Files
wolfssl/certs/include.am
T
Tobias Frauenschläger 9393d62591 Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
Replace the liboqs-based pre-standardization SPHINCS+ implementation
with the native FIPS 205 SLH-DSA implementation across the
certificate / ASN.1 / X.509 layers, and add SLH-DSA-rooted test
certificates plus TLS 1.3 .conf scenarios that exercise the new
verification path. All liboqs SPHINCS+ code is removed.

This enables SLH-DSA for certificate chain authentication: CA
certificates signed with SLH-DSA, certificate signature verification
against an SLH-DSA root. TLS 1.3 entity authentication via
CertificateVerify with SLH-DSA will be added in a follow-up PR.

Follows RFC 9909 (X.509 Algorithm Identifiers for SLH-DSA) and
NIST FIPS 205. Supports both SHAKE and SHA-2 parameter families
across all twelve standardized variants.

DER codec:
- New PrivateKeyDecode, PublicKeyDecode, KeyToDer, PrivateKeyToDer,
  PublicKeyToDer with RFC 9909 encoding (bare OCTET STRING containing
  4*n raw bytes = SK.seed || SK.prf || PK.seed || PK.root, no nested
  wrapper). OID auto-detection across all twelve SHAKE / SHA-2 variants.
- PublicKeyDecode raw-bytes fast path mirrors wc_Falcon_PublicKeyDecode
  and wc_Dilithium_PublicKeyDecode so callers (notably
  wolfssl_x509_make_der and ConfirmSignature, which pass the raw
  BIT STRING contents stashed by StoreKey) decode correctly. Honours
  the caller's *inOutIdx start offset.
- Error paths in Private/PublicKeyDecode preserve params/flags/
  inOutIdx and only ForceZero the buffer half each helper actually
  writes; skip the wipe entirely on BAD_LENGTH_E (no bytes touched).
- ImportPublic uses |= on flags so a Private-then-Public import
  sequence retains FLAG_PRIVATE.

OID dispatch:
- 12 standardized NIST OIDs (6 SHAKE + 6 SHA-2) per RFC 9909. The
  pre-standardization OID-collision mechanism is removed since NIST
  OIDs do not collide.
- wc_SlhDsaOidToParam / wc_SlhDsaOidToCertType return NOT_COMPILED_IN
  (rather than -1) for recognised SLH-DSA OIDs whose parameter set
  isn't built; wc_IsSlhDsaOid recognises both. The x509 dispatch
  surfaces this as a precise diagnostic instead of the generic
  "No public key found".
- wc_GetKeyOID picks a placeholder parameter from whatever variant is
  compiled in and #errors at compile time if none is.
- asn_orig.c EncodeCert / EncodeCertReq accept SHA-2 SLH-DSA keyTypes
  alongside SHAKE.

Tests and fixtures:
- Test cert chain in certs/slhdsa/: SLH-DSA-SHAKE-128s and
  SLH-DSA-SHA2-128s self-signed roots that sign reused ML-DSA-44
  entity keys (server + client), plus the gen script
  (gen-slhdsa-mldsa-certs.sh, OpenSSL >= 3.5).
- New TLS 1.3 .conf scenarios under tests/suites.c dispatch:
  test-tls13-slhdsa-shake.conf, test-tls13-slhdsa-sha2.conf, and a
  wrong-CA negative test test-tls13-slhdsa-fail.conf.
- DER round-trip and on-disk decode tests; bench_slhdsa_*_key.der
  fixtures regenerated with wolfSSL's own encoder so the codec is
  pinned to RFC 9909.
- New unit test test_wc_slhdsa_x509_i2d_roundtrip exercises the raw
  PublicKeyDecode entry point that wolfssl_x509_make_der relies on.
- test_wc_slhdsa_check_key now tests both Public-then-Private and
  Private-then-Public import orderings.

Build / ABI:
- DYNAMIC_TYPE_SPHINCS = 98 kept as RESERVED with a tombstone comment
  for ABI stability; new code should use DYNAMIC_TYPE_SLHDSA (107).
- All build system / IDE project files updated; SPHINCS+ sources,
  headers, and test data removed.
- Dead bench_slhdsa_*_key arrays removed from gencertbuf.pl and
  certs_test.h; the .der files on disk drive the decode tests.
2026-04-30 18:32:07 +02:00

166 lines
5.7 KiB
Plaintext

# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/ca-cert-chain.der \
certs/ca-cert.pem \
certs/ca-key.pem \
certs/ca-key-pkcs8-attribute.der \
certs/client-cert.pem \
certs/client-keyEnc.pem \
certs/client-key.pem \
certs/client-uri-cert.pem \
certs/client-absolute-urn.pem \
certs/client-relative-uri.pem \
certs/client-crl-dist.pem \
certs/client-crl-dist.der \
certs/ecc-key.pem \
certs/ecc-keyPub.pem \
certs/ecc-params.der \
certs/ecc-params.pem \
certs/ecc-privkey.der \
certs/ecc-privkey.pem \
certs/ecc-privkeyPkcs8.der \
certs/ecc-privkeyPkcs8.pem \
certs/ecc-keyPkcs8Enc.pem \
certs/ecc-keyPkcs8Enc.der \
certs/ecc-key-comp.pem \
certs/ecc-keyPkcs8.pem \
certs/ecc-keyPkcs8.der \
certs/ecc-client-key.pem \
certs/ecc-client-keyPub.pem \
certs/empty-issuer-cert.pem \
certs/client-ecc-cert.pem \
certs/client-ecc-ca-cert.pem \
certs/client-ca.pem \
certs/client-ca-cert.pem \
certs/dh2048.pem \
certs/server-cert.pem \
certs/server-ecc.pem \
certs/server-ecc-self.pem \
certs/server-ecc-comp.pem \
certs/server-ecc-rsa.pem \
certs/server-keyEnc.pem \
certs/server-key.pem \
certs/server-keyPub.der \
certs/server-keyPub.pem \
certs/server-keyPkcs8.der \
certs/server-keyPkcs8Enc12.pem \
certs/server-keyPkcs8Enc2.pem \
certs/server-keyPkcs8Enc.pem \
certs/server-keyPkcs8Enc.der \
certs/server-keyPkcs8.pem \
certs/server-revoked-cert.pem \
certs/server-revoked-key.pem \
certs/wolfssl-website-ca.pem \
certs/test-degenerate.p7b \
certs/test-multiple-recipients.p7b \
certs/test-stream-sign.p7b \
certs/test-stream-dec.p7b \
certs/test-ber-exp02-05-2022.p7b \
certs/test-servercert.p12 \
certs/test-servercert-rc2.p12 \
certs/ecc-rsa-server.p12 \
certs/dsaparams.der \
certs/dsaparams.pem \
certs/ecc-privOnlyKey.pem \
certs/ecc-privOnlyCert.pem \
certs/dh3072.pem \
certs/dh4096.pem \
certs/client-cert-ext.pem \
certs/csr.attr.der \
certs/csr.dsa.der \
certs/csr.dsa.pem \
certs/csr.signed.der \
certs/csr.ext.der \
certs/entity-no-ca-bool-cert.pem \
certs/entity-no-ca-bool-key.pem \
certs/x942dh2048.der \
certs/x942dh2048.pem \
certs/fpki-cert.der \
certs/fpki-certpol-cert.der \
certs/rid-cert.der \
certs/dh-priv-2048.der \
certs/dh-priv-2048.pem \
certs/dh-pub-2048.der \
certs/dh-pub-2048.pem \
certs/dsa2048.pem
EXTRA_DIST += \
certs/aia/ca-issuers-cert.pem \
certs/aia/multi-aia-cert.pem \
certs/aia/overflow-aia-cert.pem
EXTRA_DIST += \
certs/ca-key.der \
certs/ca-cert.der \
certs/client-cert.der \
certs/client-key.der \
certs/client-ecc-cert.der \
certs/client-ecc-ca-cert.der \
certs/client-ca-cert.der \
certs/client-keyPub.der \
certs/client-keyPub.pem \
certs/dh2048.der \
certs/dh3072.der \
certs/dh4096.der \
certs/dh-pubkey-2048.der \
certs/rsa2048.der \
certs/rsa-pub-2048.pem \
certs/rsa3072.der \
certs/dsa2048.der \
certs/dsa3072.der \
certs/dsa-pubkey-2048.der \
certs/ecc-client-key.der \
certs/ecc-client-keyPub.der \
certs/ecc-key.der \
certs/ecc-keyPub.der \
certs/server-key.der \
certs/server-cert.der \
certs/server-ecc-comp.der \
certs/server-ecc.der \
certs/server-ecc-self.der \
certs/server-ecc-rsa.der \
certs/server-cert-chain.der \
certs/client-cert-ext.der
# ECC CA prime256v1
EXTRA_DIST += \
certs/ca-ecc-cert.der \
certs/ca-ecc-cert.pem \
certs/ca-ecc-key.der \
certs/ca-ecc-key.pem
# ECC CA SECP384R1
EXTRA_DIST += \
certs/ca-ecc384-cert.der \
certs/ca-ecc384-cert.pem \
certs/ca-ecc384-key.der \
certs/ca-ecc384-key.pem
dist_doc_DATA+= certs/taoCert.txt
include certs/1024/include.am
include certs/3072/include.am
include certs/4096/include.am
include certs/crl/include.am
include certs/ecc/include.am
include certs/ed25519/include.am
include certs/ed448/include.am
include certs/p521/include.am
include certs/sm2/include.am
include certs/external/include.am
include certs/ocsp/include.am
include certs/statickeys/include.am
include certs/test/include.am
include certs/test-pathlen/include.am
include certs/intermediate/include.am
include certs/falcon/include.am
include certs/rsapss/include.am
include certs/dilithium/include.am
include certs/slhdsa/include.am
include certs/rpk/include.am
include certs/acert/include.am
include certs/mldsa/include.am