Skip to content

ML_KEM IDs backward compat #8827

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JacobBarthelmeh merged 1 commit into from
Jun 6, 2025
Merged

ML_KEM IDs backward compat #8827

JacobBarthelmeh merged 1 commit into from
Jun 6, 2025

Conversation

@SparkiDev
Copy link
Contributor

@SparkiDev SparkiDev commented May 31, 2025

Description

Allow backward compatibilitly of Hybrid ML_KEM codepoints in TLS with version before wolfSSL 5.8.0.
When WOLFSSL_ML_KEM_USE_OLD_IDS is defined, it will accept the old codepoints for P256 with ML-KEM-512, P384 with ML-KEM-768, P521 with ML-KEM-10124. (Others combinations were not know pre 5.8.0.) Both old client with new server and new client with new server work with old codepoints.

Fixes zd#19967

Testing

Checkout 5.7.6::
./configure --disable-shared --enable-mlkem=all
Checkout master:
./configure --disable-shared --enable-mlkem=yes,kyber,ml-kem

./examples/client/client -v 4 --pqc P521_ML_KEM_1024
./examples/client/server -v 4 --pqc P521_ML_KEM_1024

All combinations of new/old client/server.

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@SparkiDev SparkiDev self-assigned this May 31, 2025
@SparkiDev
Copy link
Contributor Author

SparkiDev commented May 31, 2025

retest this please

@SparkiDev SparkiDev force-pushed the ml_kem_codepoints branch 2 times, most recently from 3228a1e to 852a937 Compare June 4, 2025 23:53
@SparkiDev
Copy link
Contributor Author

SparkiDev commented Jun 5, 2025
edited
Loading

retest this please
hudson

kp-max-li added a commit to expressvpn/lightway-core that referenced this pull request Jun 5, 2025
@kp-max-li
wolfssl: mlkem codepoint backward compatible patch
35c3030 
From 5.7.6 to 5.8.0, WolfSSL has updated the codepoints of
the postquantum curves according to OQS's specification.
open-quantum-safe/oqs-provider@8abfecd#diff-ad6b78182015150daf78fa86f78db241b4489a2137c559c95da15cc62c7c1a7bL89

However, the codepoints are incompatible between versions
at or before 5.7.6 and versions at or after 5.8.0. Hence, this
patch is added to make it backward compatible.

The patch is retrieved from wolfSSL/wolfssl#8827

Behaviour:
If version <= 5.7.6 is connected to version >= 5.8.0, old codepoint
is used.
If version >= 5.8.0 is connected to version >= 5.8.0, new codepoint
is used.
@kp-max-li kp-max-li mentioned this pull request Jun 5, 2025
Merged
8 tasks
@SparkiDev
ML_KEM IDs backward compat
7eca4fb 
Allow backward compatibilitly of Hybrid ML_KEM codepoints in TLS with
version before wolfSSL 5.8.0.
When WOLFSSL_ML_KEM_USE_OLD_IDS is defined, it will accept the old
codepoints for P256 with ML-KEM-512, P384 with ML-KEM-768, P521 with
ML-KEM-10124. (Others combinations were not know pre 5.8.0.)
Both old client with new server and new client with new server work with
old codepoints.
@SparkiDev SparkiDev force-pushed the ml_kem_codepoints branch from 852a937 to 7eca4fb Compare June 5, 2025 23:17
@SparkiDev SparkiDev assigned wolfSSL-Bot and unassigned SparkiDev Jun 6, 2025
@SparkiDev SparkiDev requested a review from wolfSSL-Bot June 6, 2025 01:22
kp-max-li added a commit to expressvpn/wolfssl-rs that referenced this pull request Jun 6, 2025
@kp-max-li
wolfssl: mlkem codepoint backward compatible patch
67d1399 
From 5.7.6 to 5.8.0, WolfSSL has updated the codepoints of
the postquantum curves according to OQS's specification.
open-quantum-safe/oqs-provider@8abfecd#diff-ad6b78182015150daf78fa86f78db241b4489a2137c559c95da15cc62c7c1a7bL89

However, the codepoints are incompatible between versions
at or before 5.7.6 and versions at or after 5.8.0. Hence, this
patch is added to make it backward compatible.

The patch is retrieved from wolfSSL/wolfssl#8827

Behaviour:
If version <= 5.7.6 is connected to version >= 5.8.0, old codepoint
is used.
If version >= 5.8.0 is connected to version >= 5.8.0, new codepoint
is used.
kp-max-li added a commit to expressvpn/wolfssl-rs that referenced this pull request Jun 6, 2025
@kp-max-li
wolfssl: mlkem codepoint backward compatible patch
910c5bb 
From 5.7.6 to 5.8.0, WolfSSL has updated the codepoints of
the postquantum curves according to OQS's specification.
open-quantum-safe/oqs-provider@8abfecd#diff-ad6b78182015150daf78fa86f78db241b4489a2137c559c95da15cc62c7c1a7bL89

However, the codepoints are incompatible between versions
at or before 5.7.6 and versions at or after 5.8.0. Hence, this
patch is added to make it backward compatible.

The patch is retrieved from wolfSSL/wolfssl#8827

Behaviour:
If version <= 5.7.6 is connected to version >= 5.8.0, old codepoint
is used.
If version >= 5.8.0 is connected to version >= 5.8.0, new codepoint
is used.
kp-max-li added a commit to expressvpn/wolfssl-rs that referenced this pull request Jun 6, 2025
@kp-max-li
wolfssl: mlkem codepoint backward compatible patch
9ac81ec 
From 5.7.6 to 5.8.0, WolfSSL has updated the codepoints of
the postquantum curves according to OQS's specification.
open-quantum-safe/oqs-provider@8abfecd#diff-ad6b78182015150daf78fa86f78db241b4489a2137c559c95da15cc62c7c1a7bL89

However, the codepoints are incompatible between versions
at or before 5.7.6 and versions at or after 5.8.0. Hence, this
patch is added to make it backward compatible.

The patch is retrieved from wolfSSL/wolfssl#8827

Behaviour:
If version <= 5.7.6 is connected to version >= 5.8.0, old codepoint
is used.
If version >= 5.8.0 is connected to version >= 5.8.0, new codepoint
is used.
kp-max-li added a commit to expressvpn/wolfssl-rs that referenced this pull request Jun 6, 2025
@kp-max-li
wolfssl: mlkem codepoint backward compatible patch
e9ea50a 
From 5.7.6 to 5.8.0, WolfSSL has updated the codepoints of
the postquantum curves according to OQS's specification.
open-quantum-safe/oqs-provider@8abfecd#diff-ad6b78182015150daf78fa86f78db241b4489a2137c559c95da15cc62c7c1a7bL89

However, the codepoints are incompatible between versions
at or before 5.7.6 and versions at or after 5.8.0. Hence, this
patch is added to make it backward compatible.

The patch is retrieved from wolfSSL/wolfssl#8827

Behaviour:
If version <= 5.7.6 is connected to version >= 5.8.0, old codepoint
is used.
If version >= 5.8.0 is connected to version >= 5.8.0, new codepoint
is used.
@kp-max-li kp-max-li mentioned this pull request Jun 6, 2025
Merged
@JacobBarthelmeh JacobBarthelmeh merged commit f4821eb into wolfSSL:master Jun 6, 2025
260 of 261 checks passed
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Nov 3, 2025
@kp-thomas-yau
CVPN-2327/COVPN-30: Remove git patches that are included in the `5.8.…
348e8ca 
…2` release

Related PR:
- wolfSSL/wolfssl#8833
- wolfSSL/wolfssl#8827
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Nov 5, 2025
@kp-thomas-yau
CVPN-2327/COVPN-30: Remove git patches that are included in the `5.8.…
f200a6e 
…2` release

Related PR:
- wolfSSL/wolfssl#8833
- wolfSSL/wolfssl#8827
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Nov 7, 2025
@kp-thomas-yau
CVPN-2327/COVPN-30: Remove git patches that are included in the `5.8.…
974ff25 
…2` release

Related PR:
- wolfSSL/wolfssl#8833
- wolfSSL/wolfssl#8827
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Nov 11, 2025
@kp-thomas-yau
CVPN-2327/COVPN-30: Remove git patches that are included in the `5.8.…
35c3ba3 
…2` release

Related PR:
- wolfSSL/wolfssl#8833
- wolfSSL/wolfssl#8827
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@SparkiDev @JacobBarthelmeh @wolfSSL-Bot