From ec6f046fcd768f6ad51d42dde313c1c66d829f18 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 1 May 2024 11:52:46 -0700 Subject: [PATCH] Kyber Testing 1. Add a workflow for a kyber test. 2. Fix a couple spots where a flag to use kyber wasn't getting set correctly. 3. Changed a check to kyber back to the original source, a local variable. --- .github/workflows/kyber.yml | 50 +++++++++++++++++++++++++++++++++++++ src/internal.c | 4 +-- 2 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/kyber.yml diff --git a/.github/workflows/kyber.yml b/.github/workflows/kyber.yml new file mode 100644 index 000000000..2852649b4 --- /dev/null +++ b/.github/workflows/kyber.yml @@ -0,0 +1,50 @@ +name: Kyber tests + +on: + push: + branches: [ '*' ] + pull_request: + branches: [ '*' ] + +jobs: + run_test: + name: Build and run + runs-on: ubuntu-latest + # This should be a safe limit for the tests to run. + timeout-minutes: 15 + steps: + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y build-essential autoconf automake libtool \ + git cmake make + + - name: Install and build liboqs + run: | + git clone --depth 1 --branch 0.10.0 https://github.com/open-quantum-safe/liboqs + mkdir -p liboqs/build + cd liboqs/build + cmake -DOQS_MINIMAL_BUILD=KEM_kyber_512 -DOQS_USE_OPENSSL=0 .. + make + sudo make install + + - name: Install and build wolfSSL + run: | + git clone --depth 1 https://github.com/wolfssl/wolfssl + cd wolfssl + autoreconf -ivf + ./configure --enable-wolfssl --enable-kyber + make + sudo make install + + - name: Install and build wolfSSH + run: | + git clone --depth 1 https://github.com/wolfssl/wolfssh + cd wolfssh + autoreconf -ivf + ./configure --with-liboqs + make + + - name: Run wolfssh tests + working-directory: wolfssh + run: make check diff --git a/src/internal.c b/src/internal.c index 4df487807..c4d3688c6 100644 --- a/src/internal.c +++ b/src/internal.c @@ -5133,7 +5133,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx) if (ret == WS_SUCCESS) { int useKeyPadding = 1; #if !defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256) - doKeyPadding = !ssh->handshake->useEccKyber; + useKeyPadding = !ssh->handshake->useEccKyber; #endif ret = GenerateKeys(ssh, hashId, useKeyPadding); } @@ -10639,7 +10639,7 @@ int SendKexDhReply(WOLFSSH* ssh) if (ret == WS_SUCCESS) { int doKeyPadding = 1; #if !defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256) - doKeyPadding = !ssh->handshake->useEccKyber; + doKeyPadding = !useEccKyber; #endif ret = GenerateKeys(ssh, hashId, doKeyPadding); }