Everything works as expected now.

Author: anhu

X9.146/README.md

@@ -101,7 +101,7 @@ openssl x509  -in server-cert-pq.der -inform der -out server-P256-dilithium2-cer
 openssl pkey  -in server-key.der -inform der -out server-P256-key.pem -outform pem
 
 openssl pkey  -in ../certs/dilithium_level2_server_key.der -inform der -out server-dilithium2-key-pq.pem -outform pem
-i
+
 (last one must be done with OQS's openssl fork)
 ```
 Then in wolfssl's source directory:
@@ -179,7 +179,7 @@ openssl x509  -in server-cert-pq.der -inform der -out server-P521-dilithium5-cer
 openssl pkey  -in server-key.der -inform der -out server-P521-key.pem -outform pem
 
 openssl pkey  -in ../certs/dilithium_level5_server_key.der -inform der -out server-dilithium5-key-pq.pem -outform pem
-i
+
 (last one must be done with OQS's openssl fork)
 ```
 Then in wolfssl's source directory:
@@ -284,9 +284,9 @@ Generate the certificate chain:
 
 ```
 
-./gen_dilithium_dual_keysig_root_cert
+./gen_rsa_dilithium_dual_keysig_root_cert
 
-./gen_dilithium_dual_keysig_server_cert
+./gen_rsa_dilithium_dual_keysig_server_cert
 ```
 
 Convert the DER encoded resulting certificates and keys into PEM:
@@ -323,9 +323,9 @@ openssl genpkey -algorithm rsa  -pkeyopt rsa_keygen_bits:3072 -out server-key.de
 Generate the certificate chain:
 
 ```
-./gen_falcon_dual_keysig_root_cert
+./gen_rsa_falcon_dual_keysig_root_cert
 
-./gen_falcon_dual_keysig_server_cert
+./gen_rsa_falcon_dual_keysig_server_cert
 ```
 
 Convert the DER encoded resulting certificates and keys into PEM:

X9.146/gen_dual_keysig_cert.c

@@ -29,7 +29,7 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_X9_146)
+#if defined(WOLFSSL_DUAL_ALG_CERTS)
 
 #define LARGE_TEMP_SZ 4096
 
@@ -288,7 +288,7 @@ static int do_certgen(int argc, char** argv)
 
     /* Generate the DER for a pre-TBS. */
     XMEMSET(preTbsBuf, 0, preTbsSz);
-    ret = GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
+    ret = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
     if (ret < 0) goto exit;
     printf("PreTBS is %d bytes.\n", ret);
     preTbsSz = ret;
@@ -367,8 +367,8 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-x9-146 or "
-           "CFLAGS=\"-DWOLFSSL_X9_146\"");
+    printf("Please compile wolfSSL with --enable-dual-alg-certs "
+           "or CFLAGS=\"-DWOLFSSL_DUAL_ALG_CERTS\"");
     return 0;
 }
 

X9.146/gen_ecdsa_dilithium_dual_keysig_cert.c

@@ -29,7 +29,7 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_X9_146) && defined(HAVE_LIBOQS)
+#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_LIBOQS)
 
 #define LARGE_TEMP_SZ 9216
 
@@ -149,9 +149,9 @@ static int do_certgen(int argc, char** argv)
 #endif
 
     if (argc != 2)
-        usage();
+        usage(argv[0]);
 
-    switch (argv[1])
+    switch (argv[1][0])
     {
     case '2':
         level = 2;
@@ -169,7 +169,7 @@ static int do_certgen(int argc, char** argv)
         altPrivFile = altPrivFile5;
         break;
     default:
-        usage();
+        usage(argv[0]);
         break;
     }
 
@@ -342,7 +342,7 @@ static int do_certgen(int argc, char** argv)
 
     /* Generate the DER for a pre-TBS. */
     XMEMSET(preTbsBuf, 0, preTbsSz);
-    ret = GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
+    ret = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
     if (ret < 0) goto exit;
     printf("PreTBS is %d bytes.\n", ret);
     preTbsSz = ret;
@@ -443,8 +443,8 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-x9-146 --with-liboqs or "
-           "CFLAGS=\"-DWOLFSSL_X9_146 -DHAVE_LIBOQS\"");
+    printf("Please compile wolfSSL with --enable-dual-alg-certs --with-liboqs "
+           "or CFLAGS=\"-DWOLFSSL_DUAL_ALG_CERTS -DHAVE_LIBOQS\"");
     return 0;
 }
 

X9.146/gen_ecdsa_falcon_dual_keysig_cert.c

@@ -29,7 +29,7 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_X9_146) && defined(HAVE_LIBOQS)
+#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_LIBOQS)
 
 #define LARGE_TEMP_SZ 9216
 
@@ -146,12 +146,12 @@ static int do_certgen(int argc, char** argv)
 #endif
 
     if (argc != 2)
-        usage();
+        usage(argv[0]);
 
-    switch (argv[1])
+    switch (argv[1][0])
     {
     case '1':
-        level = 2;
+        level = 1;
         sapkiFile = sapkiFile1;
         altPrivFile = altPrivFile1;
         break;
@@ -161,7 +161,7 @@ static int do_certgen(int argc, char** argv)
         altPrivFile = altPrivFile5;
         break;
     default:
-        usage();
+        usage(argv[0]);
         break;
     }
 
@@ -325,7 +325,7 @@ static int do_certgen(int argc, char** argv)
 
     /* Generate the DER for a pre-TBS. */
     XMEMSET(preTbsBuf, 0, preTbsSz);
-    ret = GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
+    ret = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
     if (ret < 0) goto exit;
     printf("PreTBS is %d bytes.\n", ret);
     preTbsSz = ret;
@@ -420,8 +420,8 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-x9-146 --with-liboqs or "
-           "CFLAGS=\"-DWOLFSSL_X9_146 -DHAVE_LIBOQS\"");
+    printf("Please compile wolfSSL with --enable-dual-alg-certs --with-liboqs "
+           "or CFLAGS=\"-DWOLFSSL_DUAL_ALG_CERTS -DHAVE_LIBOQS\"");
     return 0;
 }
 

X9.146/gen_rsa_dilithium_dual_keysig_cert.c

@@ -29,7 +29,7 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_X9_146) && defined(HAVE_LIBOQS)
+#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_LIBOQS)
 
 #define LARGE_TEMP_SZ 9216
 
@@ -86,8 +86,6 @@ static int do_certgen(int argc, char** argv)
     FILE* file;
     Cert newCert;
     DecodedCert preTBS;
-    char *sapkiFile = NULL;
-    char *altPrivFile = NULL;
 
 #ifndef GEN_ROOT_CERT 
     byte caCertBuf[LARGE_TEMP_SZ];
@@ -271,7 +269,7 @@ static int do_certgen(int argc, char** argv)
 
     /* Generate the DER for a pre-TBS. */
     XMEMSET(preTbsBuf, 0, preTbsSz);
-    ret = GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
+    ret = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
     if (ret < 0) goto exit;
     printf("PreTBS is %d bytes.\n", ret);
     preTbsSz = ret;
@@ -351,8 +349,8 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-x9-146 --with-liboqs or "
-           "CFLAGS=\"-DWOLFSSL_X9_146 -DHAVE_LIBOQS\"");
+    printf("Please compile wolfSSL with --enable-dual-alg-certs --with-liboqs "
+           "or CFLAGS=\"-DWOLFSSL_DUAL_ALG_CERTS -DHAVE_LIBOQS\"");
     return 0;
 }
 

X9.146/gen_rsa_falcon_dual_keysig_cert.c

@@ -29,7 +29,7 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_X9_146) && defined(HAVE_LIBOQS)
+#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_LIBOQS)
 
 #define LARGE_TEMP_SZ 9216
 
@@ -268,7 +268,7 @@ static int do_certgen(int argc, char** argv)
 
     /* Generate the DER for a pre-TBS. */
     XMEMSET(preTbsBuf, 0, preTbsSz);
-    ret = GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
+    ret = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz);
     if (ret < 0) goto exit;
     printf("PreTBS is %d bytes.\n", ret);
     preTbsSz = ret;
@@ -348,8 +348,9 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-x9-146 --with-liboqs or "
-           "CFLAGS=\"-DWOLFSSL_X9_146 -DHAVE_LIBOQS\"");
+    printf("Please compile wolfSSL with --enable-dual-alg-certs --with-liboqs "
+           "or CFLAGS=\"-DWOLFSSL_DUAL_ALG_CERTS -DHAVE_LIBOQS\"");
+
     return 0;
 }