Skip to content

Commit

Permalink
Merge pull request #8360 from philljj/dual_alg_mldsa
Browse files Browse the repository at this point in the history 
Update ssl code for ML_DSA.
  • Loading branch information
@dgarske
dgarske authored Jan 24, 2025
2 parents ba88a64 + 2ef90b1 commit 20ae10f
Show file tree
Hide file tree
Showing 6 changed files with 316 additions and 63 deletions.
105 changes: 85 additions & 20 deletions src/internal.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14917,6 +14917,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
if (ssl->options.minDilithiumKeySz < 0 ||
DILITHIUM_LEVEL2_KEY_SIZE
Expand All @@ -14941,6 +14942,31 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
ret = DILITHIUM_KEY_SIZE_E;
}
break;
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
case ML_DSA_LEVEL2k:
if (ssl->options.minDilithiumKeySz < 0 ||
ML_DSA_LEVEL2_KEY_SIZE
< (word16)ssl->options.minDilithiumKeySz) {
WOLFSSL_MSG("Dilithium key size in cert chain error");
ret = DILITHIUM_KEY_SIZE_E;
}
break;
case ML_DSA_LEVEL3k:
if (ssl->options.minDilithiumKeySz < 0 ||
ML_DSA_LEVEL3_KEY_SIZE
< (word16)ssl->options.minDilithiumKeySz) {
WOLFSSL_MSG( "Dilithium key size in cert chain error");
ret = DILITHIUM_KEY_SIZE_E;
}
break;
case ML_DSA_LEVEL5k:
if (ssl->options.minDilithiumKeySz < 0 ||
ML_DSA_LEVEL5_KEY_SIZE
< (word16)ssl->options.minDilithiumKeySz) {
WOLFSSL_MSG("Dilithium key size in cert chain error");
ret = DILITHIUM_KEY_SIZE_E;
}
break;
#endif /* HAVE_DILITHIUM */
default:
WOLFSSL_MSG("Key size not checked");
Expand Down Expand Up @@ -16596,9 +16622,14 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY)
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
case DILITHIUM_LEVEL3k:
case DILITHIUM_LEVEL5k:
#endif
{
int keyRet = 0;
if (ssl->peerDilithiumKey == NULL) {
Expand All @@ -16612,18 +16643,32 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}

if (keyRet == 0) {
if (args->dCert->keyOID == DILITHIUM_LEVEL2k) {
if (args->dCert->keyOID == ML_DSA_LEVEL2k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, WC_ML_DSA_44);
}
else if (args->dCert->keyOID == ML_DSA_LEVEL3k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, WC_ML_DSA_65);
}
else if (args->dCert->keyOID == ML_DSA_LEVEL5k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, WC_ML_DSA_87);
}
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (args->dCert->keyOID == DILITHIUM_LEVEL2k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, 2);
ssl->peerDilithiumKey, WC_ML_DSA_44_DRAFT);
}
else if (args->dCert->keyOID == DILITHIUM_LEVEL3k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, 3);
ssl->peerDilithiumKey, WC_ML_DSA_65_DRAFT);
}
else if (args->dCert->keyOID == DILITHIUM_LEVEL5k) {
keyRet = wc_dilithium_set_level(
ssl->peerDilithiumKey, 5);
ssl->peerDilithiumKey, WC_ML_DSA_87_DRAFT);
}
#endif
}

if (keyRet != 0 ||
Expand Down Expand Up @@ -28542,6 +28587,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo)
}
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2) {
/* Certificate has Dilithium level 2 key, only match with it. */
return sigAlgo == dilithium_level2_sa_algo;
Expand All @@ -28554,6 +28600,19 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo)
/* Certificate has Dilithium level 5 key, only match with it. */
return sigAlgo == dilithium_level5_sa_algo;
}
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL2) {
/* Certificate has ML-DSA level 2 key, only match with it. */
return sigAlgo == dilithium_level2_sa_algo;
}
if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL3) {
/* Certificate has ML-DSA level 3 key, only match with it. */
return sigAlgo == dilithium_level3_sa_algo;
}
if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL5) {
/* Certificate has ML-DSA level 5 key, only match with it. */
return sigAlgo == dilithium_level5_sa_algo;
}
#endif /* HAVE_DILITHIUM */
#ifdef WC_RSA_PSS
/* RSA certificate and PSS sig alg. */
Expand Down Expand Up @@ -28716,10 +28775,16 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz,
}
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
if (ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2 ||
ssl->pkCurveOID == CTC_DILITHIUM_LEVEL3 ||
ssl->pkCurveOID == CTC_DILITHIUM_LEVEL5) {
/* Matched Dilithium - set chosen and finished. */
if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL2 ||
ssl->pkCurveOID == CTC_ML_DSA_LEVEL3 ||
ssl->pkCurveOID == CTC_ML_DSA_LEVEL5
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2
|| ssl->pkCurveOID == CTC_DILITHIUM_LEVEL3
|| ssl->pkCurveOID == CTC_DILITHIUM_LEVEL5
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
) {
/* Matched ML-DSA or Dilithium - set chosen and finished. */
ssl->options.sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ret = 0;
Expand Down Expand Up @@ -29347,13 +29412,13 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
}
if (ret == 0) {
if (ssl->buffers.keyType == dilithium_level2_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 2);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_44);
}
else if (ssl->buffers.keyType == dilithium_level3_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 3);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_65);
}
else if (ssl->buffers.keyType == dilithium_level5_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 5);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_87);
}
}
if (ret == 0) {
Expand Down Expand Up @@ -29687,13 +29752,13 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
}

if (ssl->buffers.keyType == dilithium_level2_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 2);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_44);
}
else if (ssl->buffers.keyType == dilithium_level3_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 3);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_65);
}
else if (ssl->buffers.keyType == dilithium_level5_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 5);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_87);
}
else {
/* What if ssl->buffers.keyType is 0? We might want to do something
Expand Down Expand Up @@ -29900,15 +29965,15 @@ int DecodeAltPrivateKey(WOLFSSL *ssl, word32* length)
if (ret == 0) {
if (ssl->buffers.altKeyType == dilithium_level2_sa_algo) {
ret = wc_dilithium_set_level(
(dilithium_key*)ssl->hsAltKey, 2);
(dilithium_key*)ssl->hsAltKey, WC_ML_DSA_44);
}
else if (ssl->buffers.altKeyType == dilithium_level3_sa_algo) {
ret = wc_dilithium_set_level(
(dilithium_key*)ssl->hsAltKey, 3);
(dilithium_key*)ssl->hsAltKey, WC_ML_DSA_65);
}
else if (ssl->buffers.altKeyType == dilithium_level5_sa_algo) {
ret = wc_dilithium_set_level(
(dilithium_key*)ssl->hsAltKey, 5);
(dilithium_key*)ssl->hsAltKey, WC_ML_DSA_87);
}
}
if (ret == 0) {
Expand Down Expand Up @@ -30119,13 +30184,13 @@ int DecodeAltPrivateKey(WOLFSSL *ssl, word32* length)
}

if (ssl->buffers.altKeyType == dilithium_level2_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 2);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_44);
}
else if (ssl->buffers.altKeyType == dilithium_level3_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 3);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_65);
}
else if (ssl->buffers.altKeyType == dilithium_level5_sa_algo) {
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 5);
ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_87);
}
else {
/* What if ssl->buffers.keyType is 0? We might want to do something
Expand Down
91 changes: 70 additions & 21 deletions src/ssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5790,6 +5790,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
if (cm->minDilithiumKeySz < 0 ||
DILITHIUM_LEVEL2_KEY_SIZE < (word16)cm->minDilithiumKeySz) {
Expand All @@ -5811,6 +5812,28 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
WOLFSSL_MSG("\tCA Dilithium level 5 key size error");
}
break;
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
case ML_DSA_LEVEL2k:
if (cm->minDilithiumKeySz < 0 ||
ML_DSA_LEVEL2_KEY_SIZE < (word16)cm->minDilithiumKeySz) {
ret = DILITHIUM_KEY_SIZE_E;
WOLFSSL_MSG("\tCA Dilithium level 2 key size error");
}
break;
case ML_DSA_LEVEL3k:
if (cm->minDilithiumKeySz < 0 ||
ML_DSA_LEVEL3_KEY_SIZE < (word16)cm->minDilithiumKeySz) {
ret = DILITHIUM_KEY_SIZE_E;
WOLFSSL_MSG("\tCA Dilithium level 3 key size error");
}
break;
case ML_DSA_LEVEL5k:
if (cm->minDilithiumKeySz < 0 ||
ML_DSA_LEVEL5_KEY_SIZE < (word16)cm->minDilithiumKeySz) {
ret = DILITHIUM_KEY_SIZE_E;
WOLFSSL_MSG("\tCA Dilithium level 5 key size error");
}
break;
#endif /* HAVE_DILITHIUM */

default:
Expand Down Expand Up @@ -6829,9 +6852,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
}
#endif
#if defined(HAVE_DILITHIUM)
if ((keyOID == DILITHIUM_LEVEL2k) ||
(keyOID == DILITHIUM_LEVEL3k) ||
(keyOID == DILITHIUM_LEVEL5k)) {
if ((keyOID == ML_DSA_LEVEL2k) ||
(keyOID == ML_DSA_LEVEL3k) ||
(keyOID == ML_DSA_LEVEL5k)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (keyOID == DILITHIUM_LEVEL2k)
|| (keyOID == DILITHIUM_LEVEL3k)
|| (keyOID == DILITHIUM_LEVEL5k)
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
) {
type = DYNAMIC_TYPE_DILITHIUM;
}
#endif
Expand Down Expand Up @@ -6861,9 +6890,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
}
#endif
#if defined(HAVE_DILITHIUM)
if ((keyOID == DILITHIUM_LEVEL2k) ||
(keyOID == DILITHIUM_LEVEL3k) ||
(keyOID == DILITHIUM_LEVEL5k)) {
if ((keyOID == ML_DSA_LEVEL2k) ||
(keyOID == ML_DSA_LEVEL3k) ||
(keyOID == ML_DSA_LEVEL5k)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (keyOID == DILITHIUM_LEVEL2k)
|| (keyOID == DILITHIUM_LEVEL3k)
|| (keyOID == DILITHIUM_LEVEL5k)
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
) {
ret = wc_CryptoCb_PqcSignatureCheckPrivKey(pkey,
WC_PQC_SIG_TYPE_DILITHIUM,
pubKey, pubSz);
Expand Down Expand Up @@ -6900,9 +6935,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
}
#endif
#if defined(HAVE_DILITHIUM)
if ((keyOID == DILITHIUM_LEVEL2k) ||
(keyOID == DILITHIUM_LEVEL3k) ||
(keyOID == DILITHIUM_LEVEL5k)) {
if ((keyOID == ML_DSA_LEVEL2k) ||
(keyOID == ML_DSA_LEVEL3k) ||
(keyOID == ML_DSA_LEVEL5k)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (keyOID == DILITHIUM_LEVEL2k) ||
|| (keyOID == DILITHIUM_LEVEL3k) ||
|| (keyOID == DILITHIUM_LEVEL5k)
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
) {
wc_dilithium_free((dilithium_key*)pkey);
}
#endif
Expand Down Expand Up @@ -7732,31 +7773,31 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,

/* Test if Dilithium key. Try all levels. */
if (priv) {
isDilithium = ((wc_dilithium_set_level(dilithium, 2) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) &&
(wc_dilithium_import_private(mem,
(word32)memSz, dilithium) == 0));
if (!isDilithium) {
isDilithium = ((wc_dilithium_set_level(dilithium, 3) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) &&
(wc_dilithium_import_private(mem,
(word32)memSz, dilithium) == 0));
}
if (!isDilithium) {
isDilithium = ((wc_dilithium_set_level(dilithium, 5) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) &&
(wc_dilithium_import_private(mem,
(word32)memSz, dilithium) == 0));
}
}
else {
isDilithium = ((wc_dilithium_set_level(dilithium, 2) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) &&
(wc_dilithium_import_public(mem, (word32)memSz,
dilithium) == 0));
if (!isDilithium) {
isDilithium = ((wc_dilithium_set_level(dilithium, 3) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) &&
(wc_dilithium_import_public(mem, (word32)memSz,
dilithium) == 0));
}
if (!isDilithium) {
isDilithium = ((wc_dilithium_set_level(dilithium, 5) == 0) &&
isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) &&
(wc_dilithium_import_public(mem, (word32)memSz,
dilithium) == 0));
}
Expand Down Expand Up @@ -12084,13 +12125,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
*sigAlgo = FALCON_LEVEL5k;
break;
case dilithium_level2_sa_algo:
*sigAlgo = DILITHIUM_LEVEL2k;
*sigAlgo = ML_DSA_LEVEL2k;
break;
case dilithium_level3_sa_algo:
*sigAlgo = DILITHIUM_LEVEL3k;
*sigAlgo = ML_DSA_LEVEL3k;
break;
case dilithium_level5_sa_algo:
*sigAlgo = DILITHIUM_LEVEL5k;
*sigAlgo = ML_DSA_LEVEL5k;
break;
case sm2_sa_algo:
*sigAlgo = SM2k;
Expand Down Expand Up @@ -18398,12 +18439,20 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
"Falcon Level 5"},
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
{ CTC_DILITHIUM_LEVEL2, DILITHIUM_LEVEL2k, oidKeyType,
"Dilithium Level 2", "Dilithium Level 2"},
{ CTC_DILITHIUM_LEVEL3, DILITHIUM_LEVEL3k, oidKeyType,
"Dilithium Level 3", "Dilithium Level 3"},
{ CTC_DILITHIUM_LEVEL5, DILITHIUM_LEVEL5k, oidKeyType,
"Dilithium Level 5", "Dilithium Level 5"},
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
{ CTC_ML_DSA_LEVEL2, ML_DSA_LEVEL2k, oidKeyType,
"ML_DSA Level 2", "ML_DSA Level 2"},
{ CTC_ML_DSA_LEVEL3, ML_DSA_LEVEL3k, oidKeyType,
"ML_DSA Level 3", "ML_DSA Level 3"},
{ CTC_ML_DSA_LEVEL5, ML_DSA_LEVEL5k, oidKeyType,
"ML_DSA Level 5", "ML_DSA Level 5"},
#endif /* HAVE_DILITHIUM */

/* oidCurveType */
Expand Down Expand Up @@ -18786,13 +18835,13 @@ static int SaToNid(byte sa, int* nid)
*nid = CTC_FALCON_LEVEL5;
break;
case dilithium_level2_sa_algo:
*nid = CTC_DILITHIUM_LEVEL2;
*nid = CTC_ML_DSA_LEVEL2;
break;
case dilithium_level3_sa_algo:
*nid = CTC_DILITHIUM_LEVEL3;
*nid = CTC_ML_DSA_LEVEL3;
break;
case dilithium_level5_sa_algo:
*nid = CTC_DILITHIUM_LEVEL5;
*nid = CTC_ML_DSA_LEVEL5;
break;
case sm2_sa_algo:
*nid = WC_NID_sm2;
Expand Down
Loading

0 comments on commit 20ae10f

Please sign in to comment.