                                         "ML-KEM-768 + X25519",
+                                         "ML-KEM-1024 + ECDH-NIST-P-384",
+                                         "ML-KEM-1024 + ECDH-NIST-P-384",
+                                         "ML-KEM-1024 + ECDH-NIST-P-384",
+                                         "ML-KEM-1024 + ECDH-NIST-P-384"};
 
     const size_t pcount = params.size();
     if (!pcount) {
@@ -178,7 +173,8 @@ ask_sphincsplus_param_name(FILE *input_fp)
         if (!check_attempts(attempts)) {
             return NULL;
         }
-        printf("Please select which SLH-DSA parameter set you want. In parenthesis, the correspondingly chosen encryption subkey is shown:\n");
+        printf("Please select which SLH-DSA parameter set you want. In parenthesis, the "
+               "correspondingly chosen encryption subkey is shown:\n");
         for (size_t i = 0; i < pcount; i++) {
             printf("\t(%zu) %s (%s)\n", i + 1, params[i].c_str(), add_info[i].c_str());
         }
@@ -411,19 +407,15 @@ rnpkeys_ask_generate_params(rnp_cfg &cfg, FILE *input_fp)
             cfg.set_str(CFG_KG_SUBKEY_ALG, RNP_ALGNAME_KYBER1024_BP384);
             cfg.set_str(CFG_KG_V6_KEY, "true");
             break;
-        case 31:
-        {
+        case 31: {
             std::string param = ask_sphincsplus_param_name(input_fp);
             if (param == "") {
                 return false;
             }
-            if(param == "128f" || param == "128s")
-            {
+            if (param == "128f" || param == "128s") {
                 cfg.set_str(CFG_KG_SUBKEY_ALG, RNP_ALGNAME_KYBER768_X25519);
                 cfg.set_str(CFG_KG_HASH, RNP_ALGNAME_SHA256);
-            }
-            else
-            {
+            } else {
                 cfg.set_str(CFG_KG_SUBKEY_ALG, RNP_ALGNAME_KYBER1024_P384);
                 cfg.set_str(CFG_KG_HASH, RNP_ALGNAME_SHA512);
             }
@@ -432,19 +424,15 @@ rnpkeys_ask_generate_params(rnp_cfg &cfg, FILE *input_fp)
             cfg.set_str(CFG_KG_V6_KEY, "true");
             break;
         }
-        case 32:
-        {
+        case 32: {
             std::string param = ask_sphincsplus_param_name(input_fp);
             if (param == "") {
                 return false;
             }
-            if(param == "128f" || param == "128s")
-            {
+            if (param == "128f" || param == "128s") {
                 cfg.set_str(CFG_KG_SUBKEY_ALG, RNP_ALGNAME_KYBER768_X25519);
                 cfg.set_str(CFG_KG_HASH, RNP_ALGNAME_SHA3_256);
-            }
-            else
-            {
+            } else {
                 cfg.set_str(CFG_KG_SUBKEY_ALG, RNP_ALGNAME_KYBER1024_P384);
                 cfg.set_str(CFG_KG_HASH, RNP_ALGNAME_SHA3_512);
             }

diff --git a/src/tests/ffi-enc.cpp b/src/tests/ffi-enc.cpp
@@ -776,21 +776,24 @@ TEST_F(rnp_tests, test_ffi_decrypt_pqc_pkesk_test_vector)
     assert_true(import_all_keys(ffi, "data/draft-ietf-openpgp-pqc/v4-eddsa-mlkem.sec.asc"));
 
     assert_rnp_success(rnp_output_to_path(&output, "decrypted"));
-    assert_rnp_success(rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v6-seipdv2.asc"));
+    assert_rnp_success(
+      rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v6-seipdv2.asc"));
     assert_non_null(input);
     assert_rnp_success(rnp_decrypt(ffi, input, output));
     assert_string_equal(file_to_str("decrypted").c_str(), "Testing\n");
     assert_int_equal(unlink("decrypted"), 0);
 
     assert_rnp_success(rnp_output_to_path(&output, "decrypted"));
-    assert_rnp_success(rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v4-seipdv1.asc"));
+    assert_rnp_success(
+      rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v4-seipdv1.asc"));
     assert_non_null(input);
     assert_rnp_success(rnp_decrypt(ffi, input, output));
     assert_string_equal(file_to_str("decrypted").c_str(), "Testing\n");
     assert_int_equal(unlink("decrypted"), 0);
 
     assert_rnp_success(rnp_output_to_path(&output, "decrypted"));
-    assert_rnp_success(rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v4-seipdv1.asc"));
+    assert_rnp_success(
+      rnp_input_from_path(&input, "data/draft-ietf-openpgp-pqc/v4-seipdv1.asc"));
     assert_non_null(input);
     assert_rnp_success(rnp_decrypt(ffi, input, output));
     assert_string_equal(file_to_str("decrypted").c_str(), "Testing\n");

diff --git a/src/tests/ffi-key.cpp b/src/tests/ffi-key.cpp
@@ -3274,7 +3274,6 @@ TEST_F(rnp_tests, test_ffi_pqc_certs)
     assert_int_equal(keycount, 2);
 }
 
-
 #endif
 
 TEST_F(rnp_tests, test_ffi_v6_seckey_import)
-Original file line number
+Diff line change
@@ Expand Up @@
      */
     RNP_API rnp_result_t rnp_key_sphincsplus_get_param(rnp_key_handle_t handle, char **param);
     /** Get number of bits in the key. For EC-based keys it will return size of the curve.
      *
      * @param key key handle
@@ Expand Down @@