From 10bebbca92ef87af97bc15c6337afbbe050bb96e Mon Sep 17 00:00:00 2001 From: tb <> Date: Thu, 1 Jan 2026 12:47:52 +0000 Subject: Rename RANK{768,1024} to MLKEM{768,1024}_RANK RANK768 and RANK1024 are awfully short and generic names for public constants. Before we make it worse with similarly named constants for ML-DSA, let's fix this. This follows the naming convention used by the other macros in the mlkem code. ok kenjiro jsing --- src/lib/libcrypto/mlkem/mlkem.c | 12 +++++----- src/lib/libcrypto/mlkem/mlkem.h | 18 +++++++-------- src/lib/libcrypto/mlkem/mlkem_internal.c | 38 ++++++++++++++++---------------- src/lib/libcrypto/mlkem/mlkem_key.c | 26 +++++++++++----------- src/lib/libssl/tls_key_share.c | 6 ++--- 5 files changed, 50 insertions(+), 50 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/mlkem/mlkem.c b/src/lib/libcrypto/mlkem/mlkem.c index 9461a338e9..006937c39d 100644 --- a/src/lib/libcrypto/mlkem/mlkem.c +++ b/src/lib/libcrypto/mlkem/mlkem.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem.c,v 1.4 2025/09/05 23:30:12 beck Exp $ */ +/* $OpenBSD: mlkem.c,v 1.5 2026/01/01 12:47:52 tb Exp $ */ /* * Copyright (c) 2025, Bob Beck * @@ -24,7 +24,7 @@ private_key_is_new(const MLKEM_private_key *key) { return (key != NULL && key->state == MLKEM_PRIVATE_KEY_UNINITIALIZED && - (key->rank == RANK768 || key->rank == RANK1024)); + (key->rank == MLKEM768_RANK || key->rank == MLKEM1024_RANK)); } static inline int @@ -32,7 +32,7 @@ private_key_is_valid(const MLKEM_private_key *key) { return (key != NULL && key->state == MLKEM_PRIVATE_KEY_INITIALIZED && - (key->rank == RANK768 || key->rank == RANK1024)); + (key->rank == MLKEM768_RANK || key->rank == MLKEM1024_RANK)); } static inline int @@ -40,7 +40,7 @@ public_key_is_new(const MLKEM_public_key *key) { return (key != NULL && key->state == MLKEM_PUBLIC_KEY_UNINITIALIZED && - (key->rank == RANK768 || key->rank == RANK1024)); + (key->rank == MLKEM768_RANK || key->rank == MLKEM1024_RANK)); } static inline int @@ -48,7 +48,7 @@ public_key_is_valid(const MLKEM_public_key *key) { return (key != NULL && key->state == MLKEM_PUBLIC_KEY_INITIALIZED && - (key->rank == RANK768 || key->rank == RANK1024)); + (key->rank == MLKEM768_RANK || key->rank == MLKEM1024_RANK)); } /* @@ -71,7 +71,7 @@ MLKEM_generate_key_external_entropy(MLKEM_private_key *private_key, goto err; k_len = MLKEM768_PUBLIC_KEY_BYTES; - if (private_key->rank == RANK1024) + if (private_key->rank == MLKEM1024_RANK) k_len = MLKEM1024_PUBLIC_KEY_BYTES; if ((k = calloc(1, k_len)) == NULL) diff --git a/src/lib/libcrypto/mlkem/mlkem.h b/src/lib/libcrypto/mlkem/mlkem.h index dac3cf24de..17978782a7 100644 --- a/src/lib/libcrypto/mlkem/mlkem.h +++ b/src/lib/libcrypto/mlkem/mlkem.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem.h,v 1.8 2025/08/19 21:37:08 tb Exp $ */ +/* $OpenBSD: mlkem.h,v 1.9 2026/01/01 12:47:52 tb Exp $ */ /* * Copyright (c) 2025 Bob Beck * @@ -29,8 +29,8 @@ extern "C" { * ML-KEM constants */ -#define RANK768 3 -#define RANK1024 4 +#define MLKEM768_RANK 3 +#define MLKEM1024_RANK 4 /* * ML-KEM keys @@ -41,8 +41,8 @@ typedef struct MLKEM_public_key_st MLKEM_public_key; /* * MLKEM_private_key_new allocates a new uninitialized ML-KEM private key for - * |rank|, which must be RANK768 or RANK1024. It returns a pointer to an - * allocated structure suitable for holding a generated private key of the + * |rank|, which must be MLKEM768_RANK or MLKEM1024_RANK. It returns a pointer + * to an allocated structure suitable for holding a generated private key of the * corresponding rank on success, NULL is returned on failure. The caller is * responsible for deallocating the resulting key with |MLKEM_private_key_free|. */ @@ -71,8 +71,8 @@ size_t MLKEM_private_key_ciphertext_length(const MLKEM_private_key *key); /* * MLKEM_public_key_new allocates a new uninitialized ML-KEM public key for - * |rank|, which must be RANK768 or RANK1024. It returns a pointer to an - * allocated structure suitable for holding a generated public key of the + * |rank|, which must be MLKEM768_RANK or MLKEM1024_RANK. It returns a pointer + * to an allocated structure suitable for holding a generated public key of the * corresponding rank on success, NULL is returned on failure. The caller is * responsible for deallocating the resulting key with |MLKEM_public_key_free|. */ @@ -94,8 +94,8 @@ size_t MLKEM_public_key_encoded_length(const MLKEM_public_key *key); /* * MLKEM_public_key_cipertext_length returns the number of bytes produced as the - * ciphertext when encrypting a shared secret with |key| using |MLKEM_encap|. Zero - * is returned if |key| is NULL or has an invalid rank. + * ciphertext when encrypting a shared secret with |key| using |MLKEM_encap|. + * Zero is returned if |key| is NULL or has an invalid rank. */ size_t MLKEM_public_key_ciphertext_length(const MLKEM_public_key *key); diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.c b/src/lib/libcrypto/mlkem/mlkem_internal.c index cdc198b7cd..903b1ea2a3 100644 --- a/src/lib/libcrypto/mlkem/mlkem_internal.c +++ b/src/lib/libcrypto/mlkem/mlkem_internal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_internal.c,v 1.3 2025/09/16 06:12:04 tb Exp $ */ +/* $OpenBSD: mlkem_internal.c,v 1.4 2026/01/01 12:47:52 tb Exp $ */ /* * Copyright (c) 2024, Google Inc. * Copyright (c) 2024, 2025 Bob Beck @@ -103,7 +103,7 @@ encoded_vector_size(uint16_t rank) static inline size_t compressed_vector_size(uint16_t rank) { - return ((rank == RANK768) ? kDU768 : kDU1024) * rank * DEGREE / 8; + return ((rank == MLKEM768_RANK) ? kDU768 : kDU1024) * rank * DEGREE / 8; } typedef struct scalar { @@ -615,7 +615,7 @@ scalar_encode_1(uint8_t out[32], const scalar *s) } /* - * Encodes an entire vector into 32*|RANK768|*|bits| bytes. Note that since 256 + * Encodes an entire vector into 32*|MLKEM768_RANK|*|bits| bytes. Since 256 * (DEGREE) is divisible by 8, the individual vector entries will always fill a * whole number of bytes, so we do not need to worry about bit packing here. */ @@ -707,7 +707,7 @@ scalar_decode_1(scalar *out, const uint8_t in[32]) } /* - * Decodes 32*|RANK768|*|bits| bytes from |in| into |out|. It returns one on + * Decodes 32*|MLKEM768_RANK|*|bits| bytes from |in| into |out|. It returns one on * success or zero if any parsed value is >= |kPrime|. */ static int @@ -831,7 +831,7 @@ public_key_from_external(const MLKEM_public_key *external, uint8_t *bytes = external->key_768->bytes; size_t offset = 0; - if (external->rank == RANK1024) + if (external->rank == MLKEM1024_RANK) bytes = external->key_1024->bytes; pub->t = (struct scalar *)bytes + offset; @@ -858,7 +858,7 @@ private_key_from_external(const MLKEM_private_key *external, size_t offset = 0; uint8_t *bytes = external->key_768->bytes; - if (external->rank == RANK1024) + if (external->rank == MLKEM1024_RANK) bytes = external->key_1024->bytes; priv->pub.t = (struct scalar *)(bytes + offset); @@ -898,7 +898,7 @@ mlkem_private_key_from_seed(const uint8_t *seed, size_t seed_len, MLKEM_private_key *out_private_key) { uint8_t *public_key_buf = NULL; - size_t public_key_buf_len = out_private_key->rank == RANK768 ? + size_t public_key_buf_len = out_private_key->rank == MLKEM768_RANK ? MLKEM768_PUBLIC_KEY_BYTES : MLKEM1024_PUBLIC_KEY_BYTES; int ret = 0; @@ -937,7 +937,7 @@ mlkem_generate_key_external_entropy(uint8_t *out_encoded_public_key, uint8_t *rho, *sigma; uint8_t counter = 0; uint8_t hashed[64]; - scalar error[RANK1024]; + scalar error[MLKEM1024_RANK]; CBB cbb; int ret = 0; @@ -961,7 +961,7 @@ mlkem_generate_key_external_entropy(uint8_t *out_encoded_public_key, vector_add(priv.pub.t, &error[0], out_private_key->rank); if (!CBB_init_fixed(&cbb, out_encoded_public_key, - out_private_key->rank == RANK768 ? MLKEM768_PUBLIC_KEY_BYTES : + out_private_key->rank == MLKEM768_RANK ? MLKEM768_PUBLIC_KEY_BYTES : MLKEM1024_PUBLIC_KEY_BYTES)) goto err; @@ -970,7 +970,7 @@ mlkem_generate_key_external_entropy(uint8_t *out_encoded_public_key, goto err; hash_h(priv.pub.public_key_hash, out_encoded_public_key, - out_private_key->rank == RANK768 ? MLKEM768_PUBLIC_KEY_BYTES : + out_private_key->rank == MLKEM768_RANK ? MLKEM768_PUBLIC_KEY_BYTES : MLKEM1024_PUBLIC_KEY_BYTES); memcpy(priv.fo_failure_secret, entropy + 32, 32); @@ -987,12 +987,12 @@ mlkem_public_from_private(const MLKEM_private_key *private_key, MLKEM_public_key *out_public_key) { switch (private_key->rank) { - case RANK768: + case MLKEM768_RANK: memcpy(out_public_key->key_768->bytes, private_key->key_768->bytes, sizeof(out_public_key->key_768->bytes)); break; - case RANK1024: + case MLKEM1024_RANK: memcpy(out_public_key->key_1024->bytes, private_key->key_1024->bytes, sizeof(out_public_key->key_1024->bytes)); @@ -1010,7 +1010,7 @@ encrypt_cpa(uint8_t *out, const struct public_key *pub, const uint8_t message[32], const uint8_t randomness[32], size_t rank) { - scalar secret[RANK1024], error[RANK1024], u[RANK1024]; + scalar secret[MLKEM1024_RANK], error[MLKEM1024_RANK], u[MLKEM1024_RANK]; scalar expanded_message, scalar_error; uint8_t counter = 0; uint8_t input[33]; @@ -1018,7 +1018,7 @@ encrypt_cpa(uint8_t *out, const struct public_key *pub, int u_bits = kDU768; int v_bits = kDV768; - if (rank == RANK1024) { + if (rank == MLKEM1024_RANK) { u_bits = kDU1024; v_bits = kDV1024; } @@ -1082,12 +1082,12 @@ static void decrypt_cpa(uint8_t out[32], const struct private_key *priv, const uint8_t *ciphertext, size_t rank) { - scalar u[RANK1024]; + scalar u[MLKEM1024_RANK]; scalar mask, v; int u_bits = kDU768; int v_bits = kDV768; - if (rank == RANK1024) { + if (rank == MLKEM1024_RANK) { u_bits = kDU1024; v_bits = kDV1024; } @@ -1109,7 +1109,7 @@ mlkem_decap(const MLKEM_private_key *private_key, const uint8_t *ciphertext, size_t ciphertext_len, uint8_t out_shared_secret[MLKEM_SHARED_SECRET_LENGTH]) { struct private_key priv; - size_t expected_ciphertext_length = private_key->rank == RANK768 ? + size_t expected_ciphertext_length = private_key->rank == MLKEM768_RANK ? MLKEM768_CIPHERTEXT_BYTES : MLKEM1024_CIPHERTEXT_BYTES; uint8_t *expected_ciphertext = NULL; uint8_t key_and_randomness[64]; @@ -1161,7 +1161,7 @@ mlkem_marshal_public_key(const MLKEM_public_key *public_key, int ret = 0; CBB cbb; - if (!CBB_init(&cbb, public_key->rank == RANK768 ? + if (!CBB_init(&cbb, public_key->rank == MLKEM768_RANK ? MLKEM768_PUBLIC_KEY_BYTES : MLKEM1024_PUBLIC_KEY_BYTES)) goto err; public_key_from_external(public_key, &pub); @@ -1223,7 +1223,7 @@ mlkem_marshal_private_key(const MLKEM_private_key *private_key, uint8_t **out_private_key, size_t *out_private_key_len) { struct private_key priv; - size_t key_length = private_key->rank == RANK768 ? + size_t key_length = private_key->rank == MLKEM768_RANK ? MLKEM768_PRIVATE_KEY_BYTES : MLKEM1024_PRIVATE_KEY_BYTES; CBB cbb; int ret = 0; diff --git a/src/lib/libcrypto/mlkem/mlkem_key.c b/src/lib/libcrypto/mlkem/mlkem_key.c index 7c6476d971..d4e3d69d88 100644 --- a/src/lib/libcrypto/mlkem/mlkem_key.c +++ b/src/lib/libcrypto/mlkem/mlkem_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_key.c,v 1.4 2025/09/16 06:10:24 tb Exp $ */ +/* $OpenBSD: mlkem_key.c,v 1.5 2026/01/01 12:47:52 tb Exp $ */ /* * Copyright (c) 2025 Bob Beck * @@ -32,11 +32,11 @@ MLKEM_private_key_new(int rank) goto err; switch (rank) { - case RANK768: + case MLKEM768_RANK: if ((key->key_768 = calloc(1, sizeof(*key->key_768))) == NULL) goto err; break; - case RANK1024: + case MLKEM1024_RANK: if ((key->key_1024 = calloc(1, sizeof(*key->key_1024))) == NULL) goto err; break; @@ -75,9 +75,9 @@ MLKEM_private_key_encoded_length(const MLKEM_private_key *key) return 0; switch (key->rank) { - case RANK768: + case MLKEM768_RANK: return MLKEM768_PRIVATE_KEY_BYTES; - case RANK1024: + case MLKEM1024_RANK: return MLKEM1024_PRIVATE_KEY_BYTES; default: return 0; @@ -93,9 +93,9 @@ MLKEM_private_key_ciphertext_length(const MLKEM_private_key *key) return 0; switch (key->rank) { - case RANK768: + case MLKEM768_RANK: return MLKEM768_CIPHERTEXT_BYTES; - case RANK1024: + case MLKEM1024_RANK: return MLKEM1024_CIPHERTEXT_BYTES; default: return 0; @@ -114,11 +114,11 @@ MLKEM_public_key_new(int rank) goto err; switch (rank) { - case RANK768: + case MLKEM768_RANK: if ((key->key_768 = calloc(1, sizeof(*key->key_768))) == NULL) goto err; break; - case RANK1024: + case MLKEM1024_RANK: if ((key->key_1024 = calloc(1, sizeof(*key->key_1024))) == NULL) goto err; break; @@ -158,9 +158,9 @@ MLKEM_public_key_encoded_length(const MLKEM_public_key *key) return 0; switch (key->rank) { - case RANK768: + case MLKEM768_RANK: return MLKEM768_PUBLIC_KEY_BYTES; - case RANK1024: + case MLKEM1024_RANK: return MLKEM1024_PUBLIC_KEY_BYTES; default: return 0; @@ -176,9 +176,9 @@ MLKEM_public_key_ciphertext_length(const MLKEM_public_key *key) return 0; switch (key->rank) { - case RANK768: + case MLKEM768_RANK: return MLKEM768_CIPHERTEXT_BYTES; - case RANK1024: + case MLKEM1024_RANK: return MLKEM1024_CIPHERTEXT_BYTES; default: return 0; diff --git a/src/lib/libssl/tls_key_share.c b/src/lib/libssl/tls_key_share.c index 3f4c44f558..9e04cb7b75 100644 --- a/src/lib/libssl/tls_key_share.c +++ b/src/lib/libssl/tls_key_share.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_key_share.c,v 1.9 2025/12/04 21:03:42 beck Exp $ */ +/* $OpenBSD: tls_key_share.c,v 1.10 2026/01/01 12:47:52 tb Exp $ */ /* * Copyright (c) 2020, 2021 Joel Sing * @@ -285,7 +285,7 @@ tls_key_share_generate_mlkem(struct tls_key_share *ks, int rank) static int tls_key_share_client_generate_mlkem768x25519(struct tls_key_share *ks) { - if (!tls_key_share_generate_mlkem(ks, RANK768)) + if (!tls_key_share_generate_mlkem(ks, MLKEM768_RANK)) return 0; if (!tls_key_share_generate_x25519(ks)) @@ -586,7 +586,7 @@ tls_key_share_server_peer_public_mlkem768x25519(struct tls_key_share *ks, return 0; /* Nein, ist nur normal (1024 ist gigantisch) */ - if ((ks->mlkem_peer_public = MLKEM_public_key_new(RANK768)) == NULL) + if ((ks->mlkem_peer_public = MLKEM_public_key_new(MLKEM768_RANK)) == NULL) goto err; if (!CBS_get_bytes(cbs, &mlkem768_cbs, -- cgit v1.2.3-55-g6feb