feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #8798 from dgarske/mldsa_nosign

Browse Source 
Fix for ML-DSA with `WOLFSSL_DILITHIUM_NO_SIGN`
This commit is contained in:
Daniel Pouzzner
2025-05-27 14:44:44 -05:00
committed by GitHub
parent 6c7edeba38 607d7489bc
commit 8179367412
5 changed files with 65 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/api/test_mldsa.c
View File

@@ -16663,7 +16663,9 @@ int test_mldsa_pkcs8(void)
EXPECT_DECLS; EXPECT_DECLS;
#if !defined(NO_ASN) && defined(HAVE_PKCS8) && \ #if !defined(NO_ASN) && defined(HAVE_PKCS8) && \
defined(HAVE_DILITHIUM) && !defined(NO_TLS) && \ defined(HAVE_DILITHIUM) && !defined(NO_TLS) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) && \
!defined(WOLFSSL_DILITHIUM_NO_ASN1)
WOLFSSL_CTX* ctx = NULL; WOLFSSL_CTX* ctx = NULL;
size_t i; size_t i;

4
wolfcrypt/src/asn.c
View File

@@ -31513,7 +31513,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
ret = outSz; ret = outSz;
} }
#endif /* HAVE_FALCON */ #endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_SIGN)
if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey && if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
dilithiumKey) { dilithiumKey) {
word32 outSz = sigSz; word32 outSz = sigSz;
@@ -31535,7 +31535,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
ret = outSz; ret = outSz;
} }
} }
#endif /* HAVE_DILITHIUM */ #endif /* HAVE_DILITHIUM && !WOLFSSL_DILITHIUM_NO_SIGN */
#if defined(HAVE_SPHINCS) #if defined(HAVE_SPHINCS)
if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey && if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
!dilithiumKey && sphincsKey) { !dilithiumKey && sphincsKey) {

2
wolfcrypt/src/dilithium.c
View File

@@ -10108,6 +10108,8 @@ int wc_Dilithium_PublicKeyDecode(const byte* input, word32* inOutIdx,
/* This is the raw point data compressed or uncompressed. */ /* This is the raw point data compressed or uncompressed. */
pubKeyLen = (word32)length; pubKeyLen = (word32)length;
pubKey = input + idx; pubKey = input + idx;
*inOutIdx += idx;
} }
#endif #endif
if (ret == 0) { if (ret == 0) {

85
wolfcrypt/test/test.c
View File

@@ -43643,29 +43643,38 @@ out:
static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey, static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey,
word32 pubKeyLen, const byte* sig, word32 sigLen) word32 pubKeyLen, const byte* sig, word32 sigLen)
{ {
byte msg[512]; #ifndef DILITHIUM_TEST_MSG_SZ
dilithium_key* key; #define DILITHIUM_TEST_MSG_SZ 512
byte * pubExported = NULL; #endif
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte* msg = NULL;
dilithium_key* key = NULL;
byte* pubExported = NULL;
#else
byte msg[DILITHIUM_TEST_MSG_SZ];
dilithium_key key[1];
byte pubExported[DILITHIUM_MAX_PUB_KEY_SIZE];
#endif
wc_test_ret_t ret; wc_test_ret_t ret;
int i; int i;
int res = 0; int res = 0;
word32 lenExported = pubKeyLen; word32 lenExported = pubKeyLen;
int n_diff = 0; int n_diff = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
msg = (byte*)XMALLOC(DILITHIUM_TEST_MSG_SZ, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
key = (dilithium_key*)XMALLOC(sizeof(*key), HEAP_HINT, key = (dilithium_key*)XMALLOC(sizeof(*key), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL) {
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
}
pubExported = (byte*)XMALLOC(pubKeyLen, HEAP_HINT, pubExported = (byte*)XMALLOC(pubKeyLen, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (pubExported == NULL) { if (msg == NULL || key == NULL || pubExported == NULL) {
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
} }
#endif
/* make dummy msg */ /* make dummy msg */
for (i = 0; i < (int)sizeof(msg); i++) { for (i = 0; i < DILITHIUM_TEST_MSG_SZ; i++) {
msg[i] = (byte)i; msg[i] = (byte)i;
} }
@@ -43684,14 +43693,14 @@ static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey,
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (param >= WC_ML_DSA_DRAFT) { if (param >= WC_ML_DSA_DRAFT) {
ret = wc_dilithium_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), ret = wc_dilithium_verify_msg(sig, sigLen, msg, DILITHIUM_TEST_MSG_SZ,
&res, key); &res, key);
} }
else else
#endif #endif
{ {
ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg, ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg,
(word32)sizeof(msg), &res, key); DILITHIUM_TEST_MSG_SZ, &res, key);
} }
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -43716,8 +43725,11 @@ static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey,
out: out:
wc_dilithium_free(key); wc_dilithium_free(key);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(msg, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pubExported, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pubExported, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret; return ret;
} }
@@ -46799,8 +46811,13 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void)
static wc_test_ret_t dilithium_param_test(int param, WC_RNG* rng) static wc_test_ret_t dilithium_param_test(int param, WC_RNG* rng)
{ {
wc_test_ret_t ret; wc_test_ret_t ret;
dilithium_key* key; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
dilithium_key* key = NULL;
byte* sig = NULL; byte* sig = NULL;
#else
dilithium_key key[1];
byte sig[DILITHIUM_MAX_SIG_SIZE];
#endif
#ifndef WOLFSSL_DILITHIUM_NO_SIGN #ifndef WOLFSSL_DILITHIUM_NO_SIGN
word32 sigLen; word32 sigLen;
byte msg[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; byte msg[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
@@ -46809,16 +46826,15 @@ static wc_test_ret_t dilithium_param_test(int param, WC_RNG* rng)
#endif #endif
#endif #endif
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
key = (dilithium_key*)XMALLOC(sizeof(*key), HEAP_HINT, key = (dilithium_key*)XMALLOC(sizeof(*key), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL) {
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
}
sig = (byte*)XMALLOC(DILITHIUM_MAX_SIG_SIZE, HEAP_HINT, sig = (byte*)XMALLOC(DILITHIUM_MAX_SIG_SIZE, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (sig == NULL) { if (key == NULL || sig == NULL) {
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
} }
#endif
ret = wc_dilithium_init(key); ret = wc_dilithium_init(key);
if (ret != 0) { if (ret != 0) {
@@ -46855,8 +46871,10 @@ static wc_test_ret_t dilithium_param_test(int param, WC_RNG* rng)
out: out:
wc_dilithium_free(key); wc_dilithium_free(key);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret; return ret;
} }
#endif #endif
@@ -46873,30 +46891,31 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
int isPublicOnlyKey) int isPublicOnlyKey)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
dilithium_key *key = NULL;
#else
dilithium_key key[1];
#endif
byte* der;
#ifndef WOLFSSL_DILITHIUM_NO_ASN1 #ifndef WOLFSSL_DILITHIUM_NO_ASN1
/* Size the buffer to accommodate the largest encoded key size */
const word32 maxDerSz = DILITHIUM_MAX_PRV_KEY_DER_SIZE;
word32 derSz; word32 derSz;
word32 idx; word32 idx;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte* der = NULL;
#else
byte der[DILITHIUM_MAX_PRV_KEY_DER_SIZE];
#endif
#endif
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
dilithium_key *key = NULL;
#else
dilithium_key key[1];
#endif #endif
/* Size the buffer to accommodate the largest encoded key size */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
const word32 maxDerSz = DILITHIUM_MAX_PRV_KEY_DER_SIZE;
/* Allocate DER buffer */ /* Allocate DER buffer */
der = (byte*)XMALLOC(maxDerSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); der = (byte*)XMALLOC(maxDerSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) { key = (dilithium_key *)XMALLOC(sizeof(*key), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL || key == NULL) {
return MEMORY_E; return MEMORY_E;
} }
#ifdef WOLFSSL_SMALL_STACK
key = (dilithium_key *)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL)
ret = MEMORY_E;
#endif #endif
/* Initialize key */ /* Initialize key */
@@ -46999,9 +47018,9 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */ #endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
/* Cleanup */ /* Cleanup */
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_dilithium_free(key); wc_dilithium_free(key);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
return ret; return ret;

6
wolfssl/wolfcrypt/settings.h
View File

@@ -4251,6 +4251,12 @@ extern void uITRON4_free(void *p) ;
#error Please do not define HAVE_PQC yourself. #error Please do not define HAVE_PQC yourself.
#endif #endif
/* If no malloc then make sure the valid Dilithium settings are used */
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_NO_MALLOC)
#undef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
#define WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
#endif
#if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \ #if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
!defined(WOLFSSL_DTLS_CH_FRAG) !defined(WOLFSSL_DTLS_CH_FRAG)
#warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \ #warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \