mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-29 18:27:29 +02:00
Merge pull request #8639 from anhu/cmake_pq
Fix building ML-KEM and LMS with cmake
This commit is contained in:
Daniel Pouzzner
GitHub
1
.github/workflows/cmake.yml
vendored
1
.github/workflows/cmake.yml
vendored
@ -77,6 +77,7 @@ jobs:
|
||||
-DWOLFSSL_TICKET_NONCE_MALLOC:BOOL=yes -DWOLFSSL_TLS13:BOOL=yes -DWOLFSSL_TLSV12:BOOL=yes \
|
||||
-DWOLFSSL_TLSX:BOOL=yes -DWOLFSSL_TPM:BOOL=yes -DWOLFSSL_CLU:BOOL=yes -DWOLFSSL_USER_SETTINGS:BOOL=no \
|
||||
-DWOLFSSL_USER_SETTINGS_ASM:BOOL=no -DWOLFSSL_WOLFSSH:BOOL=ON -DWOLFSSL_X86_64_BUILD_ASM:BOOL=yes \
|
||||
-DWOLFSSL_MLKEM=1 -DWOLFSSL_LMS=1 -DWOLFSSL_LMSSHA256192=1 -DWOLFSSL_EXPERIMENTAL=1 \
|
||||
-DWOLFSSL_X963KDF:BOOL=yes \
|
||||
-DCMAKE_C_FLAGS="-DWOLFSSL_DTLS_CH_FRAG" \
|
||||
..
|
||||
|
||||
@ -573,10 +573,19 @@ add_option(WOLFSSL_OQS
|
||||
"no" "yes;no")
|
||||
|
||||
# ML-KEM/Kyber
|
||||
add_option(WOLFSSL_MMLKEM
|
||||
add_option(WOLFSSL_MLKEM
|
||||
"Enable the wolfSSL PQ ML-KEM library (default: disabled)"
|
||||
"no" "yes;no")
|
||||
|
||||
# LMS
|
||||
add_option(WOLFSSL_LMS
|
||||
"Enable the PQ LMS Stateful Hash-based Signature Scheme (default: disabled)"
|
||||
"no" "yes;no")
|
||||
|
||||
add_option(WOLFSSL_LMSSHA256192
|
||||
"Enable the LMS SHA_256_192 truncated variant (default: disabled)"
|
||||
"no" "yes;no")
|
||||
|
||||
# Experimental features
|
||||
add_option(WOLFSSL_EXPERIMENTAL
|
||||
"Enable experimental features (default: disabled)"
|
||||
@ -590,7 +599,7 @@ if (WOLFSSL_EXPERIMENTAL)
|
||||
# check if any experimental features are also enabled:
|
||||
set(WOLFSSL_FOUND_EXPERIMENTAL_FEATURE 0)
|
||||
|
||||
set_wolfssl_definitions("WOLFSSL_EXPERIMENTAL_SETTINGS" RESUlT)
|
||||
set_wolfssl_definitions("WOLFSSL_EXPERIMENTAL_SETTINGS" RESULT)
|
||||
|
||||
# Checking for experimental feature: OQS
|
||||
message(STATUS "Looking for WOLFSSL_OQS")
|
||||
@ -605,9 +614,9 @@ if (WOLFSSL_EXPERIMENTAL)
|
||||
list(APPEND WOLFSSL_LINK_LIBS ${OQS_LIBRARY})
|
||||
list(APPEND WOLFSSL_INCLUDE_DIRS ${OQS_INCLUDE_DIR})
|
||||
|
||||
set_wolfssl_definitions("HAVE_LIBOQS" RESUlT)
|
||||
set_wolfssl_definitions("HAVE_TLS_EXTENSIONS" RESUlT)
|
||||
set_wolfssl_definitions("OPENSSL_EXTRA" RESUlT)
|
||||
set_wolfssl_definitions("HAVE_LIBOQS" RESULT)
|
||||
set_wolfssl_definitions("HAVE_TLS_EXTENSIONS" RESULT)
|
||||
set_wolfssl_definitions("OPENSSL_EXTRA" RESULT)
|
||||
|
||||
else()
|
||||
message(STATUS "Checking OQS - not found")
|
||||
@ -617,20 +626,52 @@ if (WOLFSSL_EXPERIMENTAL)
|
||||
message(STATUS "Looking for WOLFSSL_OQS - not found")
|
||||
endif()
|
||||
|
||||
# Checking for experimental feature: Kyber
|
||||
message(STATUS "Looking for WOLFSSL_KYBER")
|
||||
if (WOLFSSL_KYBER)
|
||||
# Checking for experimental feature: WOLFSSL_MLKEM
|
||||
message(STATUS "Looking for WOLFSSL_MLKEM")
|
||||
if (WOLFSSL_MLKEM)
|
||||
set(WOLFSSL_FOUND_EXPERIMENTAL_FEATURE 1)
|
||||
|
||||
message(STATUS "Automatically set related requirements for Kyber:")
|
||||
set_wolfssl_definitions("WOLFSSL_HAVE_MLKEM" RESUlT)
|
||||
set_wolfssl_definitions("WOLFSSL_WC_MLKEM" RESUlT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHA3" RESUlT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHAKE128" RESUlT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHAKE256" RESUlT)
|
||||
message(STATUS "Looking for WOLFSSL_KYBER - found")
|
||||
message(STATUS "Automatically set related requirements for ML-KEM:")
|
||||
add_definitions("-DWOLFSSL_HAVE_MLKEM")
|
||||
add_definitions("-DWOLFSSL_WC_MLKEM")
|
||||
add_definitions("-DWOLFSSL_SHA3")
|
||||
add_definitions("-DWOLFSSL_SHAKE128")
|
||||
add_definitions("-DWOLFSSL_SHAKE256")
|
||||
|
||||
set_wolfssl_definitions("WOLFSSL_HAVE_MLKEM" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_WC_MLKEM" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHA3" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHAKE128" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_SHAKE256" RESULT)
|
||||
message(STATUS "Looking for WOLFSSL_MLKEM - found")
|
||||
else()
|
||||
message(STATUS "Looking for WOLFSSL_KYBER - not found")
|
||||
message(STATUS "Looking for WOLFSSL_MLKEM - not found")
|
||||
endif()
|
||||
|
||||
# Checking for experimental feature: WOLFSSL_LMS
|
||||
message(STATUS "Looking for WOLFSSL_LMS")
|
||||
if (WOLFSSL_LMS)
|
||||
set(WOLFSSL_FOUND_EXPERIMENTAL_FEATURE 2)
|
||||
|
||||
message(STATUS "Automatically set related requirements for LMS")
|
||||
add_definitions("-DWOLFSSL_HAVE_LMS")
|
||||
add_definitions("-DWOLFSSL_WC_LMS")
|
||||
set_wolfssl_definitions("WOLFSSL_HAVE_LMS" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_WC_LMS" RESULT)
|
||||
message(STATUS "Looking for WOLFSSL_LMS - found")
|
||||
# Checking for experimental feature: WOLFSSL_LMSSHA256192
|
||||
if (WOLFSSL_LMSSHA256192)
|
||||
message(STATUS "Automatically set related requirements for LMS SHA256-192")
|
||||
add_definitions("-DWOLFSSL_LMS_SHA256_192")
|
||||
add_definitions("-DWOLFSSL_NO_LMS_SHA256_256")
|
||||
set_wolfssl_definitions("WOLFSSL_LMS_SHA256_192" RESULT)
|
||||
set_wolfssl_definitions("WOLFSSL_NO_LMS_SHA256_256" RESULT)
|
||||
message(STATUS "Looking for WOLFSSL_LMSSHA256192 - found")
|
||||
else()
|
||||
message(STATUS "Looking for WOLFSSL_LMSSHA256192 - not found")
|
||||
endif()
|
||||
else()
|
||||
message(STATUS "Looking for WOLFSSL_LMS - not found")
|
||||
endif()
|
||||
|
||||
# Other experimental feature detection can be added here...
|
||||
@ -643,8 +684,8 @@ if (WOLFSSL_EXPERIMENTAL)
|
||||
endif()
|
||||
|
||||
# Sanity checks
|
||||
if(WOLFSSL_OQS AND WOLFSSL_KYBER)
|
||||
message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_KYBER at the same time.")
|
||||
if(WOLFSSL_OQS AND WOLFSSL_MLKEM)
|
||||
message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_MLKEM at the same time.")
|
||||
endif()
|
||||
|
||||
else()
|
||||
@ -653,8 +694,8 @@ else()
|
||||
if (WOLFSSL_OQS)
|
||||
message(FATAL_ERROR "Error: WOLFSSL_OQS requires WOLFSSL_EXPERIMENTAL at this time.")
|
||||
endif()
|
||||
if(WOLFSSL_KYBER)
|
||||
message(FATAL_ERROR "Error: WOLFSSL_KYBER requires WOLFSSL_EXPERIMENTAL at this time.")
|
||||
if(WOLFSSL_MLKEM)
|
||||
message(FATAL_ERROR "Error: WOLFSSL_MLKEM requires WOLFSSL_EXPERIMENTAL at this time.")
|
||||
endif()
|
||||
endif()
|
||||
|
||||
|
||||
@ -198,14 +198,14 @@ function(generate_build_flags)
|
||||
if(WOLFSSL_XCHACHA OR WOLFSSL_USER_SETTINGS)
|
||||
set(BUILD_XCHACHA "yes" PARENT_SCOPE)
|
||||
endif()
|
||||
if(WOLFSSL_KYBER OR WOLFSSL_USER_SETTINGS)
|
||||
set(BUILD_WC_KYBER "yes" PARENT_SCOPE)
|
||||
if(WOLFSSL_MLKEM OR WOLFSSL_USER_SETTINGS)
|
||||
set(BUILD_WC_MLKEM "yes" PARENT_SCOPE)
|
||||
endif()
|
||||
if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
|
||||
set(BUILD_FALCON "yes" PARENT_SCOPE)
|
||||
set(BUILD_SPHINCS "yes" PARENT_SCOPE)
|
||||
set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
|
||||
set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
|
||||
set(BUILD_EXT_MLKEM "yes" PARENT_SCOPE)
|
||||
set(BUILD_OQS_HELPER "yes" PARENT_SCOPE)
|
||||
endif()
|
||||
if(WOLFSSL_LMS OR WOLFSSL_USER_SETTINGS)
|
||||
@ -811,7 +811,7 @@ function(generate_lib_src_list LIB_SOURCES)
|
||||
list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
|
||||
endif()
|
||||
|
||||
if(BUILD_WC_KYBER)
|
||||
if(BUILD_WC_MLKEM)
|
||||
list(APPEND LIB_SOURCES wolfcrypt/src/wc_mlkem.c)
|
||||
list(APPEND LIB_SOURCES wolfcrypt/src/wc_mlkem_poly.c)
|
||||
|
||||
@ -820,7 +820,7 @@ function(generate_lib_src_list LIB_SOURCES)
|
||||
endif()
|
||||
endif()
|
||||
|
||||
if(BUILD_EXT_KYBER)
|
||||
if(BUILD_EXT_MLKEM)
|
||||
list(APPEND LIB_SOURCES wolfcrypt/src/ext_mlkem.c)
|
||||
endif()
|
||||
|
||||
|
||||
@ -386,6 +386,10 @@ extern "C" {
|
||||
#cmakedefine WOLFSSL_HAVE_LMS
|
||||
#undef WOLFSSL_WC_LMS
|
||||
#cmakedefine WOLFSSL_WC_LMS
|
||||
#undef WOLFSSL_LMS_SHA256_192
|
||||
#cmakedefine WOLFSSL_LMS_SHA256_192
|
||||
#undef WOLFSSL_NO_LMS_SHA256_256
|
||||
#cmakedefine WOLFSSL_NO_LMS_SHA256_256
|
||||
#undef WOLFSSL_HAVE_XMSS
|
||||
#cmakedefine WOLFSSL_HAVE_XMSS
|
||||
#undef WOLFSSL_WC_XMSS
|
||||
|
||||
Reference in New Issue
Block a user