50 Commits

Author SHA1 Message Date
Tobias Frauenschläger 9393d62591 Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
Replace the liboqs-based pre-standardization SPHINCS+ implementation
with the native FIPS 205 SLH-DSA implementation across the
certificate / ASN.1 / X.509 layers, and add SLH-DSA-rooted test
certificates plus TLS 1.3 .conf scenarios that exercise the new
verification path. All liboqs SPHINCS+ code is removed.

This enables SLH-DSA for certificate chain authentication: CA
certificates signed with SLH-DSA, certificate signature verification
against an SLH-DSA root. TLS 1.3 entity authentication via
CertificateVerify with SLH-DSA will be added in a follow-up PR.

Follows RFC 9909 (X.509 Algorithm Identifiers for SLH-DSA) and
NIST FIPS 205. Supports both SHAKE and SHA-2 parameter families
across all twelve standardized variants.

DER codec:
- New PrivateKeyDecode, PublicKeyDecode, KeyToDer, PrivateKeyToDer,
  PublicKeyToDer with RFC 9909 encoding (bare OCTET STRING containing
  4*n raw bytes = SK.seed || SK.prf || PK.seed || PK.root, no nested
  wrapper). OID auto-detection across all twelve SHAKE / SHA-2 variants.
- PublicKeyDecode raw-bytes fast path mirrors wc_Falcon_PublicKeyDecode
  and wc_Dilithium_PublicKeyDecode so callers (notably
  wolfssl_x509_make_der and ConfirmSignature, which pass the raw
  BIT STRING contents stashed by StoreKey) decode correctly. Honours
  the caller's *inOutIdx start offset.
- Error paths in Private/PublicKeyDecode preserve params/flags/
  inOutIdx and only ForceZero the buffer half each helper actually
  writes; skip the wipe entirely on BAD_LENGTH_E (no bytes touched).
- ImportPublic uses |= on flags so a Private-then-Public import
  sequence retains FLAG_PRIVATE.

OID dispatch:
- 12 standardized NIST OIDs (6 SHAKE + 6 SHA-2) per RFC 9909. The
  pre-standardization OID-collision mechanism is removed since NIST
  OIDs do not collide.
- wc_SlhDsaOidToParam / wc_SlhDsaOidToCertType return NOT_COMPILED_IN
  (rather than -1) for recognised SLH-DSA OIDs whose parameter set
  isn't built; wc_IsSlhDsaOid recognises both. The x509 dispatch
  surfaces this as a precise diagnostic instead of the generic
  "No public key found".
- wc_GetKeyOID picks a placeholder parameter from whatever variant is
  compiled in and #errors at compile time if none is.
- asn_orig.c EncodeCert / EncodeCertReq accept SHA-2 SLH-DSA keyTypes
  alongside SHAKE.

Tests and fixtures:
- Test cert chain in certs/slhdsa/: SLH-DSA-SHAKE-128s and
  SLH-DSA-SHA2-128s self-signed roots that sign reused ML-DSA-44
  entity keys (server + client), plus the gen script
  (gen-slhdsa-mldsa-certs.sh, OpenSSL >= 3.5).
- New TLS 1.3 .conf scenarios under tests/suites.c dispatch:
  test-tls13-slhdsa-shake.conf, test-tls13-slhdsa-sha2.conf, and a
  wrong-CA negative test test-tls13-slhdsa-fail.conf.
- DER round-trip and on-disk decode tests; bench_slhdsa_*_key.der
  fixtures regenerated with wolfSSL's own encoder so the codec is
  pinned to RFC 9909.
- New unit test test_wc_slhdsa_x509_i2d_roundtrip exercises the raw
  PublicKeyDecode entry point that wolfssl_x509_make_der relies on.
- test_wc_slhdsa_check_key now tests both Public-then-Private and
  Private-then-Public import orderings.

Build / ABI:
- DYNAMIC_TYPE_SPHINCS = 98 kept as RESERVED with a tombstone comment
  for ABI stability; new code should use DYNAMIC_TYPE_SLHDSA (107).
- All build system / IDE project files updated; SPHINCS+ sources,
  headers, and test data removed.
- Dead bench_slhdsa_*_key arrays removed from gencertbuf.pl and
  certs_test.h; the .der files on disk drive the decode tests.
2026-04-30 18:32:07 +02:00
Daniel Pouzzner a057975347 Merge pull request #10293 from Frauschi/liboqs_removal
Remove liboqs for ML-KEM and ML-DSA, update for Falcon
2026-04-30 09:04:11 -05:00
Tobias Frauenschläger 7a2cf5b655 Remove liboqs for ML-KEM and ML-DSA, update for Falcon 2026-04-30 11:03:06 +02:00
Tobias Frauenschläger e1fefcca4f Remove deprecated liblms and libxmss 2026-04-29 19:52:09 +02:00
Tobias Frauenschläger 540b51eb28 CMake fixes and improvements
* Minor fixes to the CMakeLists.txt
* Add more options to the CMake infrastructure already present in the
  autoconf infrastructure
* An autoconf build now also generates and installs files required to
  consume the installed wolfssl library via CMake.
* Added test for autoconf-CMake interworking

Work is mostly done by Codex and Curser.
2026-02-02 10:26:58 +01:00
Anthony Hu 0771bc42d6 Deprecate LMS and XMSS integrations. 2025-11-10 15:13:06 -05:00
Anthony Hu c7e054a7a7 Rename ML-KEM hybrids to match IETF Draft. 2025-07-25 13:27:26 -04:00
Anthony Hu 41d8eabb33 Update INSTALL file regarding PQ 2025-02-04 13:28:05 -05:00
David Garske a9be38eaf0 Improve wolfssl/options.h issues. Fixes #7853. 2024-08-15 15:49:43 -07:00
jordan 34f349e510 Used codespell and fixed obvious typos. 2023-11-01 10:35:12 -05:00
jordan 60fea5ee5c XMSS/XMSSMT hooks support: small update for requested changes. 2023-10-11 21:29:45 -05:00
jordan f32c6a0d25 XMSS/XMSSMT hooks support: fix build. 2023-10-09 10:13:32 -05:00
jordan 33d4b331fb Add XMSS/XMSSMT wolfCrypt hooks. 2023-10-05 09:18:50 -05:00
gojimmypi 5830f921fa ARIA cipher cmake (#6600)
* ARIA Cipher CMake support
2023-09-19 10:57:02 -07:00
jordan 03088b2946 LMS verify-only support: tiny correction to INSTALL. 2023-08-30 21:02:50 -05:00
jordan bbf105f8dc LMS verify-only support: update INSTALL. 2023-08-29 16:37:21 -05:00
Juliusz Sosinowicz 7a12202675 Init deb packaging
- rpm: Simplify script and list wolfSSL as packager
- add packaging github action
2023-08-23 22:01:12 +02:00
Anthony Hu 54ab1b1113 Document that we integrate with liboqs 0.8.0 2023-08-03 10:23:12 -04:00
jordan 4c125ece77 LMS: cleanup INSTALL, and cap threads to 4. 2023-07-11 15:04:51 -05:00
jordan d7c3a176e2 LMS cleanup. 2023-07-10 23:43:07 -05:00
jordan 55bbd5865c LMS/HSS: cleanup, and safer write/read callbacks 2023-07-07 15:30:50 -05:00
jordan 67bef21185 Add LMS/HSS wolfCrypt hooks. 2023-07-06 10:55:53 -05:00
Anthony Hu 0bfa5c9836 Purge NTRU and SABER. Not going to be standardized. 2022-11-25 14:54:08 -05:00
David Garske aa036b6ea4 Merge pull request #5532 from anhu/sphincs
Add sphincs to wolfCrypt.
2022-09-02 11:56:11 -07:00
Anthony Hu 10ce703d71 Add sphincs to wolfCrypt.
Note that we will not support sphincs in TLS so nothing above wolfcrypt changes.
2022-09-02 11:53:55 -04:00
David Garske f0812fa21f Added vcpkg instructions to the INSTALL file. 2022-08-31 11:41:43 -07:00
Eric Blankenhorn 5e5a389afb Remove deprecated VS solution 2022-02-07 17:14:41 -06:00
Anthony Hu 7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC
AKA: The Great Rename of December 2021
2021-12-20 11:48:03 -05:00
David Garske a626a4fb02 Fixes for spelling errors. 2021-11-12 10:27:49 -08:00
Anthony Hu 6f9e501f45 Changes suggest by Lealem after he tried the instructions. 2021-11-04 11:00:18 -04:00
Anthony Hu dbe3e550b0 Correct the directory to pq in reference to wolfssl-examples 2021-11-02 15:35:39 -04:00
Anthony Hu 81def76b18 The NIST round 3 Falcon Signature Scheme integration. 2021-11-02 11:12:10 -04:00
Lealem Amedie 4084928d93 Slight changes to liboqs documentation in INSTALL and example client/server 2021-10-02 13:14:32 -06:00
Anthony Hu 833c9d3f71 Fix INSTALL file to specify levels. 2021-09-30 09:43:32 -04:00
Kareem 9a438ce289 liboqs integration using keyshare/supported_groups extensions in TLS 1.3 2021-08-27 13:56:53 -04:00
Hayden Roche 8f6c21d600 CMake improvements.
- Begin adding options to enable/disable different features.
- Increase minimum CMake version to 3.2.
- Support installation of the built files.
- Add checks for necessary include files, functions etc.
- Generate options.h and config.h.
- Use GNUInstallDirs to support installation, which is designed to be somewhat
  cross-platform.
- Export wolfssl CMake target during installation, so others using CMake can
  link against wolfssl easily.
- Disallow in-source builds.
- Place the generation of BUILD_* flags (controlled with AM_CONDITIONALs
  in configure.ac) in a separate function in functions.cmake,
  generate_build_flags.
- Implement the logic to conditionally add source files from
  src/include.am in a function in functions.cmake, generate_lib_src_list.
- Exclude tls_bench from Windows. Doesn't compile with MSVC. WIP.
- Update INSTALL with latest CMake build instructions.
- Add a cmake/include.am to ensure CMake files get added to the distribution.
2020-11-13 11:25:04 -06:00
Kareem Abuobeid 0a791a957e Added instructions for building for Apple ARM64. 2020-09-29 15:12:34 -07:00
David Garske db20fb6ca1 Fixes for using CMake with Visual Studio. Improvements to documentation for portability. 2020-07-30 16:44:36 -07:00
David Garske 8b25b48621 Improvements to CMake support based on feedback from users. 2020-07-27 12:13:08 -07:00
David Garske 9a281e5e3a Adds CMake support to wolfSSL:
* Build wolfSSL as a library and builds all examples / tests.
* Added instructions in the INSTALL file.
* Fix for evp.c when being included directly due to improperly placed `WOLFSSL_EVP_INCLUDED`.
2020-07-27 11:04:37 -07:00
Chris Conlon 06d6b06928 add Yocto Project / OpenEmbedded build instructions to INSTALL file 2018-12-10 16:48:14 -07:00
John Safranek 5c636b4f4a update INSTALL with VS-ARM build 2017-10-02 12:00:11 -07:00
lchristina26 f7baf9e392 settings for Arduino functionality 2016-01-08 11:54:46 -07:00
David Garske f26a9f8a70 Updated the INSTALL file with section for building with Rowley CrossWorks and updated the prerequisites for building with *nix. 2015-10-20 09:44:04 -07:00
toddouska 6cced22256 add INSTALL, basic build instructions and locations for more info 2015-02-26 13:48:57 -08:00
Todd A Ouska 07dd300100 remove autoconf generated files from tracking that keep changing when people have different versions of the toolset 2011-08-04 16:31:12 -07:00
Chris Conlon ebc52e6941 Corrected spelling mistakes, formatting 2011-08-04 16:42:55 -06:00
Todd A Ouska 487c2b6e23 older xcode autoconf 2011-07-26 13:42:40 -07:00
Chris Conlon 667162df1b Add headers to examples and .i files 2011-07-26 13:27:22 -07:00
Todd A Ouska 6b88eb05b1 1.8.8 init 2011-02-05 11:14:47 -08:00