feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Update CryptoCb API for Dilithium final standard

Browse Source 
Add context and preHash metadata.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
This commit is contained in:
Tobias Frauenschläger
2024-09-06 14:28:10 +02:00
parent be6888c589
commit 9db5499dbd
4 changed files with 82 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
wolfcrypt/src/cryptocb.c
View File

@ -1043,7 +1043,8 @@ int wc_CryptoCb_MakePqcSignatureKey(WC_RNG* rng, int type, int keySize,
}
int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen,
WC_RNG* rng, int type, void* key)
const byte* context, byte contextLen, word32 preHashType, WC_RNG* rng,
int type, void* key)
{
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
@ -1068,6 +1069,9 @@ int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen,
cryptoInfo.pk.pqc_sign.inlen = inlen;
cryptoInfo.pk.pqc_sign.out = out;
cryptoInfo.pk.pqc_sign.outlen = outlen;
cryptoInfo.pk.pqc_sign.context = context;
cryptoInfo.pk.pqc_sign.contextLen = contextLen;
cryptoInfo.pk.pqc_sign.preHashType = preHashType;
cryptoInfo.pk.pqc_sign.rng = rng;
cryptoInfo.pk.pqc_sign.key = key;
cryptoInfo.pk.pqc_sign.type = type;
@ -1079,7 +1083,8 @@ int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen,
}
int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen, const byte* msg,
word32 msglen, int* res, int type, void* key)
word32 msglen, const byte* context, byte contextLen, word32 preHashType,
int* res, int type, void* key)
{
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
@ -1104,6 +1109,9 @@ int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen, const byte* msg,
cryptoInfo.pk.pqc_verify.siglen = siglen;
cryptoInfo.pk.pqc_verify.msg = msg;
cryptoInfo.pk.pqc_verify.msglen = msglen;
cryptoInfo.pk.pqc_verify.context = context;
cryptoInfo.pk.pqc_verify.contextLen = contextLen;
cryptoInfo.pk.pqc_verify.preHashType = preHashType;
cryptoInfo.pk.pqc_verify.res = res;
cryptoInfo.pk.pqc_verify.key = key;
cryptoInfo.pk.pqc_verify.type = type;

60
wolfcrypt/src/dilithium.c
View File

@ -8024,8 +8024,8 @@ int wc_dilithium_sign_ctx_msg(const byte* ctx, byte ctxLen, const byte* msg,
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, rng,
WC_PQC_SIG_TYPE_DILITHIUM, key);
ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, ctx, ctxLen,
WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@ -8075,8 +8075,8 @@ int wc_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig,
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, rng,
WC_PQC_SIG_TYPE_DILITHIUM, key);
ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, NULL, 0,
WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@ -8127,6 +8127,22 @@ int wc_dilithium_sign_ctx_hash(const byte* ctx, byte ctxLen, int hashAlg,
ret = BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_CB
if (ret == 0) {
#ifndef WOLF_CRYPTO_CB_FIND
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcSign(hash, hashLen, sig, sigLen, ctx, ctxLen,
hashAlg, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
}
}
#endif
if (ret == 0) {
/* Sign message. */
#ifdef WOLFSSL_WC_DILITHIUM
@ -8301,6 +8317,22 @@ int wc_dilithium_verify_ctx_msg(const byte* sig, word32 sigLen, const byte* ctx,
ret = BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_CB
if (ret == 0) {
#ifndef WOLF_CRYPTO_CB_FIND
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, ctx, ctxLen,
WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
}
}
#endif
if (ret == 0) {
/* Verify message with signature. */
#ifdef WOLFSSL_WC_DILITHIUM
@ -8345,8 +8377,8 @@ int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, res,
WC_PQC_SIG_TYPE_DILITHIUM, key);
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, NULL, 0,
WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@ -8397,6 +8429,22 @@ int wc_dilithium_verify_ctx_hash(const byte* sig, word32 sigLen,
ret = BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_CB
if (ret == 0) {
#ifndef WOLF_CRYPTO_CB_FIND
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, hash, hashLen, ctx, ctxLen,
hashAlg, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
}
}
#endif
if (ret == 0) {
/* Verify message with signature. */
#ifdef WOLFSSL_WC_DILITHIUM

8
wolfcrypt/src/falcon.c
View File

@ -73,8 +73,8 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcSign(in, inLen, out, outLen, rng,
WC_PQC_SIG_TYPE_FALCON, key);
ret = wc_CryptoCb_PqcSign(in, inLen, out, outLen, NULL, 0,
WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_FALCON, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@ -171,8 +171,8 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
if (key->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, res,
WC_PQC_SIG_TYPE_FALCON, key);
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, NULL, 0,
WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_FALCON, key);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */

12
wolfssl/wolfcrypt/cryptocb.h
View File

@ -294,6 +294,9 @@ typedef struct wc_CryptoInfo {
WC_RNG* rng;
void* key;
int type; /* enum wc_PqcSignatureType */
const byte* context;
byte contextLen;
word32 preHashType; /* enum wc_HashType */
} pqc_sign;
struct {
const byte* sig;
@ -303,6 +306,9 @@ typedef struct wc_CryptoInfo {
int* res;
void* key;
int type; /* enum wc_PqcSignatureType */
const byte* context;
byte contextLen;
word32 preHashType; /* enum wc_HashType */
} pqc_verify;
struct {
void* key;
@ -560,10 +566,12 @@ WOLFSSL_LOCAL int wc_CryptoCb_MakePqcSignatureKey(WC_RNG* rng, int type,
int keySize, void* key);
WOLFSSL_LOCAL int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out,
word32 *outlen, WC_RNG* rng, int type, void* key);
word32 *outlen, const byte* context, byte contextLen, word32 preHashType,
WC_RNG* rng, int type, void* key);
WOLFSSL_LOCAL int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen,
const byte* msg, word32 msglen, int* res, int type, void* key);
const byte* msg, word32 msglen, const byte* context, byte contextLen,
word32 preHashType, int* res, int type, void* key);
WOLFSSL_LOCAL int wc_CryptoCb_PqcSignatureCheckPrivKey(void* key, int type,
const byte* pubKey, word32 pubKeySz);