diff --git a/CMakeLists.txt b/CMakeLists.txt index 6a1566cb6b..e5852a39d9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -778,6 +778,10 @@ add_option(WOLFSSL_XMSS "no" "yes;no") # SLH-DSA +add_option(WOLFSSL_SLHDSA + "Enable the wolfSSL SLH-DSA implementation (default: disabled)" + "no" "yes;no") + if (WOLFSSL_SLHDSA) message(STATUS "Automatically set related requirements for SLH-DSA") add_definitions("-DWOLFSSL_HAVE_SLHDSA") @@ -790,10 +794,6 @@ if (WOLFSSL_SLHDSA) message(STATUS "Looking for WOLFSSL_SLHDSA - found") endif() -add_option(WOLFSSL_SLHDSA - "Enable the wolfSSL SLH-DSA implementation (default: disabled)" - "no" "yes;no") - # TODO: - Lean PSK # - Lean TLS # - Low resource diff --git a/cmake/functions.cmake b/cmake/functions.cmake index 716457a4dd..50ad0d2530 100644 --- a/cmake/functions.cmake +++ b/cmake/functions.cmake @@ -226,6 +226,9 @@ function(generate_build_flags) if(WOLFSSL_XMSS OR WOLFSSL_USER_SETTINGS) set(BUILD_WC_XMSS "yes" PARENT_SCOPE) endif() + if(WOLFSSL_SLHDSA OR WOLFSSL_USER_SETTINGS) + set(BUILD_WC_SLHDSA "yes" PARENT_SCOPE) + endif() if(WOLFSSL_ARIA OR WOLFSSL_USER_SETTINGS) message(STATUS "ARIA functions.cmake found WOLFSSL_ARIA") # we cannot actually build, as we only have pre-compiled bin @@ -1078,6 +1081,10 @@ function(generate_lib_src_list LIB_SOURCES) list(APPEND LIB_SOURCES wolfcrypt/src/wc_xmss_impl.c) endif() + if(BUILD_WC_SLHDSA) + list(APPEND LIB_SOURCES wolfcrypt/src/wc_slhdsa.c) + endif() + if(BUILD_LIBZ) list(APPEND LIB_SOURCES wolfcrypt/src/compress.c) endif() diff --git a/cmake/options.h.in b/cmake/options.h.in index c1ba00568c..31df488e1e 100644 --- a/cmake/options.h.in +++ b/cmake/options.h.in @@ -410,6 +410,10 @@ extern "C" { #cmakedefine HAVE_SECRET_CALLBACK #undef WC_RSA_DIRECT #cmakedefine WC_RSA_DIRECT +#undef WOLFSSL_HAVE_SLHDSA +#cmakedefine WOLFSSL_HAVE_SLHDSA +#undef WOLFSSL_WC_SLHDSA +#cmakedefine WOLFSSL_WC_SLHDSA #ifdef __cplusplus } diff --git a/wolfcrypt/src/wc_slhdsa.c b/wolfcrypt/src/wc_slhdsa.c index bf842e8c94..46adf35f72 100644 --- a/wolfcrypt/src/wc_slhdsa.c +++ b/wolfcrypt/src/wc_slhdsa.c @@ -2547,7 +2547,7 @@ static int slhdsakey_wots_sign_chain_x4_16(SlhDsaKey* key, const byte* msg, int i; sword8 j; byte ii; - byte idx[4]; + byte idx[4] = {0}; byte n = key->params->n; byte len = key->params->len; WC_DECLARE_VAR(sk, byte, 4 * 16, key->heap); @@ -2627,7 +2627,7 @@ static int slhdsakey_wots_sign_chain_x4_24(SlhDsaKey* key, const byte* msg, int i; sword8 j; byte ii; - byte idx[4]; + byte idx[4] = {0}; byte n = key->params->n; byte len = key->params->len; WC_DECLARE_VAR(sk, byte, 4 * 24, key->heap); @@ -2707,7 +2707,7 @@ static int slhdsakey_wots_sign_chain_x4_32(SlhDsaKey* key, const byte* msg, int i; sword8 j; byte ii; - byte idx[4]; + byte idx[4] = {0}; byte n = key->params->n; byte len = key->params->len; WC_DECLARE_VAR(sk, byte, 4 * 32, key->heap); @@ -3183,7 +3183,7 @@ static int slhdsakey_wots_pk_from_sig_x4(SlhDsaKey* key, const byte* sig, const byte* msg, const byte* pk_seed, word32* adrs, byte* pk_sig) { int ret = 0; - byte idx[4]; + byte idx[4] = {0}; int i; byte ii; sword8 j;