feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

LMS: cleanup INSTALL, and cap threads to 4.

Browse Source
This commit is contained in:
jordan
2023-07-11 15:04:51 -05:00
parent d7c3a176e2
commit 4c125ece77
2 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
INSTALL
View File

@@ -258,8 +258,10 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL] 17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL]
Using LMS/HSS requires that the hash-sigs lib has been built on Using LMS/HSS requires that the hash-sigs lib has been built on
your system. At present we support the current master branch of your system. We support hash-sigs lib at this git commit:
the hash-sigs project. b0631b8891295bf2929e68761205337b7c031726
At the time of writing this, this is the HEAD of the master
branch of the hash-sigs project.
Currently the hash-sigs project only builds static libraries: Currently the hash-sigs project only builds static libraries:
- hss_lib.a: a single-threaded static lib. - hss_lib.a: a single-threaded static lib.
@@ -282,6 +284,7 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
$ cd ~/hash_sigs $ cd ~/hash_sigs
$ git clone https://github.com/cisco/hash-sigs.git src $ git clone https://github.com/cisco/hash-sigs.git src
$ cd src $ cd src
$ git checkout b0631b8891295bf2929e68761205337b7c031726
In sha256.h, set USE_OPENSSL to 0: In sha256.h, set USE_OPENSSL to 0:
#define USE_OPENSSL 0 #define USE_OPENSSL 0

12
wolfcrypt/src/ext_lms.c
View File

@@ -37,6 +37,16 @@
#include <wolfcrypt/src/misc.c> #include <wolfcrypt/src/misc.c>
#endif #endif
/* If built against hss_lib_thread.a, the hash-sigs lib will spawn
* worker threads to parallelize cpu intensive tasks. This will mainly
* speedup key generation and signing, and to a lesser extent
* verifying for larger levels values.
*
* Their default max is 16 worker threads, but can be capped with
* hss_extra_info_set_threads(). To be safe we are capping at 4 here.
* */
#define EXT_LMS_MAX_THREADS (4)
/* The hash-sigs hss_generate_private_key API requires a generate_random /* The hash-sigs hss_generate_private_key API requires a generate_random
* callback that only has output and length args. The RNG struct must be global * callback that only has output and length args. The RNG struct must be global
* to the function. Maybe there should be a wc_LmsKey_SetRngCb. */ * to the function. Maybe there should be a wc_LmsKey_SetRngCb. */
@@ -347,7 +357,9 @@ int wc_LmsKey_Init_ex(LmsKey * key, int levels, int height,
key->lm_ots_type[i] = ots; key->lm_ots_type[i] = ots;
} }
/* Set the max number of worker threads that hash-sigs can spawn. */
hss_init_extra_info(&key->info); hss_init_extra_info(&key->info);
hss_extra_info_set_threads(&key->info, EXT_LMS_MAX_THREADS);
key->working_key = NULL; key->working_key = NULL;
key->write_private_key = NULL; key->write_private_key = NULL;