FIX: review comments

randombit · Sep 29, 2023 · 4486d90 · 4486d90
1 parent d7fd540
commit 4486d90
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 8 deletions.
diff --git a/doc/api_ref/tls.rst b/doc/api_ref/tls.rst
@@ -1003,6 +1003,8 @@ The ``TLS::Protocol_Version`` class represents a specific version:
 Post-quantum-secure key exchange
 --------------------------------
 
+.. versionadded:: :: 3.2
+
 Botan allows TLS 1.3 handshakes using both pure post-quantum secure algorithms
 or a hybrid key exchange that combines a classical and a post-quantum secure
 algorithm. For the latter it implements the recent IETF

diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
@@ -423,7 +423,7 @@ void Client_Hello_12::add_tls12_supported_groups_extensions(const Policy& policy
    const std::vector<Group_Params> kex_groups = policy.key_exchange_groups();
    std::vector<Group_Params> compatible_kex_groups;
    std::copy_if(kex_groups.begin(), kex_groups.end(), std::back_inserter(compatible_kex_groups), [](const auto group) {
-      return is_ecdh(group) || is_dh(group) || is_x25519(group);
+      return !is_post_quantum(group);
    });
 
    auto supported_groups = std::make_unique<Supported_Groups>(std::move(compatible_kex_groups));

diff --git a/src/lib/tls/tls13_pqc/hybrid_public_key.cpp b/src/lib/tls/tls13_pqc/hybrid_public_key.cpp
@@ -308,12 +308,7 @@ secure_vector<uint8_t> Hybrid_KEM_PrivateKey::private_key_bits() const {
 }
 
 std::unique_ptr<Public_Key> Hybrid_KEM_PrivateKey::public_key() const {
-   std::vector<std::unique_ptr<Public_Key>> pks;
-   pks.reserve(m_private_keys.size());
-   for(const auto& sk : m_private_keys) {
-      pks.push_back(sk->public_key());
-   }
-   return std::make_unique<Hybrid_KEM_PublicKey>(std::move(pks));
+   return std::make_unique<Hybrid_KEM_PublicKey>(extract_public_keys(m_private_keys));
 }
 
 bool Hybrid_KEM_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const {

diff --git a/src/lib/tls/tls13_pqc/info.txt b/src/lib/tls/tls13_pqc/info.txt
@@ -1,5 +1,5 @@
 <defines>
-TLS_13_PQC -> 20210721
+TLS_13_PQC -> 20230919
 </defines>
 
 <module_info>

diff --git a/src/lib/tls/tls_algos.h b/src/lib/tls/tls_algos.h
@@ -151,6 +151,10 @@ constexpr bool is_kem(const Group_Params group) {
    return is_pure_kyber(group) || is_hybrid(group);
 }
 
+constexpr bool is_post_quantum(const Group_Params group) {
+   return is_pure_kyber(group) || is_hybrid(group);
+}
+
 std::string group_param_to_string(Group_Params group);
 Group_Params group_param_from_string(std::string_view group_name);
 std::vector<std::pair<std::string, std::string>> hybrid_group_param_to_algorithm_specs(Group_Params group);