Files
wolfssl/IDE/INTIME-RTOS/libwolfssl.vcxproj
T
Tobias Frauenschläger 9393d62591 Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
Replace the liboqs-based pre-standardization SPHINCS+ implementation
with the native FIPS 205 SLH-DSA implementation across the
certificate / ASN.1 / X.509 layers, and add SLH-DSA-rooted test
certificates plus TLS 1.3 .conf scenarios that exercise the new
verification path. All liboqs SPHINCS+ code is removed.

This enables SLH-DSA for certificate chain authentication: CA
certificates signed with SLH-DSA, certificate signature verification
against an SLH-DSA root. TLS 1.3 entity authentication via
CertificateVerify with SLH-DSA will be added in a follow-up PR.

Follows RFC 9909 (X.509 Algorithm Identifiers for SLH-DSA) and
NIST FIPS 205. Supports both SHAKE and SHA-2 parameter families
across all twelve standardized variants.

DER codec:
- New PrivateKeyDecode, PublicKeyDecode, KeyToDer, PrivateKeyToDer,
  PublicKeyToDer with RFC 9909 encoding (bare OCTET STRING containing
  4*n raw bytes = SK.seed || SK.prf || PK.seed || PK.root, no nested
  wrapper). OID auto-detection across all twelve SHAKE / SHA-2 variants.
- PublicKeyDecode raw-bytes fast path mirrors wc_Falcon_PublicKeyDecode
  and wc_Dilithium_PublicKeyDecode so callers (notably
  wolfssl_x509_make_der and ConfirmSignature, which pass the raw
  BIT STRING contents stashed by StoreKey) decode correctly. Honours
  the caller's *inOutIdx start offset.
- Error paths in Private/PublicKeyDecode preserve params/flags/
  inOutIdx and only ForceZero the buffer half each helper actually
  writes; skip the wipe entirely on BAD_LENGTH_E (no bytes touched).
- ImportPublic uses |= on flags so a Private-then-Public import
  sequence retains FLAG_PRIVATE.

OID dispatch:
- 12 standardized NIST OIDs (6 SHAKE + 6 SHA-2) per RFC 9909. The
  pre-standardization OID-collision mechanism is removed since NIST
  OIDs do not collide.
- wc_SlhDsaOidToParam / wc_SlhDsaOidToCertType return NOT_COMPILED_IN
  (rather than -1) for recognised SLH-DSA OIDs whose parameter set
  isn't built; wc_IsSlhDsaOid recognises both. The x509 dispatch
  surfaces this as a precise diagnostic instead of the generic
  "No public key found".
- wc_GetKeyOID picks a placeholder parameter from whatever variant is
  compiled in and #errors at compile time if none is.
- asn_orig.c EncodeCert / EncodeCertReq accept SHA-2 SLH-DSA keyTypes
  alongside SHAKE.

Tests and fixtures:
- Test cert chain in certs/slhdsa/: SLH-DSA-SHAKE-128s and
  SLH-DSA-SHA2-128s self-signed roots that sign reused ML-DSA-44
  entity keys (server + client), plus the gen script
  (gen-slhdsa-mldsa-certs.sh, OpenSSL >= 3.5).
- New TLS 1.3 .conf scenarios under tests/suites.c dispatch:
  test-tls13-slhdsa-shake.conf, test-tls13-slhdsa-sha2.conf, and a
  wrong-CA negative test test-tls13-slhdsa-fail.conf.
- DER round-trip and on-disk decode tests; bench_slhdsa_*_key.der
  fixtures regenerated with wolfSSL's own encoder so the codec is
  pinned to RFC 9909.
- New unit test test_wc_slhdsa_x509_i2d_roundtrip exercises the raw
  PublicKeyDecode entry point that wolfssl_x509_make_der relies on.
- test_wc_slhdsa_check_key now tests both Public-then-Private and
  Private-then-Public import orderings.

Build / ABI:
- DYNAMIC_TYPE_SPHINCS = 98 kept as RESERVED with a tombstone comment
  for ABI stability; new code should use DYNAMIC_TYPE_SLHDSA (107).
- All build system / IDE project files updated; SPHINCS+ sources,
  headers, and test data removed.
- Dead bench_slhdsa_*_key arrays removed from gencertbuf.pl and
  certs_test.h; the .der files on disk drive the decode tests.
2026-04-30 18:32:07 +02:00

235 lines
13 KiB
XML

<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|INtime">
<Configuration>Debug</Configuration>
<Platform>INtime</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|INtime">
<Configuration>Release</Configuration>
<Platform>INtime</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<Text Include="README.md" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="libwolfssl.c" />
<ClCompile Include="..\..\src\crl.c" />
<ClCompile Include="..\..\src\dtls13.c" />
<ClCompile Include="..\..\src\dtls.c" />
<ClCompile Include="..\..\src\internal.c" />
<ClCompile Include="..\..\src\wolfio.c" />
<ClCompile Include="..\..\src\keys.c" />
<ClCompile Include="..\..\src\ocsp.c" />
<ClCompile Include="..\..\src\sniffer.c" />
<ClCompile Include="..\..\src\ssl.c" />
<ClCompile Include="..\..\src\tls.c" />
<ClCompile Include="..\..\src\tls13.c" />
<ClCompile Include="..\..\wolfcrypt\src\aes.c" />
<ClCompile Include="..\..\wolfcrypt\src\arc4.c" />
<ClCompile Include="..\..\wolfcrypt\src\asm.c" />
<ClCompile Include="..\..\wolfcrypt\src\asn.c" />
<ClCompile Include="..\..\wolfcrypt\src\blake2b.c" />
<ClCompile Include="..\..\wolfcrypt\src\blake2s.c" />
<ClCompile Include="..\..\wolfcrypt\src\camellia.c" />
<ClCompile Include="..\..\wolfcrypt\src\chacha.c" />
<ClCompile Include="..\..\wolfcrypt\src\chacha20_poly1305.c" />
<ClCompile Include="..\..\wolfcrypt\src\cmac.c" />
<ClCompile Include="..\..\wolfcrypt\src\coding.c" />
<ClCompile Include="..\..\wolfcrypt\src\compress.c" />
<ClCompile Include="..\..\wolfcrypt\src\curve25519.c" />
<ClCompile Include="..\..\wolfcrypt\src\cpuid.c" />
<ClCompile Include="..\..\wolfcrypt\src\cryptocb.c" />
<ClCompile Include="..\..\wolfcrypt\src\des3.c" />
<ClCompile Include="..\..\wolfcrypt\src\dilithium.c" />
<ClCompile Include="..\..\wolfcrypt\src\dh.c" />
<ClCompile Include="..\..\wolfcrypt\src\dsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\ecc.c" />
<ClCompile Include="..\..\wolfcrypt\src\ed25519.c" />
<ClCompile Include="..\..\wolfcrypt\src\ed448.c" />
<ClCompile Include="..\..\wolfcrypt\src\error.c" />
<!--ClCompile Include="..\..\wolfcrypt\src\ext_kyber.c" /-->
<ClCompile Include="..\..\wolfcrypt\src\falcon.c" />
<ClCompile Include="..\..\wolfcrypt\src\fe_448.c" />
<ClCompile Include="..\..\wolfcrypt\src\fe_low_mem.c" />
<ClCompile Include="..\..\wolfcrypt\src\fe_operations.c" />
<ClCompile Include="..\..\wolfcrypt\src\ge_448.c" />
<ClCompile Include="..\..\wolfcrypt\src\ge_low_mem.c" />
<ClCompile Include="..\..\wolfcrypt\src\ge_operations.c" />
<ClCompile Include="..\..\wolfcrypt\src\hash.c" />
<ClCompile Include="..\..\wolfcrypt\src\kdf.c" />
<!--ClCompile Include="..\..\wolfcrypt\src\wc_kyber.c" /-->
<!--ClCompile Include="..\..\wolfcrypt\src\wc_kyber_poly.c" /-->
<ClCompile Include="..\..\wolfcrypt\src\hmac.c" />
<ClCompile Include="..\..\wolfcrypt\src\integer.c" />
<ClCompile Include="..\..\wolfcrypt\src\logging.c" />
<ClCompile Include="..\..\wolfcrypt\src\md2.c" />
<ClCompile Include="..\..\wolfcrypt\src\md4.c" />
<ClCompile Include="..\..\wolfcrypt\src\md5.c" />
<ClCompile Include="..\..\wolfcrypt\src\memory.c" />
<ClCompile Include="..\..\wolfcrypt\src\pkcs12.c" />
<ClCompile Include="..\..\wolfcrypt\src\pkcs7.c" />
<ClCompile Include="..\..\wolfcrypt\src\poly1305.c" />
<ClCompile Include="..\..\wolfcrypt\src\pwdbased.c" />
<ClCompile Include="..\..\wolfcrypt\src\random.c" />
<ClCompile Include="..\..\wolfcrypt\src\rc2.c" />
<ClCompile Include="..\..\wolfcrypt\src\ripemd.c" />
<ClCompile Include="..\..\wolfcrypt\src\rsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha256.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha3.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha512.c" />
<ClCompile Include="..\..\wolfcrypt\src\signature.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_c32.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_c64.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_int.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_x86_64.c" />
<ClCompile Include="..\..\wolfcrypt\src\srp.c" />
<ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_port.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_pkcs11.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_slhdsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\port\liboqs\liboqs.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="user_settings.h" />
<ClInclude Include="..\..\wolfssl\callbacks.h" />
<ClInclude Include="..\..\wolfssl\certs_test.h" />
<ClInclude Include="..\..\wolfssl\crl.h" />
<ClInclude Include="..\..\wolfssl\error-ssl.h" />
<ClInclude Include="..\..\wolfssl\internal.h" />
<ClInclude Include="..\..\wolfssl\ocsp.h" />
<ClInclude Include="..\..\wolfssl\options.h" />
<ClInclude Include="..\..\wolfssl\sniffer.h" />
<ClInclude Include="..\..\wolfssl\sniffer_error.h" />
<ClInclude Include="..\..\wolfssl\ssl.h" />
<ClInclude Include="..\..\wolfssl\test.h" />
<ClInclude Include="..\..\wolfssl\version.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\aes.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\arc4.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\asn.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\asn_public.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\async.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\blake2-impl.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\blake2-int.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\blake2.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\camellia.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\chacha.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\chacha20_poly1305.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\cmac.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\coding.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\compress.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\curve25519.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\des3.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\dh.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\dsa.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\ecc.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\ed25519.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\error-crypt.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\fe_operations.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\fips_test.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\ge_operations.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\hash.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\hmac.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\integer.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\logging.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\md2.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\md4.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\md5.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\memory.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\mem_track.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\misc.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\mpi_class.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\mpi_superclass.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\pkcs12.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\pkcs7.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\poly1305.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\pwdbased.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\random.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\ripemd.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\rsa.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\settings.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\sha.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\sha256.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\sha512.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\signature.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\srp.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\tfm.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\types.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\visibility.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_encrypt.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_port.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_slhdsa.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wolfevent.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wolfmath.h" />
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{1731767D-573F-45C9-A466-191DA0D180CF}</ProjectGuid>
<WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<CharacterSet>NotSet</CharacterSet>
<PlatformToolset>v142</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<WholeProgramOptimization>false</WholeProgramOptimization>
<CharacterSet>NotSet</CharacterSet>
<PlatformToolset>v142</PlatformToolset>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
<IntDir>$(Configuration)_$(ProjectName)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
<IntDir>$(Configuration)_$(ProjectName)\</IntDir>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
<ClCompile>
</ClCompile>
<Link>
<Version>21076.20052</Version>
<AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
<AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib</AdditionalDependencies>
<OutputFile>$(SolutionDir)$(Configuration)\\libwolfssl.rsl</OutputFile>
</Link>
<ClCompile>
<ExceptionHandling>Async</ExceptionHandling>
<PreprocessorDefinitions>_USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;_USE_64BIT_TIME_T;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
<ClCompile>
</ClCompile>
<Link>
<Version>21076.20052</Version>
<AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
<AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib</AdditionalDependencies>
<OutputFile>$(SolutionDir)$(Configuration)\\libwolfssl.rsl</OutputFile>
</Link>
<ClCompile>
<ExceptionHandling>Async</ExceptionHandling>
<PreprocessorDefinitions>_USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;_USE_64BIT_TIME_T;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>