Skip to content

Commit

Permalink
Update dilithium and dual alg for ML_DSA.
Browse files Browse the repository at this point in the history
  • Loading branch information
philljj committed Jan 17, 2025
1 parent e76186f commit f485696
Showing 1 changed file with 69 additions and 0 deletions.
69 changes: 69 additions & 0 deletions src/ssl_load.c
Original file line number Diff line number Diff line change
Expand Up @@ -1532,9 +1532,14 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
break;
#endif
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case CTC_DILITHIUM_LEVEL2:
case CTC_DILITHIUM_LEVEL3:
case CTC_DILITHIUM_LEVEL5:
#endif
case CTC_ML_DSA_LEVEL2:
case CTC_ML_DSA_LEVEL3:
case CTC_ML_DSA_LEVEL5:
WOLFSSL_MSG("Dilithium cert signature");
if (ssl) {
ssl->options.haveDilithiumSig = 1;
Expand Down Expand Up @@ -1705,6 +1710,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
keyType = dilithium_level2_sa_algo;
/* Dilithium is fixed key size */
Expand Down Expand Up @@ -1735,6 +1741,37 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
DILITHIUM_KEY_SIZE_E);
}
break;
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
case ML_DSA_LEVEL2k:
keyType = dilithium_level2_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL2_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
case ML_DSA_LEVEL3k:
keyType = dilithium_level3_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL3_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
case ML_DSA_LEVEL5k:
keyType = dilithium_level5_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL5_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
#endif /* HAVE_DILITHIUM */

default:
Expand Down Expand Up @@ -1894,6 +1931,7 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
keyType = dilithium_level2_sa_algo;
/* Dilithium is fixed key size */
Expand Down Expand Up @@ -1924,6 +1962,37 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
DILITHIUM_KEY_SIZE_E);
}
break;
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
case ML_DSA_LEVEL2k:
keyType = dilithium_level2_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL2_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
case ML_DSA_LEVEL3k:
keyType = dilithium_level3_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL3_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
case ML_DSA_LEVEL5k:
keyType = dilithium_level5_sa_algo;
/* Dilithium is fixed key size */
keySz = ML_DSA_LEVEL5_KEY_SIZE;
if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
DILITHIUM_KEY_SIZE_E);
}
break;
#endif /* HAVE_DILITHIUM */

default:
Expand Down

0 comments on commit f485696

Please sign in to comment.