mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 16:30:47 +02:00
Support for ML-DSA in PKCS#11
Offload ML-DSA operations onto a PKCS#11 token via the cryptoCb interface: * Key generation * Signature generation * Signature verification * Key import Both the pure and pre-hash versions are supported. Not yet supported are the pre-hash versions that also offload the hashing onto the token. This also fixes casting errors introduced in #9780 due to usage of uintptr_t, which is unavailable without including stdint.h on some platforms. Use the wolfssl own wc_ptr_t instead.
This commit is contained in:
@@ -418,6 +418,7 @@ NO_PKCS11_ECC
|
||||
NO_PKCS11_ECDH
|
||||
NO_PKCS11_EC_KEYGEN
|
||||
NO_PKCS11_HMAC
|
||||
NO_PKCS11_MLDSA
|
||||
NO_PKCS11_RNG
|
||||
NO_PKCS11_RSA
|
||||
NO_PKCS11_RSA_PKCS
|
||||
|
||||
+1
-1
@@ -13601,7 +13601,7 @@ void wc_AesFree(Aes* aes)
|
||||
#endif
|
||||
{
|
||||
int ret = wc_CryptoCb_Free(aes->devId, WC_ALGO_TYPE_CIPHER,
|
||||
WC_CIPHER_AES, aes);
|
||||
WC_CIPHER_AES, 0, aes);
|
||||
#ifdef WOLF_CRYPTO_CB_AES_SETKEY
|
||||
aes->devCtx = NULL; /* Clear device context handle */
|
||||
#endif
|
||||
|
||||
@@ -2120,11 +2120,13 @@ int wc_CryptoCb_Copy(int devId, int algo, int type, void* src, void* dst)
|
||||
* WC_ALGO_TYPE_CIPHER, etc
|
||||
* type: Specific type - for HASH: enum wc_HashType, for CIPHER:
|
||||
* enum wc_CipherType
|
||||
* subType: Specific subtype - for PQC: enum wc_PqcKemType,
|
||||
* enum wc_PqcSignatureType
|
||||
* obj: Pointer to object structure to free
|
||||
* Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not
|
||||
* handled
|
||||
*/
|
||||
int wc_CryptoCb_Free(int devId, int algo, int type, void* obj)
|
||||
int wc_CryptoCb_Free(int devId, int algo, int type, int subType, void* obj)
|
||||
{
|
||||
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
|
||||
CryptoCb* dev;
|
||||
@@ -2137,6 +2139,7 @@ int wc_CryptoCb_Free(int devId, int algo, int type, void* obj)
|
||||
cryptoInfo.algo_type = WC_ALGO_TYPE_FREE;
|
||||
cryptoInfo.free.algo = algo;
|
||||
cryptoInfo.free.type = type;
|
||||
cryptoInfo.free.subType = subType;
|
||||
cryptoInfo.free.obj = obj;
|
||||
|
||||
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
|
||||
|
||||
@@ -10834,6 +10834,14 @@ int wc_dilithium_get_level(dilithium_key* key, byte* level)
|
||||
void wc_dilithium_free(dilithium_key* key)
|
||||
{
|
||||
if (key != NULL) {
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
|
||||
if (key->devId != INVALID_DEVID) {
|
||||
wc_CryptoCb_Free(key->devId, WC_ALGO_TYPE_PK,
|
||||
WC_PK_TYPE_PQC_SIG_KEYGEN,
|
||||
WC_PQC_SIG_TYPE_DILITHIUM,
|
||||
(void*)key);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_WC_DILITHIUM
|
||||
#ifndef WC_DILITHIUM_FIXED_ARRAY
|
||||
/* Dispose of cached items. */
|
||||
|
||||
+1
-1
@@ -7894,7 +7894,7 @@ int wc_ecc_free(ecc_key* key)
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
|
||||
if (key->devId != INVALID_DEVID) {
|
||||
wc_CryptoCb_Free(key->devId, WC_ALGO_TYPE_PK,
|
||||
WC_PK_TYPE_EC_KEYGEN, key);
|
||||
WC_PK_TYPE_EC_KEYGEN, 0, key);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
+1
-1
@@ -1062,7 +1062,7 @@ void wc_ShaFree(wc_Sha* sha)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha->devId, WC_ALGO_TYPE_HASH,
|
||||
WC_HASH_TYPE_SHA, (void*)sha);
|
||||
WC_HASH_TYPE_SHA, 0, (void*)sha);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
|
||||
@@ -2305,7 +2305,7 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha224->devId, WC_ALGO_TYPE_HASH,
|
||||
WC_HASH_TYPE_SHA224, (void*)sha224);
|
||||
WC_HASH_TYPE_SHA224, 0, (void*)sha224);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
@@ -2382,7 +2382,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha256->devId, WC_ALGO_TYPE_HASH,
|
||||
WC_HASH_TYPE_SHA256, (void*)sha256);
|
||||
WC_HASH_TYPE_SHA256, 0, (void*)sha256);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
|
||||
@@ -1252,7 +1252,7 @@ static void wc_Sha3Free(wc_Sha3* sha3)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha3->devId, WC_ALGO_TYPE_HASH,
|
||||
sha3->hashType, (void*)sha3);
|
||||
sha3->hashType, 0, (void*)sha3);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
|
||||
@@ -1635,7 +1635,7 @@ void wc_Sha512Free(wc_Sha512* sha512)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha512->devId, WC_ALGO_TYPE_HASH,
|
||||
WC_HASH_TYPE_SHA512, (void*)sha512);
|
||||
WC_HASH_TYPE_SHA512, 0, (void*)sha512);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
@@ -2117,7 +2117,7 @@ void wc_Sha384Free(wc_Sha384* sha384)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(sha384->devId, WC_ALGO_TYPE_HASH,
|
||||
WC_HASH_TYPE_SHA384, (void*)sha384);
|
||||
WC_HASH_TYPE_SHA384, 0, (void*)sha384);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
|
||||
+1074
-18
File diff suppressed because it is too large
Load Diff
@@ -488,6 +488,7 @@ typedef struct wc_CryptoInfo {
|
||||
struct { /* uses wc_AlgoType=WC_ALGO_TYPE_FREE */
|
||||
int algo; /* enum wc_AlgoType - HASH, CIPHER, etc */
|
||||
int type; /* For HASH: wc_HashType, CIPHER: wc_CipherType */
|
||||
int subType; /* For PQC: wc_PqcKemType, wc_PqcSignatureType */
|
||||
void *obj; /* Object structure to free */
|
||||
} free;
|
||||
#endif /* WOLF_CRYPTO_CB_FREE */
|
||||
@@ -768,7 +769,8 @@ WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int algo, int type, void* src,
|
||||
void* dst);
|
||||
#endif /* WOLF_CRYPTO_CB_COPY */
|
||||
#ifdef WOLF_CRYPTO_CB_FREE
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_Free(int devId, int algo, int type, void* obj);
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_Free(int devId, int algo, int type, int subType,
|
||||
void* obj);
|
||||
#endif /* WOLF_CRYPTO_CB_FREE */
|
||||
|
||||
#endif /* WOLF_CRYPTO_CB */
|
||||
|
||||
@@ -1078,6 +1078,10 @@ WOLFSSL_LOCAL void wc_mldsa_poly_make_pos_avx2(sword32* a);
|
||||
wc_dilithium_sign_msg(msg, msgSz, sig, sigSz, key, rng)
|
||||
#define wc_MlDsaKey_SignCtx(key, ctx, ctxSz, sig, sigSz, msg, msgSz, rng) \
|
||||
wc_dilithium_sign_ctx_msg(ctx, ctxSz, msg, msgSz, sig, sigSz, key, rng)
|
||||
#define wc_MlDsaKey_SignCtxHash(key, ctx, ctxSz, sig, sigSz, hash, hashSz, \
|
||||
hashAlg, rng) \
|
||||
wc_dilithium_sign_ctx_hash(ctx, ctxSz, hashAlg, hash, hashSz, sig, sigSz, \
|
||||
key, rng)
|
||||
#define wc_MlDsaKey_Free(key) \
|
||||
wc_dilithium_free(key)
|
||||
#define wc_MlDsaKey_ExportPubRaw(key, out, outLen) \
|
||||
@@ -1087,7 +1091,11 @@ WOLFSSL_LOCAL void wc_mldsa_poly_make_pos_avx2(sword32* a);
|
||||
#define wc_MlDsaKey_Verify(key, sig, sigSz, msg, msgSz, res) \
|
||||
wc_dilithium_verify_msg(sig, sigSz, msg, msgSz, res, key)
|
||||
#define wc_MlDsaKey_VerifyCtx(key, sig, sigSz, ctx, ctxSz, msg, msgSz, res) \
|
||||
wc_dilithium_verify_msg_ctx(sig, sigSz, ctx, ctxSz, msg, msgSz, res, key)
|
||||
wc_dilithium_verify_ctx_msg(sig, sigSz, ctx, ctxSz, msg, msgSz, res, key)
|
||||
#define wc_MlDsaKey_VerifyCtxHash(key, sig, sigSz, ctx, ctxSz, hash, hashSz, \
|
||||
hashAlg, res) \
|
||||
wc_dilithium_verify_ctx_hash(sig, sigSz, ctx, ctxSz, hashAlg, hash, \
|
||||
hashSz, res, key)
|
||||
|
||||
#define wc_MlDsaKey_PublicKeyToDer(key, output, len, withAlg) \
|
||||
wc_Dilithium_PublicKeyToDer(key, output, len, withAlg)
|
||||
@@ -1095,6 +1103,11 @@ WOLFSSL_LOCAL void wc_mldsa_poly_make_pos_avx2(sword32* a);
|
||||
#define wc_MlDsaKey_PrivateKeyToDer(key, output, len) \
|
||||
wc_Dilithium_PrivateKeyToDer(key, output, len)
|
||||
|
||||
#define wc_MlDsaKey_PrivateKeyDecode(key, input, sz, idx) \
|
||||
wc_Dilithium_PrivateKeyDecode(input, idx, key, sz)
|
||||
#define wc_MlDsaKey_PublicKeyDecode(key, input, sz, idx) \
|
||||
wc_Dilithium_PublicKeyDecode(input, idx, key, sz)
|
||||
|
||||
|
||||
WOLFSSL_API int wc_MlDsaKey_GetPrivLen(MlDsaKey* key, int* len);
|
||||
WOLFSSL_API int wc_MlDsaKey_GetPubLen(MlDsaKey* key, int* len);
|
||||
|
||||
@@ -89,6 +89,7 @@ extern "C" {
|
||||
#define CKK_SHA384_HMAC 0x0000002cUL
|
||||
#define CKK_SHA512_HMAC 0x0000002dUL
|
||||
#define CKK_SHA224_HMAC 0x0000002eUL
|
||||
#define CKK_ML_DSA 0x0000004aUL
|
||||
|
||||
#define CKA_CLASS 0x00000000UL
|
||||
#define CKA_TOKEN 0x00000001UL
|
||||
@@ -139,6 +140,8 @@ extern "C" {
|
||||
#define CKA_HW_FEATURE_TYPE 0x00000300UL
|
||||
#define CKA_RESET_ON_INIT 0x00000301UL
|
||||
#define CKA_HAS_RESET 0x00000302UL
|
||||
#define CKA_PARAMETER_SET 0x0000061DUL
|
||||
|
||||
|
||||
#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL
|
||||
#define CKM_RSA_PKCS 0x00000001UL
|
||||
@@ -158,6 +161,10 @@ extern "C" {
|
||||
#define CKM_SHA384_HMAC 0x00000261UL
|
||||
#define CKM_SHA512 0x00000270UL
|
||||
#define CKM_SHA512_HMAC 0x00000271UL
|
||||
#define CKM_SHA512_256 0x0000004CUL
|
||||
#define CKM_SHA3_256 0x000002B0UL
|
||||
#define CKM_SHA3_384 0x000002C0UL
|
||||
#define CKM_SHA3_512 0x000002D0UL
|
||||
#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL
|
||||
#define CKM_EC_KEY_PAIR_GEN 0x00001040UL
|
||||
#define CKM_ECDSA 0x00001041UL
|
||||
@@ -167,6 +174,9 @@ extern "C" {
|
||||
#define CKM_AES_CBC 0x00001082UL
|
||||
#define CKM_AES_CTR 0x00001086UL
|
||||
#define CKM_AES_GCM 0x00001087UL
|
||||
#define CKM_ML_DSA_KEY_PAIR_GEN 0x0000001CUL
|
||||
#define CKM_ML_DSA 0x0000001DUL
|
||||
#define CKM_HASH_ML_DSA 0x0000001FUL
|
||||
|
||||
/* full data RSA PK callbacks */
|
||||
#define CKM_SHA1_RSA_PKCS_PSS 0x0000000EUL
|
||||
@@ -395,6 +405,33 @@ typedef struct CK_ASYNC_DATA {
|
||||
} CK_ASYNC_DATA;
|
||||
typedef CK_ASYNC_DATA* CK_ASYNC_DATA_PTR;
|
||||
|
||||
/* generic PQ mechanism parameters */
|
||||
typedef CK_ULONG CK_HEDGE_TYPE;
|
||||
#define CKH_HEDGE_PREFERRED 0x00000000UL
|
||||
#define CKH_HEDGE_REQUIRED 0x00000001UL
|
||||
#define CKH_DETERMINISTIC_REQUIRED 0x00000002UL
|
||||
|
||||
typedef struct CK_SIGN_ADDITIONAL_CONTEXT {
|
||||
CK_HEDGE_TYPE hedgeVariant;
|
||||
CK_BYTE_PTR pContext;
|
||||
CK_ULONG ulContextLen;
|
||||
} CK_SIGN_ADDITIONAL_CONTEXT;
|
||||
|
||||
typedef struct CK_HASH_SIGN_ADDITIONAL_CONTEXT {
|
||||
CK_HEDGE_TYPE hedgeVariant;
|
||||
CK_BYTE_PTR pContext;
|
||||
CK_ULONG ulContextLen;
|
||||
CK_MECHANISM_TYPE hash;
|
||||
} CK_HASH_SIGN_ADDITIONAL_CONTEXT;
|
||||
|
||||
|
||||
/* ML-DSA values for CKA_PARAMETER_SETS */
|
||||
typedef CK_ULONG CK_ML_DSA_PARAMETER_SET_TYPE;
|
||||
#define CKP_ML_DSA_44 0x00000001UL
|
||||
#define CKP_ML_DSA_65 0x00000002UL
|
||||
#define CKP_ML_DSA_87 0x00000003UL
|
||||
|
||||
|
||||
/* Function list types. */
|
||||
typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
|
||||
typedef struct CK_FUNCTION_LIST_3_0 CK_FUNCTION_LIST_3_0;
|
||||
|
||||
@@ -78,6 +78,7 @@ enum Pkcs11KeyType {
|
||||
PKCS11_KEY_TYPE_HMAC,
|
||||
PKCS11_KEY_TYPE_RSA,
|
||||
PKCS11_KEY_TYPE_EC,
|
||||
PKCS11_KEY_TYPE_MLDSA,
|
||||
};
|
||||
|
||||
WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library,
|
||||
|
||||
Reference in New Issue
Block a user