first cut adding ML-* (open-quantum-safe#348)

* introducing ML-* algorithms * split KEX testing in 2 and add openssl bug warning to README * clarify utility of KEM OIDs
EntrustCorporation · Mar 17, 2024 · f14a1d2 · f14a1d2
1 parent 4fb2c52
commit f14a1d2
Show file tree

Hide file tree

Showing 21 changed files with 1,784 additions and 661 deletions.
diff --git a/ALGORITHMS.md b/ALGORITHMS.md
@@ -38,6 +38,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p256_kyber768 | 0x639A | Yes | OQS_CODEPOINT_P256_KYBER768 |
 | kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 |
 | p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 |
+| mlkem512 | 0x0247 | Yes | OQS_CODEPOINT_MLKEM512 |
+| p256_mlkem512 | 0x2F47 | Yes | OQS_CODEPOINT_P256_MLKEM512 |
+| x25519_mlkem512 | 0x2FB2 | Yes | OQS_CODEPOINT_X25519_MLKEM512 |
+| mlkem768 | 0x0248 | Yes | OQS_CODEPOINT_MLKEM768 |
+| p384_mlkem768 | 0x2F48 | Yes | OQS_CODEPOINT_P384_MLKEM768 |
+| x448_mlkem768 | 0x2FB3 | Yes | OQS_CODEPOINT_X448_MLKEM768 |
+| x25519_mlkem768 | 0x2FB4 | Yes | OQS_CODEPOINT_X25519_MLKEM768 |
+| p256_mlkem768 | 0x2FB5 | Yes | OQS_CODEPOINT_P256_MLKEM768 |
+| mlkem1024 | 0x0249 | Yes | OQS_CODEPOINT_MLKEM1024 |
+| p521_mlkem1024 | 0x2F49 | Yes | OQS_CODEPOINT_P521_MLKEM1024 |
 | bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 |
 | p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 |
 | x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 |
@@ -61,6 +71,13 @@ As standardization for these algorithms within TLS is not done, all TLS code poi
 | p384_dilithium3 | 0xfea4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3
 | dilithium5 | 0xfea5 |Yes| OQS_CODEPOINT_DILITHIUM5
 | p521_dilithium5 | 0xfea6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5
+| mldsa44 | 0xfed0 |Yes| OQS_CODEPOINT_MLDSA44
+| p256_mldsa44 | 0xfed3 |Yes| OQS_CODEPOINT_P256_MLDSA44
+| rsa3072_mldsa44 | 0xfed4 |Yes| OQS_CODEPOINT_RSA3072_MLDSA44
+| mldsa65 | 0xfed1 |Yes| OQS_CODEPOINT_MLDSA65
+| p384_mldsa65 | 0xfed5 |Yes| OQS_CODEPOINT_P384_MLDSA65
+| mldsa87 | 0xfed2 |Yes| OQS_CODEPOINT_MLDSA87
+| p521_mldsa87 | 0xfed6 |Yes| OQS_CODEPOINT_P521_MLDSA87
 | falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512
 | p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512
 | rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512
@@ -136,9 +153,13 @@ adapting the OIDs of all supported signature algorithms as per the table below.
 | dilithium3_ed25519 | 2.16.840.1.114027.80.8.1.10 |Yes| OQS_OID_DILITHIUM3_ed25519
 | dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5
 | p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5
-| dilithium5_p384 | 2.16.840.1.114027.80.8.1.11 |Yes| OQS_OID_DILITHIUM5_p384
-| dilithium5_bp384 | 2.16.840.1.114027.80.8.1.12 |Yes| OQS_OID_DILITHIUM5_bp384
-| dilithium5_ed448 | 2.16.840.1.114027.80.8.1.13 |Yes| OQS_OID_DILITHIUM5_ed448
+| mldsa44 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_MLDSA44
+| p256_mldsa44 | 1.3.9999.7.1 |Yes| OQS_OID_P256_MLDSA44
+| rsa3072_mldsa44 | 1.3.9999.7.2 |Yes| OQS_OID_RSA3072_MLDSA44
+| mldsa65 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_MLDSA65
+| p384_mldsa65 | 1.3.9999.7.3 |Yes| OQS_OID_P384_MLDSA65
+| mldsa87 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_MLDSA87
+| p521_mldsa87 | 1.3.9999.7.4 |Yes| OQS_OID_P521_MLDSA87
 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512
 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512
 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512
@@ -180,48 +201,58 @@ If [OQS_KEM_ENCODERS](CONFIGURE.md#OQS_KEM_ENCODERS) is enabled the following li
 
 |Algorithm name |    default OID    | environment variable |
 |---------------|:-----------------:|----------------------|
-| frodo640aes | 1.3.9999.99.50 | OQS_OID_FRODO640AES
-| p256_frodo640aes | 1.3.9999.99.49 | OQS_OID_P256_FRODO640AES
-| x25519_frodo640aes | 1.3.9999.99.38 | OQS_OID_X25519_FRODO640AES
-| frodo640shake | 1.3.9999.99.52 | OQS_OID_FRODO640SHAKE
-| p256_frodo640shake | 1.3.9999.99.51 | OQS_OID_P256_FRODO640SHAKE
-| x25519_frodo640shake | 1.3.9999.99.39 | OQS_OID_X25519_FRODO640SHAKE
-| frodo976aes | 1.3.9999.99.54 | OQS_OID_FRODO976AES
-| p384_frodo976aes | 1.3.9999.99.53 | OQS_OID_P384_FRODO976AES
-| x448_frodo976aes | 1.3.9999.99.40 | OQS_OID_X448_FRODO976AES
-| frodo976shake | 1.3.9999.99.56 | OQS_OID_FRODO976SHAKE
-| p384_frodo976shake | 1.3.9999.99.55 | OQS_OID_P384_FRODO976SHAKE
-| x448_frodo976shake | 1.3.9999.99.41 | OQS_OID_X448_FRODO976SHAKE
-| frodo1344aes | 1.3.9999.99.58 | OQS_OID_FRODO1344AES
-| p521_frodo1344aes | 1.3.9999.99.57 | OQS_OID_P521_FRODO1344AES
-| frodo1344shake | 1.3.9999.99.60 | OQS_OID_FRODO1344SHAKE
-| p521_frodo1344shake | 1.3.9999.99.59 | OQS_OID_P521_FRODO1344SHAKE
+| frodo640aes | 1.3.9999.99.58 | OQS_OID_FRODO640AES
+| p256_frodo640aes | 1.3.9999.99.57 | OQS_OID_P256_FRODO640AES
+| x25519_frodo640aes | 1.3.9999.99.43 | OQS_OID_X25519_FRODO640AES
+| frodo640shake | 1.3.9999.99.60 | OQS_OID_FRODO640SHAKE
+| p256_frodo640shake | 1.3.9999.99.59 | OQS_OID_P256_FRODO640SHAKE
+| x25519_frodo640shake | 1.3.9999.99.44 | OQS_OID_X25519_FRODO640SHAKE
+| frodo976aes | 1.3.9999.99.62 | OQS_OID_FRODO976AES
+| p384_frodo976aes | 1.3.9999.99.61 | OQS_OID_P384_FRODO976AES
+| x448_frodo976aes | 1.3.9999.99.45 | OQS_OID_X448_FRODO976AES
+| frodo976shake | 1.3.9999.99.64 | OQS_OID_FRODO976SHAKE
+| p384_frodo976shake | 1.3.9999.99.63 | OQS_OID_P384_FRODO976SHAKE
+| x448_frodo976shake | 1.3.9999.99.46 | OQS_OID_X448_FRODO976SHAKE
+| frodo1344aes | 1.3.9999.99.66 | OQS_OID_FRODO1344AES
+| p521_frodo1344aes | 1.3.9999.99.65 | OQS_OID_P521_FRODO1344AES
+| frodo1344shake | 1.3.9999.99.68 | OQS_OID_FRODO1344SHAKE
+| p521_frodo1344shake | 1.3.9999.99.67 | OQS_OID_P521_FRODO1344SHAKE
 | kyber512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_KYBER512
 | p256_kyber512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_KYBER512
 | x25519_kyber512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_KYBER512
 | kyber768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_KYBER768
-| p384_kyber768 | 1.3.9999.99.61 | OQS_OID_P384_KYBER768
-| x448_kyber768 | 1.3.9999.99.42 | OQS_OID_X448_KYBER768
-| x25519_kyber768 | 1.3.9999.99.43 | OQS_OID_X25519_KYBER768
-| p256_kyber768 | 1.3.9999.99.44 | OQS_OID_P256_KYBER768
+| p384_kyber768 | 1.3.9999.99.69 | OQS_OID_P384_KYBER768
+| x448_kyber768 | 1.3.9999.99.47 | OQS_OID_X448_KYBER768
+| x25519_kyber768 | 1.3.9999.99.48 | OQS_OID_X25519_KYBER768
+| p256_kyber768 | 1.3.9999.99.49 | OQS_OID_P256_KYBER768
 | kyber1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_KYBER1024
-| p521_kyber1024 | 1.3.9999.99.62 | OQS_OID_P521_KYBER1024
-| bikel1 | 1.3.9999.99.64 | OQS_OID_BIKEL1
-| p256_bikel1 | 1.3.9999.99.63 | OQS_OID_P256_BIKEL1
-| x25519_bikel1 | 1.3.9999.99.45 | OQS_OID_X25519_BIKEL1
-| bikel3 | 1.3.9999.99.66 | OQS_OID_BIKEL3
-| p384_bikel3 | 1.3.9999.99.65 | OQS_OID_P384_BIKEL3
-| x448_bikel3 | 1.3.9999.99.46 | OQS_OID_X448_BIKEL3
-| bikel5 | 1.3.9999.99.68 | OQS_OID_BIKEL5
-| p521_bikel5 | 1.3.9999.99.67 | OQS_OID_P521_BIKEL5
-| hqc128 | 1.3.9999.99.70 | OQS_OID_HQC128
-| p256_hqc128 | 1.3.9999.99.69 | OQS_OID_P256_HQC128
-| x25519_hqc128 | 1.3.9999.99.47 | OQS_OID_X25519_HQC128
-| hqc192 | 1.3.9999.99.72 | OQS_OID_HQC192
-| p384_hqc192 | 1.3.9999.99.71 | OQS_OID_P384_HQC192
-| x448_hqc192 | 1.3.9999.99.48 | OQS_OID_X448_HQC192
-| hqc256 | 1.3.9999.99.74 | OQS_OID_HQC256
-| p521_hqc256 | 1.3.9999.99.73 | OQS_OID_P521_HQC256
+| p521_kyber1024 | 1.3.9999.99.70 | OQS_OID_P521_KYBER1024
+| mlkem512 | 1.3.6.1.4.1.22554.5.6.1 | OQS_OID_MLKEM512
+| p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | OQS_OID_P256_MLKEM512
+| x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | OQS_OID_X25519_MLKEM512
+| mlkem768 | 1.3.6.1.4.1.22554.5.6.2 | OQS_OID_MLKEM768
+| p384_mlkem768 | 1.3.9999.99.71 | OQS_OID_P384_MLKEM768
+| x448_mlkem768 | 1.3.9999.99.50 | OQS_OID_X448_MLKEM768
+| x25519_mlkem768 | 1.3.9999.99.51 | OQS_OID_X25519_MLKEM768
+| p256_mlkem768 | 1.3.9999.99.52 | OQS_OID_P256_MLKEM768
+| mlkem1024 | 1.3.6.1.4.1.22554.5.6.3 | OQS_OID_MLKEM1024
+| p521_mlkem1024 | 1.3.9999.99.72 | OQS_OID_P521_MLKEM1024
+| bikel1 | 1.3.9999.99.74 | OQS_OID_BIKEL1
+| p256_bikel1 | 1.3.9999.99.73 | OQS_OID_P256_BIKEL1
+| x25519_bikel1 | 1.3.9999.99.53 | OQS_OID_X25519_BIKEL1
+| bikel3 | 1.3.9999.99.76 | OQS_OID_BIKEL3
+| p384_bikel3 | 1.3.9999.99.75 | OQS_OID_P384_BIKEL3
+| x448_bikel3 | 1.3.9999.99.54 | OQS_OID_X448_BIKEL3
+| bikel5 | 1.3.9999.99.78 | OQS_OID_BIKEL5
+| p521_bikel5 | 1.3.9999.99.77 | OQS_OID_P521_BIKEL5
+| hqc128 | 1.3.9999.99.80 | OQS_OID_HQC128
+| p256_hqc128 | 1.3.9999.99.79 | OQS_OID_P256_HQC128
+| x25519_hqc128 | 1.3.9999.99.55 | OQS_OID_X25519_HQC128
+| hqc192 | 1.3.9999.99.82 | OQS_OID_HQC192
+| p384_hqc192 | 1.3.9999.99.81 | OQS_OID_P384_HQC192
+| x448_hqc192 | 1.3.9999.99.56 | OQS_OID_X448_HQC192
+| hqc256 | 1.3.9999.99.84 | OQS_OID_HQC256
+| p521_hqc256 | 1.3.9999.99.83 | OQS_OID_P521_HQC256
 <!--- OQS_TEMPLATE_FRAGMENT_OIDS_END -->
 
 # Key Encodings

diff --git a/CONFIGURE.md b/CONFIGURE.md
@@ -54,10 +54,13 @@ The default value is `OFF`.
 
 ### OQS_KEM_ENCODERS
 
-By setting this to "ON", `oqsprovider` is configured to provide encoders and decoders for
-KEM algorithms both for public and private key file formats. This increases the size of
-the provider but enables further use cases.
-The default value is `OFF`.
+By setting this to "ON", `oqsprovider` is configured to provide encoders
+and decoders for KEM algorithms both for public and private key file formats.
+This increases the size of the provider but enables further use cases.
+The underlying OIDs are chosen at random and should not be relied on for
+future use. For purposes of interoperability testing the chosen OIDs can
+always --at runtime-- be set by [environment variables](https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md#oids) to arbitrary values
+The default value therefore is `OFF`.
 
 ### OQS_PROVIDER_BUILD_STATIC
 

diff --git a/README.md b/README.md
@@ -40,11 +40,13 @@ This implementation makes available the following quantum safe algorithms:
 - **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `x448_kyber768`, `x25519_kyber768`, `p256_kyber768`, `kyber1024`, `p521_kyber1024`
 - **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `x448_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `x448_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake`
 - **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `x448_hqc192`, `hqc256`, `p521_hqc256`†
+- **ML-KEM**: `mlkem512`, `p256_mlkem512`, `x25519_mlkem512`, `mlkem768`, `p384_mlkem768`, `x448_mlkem768`, `x25519_mlkem768`, `p256_mlkem768`, `mlkem1024`, `p521_mlkem1024`
 
 ### Signature algorithms
 
-- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium2_pss2048`\*, `dilithium2_rsa2048`\*, `dilithium2_ed25519`\*, `dilithium2_p256`\*, `dilithium2_bp256`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium3_pss3072`\*, `dilithium3_rsa3072`\*, `dilithium3_p256`\*, `dilithium3_bp256`\*, `dilithium3_ed25519`\*, `dilithium5`\*, `p521_dilithium5`\*, `dilithium5_p384`\*, `dilithium5_bp384`\*, `dilithium5_ed448`\*
-- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon512_p256`\*, `falcon512_bp256`\*, `falcon512_ed25519`\*, `falcon1024`\*, `p521_falcon1024`\*
+- **CRYSTALS-Dilithium**:`dilithium2`\*, `p256_dilithium2`\*, `rsa3072_dilithium2`\*, `dilithium3`\*, `p384_dilithium3`\*, `dilithium5`\*, `p521_dilithium5`\*
+- **ML-DSA**:`mldsa44`\*, `p256_mldsa44`\*, `rsa3072_mldsa44`\*, `mldsa65`\*, `p384_mldsa65`\*, `mldsa87`\*, `p521_mldsa87`\*
+- **Falcon**:`falcon512`\*, `p256_falcon512`\*, `rsa3072_falcon512`\*, `falcon1024`\*, `p521_falcon1024`\*
 
 - **SPHINCS-SHA2**:`sphincssha2128fsimple`\*, `p256_sphincssha2128fsimple`\*, `rsa3072_sphincssha2128fsimple`\*, `sphincssha2128ssimple`\*, `p256_sphincssha2128ssimple`\*, `rsa3072_sphincssha2128ssimple`\*, `sphincssha2192fsimple`\*, `p384_sphincssha2192fsimple`\*, `sphincssha2192ssimple`, `p384_sphincssha2192ssimple`, `sphincssha2256fsimple`, `p521_sphincssha2256fsimple`, `sphincssha2256ssimple`, `p521_sphincssha2256ssimple`
 - **SPHINCS-SHAKE**:`sphincsshake128fsimple`\*, `p256_sphincsshake128fsimple`\*, `rsa3072_sphincsshake128fsimple`\*, `sphincsshake128ssimple`, `p256_sphincsshake128ssimple`, `rsa3072_sphincsshake128ssimple`, `sphincsshake192fsimple`, `p384_sphincsshake192fsimple`, `sphincsshake192ssimple`, `p384_sphincsshake192ssimple`, `sphincsshake256fsimple`, `p521_sphincsshake256fsimple`, `sphincsshake256ssimple`, `p521_sphincsshake256ssimple`
@@ -144,6 +146,13 @@ as documented in https://github.com/openssl/openssl/issues/22761.
 When https://github.com/openssl/openssl/pull/22779 land, the last config-time limitation
 for provider-based signatures should be gone.
 
+A limitation present in all OpenSSL versions is the number of default groups
+supported: [At most 44 default groups may be specified](https://github.com/openssl/openssl/issues/23624)
+, e.g., passing to [SSL_CTX_set1_groups](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html).
+Therefore caution is advised activating all KEMs supported by `oqsprovider`:
+This may lead to `openssl` crashing.
+
+
 For [general OpenSSL implementation limitations, e.g., regarding provider feature usage and support,
 see here](https://wiki.openssl.org/index.php/OpenSSL_3.0#STATUS_of_current_development).
 

diff --git a/oqs-template/generate.py b/oqs-template/generate.py
@@ -38,7 +38,7 @@ def get_kem_nistlevel(alg):
     if alg['family'] == 'CRYSTALS-Kyber': datasheetname = 'kyber'
     elif alg['family'] == 'SIDH': datasheetname = 'sike'
     elif alg['family'] == 'NTRU-Prime': datasheetname = 'ntruprime'
-    else: datasheetname = alg['family'].lower()
+    else: datasheetname = alg['family'].lower().replace('-', '_')
     # load datasheet
     algymlfilename = os.path.join(os.environ['LIBOQS_SRC_DIR'], 'docs', 'algorithms', 'kem', '{:s}.yml'.format(datasheetname))
     algyml = yaml.safe_load(file_get_contents(algymlfilename, encoding='utf-8'))
@@ -53,7 +53,7 @@ def simplify(s):
         return False
     # find the variant that matches
     for variant in algyml['parameter-sets']:
-        if matches(variant['name'], alg):
+        if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)):
             return variant['claimed-nist-level']
     return None
 
@@ -66,7 +66,7 @@ def get_sig_nistlevel(family, alg):
     elif family['family'] == 'SPHINCS-Haraka': datasheetname = 'sphincs'
     elif family['family'] == 'SPHINCS-SHA2': datasheetname = 'sphincs'
     elif family['family'] == 'SPHINCS-SHAKE': datasheetname = 'sphincs'
-    else: datasheetname = family['family'].lower()
+    else: datasheetname = family['family'].lower().replace('-', '_')
     # load datasheet
     algymlfilename = os.path.join(os.environ['LIBOQS_SRC_DIR'], 'docs', 'algorithms', 'sig', '{:s}.yml'.format(datasheetname))
     algyml = yaml.safe_load(file_get_contents(algymlfilename, encoding='utf-8'))
@@ -78,7 +78,7 @@ def simplify(s):
         return False
     # find the variant that matches
     for variant in algyml['parameter-sets']:
-        if matches(variant['name'], alg):
+        if matches(variant['name'], alg) or ('alias' in variant and matches(variant['alias'], alg)):
             return variant['claimed-nist-level']
     return None
 

diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
@@ -1,5 +1,5 @@
 # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs
-# Next free plain KEM ID: 0x0247, p-hybrid: 0x2F47, X-hybrid: 0x2FB2
+# Next free plain KEM ID: 0x024A, p-hybrid: 0x2F4A, X-hybrid: 0x2FB6
 kems:
   -
     family: 'FrodoKEM'
@@ -145,6 +145,41 @@ kems:
           hybrid_group: secp521_r1
           nid: '0x2F11'
     oqs_alg: 'OQS_KEM_alg_kyber_1024'
+  -
+    family: 'ML-KEM'
+    name_group: 'mlkem512'
+    nid: '0x0247'
+    oid: '1.3.6.1.4.1.22554.5.6.1'
+    nid_hybrid: '0x2F47'
+    hybrid_oid: '1.3.6.1.4.1.22554.5.7.1'
+    oqs_alg: 'OQS_KEM_alg_ml_kem_512'
+    extra_nids:
+      current:
+        - hybrid_group: "x25519"
+          hybrid_oid: '1.3.6.1.4.1.22554.5.8.1'
+          nid: '0x2FB2'
+  -
+    family: 'ML-KEM'
+    name_group: 'mlkem768'
+    nid: '0x0248'
+    oid: '1.3.6.1.4.1.22554.5.6.2'
+    nid_hybrid: '0x2F48'
+    oqs_alg: 'OQS_KEM_alg_ml_kem_768'
+    extra_nids:
+      current:
+        - hybrid_group: "x448"
+          nid: '0x2FB3'
+        - hybrid_group: "x25519"
+          nid: '0x2FB4'
+        - hybrid_group: "p256"
+          nid: '0x2FB5'
+  -
+    family: 'ML-KEM'
+    name_group: 'mlkem1024'
+    nid: '0x0249'
+    oid: '1.3.6.1.4.1.22554.5.6.3'
+    nid_hybrid: '0x2F49'
+    oqs_alg: 'OQS_KEM_alg_ml_kem_1024'
   -
     family: 'BIKE'
     name_group: 'bike1l1fo'
@@ -358,7 +393,7 @@ kem_nid_end: '0x0250'
 kem_nid_hybrid_end: '0x2FFF'
 # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values
 
-# Next free signature ID: 0xfed0
+# Next free signature ID: 0xfed7
 sigs:
   # -
     # iso (1)
@@ -557,6 +592,46 @@ sigs:
                           'pretty_name': 'ECDSA p521',
                           'oid': '1.3.9999.2.11.4',
                           'code_point': '0xfead'}]
+  -
+    family: 'ML-DSA'
+    variants:
+      -
+        name: 'mldsa44'
+        pretty_name: 'ML-DSA-44'
+        oqs_meth: 'OQS_SIG_alg_ml_dsa_44'
+        oid: '1.3.6.1.4.1.2.267.12.4.4'
+        code_point: '0xfed0'
+        enable: true
+        mix_with: [{'name': 'p256',
+                    'pretty_name': 'ECDSA p256',
+                    'oid': '1.3.9999.7.1',
+                    'code_point': '0xfed3'},
+                   {'name': 'rsa3072',
+                    'pretty_name': 'RSA3072',
+                    'oid': '1.3.9999.7.2',
+                    'code_point': '0xfed4'}]
+      -
+        name: 'mldsa65'
+        pretty_name: 'ML-DSA-65'
+        oqs_meth: 'OQS_SIG_alg_ml_dsa_65'
+        oid: '1.3.6.1.4.1.2.267.12.6.5'
+        code_point: '0xfed1'
+        enable: true
+        mix_with: [{'name': 'p384',
+                    'pretty_name': 'ECDSA p384',
+                    'oid': '1.3.9999.7.3',
+                    'code_point': '0xfed5'}]
+      -
+        name: 'mldsa87'
+        pretty_name: 'ML-DSA-87'
+        oqs_meth: 'OQS_SIG_alg_ml_dsa_87'
+        oid: '1.3.6.1.4.1.2.267.12.8.7'
+        code_point: '0xfed2'
+        enable: true
+        mix_with: [{'name': 'p521',
+                    'pretty_name': 'ECDSA p521',
+                    'oid': '1.3.9999.7.4',
+                    'code_point': '0xfed6'}]
   -
     # iso (1)
     # identified-organization (3)