Merge pull request #10571 from Frauschi/mlkem_rename

Migrate internal ML-KEM consumers to canonical wc_MlKemKey API
This commit is contained in:
Daniel Pouzzner
2026-06-05 11:00:44 -05:00
committed by GitHub
5 changed files with 112 additions and 112 deletions
+66 -66
View File
@@ -8585,7 +8585,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
#if (defined(WOLFSSL_MLKEM_CACHE_A) || \
(defined(HAVE_PKCS11) && !defined(NO_PKCS11_MLKEM))) && \
!defined(WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY)
/* Store KyberKey object rather than private key bytes in key share entry.
/* Store MlKemKey object rather than private key bytes in key share entry.
* Improves performance at cost of more dynamic memory being used. */
#define WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
#endif
@@ -8745,11 +8745,11 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
int ret = 0;
int type = 0;
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
WC_DECLARE_VAR(kem, KyberKey, 1, 0);
WC_DECLARE_VAR(kem, MlKemKey, 1, 0);
byte* privKey = NULL;
word32 privSz = 0;
#else
KyberKey* kem = NULL;
MlKemKey* kem = NULL;
#endif
/* This gets called twice. Once during parsing of the key share and once
@@ -8762,7 +8762,7 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
/* Get the type of key we need from the key share group. */
ret = mlkem_id2type(kse->group, &type);
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
WOLFSSL_MSG("Invalid Kyber algorithm specified.");
WOLFSSL_MSG("Invalid ML-KEM algorithm specified.");
ret = BAD_FUNC_ARG;
}
@@ -8770,7 +8770,7 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
#ifdef WOLFSSL_SMALL_STACK
if (ret == 0) {
kem = (KyberKey *)XMALLOC(sizeof(*kem), ssl->heap,
kem = (MlKemKey *)XMALLOC(sizeof(*kem), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (kem == NULL) {
WOLFSSL_MSG("KEM memory allocation failure");
@@ -8780,17 +8780,17 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
#endif /* WOLFSSL_SMALL_STACK */
if (ret == 0) {
ret = wc_KyberKey_Init(type, kem, ssl->heap, ssl->devId);
ret = wc_MlKemKey_Init(kem, type, ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Failed to initialize Kyber Key.");
WOLFSSL_MSG("Failed to initialize ML-KEM Key.");
}
}
if (ret == 0) {
ret = wc_KyberKey_PrivateKeySize(kem, &privSz);
ret = wc_MlKemKey_PrivateKeySize(kem, &privSz);
}
if (ret == 0) {
ret = wc_KyberKey_PublicKeySize(kem, &kse->pubKeyLen);
ret = wc_MlKemKey_PublicKeySize(kem, &kse->pubKeyLen);
}
if (ret == 0) {
@@ -8802,8 +8802,8 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
}
#else
if (ret == 0) {
/* Allocate a Kyber key to hold private key. */
kem = (KyberKey*)XMALLOC(sizeof(KyberKey), ssl->heap,
/* Allocate an ML-KEM key to hold private key. */
kem = (MlKemKey*)XMALLOC(sizeof(MlKemKey), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (kem == NULL) {
WOLFSSL_MSG("KEM memory allocation failure");
@@ -8811,13 +8811,13 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
}
}
if (ret == 0) {
ret = wc_KyberKey_Init(type, kem, ssl->heap, ssl->devId);
ret = wc_MlKemKey_Init(kem, type, ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Failed to initialize Kyber Key.");
WOLFSSL_MSG("Failed to initialize ML-KEM Key.");
}
}
if (ret == 0) {
ret = wc_KyberKey_PublicKeySize(kem, &kse->pubKeyLen);
ret = wc_MlKemKey_PublicKeySize(kem, &kse->pubKeyLen);
}
#endif
@@ -8831,32 +8831,32 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
}
if (ret == 0) {
ret = wc_KyberKey_MakeKey(kem, ssl->rng);
ret = wc_MlKemKey_MakeKey(kem, ssl->rng);
if (ret != 0) {
WOLFSSL_MSG("Kyber keygen failure");
WOLFSSL_MSG("ML-KEM keygen failure");
}
}
if (ret == 0) {
ret = wc_KyberKey_EncodePublicKey(kem, kse->pubKey,
ret = wc_MlKemKey_EncodePublicKey(kem, kse->pubKey,
kse->pubKeyLen);
}
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
ret = wc_KyberKey_EncodePrivateKey(kem, privKey, privSz);
ret = wc_MlKemKey_EncodePrivateKey(kem, privKey, privSz);
PRIVATE_KEY_LOCK();
}
#endif
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Public Kyber Key");
WOLFSSL_MSG("Public ML-KEM Key");
WOLFSSL_BUFFER(kse->pubKey, kse->pubKeyLen );
#endif
if (ret != 0) {
/* Data owned by key share entry otherwise. */
wc_KyberKey_Free(kem);
wc_MlKemKey_Free(kem);
XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
kse->pubKey = NULL;
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
@@ -8872,7 +8872,7 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
}
else {
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
wc_KyberKey_Free(kem);
wc_MlKemKey_Free(kem);
kse->privKey = (byte*)privKey;
kse->privKeyLen = privSz;
#else
@@ -9031,7 +9031,7 @@ static int TLSX_KeyShare_GenPqcHybridKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
kse->privKeyLen = pqc_kse->privKeyLen;
pqc_kse->privKey = NULL;
#else
/* PQC private key is a pointer to KyberKey object */
/* PQC private key is a pointer to MlKemKey object */
kse->privKey = (byte*)pqc_kse->key;
kse->privKeyLen = 0;
pqc_kse->key = NULL;
@@ -9043,7 +9043,7 @@ static int TLSX_KeyShare_GenPqcHybridKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
}
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Public Kyber Key");
WOLFSSL_MSG("Public ML-KEM Key");
WOLFSSL_BUFFER(kse->pubKey, kse->pubKeyLen );
#endif
@@ -9131,7 +9131,7 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
}
else if (WOLFSSL_NAMED_GROUP_IS_PQC(current->group)) {
#ifdef WOLFSSL_HAVE_MLKEM
wc_KyberKey_Free((KyberKey*)current->key);
wc_MlKemKey_Free((MlKemKey*)current->key);
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
if (current->privKey != NULL) {
ForceZero(current->privKey, current->privKeyLen);
@@ -9146,7 +9146,7 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
/* Free PQC private key */
#ifdef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
wc_KyberKey_Free((KyberKey*)current->privKey);
wc_MlKemKey_Free((MlKemKey*)current->privKey);
#else
if (current->privKey != NULL) {
ForceZero(current->privKey, current->privKeyLen);
@@ -9895,7 +9895,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
}
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
/* Process the Kyber key share extension on the client side.
/* Process the ML-KEM key share extension on the client side.
*
* ssl The SSL/TLS object.
* keyShareEntry The key share entry object to use to calculate shared secret.
@@ -9910,7 +9910,7 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
word32* ssOutSz)
{
int ret = 0;
KyberKey* kem = (KyberKey*)keyShareEntry->key;
MlKemKey* kem = (MlKemKey*)keyShareEntry->key;
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
word32 privSz = 0;
#endif
@@ -9934,8 +9934,8 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
if (kem == NULL) {
int type = 0;
/* Allocate a Kyber key to hold private key. */
kem = (KyberKey*) XMALLOC(sizeof(KyberKey), ssl->heap,
/* Allocate an ML-KEM key to hold private key. */
kem = (MlKemKey*) XMALLOC(sizeof(MlKemKey), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (kem == NULL) {
WOLFSSL_MSG("GenPqcKey memory error");
@@ -9949,29 +9949,29 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
ret = wc_KyberKey_Init(type, kem, ssl->heap, ssl->devId);
ret = wc_MlKemKey_Init(kem, type, ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Error creating Kyber KEM");
WOLFSSL_MSG("Error creating ML-KEM key");
}
}
}
#else
if (kem == NULL || keyShareEntry->privKeyLen != 0) {
WOLFSSL_MSG("Invalid Kyber key.");
WOLFSSL_MSG("Invalid ML-KEM key.");
ret = BAD_FUNC_ARG;
}
#endif
if (ret == 0) {
ret = wc_KyberKey_SharedSecretSize(kem, &ssSz);
ret = wc_MlKemKey_SharedSecretSize(kem, &ssSz);
}
if (ret == 0) {
ret = wc_KyberKey_CipherTextSize(kem, &ctSz);
ret = wc_MlKemKey_CipherTextSize(kem, &ctSz);
}
#ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ
if (ret == 0) {
ret = wc_KyberKey_PrivateKeySize(kem, &privSz);
ret = wc_MlKemKey_PrivateKeySize(kem, &privSz);
}
if (ret == 0 && privSz != keyShareEntry->privKeyLen) {
WOLFSSL_MSG("Invalid private key size.");
@@ -9979,7 +9979,7 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
}
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
ret = wc_KyberKey_DecodePrivateKey(kem, keyShareEntry->privKey, privSz);
ret = wc_MlKemKey_DecodePrivateKey(kem, keyShareEntry->privKey, privSz);
PRIVATE_KEY_LOCK();
}
#endif
@@ -9990,11 +9990,11 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
}
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
ret = wc_KyberKey_Decapsulate(kem, ssOutput,
ret = wc_MlKemKey_Decapsulate(kem, ssOutput,
keyShareEntry->ke, ctSz);
PRIVATE_KEY_LOCK();
if (ret != 0) {
WOLFSSL_MSG("wc_KyberKey decapsulation failure.");
WOLFSSL_MSG("wc_MlKemKey decapsulation failure.");
ret = BAD_FUNC_ARG;
}
}
@@ -10002,7 +10002,7 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
*ssOutSz = ssSz;
}
wc_KyberKey_Free(kem);
wc_MlKemKey_Free(kem);
XFREE(kem, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
keyShareEntry->key = NULL;
@@ -10013,7 +10013,7 @@ static int TLSX_KeyShare_ProcessPqcClient_ex(WOLFSSL* ssl,
return ret;
}
/* Process the Kyber key share extension on the client side.
/* Process the ML-KEM key share extension on the client side.
*
* ssl The SSL/TLS object.
* keyShareEntry The key share entry object to use to calculate shared secret.
@@ -10101,11 +10101,11 @@ static int TLSX_KeyShare_ProcessPqcHybridClient(WOLFSSL* ssl,
ret = mlkem_id2type(pqc_group, &type);
if (ret != 0) {
WOLFSSL_MSG("Invalid Kyber algorithm specified.");
WOLFSSL_MSG("Invalid ML-KEM algorithm specified.");
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
pqc_kse->key = XMALLOC(sizeof(KyberKey), ssl->heap,
pqc_kse->key = XMALLOC(sizeof(MlKemKey), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (pqc_kse->key == NULL) {
WOLFSSL_MSG("GenPqcKey memory error");
@@ -10113,10 +10113,10 @@ static int TLSX_KeyShare_ProcessPqcHybridClient(WOLFSSL* ssl,
}
}
if (ret == 0) {
ret = wc_KyberKey_Init(type, (KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_Init((MlKemKey*)pqc_kse->key, type,
ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Error creating Kyber KEM");
WOLFSSL_MSG("Error creating ML-KEM key");
}
}
#else
@@ -10127,11 +10127,11 @@ static int TLSX_KeyShare_ProcessPqcHybridClient(WOLFSSL* ssl,
pqc_kse->privKeyLen = keyShareEntry->privKeyLen;
if (ret == 0) {
ret = wc_KyberKey_SharedSecretSize((KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_SharedSecretSize((MlKemKey*)pqc_kse->key,
&ssSzPqc);
}
if (ret == 0) {
ret = wc_KyberKey_CipherTextSize((KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_CipherTextSize((MlKemKey*)pqc_kse->key,
&ctSz);
if (ret == 0 && keyShareEntry->keLen <= ctSz) {
WOLFSSL_MSG("Invalid ciphertext size.");
@@ -10665,7 +10665,7 @@ static int TLSX_KeyShare_New(KeyShareEntry** list, int group, void *heap,
}
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE)
/* Process the Kyber key share extension on the server side.
/* Process the ML-KEM key share extension on the server side.
*
* ssl The SSL/TLS object.
* keyShareEntry The key share entry object to be sent to the client.
@@ -10683,7 +10683,7 @@ static int TLSX_KeyShare_HandlePqcKeyServer(WOLFSSL* ssl,
/* We are on the server side. The key share contains a PQC KEM public key
* that we are using for an encapsulate operation. The resulting ciphertext
* is stored in the server key share. */
KyberKey* kemKey = (KyberKey*)keyShareEntry->key;
MlKemKey* kemKey = (MlKemKey*)keyShareEntry->key;
byte* ciphertext = NULL;
int ret = 0;
word32 pubSz = 0;
@@ -10698,8 +10698,8 @@ static int TLSX_KeyShare_HandlePqcKeyServer(WOLFSSL* ssl,
if (kemKey == NULL) {
int type = 0;
/* Allocate a Kyber key to hold private key. */
kemKey = (KyberKey*) XMALLOC(sizeof(KyberKey), ssl->heap,
/* Allocate an ML-KEM key to hold private key. */
kemKey = (MlKemKey*) XMALLOC(sizeof(MlKemKey), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (kemKey == NULL) {
WOLFSSL_MSG("GenPqcKey memory error");
@@ -10713,21 +10713,21 @@ static int TLSX_KeyShare_HandlePqcKeyServer(WOLFSSL* ssl,
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
ret = wc_KyberKey_Init(type, kemKey, ssl->heap, ssl->devId);
ret = wc_MlKemKey_Init(kemKey, type, ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Error creating Kyber KEM");
WOLFSSL_MSG("Error creating ML-KEM key");
}
}
}
if (ret == 0) {
ret = wc_KyberKey_PublicKeySize(kemKey, &pubSz);
ret = wc_MlKemKey_PublicKeySize(kemKey, &pubSz);
}
if (ret == 0) {
ret = wc_KyberKey_CipherTextSize(kemKey, &ctSz);
ret = wc_MlKemKey_CipherTextSize(kemKey, &ctSz);
}
if (ret == 0) {
ret = wc_KyberKey_SharedSecretSize(kemKey, &ssSz);
ret = wc_MlKemKey_SharedSecretSize(kemKey, &ssSz);
}
if (ret == 0 && clientLen != pubSz) {
@@ -10745,13 +10745,13 @@ static int TLSX_KeyShare_HandlePqcKeyServer(WOLFSSL* ssl,
}
if (ret == 0) {
ret = wc_KyberKey_DecodePublicKey(kemKey, clientData, pubSz);
ret = wc_MlKemKey_DecodePublicKey(kemKey, clientData, pubSz);
}
if (ret == 0) {
ret = wc_KyberKey_Encapsulate(kemKey, ciphertext,
ret = wc_MlKemKey_Encapsulate(kemKey, ciphertext,
ssOutput, ssl->rng);
if (ret != 0) {
WOLFSSL_MSG("wc_KyberKey encapsulation failure.");
WOLFSSL_MSG("wc_MlKemKey encapsulation failure.");
}
}
@@ -10774,7 +10774,7 @@ static int TLSX_KeyShare_HandlePqcKeyServer(WOLFSSL* ssl,
XFREE(ciphertext, ssl->heap, DYNAMIC_TYPE_TLSX);
wc_KyberKey_Free(kemKey);
wc_MlKemKey_Free(kemKey);
XFREE(kemKey, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
keyShareEntry->key = NULL;
return ret;
@@ -10834,8 +10834,8 @@ int TLSX_KeyShare_HandlePqcHybridKeyServer(WOLFSSL* ssl,
* decode these sizes to properly concatenate the KEM ciphertext with the
* ECDH public key. */
if (ret == 0) {
/* Allocate a Kyber key to hold private key. */
pqc_kse->key = (KyberKey*) XMALLOC(sizeof(KyberKey), ssl->heap,
/* Allocate an ML-KEM key to hold private key. */
pqc_kse->key = (MlKemKey*) XMALLOC(sizeof(MlKemKey), ssl->heap,
DYNAMIC_TYPE_PRIVATE_KEY);
if (pqc_kse->key == NULL) {
WOLFSSL_MSG("GenPqcKey memory error");
@@ -10849,22 +10849,22 @@ int TLSX_KeyShare_HandlePqcHybridKeyServer(WOLFSSL* ssl,
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
ret = wc_KyberKey_Init(type, (KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_Init((MlKemKey*)pqc_kse->key, type,
ssl->heap, ssl->devId);
if (ret != 0) {
WOLFSSL_MSG("Error creating Kyber KEM");
WOLFSSL_MSG("Error creating ML-KEM key");
}
}
if (ret == 0) {
ret = wc_KyberKey_SharedSecretSize((KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_SharedSecretSize((MlKemKey*)pqc_kse->key,
&ssSzPqc);
}
if (ret == 0) {
ret = wc_KyberKey_CipherTextSize((KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_CipherTextSize((MlKemKey*)pqc_kse->key,
&ctSz);
}
if (ret == 0) {
ret = wc_KyberKey_PublicKeySize((KyberKey*)pqc_kse->key,
ret = wc_MlKemKey_PublicKeySize((MlKemKey*)pqc_kse->key,
&pubSz);
}
}
+2 -2
View File
@@ -4847,7 +4847,7 @@ int test_tls13_derive_keys_no_key(void)
* heap use-after-free during cleanup. A malicious server sends
* SECP256R1MLKEM768 with only 10 bytes of key exchange data (expected: 1120+).
* This exercises the error path in TLSX_KeyShare_ProcessPqcHybridClient().
* Under ASAN the UAF manifests as ForceZero writing to freed KyberKey memory
* Under ASAN the UAF manifests as ForceZero writing to freed MlKemKey memory
* during wolfSSL_free -> TLSX_FreeAll -> TLSX_KeyShare_FreeAll. */
#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_CLIENT) && \
defined(WOLFSSL_HAVE_MLKEM) && defined(WOLFSSL_PQC_HYBRIDS) && \
@@ -4944,7 +4944,7 @@ int test_tls13_pqc_hybrid_truncated_keyshare(void)
WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR));
/* The UAF, if present, triggers here: wolfSSL_free -> TLSX_FreeAll ->
* TLSX_KeyShare_FreeAll -> ForceZero on already-freed KyberKey. */
* TLSX_KeyShare_FreeAll -> ForceZero on already-freed MlKemKey. */
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
+22 -22
View File
@@ -11089,7 +11089,7 @@ exit:
#ifdef WOLFSSL_HAVE_MLKEM
static void bench_mlkem_keygen(int type, const char* name, int keySize,
KyberKey* key)
MlKemKey* key)
{
#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
int ret = 0, times, count, pending = 0;
@@ -11104,17 +11104,17 @@ static void bench_mlkem_keygen(int type, const char* name, int keySize,
do {
/* while free pending slots in queue, submit ops */
for (times = 0; times < agreeTimes || pending > 0; times++) {
wc_KyberKey_Free(key);
ret = wc_KyberKey_Init(type, key, HEAP_HINT, INVALID_DEVID);
wc_MlKemKey_Free(key);
ret = wc_MlKemKey_Init(key, type, HEAP_HINT, INVALID_DEVID);
if (ret != 0)
goto exit;
#ifdef MLKEM_NONDETERMINISTIC
ret = wc_KyberKey_MakeKey(key, &gRng);
ret = wc_MlKemKey_MakeKey(key, &gRng);
#else
{
unsigned char rand[WC_ML_KEM_MAKEKEY_RAND_SZ] = {0,};
ret = wc_KyberKey_MakeKeyWithRandom(key, rand, sizeof(rand));
ret = wc_MlKemKey_MakeKeyWithRandom(key, rand, sizeof(rand));
}
#endif
if (ret != 0)
@@ -11144,7 +11144,7 @@ exit:
#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
static void bench_mlkem_encap(int type, const char* name, int keySize,
KyberKey* key1, KyberKey* key2)
MlKemKey* key1, MlKemKey* key2)
{
int ret = 0, times, count, pending = 0;
double start;
@@ -11162,24 +11162,24 @@ static void bench_mlkem_encap(int type, const char* name, int keySize,
WC_ALLOC_VAR(ss, byte, WC_ML_KEM_SS_SZ, HEAP_HINT);
WC_ALLOC_VAR(pub, byte, WC_ML_KEM_MAX_PUBLIC_KEY_SIZE, HEAP_HINT);
ret = wc_KyberKey_PublicKeySize(key1, &pubLen);
ret = wc_MlKemKey_PublicKeySize(key1, &pubLen);
if (ret != 0) {
goto exit;
}
ret = wc_KyberKey_EncodePublicKey(key1, pub, pubLen);
ret = wc_MlKemKey_EncodePublicKey(key1, pub, pubLen);
if (ret != 0) {
goto exit;
}
ret = wc_KyberKey_Init(type, key2, HEAP_HINT, INVALID_DEVID);
ret = wc_MlKemKey_Init(key2, type, HEAP_HINT, INVALID_DEVID);
if (ret != 0) {
goto exit;
}
ret = wc_KyberKey_DecodePublicKey(key2, pub, pubLen);
ret = wc_MlKemKey_DecodePublicKey(key2, pub, pubLen);
if (ret != 0) {
goto exit;
}
ret = wc_KyberKey_CipherTextSize(key2, &ctSz);
ret = wc_MlKemKey_CipherTextSize(key2, &ctSz);
if (ret != 0) {
goto exit;
}
@@ -11191,10 +11191,10 @@ static void bench_mlkem_encap(int type, const char* name, int keySize,
/* while free pending slots in queue, submit ops */
for (times = 0; times < agreeTimes || pending > 0; times++) {
#ifdef MLKEM_NONDETERMINISTIC
ret = wc_KyberKey_Encapsulate(key2, ct, ss, &gRng);
ret = wc_MlKemKey_Encapsulate(key2, ct, ss, &gRng);
#else
unsigned char rand[WC_ML_KEM_ENC_RAND_SZ] = {0,};
ret = wc_KyberKey_EncapsulateWithRandom(key2, ct, ss, rand,
ret = wc_MlKemKey_EncapsulateWithRandom(key2, ct, ss, rand,
sizeof(rand));
#endif
if (ret != 0)
@@ -11224,7 +11224,7 @@ exit_encap:
do {
/* while free pending slots in queue, submit ops */
for (times = 0; times < agreeTimes || pending > 0; times++) {
ret = wc_KyberKey_Decapsulate(key1, ss, ct, ctSz);
ret = wc_MlKemKey_Decapsulate(key1, ss, ct, ctSz);
if (ret != 0)
goto exit_decap;
RECORD_MULTI_VALUE_STATS();
@@ -11261,11 +11261,11 @@ exit:
void bench_mlkem(int type)
{
#ifdef WOLFSSL_SMALL_STACK
KyberKey *key1 = NULL;
KyberKey *key2 = NULL;
MlKemKey *key1 = NULL;
MlKemKey *key2 = NULL;
#else
KyberKey key1[1];
KyberKey key2[1];
MlKemKey key1[1];
MlKemKey key2[1];
#endif
const char* name = NULL;
int keySize = 0;
@@ -11316,10 +11316,10 @@ void bench_mlkem(int type)
}
#ifdef WOLFSSL_SMALL_STACK
key1 = (KyberKey *)XMALLOC(sizeof(*key1), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
key1 = (MlKemKey *)XMALLOC(sizeof(*key1), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (key1 == NULL)
return;
key2 = (KyberKey *)XMALLOC(sizeof(*key2), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
key2 = (MlKemKey *)XMALLOC(sizeof(*key2), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (key2 == NULL) {
XFREE(key1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return;
@@ -11332,8 +11332,8 @@ void bench_mlkem(int type)
bench_mlkem_encap(type, name, keySize, key1, key2);
#endif
wc_KyberKey_Free(key2);
wc_KyberKey_Free(key1);
wc_MlKemKey_Free(key2);
wc_MlKemKey_Free(key1);
WC_FREE_VAR_EX(key1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
WC_FREE_VAR_EX(key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+1 -1
View File
@@ -1177,7 +1177,7 @@ int wc_CryptoCb_PqcKemGetDevId(int type, void* key)
/* get devId */
if (type == WC_PQC_KEM_TYPE_MLKEM) {
devId = ((KyberKey*) key)->devId;
devId = ((MlKemKey*) key)->devId;
}
return devId;
+21 -21
View File
@@ -48597,23 +48597,23 @@ static wc_test_ret_t mlkem512_kat(void)
#endif
#ifdef WOLFSSL_MLKEM_KYBER
ret = wc_KyberKey_Init(KYBER512, key, HEAP_HINT, katDevId);
ret = wc_MlKemKey_Init(key, KYBER512, HEAP_HINT, katDevId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
key_inited = 1;
#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
ret = wc_KyberKey_MakeKeyWithRandom(key, kyber512_rand,
ret = wc_MlKemKey_MakeKeyWithRandom(key, kyber512_rand,
sizeof(kyber512_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePublicKey(key, pub, KYBER512_PUBLIC_KEY_SIZE);
ret = wc_MlKemKey_EncodePublicKey(key, pub, KYBER512_PUBLIC_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePrivateKey(key, priv, KYBER512_PRIVATE_KEY_SIZE);
ret = wc_MlKemKey_EncodePrivateKey(key, priv, KYBER512_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -48625,14 +48625,14 @@ static wc_test_ret_t mlkem512_kat(void)
#else
(void)kyber512_rand;
(void)kyber512_pk;
ret = wc_KyberKey_DecodePrivateKey(key, kyber512_sk,
ret = wc_MlKemKey_DecodePrivateKey(key, kyber512_sk,
KYBER512_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
#ifndef WOLFSSL_MLKEM_NO_ENCAPSULATE
ret = wc_KyberKey_EncapsulateWithRandom(key, ct, ss, kyber512enc_rand,
ret = wc_MlKemKey_EncapsulateWithRandom(key, ct, ss, kyber512enc_rand,
sizeof(kyber512enc_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -48647,7 +48647,7 @@ static wc_test_ret_t mlkem512_kat(void)
#endif
#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
ret = wc_KyberKey_Decapsulate(key, ss_dec, kyber512_ct,
ret = wc_MlKemKey_Decapsulate(key, ss_dec, kyber512_ct,
sizeof(kyber512_ct));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -50060,23 +50060,23 @@ static wc_test_ret_t mlkem768_kat(void)
#endif
#ifdef WOLFSSL_MLKEM_KYBER
ret = wc_KyberKey_Init(KYBER768, key, HEAP_HINT, katDevId);
ret = wc_MlKemKey_Init(key, KYBER768, HEAP_HINT, katDevId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
key_inited = 1;
#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
ret = wc_KyberKey_MakeKeyWithRandom(key, kyber768_rand,
ret = wc_MlKemKey_MakeKeyWithRandom(key, kyber768_rand,
sizeof(kyber768_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePublicKey(key, pub, KYBER768_PUBLIC_KEY_SIZE);
ret = wc_MlKemKey_EncodePublicKey(key, pub, KYBER768_PUBLIC_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePrivateKey(key, priv, KYBER768_PRIVATE_KEY_SIZE);
ret = wc_MlKemKey_EncodePrivateKey(key, priv, KYBER768_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -50088,14 +50088,14 @@ static wc_test_ret_t mlkem768_kat(void)
#else
(void)kyber768_rand;
(void)kyber768_pk;
ret = wc_KyberKey_DecodePrivateKey(key, kyber768_sk,
ret = wc_MlKemKey_DecodePrivateKey(key, kyber768_sk,
KYBER768_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
#ifndef WOLFSSL_MLKEM_NO_ENCAPSULATE
ret = wc_KyberKey_EncapsulateWithRandom(key, ct, ss, kyber768enc_rand,
ret = wc_MlKemKey_EncapsulateWithRandom(key, ct, ss, kyber768enc_rand,
sizeof(kyber768enc_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -50110,7 +50110,7 @@ static wc_test_ret_t mlkem768_kat(void)
#endif
#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
ret = wc_KyberKey_Decapsulate(key, ss_dec, kyber768_ct,
ret = wc_MlKemKey_Decapsulate(key, ss_dec, kyber768_ct,
sizeof(kyber768_ct));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -51907,23 +51907,23 @@ static wc_test_ret_t mlkem1024_kat(void)
#endif
#ifdef WOLFSSL_MLKEM_KYBER
ret = wc_KyberKey_Init(KYBER1024, key, HEAP_HINT, katDevId);
ret = wc_MlKemKey_Init(key, KYBER1024, HEAP_HINT, katDevId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
key_inited = 1;
#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
ret = wc_KyberKey_MakeKeyWithRandom(key, kyber1024_rand,
ret = wc_MlKemKey_MakeKeyWithRandom(key, kyber1024_rand,
sizeof(kyber1024_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePublicKey(key, pub, KYBER_MAX_PUBLIC_KEY_SIZE);
ret = wc_MlKemKey_EncodePublicKey(key, pub, KYBER_MAX_PUBLIC_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_KyberKey_EncodePrivateKey(key, priv, KYBER_MAX_PRIVATE_KEY_SIZE);
ret = wc_MlKemKey_EncodePrivateKey(key, priv, KYBER_MAX_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -51935,14 +51935,14 @@ static wc_test_ret_t mlkem1024_kat(void)
#else
(void)kyber1024_rand;
(void)kyber1024_pk;
ret = wc_KyberKey_DecodePrivateKey(key, kyber1024_sk,
ret = wc_MlKemKey_DecodePrivateKey(key, kyber1024_sk,
KYBER1024_PRIVATE_KEY_SIZE);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
#ifndef WOLFSSL_MLKEM_NO_ENCAPSULATE
ret = wc_KyberKey_EncapsulateWithRandom(key, ct, ss, kyber1024enc_rand,
ret = wc_MlKemKey_EncapsulateWithRandom(key, ct, ss, kyber1024enc_rand,
sizeof(kyber1024enc_rand));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -51957,7 +51957,7 @@ static wc_test_ret_t mlkem1024_kat(void)
#endif
#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
ret = wc_KyberKey_Decapsulate(key, ss_dec, kyber1024_ct,
ret = wc_MlKemKey_Decapsulate(key, ss_dec, kyber1024_ct,
sizeof(kyber1024_ct));
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);