WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

LMS: cleanup INSTALL, and cap threads to 4.

pull/6564/head
jordan 2023-07-11 15:04:51 -05:00
parent d7c3a176e2
commit 4c125ece77
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
INSTALL
View File

@ -258,8 +258,10 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL]
Using LMS/HSS requires that the hash-sigs lib has been built on
your system. At present we support the current master branch of
the hash-sigs project.
your system. We support hash-sigs lib at this git commit:
b0631b8891295bf2929e68761205337b7c031726
At the time of writing this, this is the HEAD of the master
branch of the hash-sigs project.
Currently the hash-sigs project only builds static libraries:
- hss_lib.a: a single-threaded static lib.
@ -282,6 +284,7 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
$ cd ~/hash_sigs
$ git clone https://github.com/cisco/hash-sigs.git src
$ cd src
$ git checkout b0631b8891295bf2929e68761205337b7c031726
In sha256.h, set USE_OPENSSL to 0:
#define USE_OPENSSL 0

12
wolfcrypt/src/ext_lms.c
View File

@ -37,6 +37,16 @@
#include <wolfcrypt/src/misc.c>
#endif
/* If built against hss_lib_thread.a, the hash-sigs lib will spawn
* worker threads to parallelize cpu intensive tasks. This will mainly
* speedup key generation and signing, and to a lesser extent
* verifying for larger levels values.
*
* Their default max is 16 worker threads, but can be capped with
* hss_extra_info_set_threads(). To be safe we are capping at 4 here.
* */
#define EXT_LMS_MAX_THREADS (4)
/* The hash-sigs hss_generate_private_key API requires a generate_random
* callback that only has output and length args. The RNG struct must be global
* to the function. Maybe there should be a wc_LmsKey_SetRngCb. */
@ -347,7 +357,9 @@ int wc_LmsKey_Init_ex(LmsKey * key, int levels, int height,
key->lm_ots_type[i] = ots;
}
/* Set the max number of worker threads that hash-sigs can spawn. */
hss_init_extra_info(&key->info);
hss_extra_info_set_threads(&key->info, EXT_LMS_MAX_THREADS);
key->working_key = NULL;
key->write_private_key = NULL;