Support more NIDs in KEM table

README.md

@@ -74,9 +74,8 @@ If an algorithm is provided by liboqs but is not listed below, it might still be
 
 The following quantum-safe algorithms from liboqs are supported (assuming they have been enabled in liboqs):
 
-- `oqs_kem_default` (see [here](https://github.com/open-quantum-safe/openssl/wiki/Using-liboqs-algorithms-that-are-not-in-the-forks#oqsdefault) for what this denotes)
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_KEXS_START -->
-- **BIKE**: `bike1l1cpa`, `bike1l3cpa`, `bike1l1fo`, `bike1l3fo`
+- **BIKE**: `bikel1`, `bikel3`
 - **CRYSTALS-Kyber**: `kyber512`, `kyber768`, `kyber1024`, `kyber90s512`, `kyber90s768`, `kyber90s1024`
 - **FrodoKEM**: `frodo640aes`, `frodo640shake`, `frodo976aes`, `frodo976shake`, `frodo1344aes`, `frodo1344shake`
 - **HQC**: `hqc128`, `hqc192`, `hqc256`†
@@ -101,7 +100,6 @@ Note that algorithms marked with a dagger (†) have large stack usage and may c
 
 The following digital signature algorithms from liboqs are supported by the fork. **Note that not all variants of all algorithms are enabled by default; algorithms that are enabled by default are marked with an asterisk, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssl/wiki/Using-liboqs-algorithms-not-in-the-fork#code-generation)**.
 
-- `oqs_sig_default`* (see [here](https://github.com/open-quantum-safe/openssl/wiki/Using-liboqs-algorithms-that-are-not-in-the-forks#oqsdefault) for what this denotes)
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_START -->
 - **CRYSTALS-Dilithium**:`dilithium2`\*, `dilithium3`\*, `dilithium5`\*, `dilithium2_aes`\*, `dilithium3_aes`\*, `dilithium5_aes`\*
 - **Falcon**:`falcon512`\*, `falcon1024`\*

apps/s_cb.c

@@ -246,12 +246,6 @@ static const char *get_sigtype(int nid)
         return "gost2012_512";
 
 ///// OQS_TEMPLATE_FRAGMENT_SIG_NAME_STR_START
-    case NID_oqs_sig_default:
-        return "OQS Default Signature Algorithm";
-    case NID_p256_oqs_sig_default:
-        return "ECDSA p256 - OQS Default Signature Algorithm";
-    case NID_rsa3072_oqs_sig_default:
-        return "RSA3072 - OQS Default Signature Algorithm";
     case NID_dilithium2:
         return "Dilithium2";
     case NID_p256_dilithium2:
@@ -482,19 +476,16 @@ int ssl_print_groups(BIO *out, SSL *s, int noshared)
 /* OQS note: is there a better place to put this? we only need it here... */
 static const char* OQS_CURVE_ID_NAME_STR(int id) {
   switch(id) {
-  case 0x01FF: return "oqs_kem_default";
   ///// OQS_TEMPLATE_FRAGMENT_OQS_CURVE_ID_NAME_STR_START
   case 0x0200: return "frodo640aes";
   case 0x0201: return "frodo640shake";
   case 0x0202: return "frodo976aes";
   case 0x0203: return "frodo976shake";
   case 0x0204: return "frodo1344aes";
   case 0x0205: return "frodo1344shake";
-  case 0x0206: return "bike1l1cpa";
-  case 0x0207: return "bike1l3cpa";
-  case 0x020F: return "kyber512";
-  case 0x0210: return "kyber768";
-  case 0x0211: return "kyber1024";
+  case 0x023A: return "kyber512";
+  case 0x023C: return "kyber768";
+  case 0x023D: return "kyber1024";
   case 0x0214: return "ntru_hps2048509";
   case 0x0215: return "ntru_hps2048677";
   case 0x0216: return "ntru_hps4096821";
@@ -510,11 +501,11 @@ static const char* OQS_CURVE_ID_NAME_STR(int id) {
   case 0x0220: return "sikep503";
   case 0x0221: return "sikep610";
   case 0x0222: return "sikep751";
-  case 0x0223: return "bike1l1fo";
-  case 0x0224: return "bike1l3fo";
-  case 0x0229: return "kyber90s512";
-  case 0x022A: return "kyber90s768";
-  case 0x022B: return "kyber90s1024";
+  case 0x0238: return "bikel1";
+  case 0x023B: return "bikel3";
+  case 0x023E: return "kyber90s512";
+  case 0x023F: return "kyber90s768";
+  case 0x0240: return "kyber90s1024";
   case 0x022C: return "hqc128";
   case 0x022D: return "hqc192";
   case 0x022E: return "hqc256";
@@ -525,19 +516,16 @@ static const char* OQS_CURVE_ID_NAME_STR(int id) {
   case 0x0233: return "sntrup761";
   case 0x0234: return "sntrup857";
   ///// OQS_TEMPLATE_FRAGMENT_OQS_CURVE_ID_NAME_STR_END
-  case 0x2FFF: return "p256_oqs_kem_default hybrid";
   ///// OQS_TEMPLATE_FRAGMENT_OQS_CURVE_ID_NAME_STR_HYBRID_START
    case 0x2F00: return "p256_frodo640aes hybrid";
    case 0x2F01: return "p256_frodo640shake hybrid";
    case 0x2F02: return "p384_frodo976aes hybrid";
    case 0x2F03: return "p384_frodo976shake hybrid";
    case 0x2F04: return "p521_frodo1344aes hybrid";
    case 0x2F05: return "p521_frodo1344shake hybrid";
-   case 0x2F06: return "p256_bike1l1cpa hybrid";
-   case 0x2F07: return "p384_bike1l3cpa hybrid";
-   case 0x2F0F: return "p256_kyber512 hybrid";
-   case 0x2F10: return "p384_kyber768 hybrid";
-   case 0x2F11: return "p521_kyber1024 hybrid";
+   case 0x2F3A: return "p256_kyber512 hybrid";
+   case 0x2F3C: return "p384_kyber768 hybrid";
+   case 0x2F3D: return "p521_kyber1024 hybrid";
    case 0x2F14: return "p256_ntru_hps2048509 hybrid";
    case 0x2F15: return "p384_ntru_hps2048677 hybrid";
    case 0x2F16: return "p521_ntru_hps4096821 hybrid";
@@ -553,11 +541,11 @@ static const char* OQS_CURVE_ID_NAME_STR(int id) {
    case 0x2F20: return "p256_sikep503 hybrid";
    case 0x2F21: return "p384_sikep610 hybrid";
    case 0x2F22: return "p521_sikep751 hybrid";
-   case 0x2F23: return "p256_bike1l1fo hybrid";
-   case 0x2F24: return "p384_bike1l3fo hybrid";
-   case 0x2F29: return "p256_kyber90s512 hybrid";
-   case 0x2F2A: return "p384_kyber90s768 hybrid";
-   case 0x2F2B: return "p521_kyber90s1024 hybrid";
+   case 0x2F38: return "p256_bikel1 hybrid";
+   case 0x2F3B: return "p384_bikel3 hybrid";
+   case 0x2F3E: return "p256_kyber90s512 hybrid";
+   case 0x2F3F: return "p384_kyber90s768 hybrid";
+   case 0x2F40: return "p521_kyber90s1024 hybrid";
    case 0x2F2C: return "p256_hqc128 hybrid";
    case 0x2F2D: return "p384_hqc192 hybrid";
    case 0x2F2E: return "p521_hqc256 hybrid";

crypto/asn1/standard_methods.h

@@ -60,9 +60,6 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
     &sm2_asn1_meth,
 #endif
 ///// OQS_TEMPLATE_FRAGMENT_SIG_ASN1_METHS_START
-    &oqs_sig_default_asn1_meth,
-    &p256_oqs_sig_default_asn1_meth,
-    &rsa3072_oqs_sig_default_asn1_meth,
     &dilithium2_asn1_meth,
     &p256_dilithium2_asn1_meth,
     &rsa3072_dilithium2_asn1_meth,

crypto/ec/oqs_meth.c

@@ -76,9 +76,6 @@ typedef enum {
 
 int oqssl_sig_nids_list[] = {
 ///// OQS_TEMPLATE_FRAGMENT_LIST_KNOWN_NIDS_START
-        NID_oqs_sig_default,
-        NID_p256_oqs_sig_default,
-        NID_rsa3072_oqs_sig_default,
         NID_dilithium2,
         NID_p256_dilithium2,
         NID_rsa3072_dilithium2,
@@ -129,8 +126,6 @@ int oqssl_kem_nids_list[] = {
         NID_frodo976shake,
         NID_frodo1344aes,
         NID_frodo1344shake,
-        NID_bike1l1cpa,
-        NID_bike1l3cpa,
         NID_kyber512,
         NID_kyber768,
         NID_kyber1024,
@@ -149,8 +144,8 @@ int oqssl_kem_nids_list[] = {
         NID_sikep503,
         NID_sikep610,
         NID_sikep751,
-        NID_bike1l1fo,
-        NID_bike1l3fo,
+        NID_bikel1,
+        NID_bikel3,
         NID_kyber90s512,
         NID_kyber90s768,
         NID_kyber90s1024,
@@ -193,10 +188,6 @@ char* get_oqs_alg_name(int openssl_nid)
   switch (openssl_nid)
   {
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_ALG_START
-    case NID_oqs_sig_default:
-    case NID_p256_oqs_sig_default:
-    case NID_rsa3072_oqs_sig_default:
-      return OQS_SIG_alg_default;
     case NID_dilithium2:
     case NID_p256_dilithium2:
     case NID_rsa3072_dilithium2:
@@ -251,8 +242,6 @@ char* get_oqs_alg_name(int openssl_nid)
     case NID_p256_sphincsshake256128frobust:
     case NID_rsa3072_sphincsshake256128frobust:
       return OQS_SIG_alg_sphincs_shake256_128f_robust;
-    case NID_oqs_kem_default:
-      return OQS_KEM_alg_default;
     case NID_frodo640aes:
     case NID_p256_frodo640aes:
       return OQS_KEM_alg_frodokem_640_aes;
@@ -271,12 +260,6 @@ char* get_oqs_alg_name(int openssl_nid)
     case NID_frodo1344shake:
     case NID_p521_frodo1344shake:
       return OQS_KEM_alg_frodokem_1344_shake;
-    case NID_bike1l1cpa:
-    case NID_p256_bike1l1cpa:
-      return OQS_KEM_alg_bike1_l1_cpa;
-    case NID_bike1l3cpa:
-    case NID_p384_bike1l3cpa:
-      return OQS_KEM_alg_bike1_l3_cpa;
     case NID_kyber512:
     case NID_p256_kyber512:
       return OQS_KEM_alg_kyber_512;
@@ -331,12 +314,12 @@ char* get_oqs_alg_name(int openssl_nid)
     case NID_sikep751:
     case NID_p521_sikep751:
       return OQS_KEM_alg_sike_p751;
-    case NID_bike1l1fo:
-    case NID_p256_bike1l1fo:
-      return OQS_KEM_alg_bike1_l1_fo;
-    case NID_bike1l3fo:
-    case NID_p384_bike1l3fo:
-      return OQS_KEM_alg_bike1_l3_fo;
+    case NID_bikel1:
+    case NID_p256_bikel1:
+      return OQS_KEM_alg_bike_l1;
+    case NID_bikel3:
+    case NID_p384_bikel3:
+      return OQS_KEM_alg_bike_l3;
     case NID_kyber90s512:
     case NID_p256_kyber90s512:
       return OQS_KEM_alg_kyber_512_90s;
@@ -384,8 +367,6 @@ static int is_oqs_hybrid_alg(int openssl_nid)
   switch (openssl_nid)
   {
 ///// OQS_TEMPLATE_FRAGMENT_LIST_HYBRID_NIDS_START
-    case NID_p256_oqs_sig_default:
-    case NID_rsa3072_oqs_sig_default:
     case NID_p256_dilithium2:
     case NID_rsa3072_dilithium2:
     case NID_p384_dilithium3:
@@ -423,7 +404,6 @@ static int get_classical_nid(int hybrid_id)
   switch (hybrid_id)
   {
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_CLASSICAL_NIDS_START
-    case NID_rsa3072_oqs_sig_default:
     case NID_rsa3072_dilithium2:
     case NID_rsa3072_dilithium2_aes:
     case NID_rsa3072_falcon512:
@@ -434,7 +414,6 @@ static int get_classical_nid(int hybrid_id)
     case NID_rsa3072_sphincssha256128frobust:
     case NID_rsa3072_sphincsshake256128frobust:
       return NID_rsaEncryption;
-    case NID_p256_oqs_sig_default:
     case NID_p256_dilithium2:
     case NID_p256_dilithium2_aes:
     case NID_p256_falcon512:
@@ -463,9 +442,6 @@ static int get_oqs_nid(int hybrid_id)
   switch (hybrid_id)
   {
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_OQS_NID_START
-    case NID_p256_oqs_sig_default:
-    case NID_rsa3072_oqs_sig_default:
-      return NID_oqs_sig_default;
     case NID_p256_dilithium2:
     case NID_rsa3072_dilithium2:
       return NID_dilithium2;
@@ -622,10 +598,6 @@ static int get_oqs_security_bits(int openssl_nid)
   switch (openssl_nid)
   {
 ///// OQS_TEMPLATE_FRAGMENT_GET_SIG_SECURITY_BITS_START
-    case NID_oqs_sig_default:
-    case NID_p256_oqs_sig_default:
-    case NID_rsa3072_oqs_sig_default:
-      return 128;
     case NID_dilithium2:
     case NID_p256_dilithium2:
     case NID_rsa3072_dilithium2:
@@ -1252,9 +1224,6 @@ static int oqs_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
     if (
     (
 ///// OQS_TEMPLATE_FRAGMENT_CHECK_IF_KNOWN_NID_START
-        nid != NID_oqs_sig_default &&
-        nid != NID_p256_oqs_sig_default &&
-        nid != NID_rsa3072_oqs_sig_default &&
         nid != NID_dilithium2 &&
         nid != NID_p256_dilithium2 &&
         nid != NID_rsa3072_dilithium2 &&
@@ -1854,9 +1823,6 @@ DEFINE_OQS_SIGN_INFO_SET(ALG, NID_ALG)                                \
 DEFINE_OQS_EVP_PKEY_METHOD(ALG, NID_ALG)                              \
 DEFINE_OQS_EVP_PKEY_ASN1_METHOD(ALG, NID_ALG, SHORT_NAME, LONG_NAME)
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_OQS_EVP_METHS_START
-DEFINE_OQS_EVP_METHODS(oqs_sig_default, NID_oqs_sig_default, "oqs_sig_default", "OpenSSL OQS Default Signature Algorithm algorithm")
-DEFINE_OQS_EVP_METHODS(p256_oqs_sig_default, NID_p256_oqs_sig_default, "p256_oqs_sig_default", "OpenSSL ECDSA p256 OQS Default Signature Algorithm algorithm")
-DEFINE_OQS_EVP_METHODS(rsa3072_oqs_sig_default, NID_rsa3072_oqs_sig_default, "rsa3072_oqs_sig_default", "OpenSSL RSA3072 OQS Default Signature Algorithm algorithm")
 DEFINE_OQS_EVP_METHODS(dilithium2, NID_dilithium2, "dilithium2", "OpenSSL Dilithium2 algorithm")
 DEFINE_OQS_EVP_METHODS(p256_dilithium2, NID_p256_dilithium2, "p256_dilithium2", "OpenSSL ECDSA p256 Dilithium2 algorithm")
 DEFINE_OQS_EVP_METHODS(rsa3072_dilithium2, NID_rsa3072_dilithium2, "rsa3072_dilithium2", "OpenSSL RSA3072 Dilithium2 algorithm")

crypto/evp/pmeth_lib.c

@@ -69,9 +69,6 @@ static const EVP_PKEY_METHOD *standard_methods[] = {
     &sm2_pkey_meth,
 #endif
 ///// OQS_TEMPLATE_FRAGMENT_LIST_PKEY_METHS_START
-    &oqs_sig_default_pkey_meth,
-    &p256_oqs_sig_default_pkey_meth,
-    &rsa3072_oqs_sig_default_pkey_meth,
     &dilithium2_pkey_meth,
     &p256_dilithium2_pkey_meth,
     &rsa3072_dilithium2_pkey_meth,