Merge pull request #736 from wolfSSL/rm_oqs_kyber

Purge OQS from wolfSSH. Use kyber from wolfssl.

Author: ejohnstown

README.md

@@ -450,33 +450,22 @@ The wolfSSH client and server will automatically negotiate using Curve25519.
 POST-QUANTUM
 ============
 
-wolfSSH now supports the post-quantum algorithm Kyber. It uses the NIST
-submission's Level 1 parameter set implemented by liboqs via an integration
-with wolfSSH. It is hybridized with ECDHE over the P-256 ECC curve.
+wolfSSH now supports the post-quantum algorithm ML-DSA (also known as Kyber).
+It uses the KYBER512 parameter set and is hybridized with ECDHE over the P-256
+ECC curve.
 
-In order be able to use liboqs, you must have it built and installed on your
-system. We support the 0.7.0 release of liboqs. You can download it from the
-following link:
+In order to use this key exchange you must build and install wolfSSL on your
+system. Here is an example of an effective configuration:
 
-    https://github.com/open-quantum-safe/liboqs/archive/refs/tags/0.7.0.tar.gz
+    $ ./configure --enable-wolfssh --enable-experimental --enable-kyber
 
-Once unpacked, this would be sufficient:
+After that, simply configure and build wolfssh as usual:
 
-    $ cd liboqs-0.7.0
-    $ mkdir build
-    $ cd build
-    $ cmake -DOQS_USE_OPENSSL=0 ..
+    $ ./configure
     $ make all
-    $ sudo make install
-
 
-In order to enable support for Kyber Level1 hybridized with ECDHE over the P-256
-ECC curve in wolfSSH, use the `--with-liboqs` build option during configuration:
-
-    $ ./configure --with-liboqs
-
-The wolfSSH client and server will automatically negotiate using Kyber Level1
-hybridized with ECDHE over the P-256 ECC curve if this feature is enabled.
+The wolfSSH client and server will automatically negotiate using KYBER512
+hybridized with ECDHE over the P-256 ECC curve.
 
     $ ./examples/echoserver/echoserver -f
 
@@ -508,7 +497,6 @@ NOTE: when prompted, enter the password which is "upthehill".
 You can type a line of text and when you press enter, the line will be echoed
 back. Use CTRL-C to terminate the connection.
 
-
 CERTIFICATE SUPPORT
 ===================
 

configure.ac

@@ -60,46 +60,6 @@ AC_CHECK_HEADERS([limits.h sys/select.h sys/time.h sys/ioctl.h pty.h util.h term
 AC_CHECK_LIB([network],[socket])
 AC_CHECK_LIB([util],[forkpty])
 
-# liboqs
-ENABLED_LIBOQS="no"
-tryliboqsdir=""
-AC_ARG_WITH([liboqs],
-    [AS_HELP_STRING([--with-liboqs=PATH],[Path to liboqs install (default /usr/local) EXPERIMENTAL!])],
-    [
-        AC_MSG_CHECKING([for liboqs])
-        CPPFLAGS="$CPPFLAGS -DWOLFSSH_HAVE_LIBOQS"
-        LIBS="$LIBS -loqs"
-
-        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <oqs/common.h>]], [[ OQS_init(); ]])], [ liboqs_linked=yes ],[ liboqs_linked=no ])
-
-        if test "x$liboqs_linked" = "xno" ; then
-            if test "x$withval" != "xno" ; then
-                tryliboqsdir=$withval
-            fi
-            if test "x$withval" = "xyes" ; then
-                tryliboqsdir="/usr/local"
-            fi
-
-            LDFLAGS="$AM_LDFLAGS $LDFLAGS -L$tryliboqsdir/lib"
-            CPPFLAGS="$CPPFLAGS -I$tryliboqsdir/include"
-
-            AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <oqs/common.h>]], [[ OQS_init(); ]])], [ liboqs_linked=yes ],[ liboqs_linked=no ])
-
-            if test "x$liboqs_linked" = "xno" ; then
-                AC_MSG_ERROR([liboqs isn't found.
-                If it's already installed, specify its path using --with-liboqs=/dir/])
-            fi
-            AC_MSG_RESULT([yes])
-            AM_LDFLAGS="$AM_LDFLAGS -L$tryliboqsdir/lib"
-        else
-            AC_MSG_RESULT([yes])
-        fi
-
-        AM_CFLAGS="$AM_CFLAGS -DWOLFSSH_HAVE_LIBOQS"
-        ENABLED_LIBOQS="yes"
-    ]
-)
-
 #wolfssl
 AC_MSG_CHECKING([for wolfSSL])
 if test "x$prefix" = "xNONE"
@@ -365,4 +325,3 @@ AS_ECHO(["   * agent:                     $ENABLED_AGENT"])
 AS_ECHO(["   * TCP/IP Forwarding:         $ENABLED_FWD"])
 AS_ECHO(["   * X.509 Certs:               $ENABLED_CERTS"])
 AS_ECHO(["   * Examples:                  $ENABLED_EXAMPLES"])
-AS_ECHO(["   * liboqs Integration:        $ENABLED_LIBOQS"])