wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

liboqs: add RNG support for dilithium

Browse Source 
Added a RNG argument to the wc_dilithium_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
This commit is contained in:
Tobias Frauenschläger
2023-11-22 17:16:13 +01:00
parent 755c385b1f
commit ec86a86096
5 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/tls13.c
View File

@ -8896,7 +8896,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
ret = wc_dilithium_sign_msg(args->sigData, args->sigDataSz, ret = wc_dilithium_sign_msg(args->sigData, args->sigDataSz,
args->verify + HASH_SIG_SIZE + args->verify + HASH_SIG_SIZE +
VERIFY_HEADER, (word32*)&sig->length, VERIFY_HEADER, (word32*)&sig->length,
(dilithium_key*)ssl->hsKey); (dilithium_key*)ssl->hsKey, ssl->rng);
args->length = (word16)sig->length; args->length = (word16)sig->length;
} }
#endif #endif

2
wolfcrypt/benchmark/benchmark.c
View File

@ -11909,7 +11909,7 @@ void bench_dilithiumKeySign(byte level)
x = DILITHIUM_LEVEL5_SIG_SIZE; x = DILITHIUM_LEVEL5_SIG_SIZE;
} }
ret = wc_dilithium_sign_msg(msg, sizeof(msg), sig, &x, &key); ret = wc_dilithium_sign_msg(msg, sizeof(msg), sig, &x, &key, GLOBAL_RNG);
if (ret != 0) { if (ret != 0) {
printf("wc_dilithium_sign_msg failed\n"); printf("wc_dilithium_sign_msg failed\n");
} }

2
wolfcrypt/src/asn.c
View File

@ -28906,7 +28906,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey && if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
dilithiumKey) { dilithiumKey) {
word32 outSz = sigSz; word32 outSz = sigSz;
ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey); ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey, rng);
if (ret == 0) if (ret == 0)
ret = outSz; ret = outSz;
} }

8
wolfcrypt/src/dilithium.c
View File

@ -59,7 +59,7 @@
*/ */
int wc_dilithium_sign_msg(const byte* in, word32 inLen, int wc_dilithium_sign_msg(const byte* in, word32 inLen,
byte* out, word32 *outLen, byte* out, word32 *outLen,
dilithium_key* key) dilithium_key* key, WC_RNG* rng)
{ {
int ret = 0; int ret = 0;
#ifdef HAVE_LIBOQS #ifdef HAVE_LIBOQS
@ -107,6 +107,10 @@ int wc_dilithium_sign_msg(const byte* in, word32 inLen,
localOutLen = *outLen; localOutLen = *outLen;
} }
if (ret == 0) {
ret = wolfSSL_liboqsRngMutexLock(rng);
}
if ((ret == 0) && if ((ret == 0) &&
(OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k) (OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
== OQS_ERROR)) { == OQS_ERROR)) {
@ -117,6 +121,8 @@ int wc_dilithium_sign_msg(const byte* in, word32 inLen,
*outLen = (word32)localOutLen; *outLen = (word32)localOutLen;
} }
wolfSSL_liboqsRngMutexUnlock();
if (oqssig != NULL) { if (oqssig != NULL) {
OQS_SIG_free(oqssig); OQS_SIG_free(oqssig);
} }

3
wolfssl/wolfcrypt/dilithium.h
View File

@ -35,6 +35,7 @@
#ifdef HAVE_LIBOQS #ifdef HAVE_LIBOQS
#include <oqs/oqs.h> #include <oqs/oqs.h>
#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
@ -84,7 +85,7 @@ struct dilithium_key {
WOLFSSL_API WOLFSSL_API
int wc_dilithium_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, int wc_dilithium_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
dilithium_key* key); dilithium_key* key, WC_RNG* rng);
WOLFSSL_API WOLFSSL_API
int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, dilithium_key* key); word32 msgLen, int* res, dilithium_key* key);