From b0d327f7947d7e50ef4a101c0d38a0151a2a599c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Frauenschl=C3=A4ger?= Date: Tue, 19 May 2026 14:46:40 -0700 Subject: [PATCH] ML-DSA rename --- .github/workflows/build-config-matrix.yml | 6 +- Makefile | 4 +- build-test/build-variant.sh | 3 + src/psa_mldsa.c | 125 +++++++++++----------- src/psa_pq.c | 4 +- test/psa_server/psa_api_test.c | 30 +++--- user_settings.h | 4 +- 7 files changed, 89 insertions(+), 87 deletions(-) diff --git a/.github/workflows/build-config-matrix.yml b/.github/workflows/build-config-matrix.yml index 17dd2e8..3e9a538 100644 --- a/.github/workflows/build-config-matrix.yml +++ b/.github/workflows/build-config-matrix.yml @@ -26,7 +26,7 @@ jobs: - name: sha512-family modifiers: "-WOLFSSL_SHA512 -WOLFSSL_SHA384 -HAVE_ED25519 -WOLFSSL_ED25519_STREAMING_VERIFY -HAVE_ED448 -WOLFSSL_ED448_STREAMING_VERIFY +NO_SHA512" - name: sha3-ed448 - modifiers: "-WOLFSSL_SHA3 -HAVE_ED448 -WOLFSSL_ED448_STREAMING_VERIFY" + modifiers: "-WOLFSSL_SHA3 -WOLFSSL_SHAKE128 -WOLFSSL_SHAKE256 -WOLFSSL_HAVE_MLDSA -HAVE_ED448 -WOLFSSL_ED448_STREAMING_VERIFY" - name: des3 modifiers: "-WOLFSSL_DES3 -WOLFSSL_DES_ECB +NO_DES3" - name: aes-gcm @@ -55,6 +55,10 @@ jobs: modifiers: "-HAVE_CURVE448" - name: ed448 modifiers: "-HAVE_ED448 -WOLFSSL_ED448_STREAMING_VERIFY" + - name: mldsa + modifiers: "-WOLFSSL_HAVE_MLDSA" + - name: mldsa-44-only + modifiers: "+WOLFSSL_NO_ML_DSA_65 +WOLFSSL_NO_ML_DSA_87" - name: hkdf modifiers: "-HAVE_HKDF -HAVE_ECC_ENCRYPT" - name: tls-prf diff --git a/Makefile b/Makefile index 9a21865..bdcb20b 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,6 @@ WOLFCRYPT_SRC := \ $(WOLFSSL_PATH)/wolfcrypt/src/curve25519.c \ $(WOLFSSL_PATH)/wolfcrypt/src/curve448.c \ $(WOLFSSL_PATH)/wolfcrypt/src/des3.c \ - $(WOLFSSL_PATH)/wolfcrypt/src/dilithium.c \ $(WOLFSSL_PATH)/wolfcrypt/src/dsa.c \ $(WOLFSSL_PATH)/wolfcrypt/src/ecc.c \ $(WOLFSSL_PATH)/wolfcrypt/src/ecc_fp.c \ @@ -63,9 +62,10 @@ WOLFCRYPT_SRC := \ $(WOLFSSL_PATH)/wolfcrypt/src/sp_int.c \ $(WOLFSSL_PATH)/wolfcrypt/src/sp_x86_64.c \ $(WOLFSSL_PATH)/wolfcrypt/src/tfm.c \ + $(WOLFSSL_PATH)/wolfcrypt/src/wc_encrypt.c \ $(WOLFSSL_PATH)/wolfcrypt/src/wc_lms.c \ $(WOLFSSL_PATH)/wolfcrypt/src/wc_lms_impl.c \ - $(WOLFSSL_PATH)/wolfcrypt/src/wc_encrypt.c \ + $(WOLFSSL_PATH)/wolfcrypt/src/wc_mldsa.c \ $(WOLFSSL_PATH)/wolfcrypt/src/wc_mlkem.c \ $(WOLFSSL_PATH)/wolfcrypt/src/wc_mlkem_poly.c \ $(WOLFSSL_PATH)/wolfcrypt/src/wc_port.c \ diff --git a/build-test/build-variant.sh b/build-test/build-variant.sh index e692e85..92729ef 100755 --- a/build-test/build-variant.sh +++ b/build-test/build-variant.sh @@ -49,6 +49,8 @@ WOLFSSL_SHA224 WOLFSSL_SHA384 WOLFSSL_SHA512 WOLFSSL_SHA3 +WOLFSSL_SHAKE128 +WOLFSSL_SHAKE256 WOLFSSL_DES3 WOLFSSL_DES_ECB HAVE_AESGCM @@ -66,6 +68,7 @@ WOLFSSL_ED25519_STREAMING_VERIFY HAVE_CURVE448 HAVE_ED448 WOLFSSL_ED448_STREAMING_VERIFY +WOLFSSL_HAVE_MLDSA " flags="${BASELINE}" diff --git a/src/psa_mldsa.c b/src/psa_mldsa.c index 5f99bfa..f5ff891 100644 --- a/src/psa_mldsa.c +++ b/src/psa_mldsa.c @@ -25,9 +25,7 @@ #include -#if defined(WOLFSSL_PSA_ENGINE) && \ - (defined(WOLFSSL_HAVE_DILITHIUM) || defined(HAVE_DILITHIUM) || \ - defined(WOLFSSL_WC_DILITHIUM)) +#if defined(WOLFSSL_PSA_ENGINE) && defined(WOLFSSL_HAVE_MLDSA) #include #include "psa_size.h" @@ -38,7 +36,7 @@ #include #include #include -#include +#include /* Convert ML-DSA parameter to wolfCrypt key type */ static int psa_ml_dsa_parameter_to_type(psa_ml_dsa_parameter_t parameter) @@ -65,12 +63,12 @@ psa_status_t psa_ml_dsa_generate_key(psa_ml_dsa_parameter_t parameter, size_t *public_key_length) { int ret; - dilithium_key key; + wc_MlDsaKey key; int type; WC_RNG rng; word32 priv_len; word32 pub_len; - + /* Convert parameter to wolfCrypt key type */ type = psa_ml_dsa_parameter_to_type(parameter); if (type < 0) { @@ -80,54 +78,54 @@ psa_status_t psa_ml_dsa_generate_key(psa_ml_dsa_parameter_t parameter, (wolfpsa_check_word32_length(public_key_size) != PSA_SUCCESS)) { return PSA_ERROR_INVALID_ARGUMENT; } - + /* Initialize ML-DSA key */ - ret = wc_dilithium_init_ex(&key, NULL, INVALID_DEVID); + ret = wc_MlDsaKey_Init(&key, NULL, INVALID_DEVID); if (ret != 0) { return wc_error_to_psa_status(ret); } - ret = wc_dilithium_set_level(&key, (byte)type); + ret = wc_MlDsaKey_SetParams(&key, (byte)type); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Initialize RNG */ ret = wc_InitRng(&rng); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Generate key pair */ - ret = wc_dilithium_make_key(&key, &rng); + ret = wc_MlDsaKey_MakeKey(&key, &rng); if (ret != 0) { wc_FreeRng(&rng); - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + priv_len = (word32)private_key_size; - ret = wc_dilithium_export_private(&key, private_key, &priv_len); + ret = wc_MlDsaKey_ExportPrivRaw(&key, private_key, &priv_len); if (ret != 0) { wc_FreeRng(&rng); - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } pub_len = (word32)public_key_size; - ret = wc_dilithium_export_public(&key, public_key, &pub_len); + ret = wc_MlDsaKey_ExportPubRaw(&key, public_key, &pub_len); if (ret != 0) { wc_FreeRng(&rng); - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } *private_key_length = priv_len; *public_key_length = pub_len; - + wc_FreeRng(&rng); - wc_dilithium_free(&key); - + wc_MlDsaKey_Free(&key); + return PSA_SUCCESS; } @@ -142,12 +140,12 @@ psa_status_t psa_ml_dsa_sign(psa_ml_dsa_parameter_t parameter, size_t *signature_length) { int ret; - dilithium_key key; + wc_MlDsaKey key; int type; int sig_size; WC_RNG rng; word32 sigLen; - + /* Convert parameter to wolfCrypt key type */ type = psa_ml_dsa_parameter_to_type(parameter); if (type < 0) { @@ -158,56 +156,57 @@ psa_status_t psa_ml_dsa_sign(psa_ml_dsa_parameter_t parameter, (wolfpsa_check_word32_length(signature_size) != PSA_SUCCESS)) { return PSA_ERROR_INVALID_ARGUMENT; } - + /* Initialize ML-DSA key */ - ret = wc_dilithium_init_ex(&key, NULL, INVALID_DEVID); + ret = wc_MlDsaKey_Init(&key, NULL, INVALID_DEVID); if (ret != 0) { return wc_error_to_psa_status(ret); } - ret = wc_dilithium_set_level(&key, (byte)type); + ret = wc_MlDsaKey_SetParams(&key, (byte)type); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Import private key */ - ret = wc_dilithium_import_private(private_key, (word32)private_key_size, &key); + ret = wc_MlDsaKey_ImportPrivRaw(&key, private_key, (word32)private_key_size); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Check signature buffer size */ - sig_size = wc_dilithium_sig_size(&key); + sig_size = wc_MlDsaKey_SigSize(&key); if (sig_size < 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(sig_size); } if (signature_size < (size_t)sig_size) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return PSA_ERROR_BUFFER_TOO_SMALL; } ret = wc_InitRng(&rng); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Sign message (ML-DSA pure, empty context per FIPS 204) */ sigLen = (word32)signature_size; - ret = wc_dilithium_sign_ctx_msg(NULL, 0, message, (word32)message_length, - signature, &sigLen, &key, &rng); + ret = wc_MlDsaKey_SignCtx(&key, NULL, 0, + signature, &sigLen, + message, (word32)message_length, &rng); if (ret != 0) { wc_FreeRng(&rng); - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } *signature_length = sigLen; - + wc_FreeRng(&rng); - wc_dilithium_free(&key); - + wc_MlDsaKey_Free(&key); + return PSA_SUCCESS; } @@ -221,10 +220,10 @@ psa_status_t psa_ml_dsa_verify(psa_ml_dsa_parameter_t parameter, size_t signature_length) { int ret; - dilithium_key key; + wc_MlDsaKey key; int type; int verify_res = 0; - + /* Convert parameter to wolfCrypt key type */ type = psa_ml_dsa_parameter_to_type(parameter); if (type < 0) { @@ -235,41 +234,41 @@ psa_status_t psa_ml_dsa_verify(psa_ml_dsa_parameter_t parameter, (wolfpsa_check_word32_length(signature_length) != PSA_SUCCESS)) { return PSA_ERROR_INVALID_ARGUMENT; } - + /* Initialize ML-DSA key */ - ret = wc_dilithium_init_ex(&key, NULL, INVALID_DEVID); + ret = wc_MlDsaKey_Init(&key, NULL, INVALID_DEVID); if (ret != 0) { return wc_error_to_psa_status(ret); } - ret = wc_dilithium_set_level(&key, (byte)type); + ret = wc_MlDsaKey_SetParams(&key, (byte)type); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Import public key */ - ret = wc_dilithium_import_public(public_key, (word32)public_key_size, &key); + ret = wc_MlDsaKey_ImportPubRaw(&key, public_key, (word32)public_key_size); if (ret != 0) { - wc_dilithium_free(&key); + wc_MlDsaKey_Free(&key); return wc_error_to_psa_status(ret); } - + /* Verify signature (ML-DSA pure, empty context per FIPS 204) */ - ret = wc_dilithium_verify_ctx_msg(signature, (word32)signature_length, - NULL, 0, message, (word32)message_length, - &verify_res, &key); - - wc_dilithium_free(&key); - + ret = wc_MlDsaKey_VerifyCtx(&key, signature, (word32)signature_length, + NULL, 0, + message, (word32)message_length, &verify_res); + + wc_MlDsaKey_Free(&key); + if (ret != 0) { return wc_error_to_psa_status(ret); } - + if (verify_res != 1) { return PSA_ERROR_INVALID_SIGNATURE; } - + return PSA_SUCCESS; } -#endif /* WOLFSSL_PSA_ENGINE && DILITHIUM */ +#endif /* WOLFSSL_PSA_ENGINE && WOLFSSL_HAVE_MLDSA */ diff --git a/src/psa_pq.c b/src/psa_pq.c index 058e51f..640744a 100644 --- a/src/psa_pq.c +++ b/src/psa_pq.c @@ -45,7 +45,7 @@ psa_status_t psa_pq_check_key_type_supported(psa_key_type_t type) case PSA_KEY_TYPE_ML_KEM_PUBLIC_KEY: return PSA_SUCCESS; #endif -#if defined(WOLFSSL_HAVE_DILITHIUM) +#if defined(WOLFSSL_HAVE_MLDSA) case PSA_KEY_TYPE_ML_DSA_KEY_PAIR: case PSA_KEY_TYPE_ML_DSA_PUBLIC_KEY: return PSA_SUCCESS; @@ -87,7 +87,7 @@ psa_status_t psa_pq_check_key_size_valid(psa_key_type_t type, size_t bits) } return PSA_ERROR_INVALID_ARGUMENT; #endif -#if defined(WOLFSSL_HAVE_DILITHIUM) +#if defined(WOLFSSL_HAVE_MLDSA) case PSA_KEY_TYPE_ML_DSA_KEY_PAIR: case PSA_KEY_TYPE_ML_DSA_PUBLIC_KEY: /* ML-DSA key sizes: 2, 3, 5 (security levels) */ diff --git a/test/psa_server/psa_api_test.c b/test/psa_server/psa_api_test.c index 5ae6f01..2a406cc 100644 --- a/test/psa_server/psa_api_test.c +++ b/test/psa_server/psa_api_test.c @@ -19,6 +19,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ +#include #include "psa_api_test_user_settings.h" #ifndef WOLFSSL_USER_SETTINGS @@ -44,9 +45,8 @@ #include #include #include -#if defined(HAVE_DILITHIUM) || defined(WOLFSSL_HAVE_DILITHIUM) || \ - defined(WOLFSSL_WC_DILITHIUM) -#include +#if defined(WOLFSSL_HAVE_MLDSA) +#include #endif #ifndef INVALID_DEVID @@ -4155,16 +4155,15 @@ static int test_ml_dsa_verify_rejects_bad_signature_for_parameter( size_t expected_public_key_length, size_t expected_signature_length, const char* label) { -#if defined(HAVE_DILITHIUM) || defined(WOLFSSL_HAVE_DILITHIUM) || \ - defined(WOLFSSL_WC_DILITHIUM) +#if defined(WOLFSSL_HAVE_MLDSA) static const uint8_t message[] = { 0x46, 0x2f, 0x32, 0x38, 0x32, 0x33, 0x20, 0x4d, 0x4c, 0x2d, 0x44, 0x53, 0x41, 0x20, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79 }; - uint8_t private_key[DILITHIUM_MAX_KEY_SIZE]; - uint8_t public_key[DILITHIUM_MAX_PUB_KEY_SIZE]; - uint8_t signature[DILITHIUM_MAX_SIG_SIZE]; + uint8_t private_key[MLDSA_MAX_KEY_SIZE]; + uint8_t public_key[MLDSA_MAX_PUB_KEY_SIZE]; + uint8_t signature[MLDSA_MAX_SIG_SIZE]; size_t private_key_length = 0; size_t public_key_length = 0; size_t signature_length = 0; @@ -4231,15 +4230,14 @@ static int test_ml_dsa_verify_rejects_bad_signature_for_parameter( static int test_ml_dsa_verify_rejects_bad_signature(void) { -#if defined(HAVE_DILITHIUM) || defined(WOLFSSL_HAVE_DILITHIUM) || \ - defined(WOLFSSL_WC_DILITHIUM) +#if defined(WOLFSSL_HAVE_MLDSA) int ran = 0; int skipped = 0; int ret; ret = test_ml_dsa_verify_rejects_bad_signature_for_parameter( - PSA_ML_DSA_PARAMETER_2, DILITHIUM_LEVEL2_KEY_SIZE, - DILITHIUM_LEVEL2_PUB_KEY_SIZE, DILITHIUM_LEVEL2_SIG_SIZE, + PSA_ML_DSA_PARAMETER_2, WC_MLDSA_44_KEY_SIZE, + WC_MLDSA_44_PUB_KEY_SIZE, WC_MLDSA_44_SIG_SIZE, "psa_ml_dsa_generate_key(level2)"); if (ret == TEST_FAIL) { return TEST_FAIL; @@ -4248,8 +4246,8 @@ static int test_ml_dsa_verify_rejects_bad_signature(void) skipped += (ret == TEST_SKIPPED); #ifndef WOLFSSL_NO_ML_DSA_65 ret = test_ml_dsa_verify_rejects_bad_signature_for_parameter( - PSA_ML_DSA_PARAMETER_3, DILITHIUM_LEVEL3_KEY_SIZE, - DILITHIUM_LEVEL3_PUB_KEY_SIZE, DILITHIUM_LEVEL3_SIG_SIZE, + PSA_ML_DSA_PARAMETER_3, WC_MLDSA_65_KEY_SIZE, + WC_MLDSA_65_PUB_KEY_SIZE, WC_MLDSA_65_SIG_SIZE, "psa_ml_dsa_generate_key(level3)"); if (ret == TEST_FAIL) { return TEST_FAIL; @@ -4259,8 +4257,8 @@ static int test_ml_dsa_verify_rejects_bad_signature(void) #endif #ifndef WOLFSSL_NO_ML_DSA_87 ret = test_ml_dsa_verify_rejects_bad_signature_for_parameter( - PSA_ML_DSA_PARAMETER_5, DILITHIUM_LEVEL5_KEY_SIZE, - DILITHIUM_LEVEL5_PUB_KEY_SIZE, DILITHIUM_LEVEL5_SIG_SIZE, + PSA_ML_DSA_PARAMETER_5, WC_MLDSA_87_KEY_SIZE, + WC_MLDSA_87_PUB_KEY_SIZE, WC_MLDSA_87_SIG_SIZE, "psa_ml_dsa_generate_key(level5)"); if (ret == TEST_FAIL) { return TEST_FAIL; diff --git a/user_settings.h b/user_settings.h index c1a20b0..4bcd6bc 100644 --- a/user_settings.h +++ b/user_settings.h @@ -73,8 +73,6 @@ #define HAVE_CURVE448 #define HAVE_ED448 #define WOLFSSL_ED448_STREAMING_VERIFY -#define HAVE_DILITHIUM -#define WOLFSSL_WC_DILITHIUM -#define WOLFSSL_HAVE_DILITHIUM +#define WOLFSSL_HAVE_MLDSA #endif /* WOLFSSL_USER_SETTINGS_H */