WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #8016 from SparkiDev/dilithium_draft_final_fix 

Dilithium: Final and draft available in one build
pull/8038/head
Daniel Pouzzner 2024-10-02 14:02:00 -05:00 committed by GitHub
parent 24d1b11993 50bbdbbe42
commit e814d1baea
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 1759 additions and 325 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

870
tests/api.c
View File

File diff suppressed because it is too large Load Diff

495
wolfcrypt/src/asn.c
View File

@ -4233,6 +4233,7 @@ static word32 SetBitString16Bit(word16 val, byte* output)
static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 9};
#endif /* HAVE_FACON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */
static const byte sigDilithium_Level2Oid[] =
{43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4};
@ -4244,6 +4245,19 @@ static word32 SetBitString16Bit(word16 val, byte* output)
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */
static const byte sigDilithium_Level5Oid[] =
{43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7};
#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
/* ML-DSA Level 2: 2.16.840.1.101.3.4.3.17 */
static const byte sigMlDsa_Level2Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 17};
/* ML-DSA Level 3: 2.16.840.1.101.3.4.3.18 */
static const byte sigMlDsa_Level3Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 18};
/* ML-DSA Level 5: 2.16.840.1.101.3.4.3.19 */
static const byte sigMlDsa_Level5Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 19};
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
/* Sphincs Fast Level 1: 1 3 9999 6 7 4 */
@ -4307,6 +4321,7 @@ static word32 SetBitString16Bit(word16 val, byte* output)
static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 9};
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */
static const byte keyDilithium_Level2Oid[] =
{43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4};
@ -4318,6 +4333,19 @@ static word32 SetBitString16Bit(word16 val, byte* output)
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */
static const byte keyDilithium_Level5Oid[] =
{43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7};
#endif
/* ML-DSA Level 2: 2.16.840.1.101.3.4.3.17 */
static const byte keyMlDsa_Level2Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 17};
/* ML-DSA Level 3: 2.16.840.1.101.3.4.3.18 */
static const byte keyMlDsa_Level3Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 18};
/* ML-DSA Level 5: 2.16.840.1.101.3.4.3.19 */
static const byte keyMlDsa_Level5Oid[] =
{96, 134, 72, 1, 101, 3, 4, 3, 19};
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
/* Sphincs Fast Level 1: 1 3 9999 6 7 4 */
@ -4861,7 +4889,8 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
*oidSz = sizeof(sigFalcon_Level5Oid);
break;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case CTC_DILITHIUM_LEVEL2:
oid = sigDilithium_Level2Oid;
*oidSz = sizeof(sigDilithium_Level2Oid);
@ -4874,7 +4903,20 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
oid = sigDilithium_Level5Oid;
*oidSz = sizeof(sigDilithium_Level5Oid);
break;
#endif /* HAVE_DILITHIUM */
#endif
case CTC_ML_DSA_LEVEL2:
oid = sigMlDsa_Level2Oid;
*oidSz = sizeof(sigMlDsa_Level2Oid);
break;
case CTC_ML_DSA_LEVEL3:
oid = sigMlDsa_Level3Oid;
*oidSz = sizeof(sigMlDsa_Level3Oid);
break;
case CTC_ML_DSA_LEVEL5:
oid = sigMlDsa_Level5Oid;
*oidSz = sizeof(sigMlDsa_Level5Oid);
break;
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
case CTC_SPHINCS_FAST_LEVEL1:
oid = sigSphincsFast_Level1Oid;
@ -4972,7 +5014,8 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
*oidSz = sizeof(keyFalcon_Level5Oid);
break;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
oid = keyDilithium_Level2Oid;
*oidSz = sizeof(keyDilithium_Level2Oid);
@ -4985,7 +5028,20 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
oid = keyDilithium_Level5Oid;
*oidSz = sizeof(keyDilithium_Level5Oid);
break;
#endif /* HAVE_DILITHIUM */
#endif
case ML_DSA_LEVEL2k:
oid = keyMlDsa_Level2Oid;
*oidSz = sizeof(keyMlDsa_Level2Oid);
break;
case ML_DSA_LEVEL3k:
oid = keyMlDsa_Level3Oid;
*oidSz = sizeof(keyMlDsa_Level3Oid);
break;
case ML_DSA_LEVEL5k:
oid = keyMlDsa_Level5Oid;
*oidSz = sizeof(keyMlDsa_Level5Oid);
break;
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
case SPHINCS_FAST_LEVEL1k:
oid = keySphincsFast_Level1Oid;
@ -7712,9 +7768,15 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && !defined(WOLFSSL_DILITHIUM_NO_ASN1)
if ((ks == DILITHIUM_LEVEL2k) ||
(ks == DILITHIUM_LEVEL3k) ||
(ks == DILITHIUM_LEVEL5k)) {
if ((ks == ML_DSA_LEVEL2k) ||
(ks == ML_DSA_LEVEL3k) ||
(ks == ML_DSA_LEVEL5k)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (ks == DILITHIUM_LEVEL2k)
|| (ks == DILITHIUM_LEVEL3k)
|| (ks == DILITHIUM_LEVEL5k)
#endif
) {
#ifdef WOLFSSL_SMALL_STACK
dilithium_key* key_pair = NULL;
#else
@ -7736,15 +7798,27 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
return ret;
}
if (ks == DILITHIUM_LEVEL2k) {
ret = wc_dilithium_set_level(key_pair, 2);
if (ks == ML_DSA_LEVEL2k) {
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_44);
}
else if (ks == ML_DSA_LEVEL3k) {
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_65);
}
else if (ks == ML_DSA_LEVEL5k) {
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_87);
}
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (ks == DILITHIUM_LEVEL2k) {
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_44_DRAFT);
}
else if (ks == DILITHIUM_LEVEL3k) {
ret = wc_dilithium_set_level(key_pair, 3);
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_65_DRAFT);
}
else if (ks == DILITHIUM_LEVEL5k) {
ret = wc_dilithium_set_level(key_pair, 5);
ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_87_DRAFT);
}
#endif
if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK
@ -8230,31 +8304,28 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
if (wc_dilithium_init(dilithium) != 0) {
tmpIdx = 0;
if (wc_dilithium_set_level(dilithium, 2)
== 0) {
if (wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) {
if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium,
keySz) == 0) {
*algoID = DILITHIUM_LEVEL2k;
keySz) == 0) {
*algoID = ML_DSA_LEVEL2k;
}
else {
WOLFSSL_MSG("Not Dilithium Level 2 DER key");
}
}
else if (wc_dilithium_set_level(dilithium, 3)
== 0) {
else if (wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) {
if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium,
keySz) == 0) {
*algoID = DILITHIUM_LEVEL3k;
keySz) == 0) {
*algoID = ML_DSA_LEVEL3k;
}
else {
WOLFSSL_MSG("Not Dilithium Level 3 DER key");
}
}
else if (wc_dilithium_set_level(dilithium, 5)
== 0) {
else if (wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) {
if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium,
keySz) == 0) {
*algoID = DILITHIUM_LEVEL5k;
keySz) == 0) {
*algoID = ML_DSA_LEVEL5k;
}
else {
WOLFSSL_MSG("Not Dilithium Level 5 DER key");
@ -12749,16 +12820,15 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
break;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
cert->pkCurveOID = DILITHIUM_LEVEL2k;
ret = StoreKey(cert, source, &srcIdx, maxIdx);
break;
case DILITHIUM_LEVEL3k:
cert->pkCurveOID = DILITHIUM_LEVEL3k;
ret = StoreKey(cert, source, &srcIdx, maxIdx);
break;
case DILITHIUM_LEVEL5k:
cert->pkCurveOID = DILITHIUM_LEVEL5k;
#endif
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
cert->pkCurveOID = cert->keyOID;
ret = StoreKey(cert, source, &srcIdx, maxIdx);
break;
#endif /* HAVE_DILITHIUM */
@ -16119,9 +16189,14 @@ static WC_INLINE int IsSigAlgoECC(word32 algoOID)
|| (algoOID == FALCON_LEVEL5k)
#endif
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (algoOID == DILITHIUM_LEVEL2k)
|| (algoOID == DILITHIUM_LEVEL3k)
|| (algoOID == DILITHIUM_LEVEL5k)
#endif
|| (algoOID == ML_DSA_LEVEL2k)
|| (algoOID == ML_DSA_LEVEL3k)
|| (algoOID == ML_DSA_LEVEL5k)
#endif
#ifdef HAVE_SPHINCS
|| (algoOID == SPHINCS_FAST_LEVEL1k)
@ -16480,9 +16555,14 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
case DILITHIUM_LEVEL3k:
case DILITHIUM_LEVEL5k:
#endif
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
wc_dilithium_free(sigCtx->key.dilithium);
XFREE(sigCtx->key.dilithium, sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM);
@ -16654,9 +16734,14 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
break;
#endif
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case CTC_DILITHIUM_LEVEL2:
case CTC_DILITHIUM_LEVEL3:
case CTC_DILITHIUM_LEVEL5:
#endif
case CTC_ML_DSA_LEVEL2:
case CTC_ML_DSA_LEVEL3:
case CTC_ML_DSA_LEVEL5:
/* Hashes done in signing operation. */
break;
#endif
@ -17108,83 +17193,55 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
#if defined(HAVE_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
!defined(WOLFSSL_DILITHIUM_NO_ASN1)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
{
word32 idx = 0;
sigCtx->verify = 0;
sigCtx->key.dilithium =
(dilithium_key*)XMALLOC(sizeof(dilithium_key),
sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM);
if (sigCtx->key.dilithium == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium,
sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs;
}
if ((ret = wc_dilithium_set_level(
sigCtx->key.dilithium, 2))
< 0) {
goto exit_cs;
}
if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx,
sigCtx->key.dilithium, keySz)) < 0) {
WOLFSSL_MSG("ASN Key import error Dilithium Level 2");
goto exit_cs;
}
break;
}
case DILITHIUM_LEVEL3k:
{
word32 idx = 0;
sigCtx->verify = 0;
sigCtx->key.dilithium =
(dilithium_key*)XMALLOC(sizeof(dilithium_key),
sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM);
if (sigCtx->key.dilithium == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium,
sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs;
}
if ((ret = wc_dilithium_set_level(
sigCtx->key.dilithium, 3))
< 0) {
goto exit_cs;
}
if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx,
sigCtx->key.dilithium, keySz)) < 0) {
WOLFSSL_MSG("ASN Key import error Dilithium Level 3");
goto exit_cs;
}
break;
}
case DILITHIUM_LEVEL5k:
#endif
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
{
word32 idx = 0;
int level;
if (keyOID == ML_DSA_LEVEL2k) {
level = WC_ML_DSA_44;
}
else if (keyOID == ML_DSA_LEVEL3k) {
level = WC_ML_DSA_65;
}
else if (keyOID == ML_DSA_LEVEL5k) {
level = WC_ML_DSA_87;
}
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyOID == DILITHIUM_LEVEL2k) {
level = WC_ML_DSA_44_DRAFT;
}
else if (keyOID == DILITHIUM_LEVEL3k) {
level = WC_ML_DSA_65_DRAFT;
}
else if (keyOID == DILITHIUM_LEVEL5k) {
level = WC_ML_DSA_87_DRAFT;
}
#endif
sigCtx->verify = 0;
sigCtx->key.dilithium =
(dilithium_key*)XMALLOC(sizeof(dilithium_key),
sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM);
sigCtx->key.dilithium = (dilithium_key*)XMALLOC(
sizeof(dilithium_key), sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM);
if (sigCtx->key.dilithium == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium,
sigCtx->heap, sigCtx->devId)) < 0) {
sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs;
}
if ((ret = wc_dilithium_set_level(
sigCtx->key.dilithium, 5))
< 0) {
if ((ret = wc_dilithium_set_level(sigCtx->key.dilithium,
level)) < 0) {
goto exit_cs;
}
if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx,
sigCtx->key.dilithium, keySz)) < 0) {
WOLFSSL_MSG("ASN Key import error Dilithium Level 5");
WOLFSSL_MSG("ASN Key import error Dilithium");
goto exit_cs;
}
break;
@ -17514,6 +17571,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
case DILITHIUM_LEVEL3k:
case DILITHIUM_LEVEL5k:
@ -17523,6 +17581,15 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
sigCtx->key.dilithium);
break;
}
#endif
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
{
ret = wc_dilithium_verify_ctx_msg(sig, sigSz, NULL, 0, buf,
bufSz, &sigCtx->verify, sigCtx->key.dilithium);
break;
}
#endif /* HAVE_DILITHIUM */
#if defined(HAVE_SPHINCS)
case SPHINCS_FAST_LEVEL1k:
@ -17717,39 +17784,22 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2k:
{
if (sigCtx->verify == 1) {
ret = 0;
}
else {
WOLFSSL_MSG("DILITHIUM_LEVEL2 Verify didn't match");
ret = ASN_SIG_CONFIRM_E;
}
break;
}
case DILITHIUM_LEVEL3k:
{
if (sigCtx->verify == 1) {
ret = 0;
}
else {
WOLFSSL_MSG("DILITHIUM_LEVEL3 Verify didn't match");
ret = ASN_SIG_CONFIRM_E;
}
break;
}
case DILITHIUM_LEVEL5k:
{
#endif
case ML_DSA_LEVEL2k:
case ML_DSA_LEVEL3k:
case ML_DSA_LEVEL5k:
if (sigCtx->verify == 1) {
ret = 0;
}
else {
WOLFSSL_MSG("DILITHIUM_LEVEL5 Verify didn't match");
WOLFSSL_MSG("DILITHIUM Verify didn't match");
ret = ASN_SIG_CONFIRM_E;
}
break;
}
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
case SPHINCS_FAST_LEVEL1k:
@ -24725,12 +24775,20 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----";
wcchar END_FALCON_LEVEL5_PRIV = "-----END FALCON_LEVEL5 PRIVATE KEY-----";
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
wcchar BEGIN_DILITHIUM_LEVEL2_PRIV = "-----BEGIN DILITHIUM_LEVEL2 PRIVATE KEY-----";
wcchar END_DILITHIUM_LEVEL2_PRIV = "-----END DILITHIUM_LEVEL2 PRIVATE KEY-----";
wcchar BEGIN_DILITHIUM_LEVEL3_PRIV = "-----BEGIN DILITHIUM_LEVEL3 PRIVATE KEY-----";
wcchar END_DILITHIUM_LEVEL3_PRIV = "-----END DILITHIUM_LEVEL3 PRIVATE KEY-----";
wcchar BEGIN_DILITHIUM_LEVEL5_PRIV = "-----BEGIN DILITHIUM_LEVEL5 PRIVATE KEY-----";
wcchar END_DILITHIUM_LEVEL5_PRIV = "-----END DILITHIUM_LEVEL5 PRIVATE KEY-----";
#endif
wcchar BEGIN_ML_DSA_LEVEL2_PRIV = "-----BEGIN ML_DSA_LEVEL2 PRIVATE KEY-----";
wcchar END_ML_DSA_LEVEL2_PRIV = "-----END ML_DSA_LEVEL2 PRIVATE KEY-----";
wcchar BEGIN_ML_DSA_LEVEL3_PRIV = "-----BEGIN ML_DSA_LEVEL3 PRIVATE KEY-----";
wcchar END_ML_DSA_LEVEL3_PRIV = "-----END ML_DSA_LEVEL3 PRIVATE KEY-----";
wcchar BEGIN_ML_DSA_LEVEL5_PRIV = "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----";
wcchar END_ML_DSA_LEVEL5_PRIV = "-----END ML_DSA_LEVEL5 PRIVATE KEY-----";
#endif /* HAVE_DILITHIUM */
#if defined(HAVE_SPHINCS)
wcchar BEGIN_SPHINCS_FAST_LEVEL1_PRIV = "-----BEGIN SPHINCS_FAST_LEVEL1 PRIVATE KEY-----";
@ -24881,6 +24939,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
break;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2_TYPE:
if (header) *header = BEGIN_DILITHIUM_LEVEL2_PRIV;
if (footer) *footer = END_DILITHIUM_LEVEL2_PRIV;
@ -24896,6 +24955,22 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
if (footer) *footer = END_DILITHIUM_LEVEL5_PRIV;
ret = 0;
break;
#endif
case ML_DSA_LEVEL2_TYPE:
if (header) *header = BEGIN_ML_DSA_LEVEL2_PRIV;
if (footer) *footer = END_ML_DSA_LEVEL2_PRIV;
ret = 0;
break;
case ML_DSA_LEVEL3_TYPE:
if (header) *header = BEGIN_ML_DSA_LEVEL3_PRIV;
if (footer) *footer = END_ML_DSA_LEVEL3_PRIV;
ret = 0;
break;
case ML_DSA_LEVEL5_TYPE:
if (header) *header = BEGIN_ML_DSA_LEVEL5_PRIV;
if (footer) *footer = END_ML_DSA_LEVEL5_PRIV;
ret = 0;
break;
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
case SPHINCS_FAST_LEVEL1_TYPE:
@ -28787,9 +28862,14 @@ static int EncodePublicKey(int keyType, byte* output, int outLen,
break;
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2_KEY:
case DILITHIUM_LEVEL3_KEY:
case DILITHIUM_LEVEL5_KEY:
#endif
case ML_DSA_LEVEL2_KEY:
case ML_DSA_LEVEL3_KEY:
case ML_DSA_LEVEL5_KEY:
ret = wc_Dilithium_PublicKeyToDer(dilithiumKey, output,
(word32)outLen, 1);
if (ret <= 0) {
@ -29611,9 +29691,15 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
}
#endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1)
if ((cert->keyType == DILITHIUM_LEVEL2_KEY) ||
(cert->keyType == DILITHIUM_LEVEL3_KEY) ||
(cert->keyType == DILITHIUM_LEVEL5_KEY)) {
if ((cert->keyType == ML_DSA_LEVEL2_KEY) ||
(cert->keyType == ML_DSA_LEVEL3_KEY) ||
(cert->keyType == ML_DSA_LEVEL5_KEY)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (cert->keyType == DILITHIUM_LEVEL2_KEY)
|| (cert->keyType == DILITHIUM_LEVEL3_KEY)
|| (cert->keyType == DILITHIUM_LEVEL5_KEY)
#endif
) {
if (dilithiumKey == NULL)
return PUBLIC_KEY_E;
@ -30154,9 +30240,23 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
dilithiumKey) {
word32 outSz = sigSz;
ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey, rng);
if (ret == 0)
ret = outSz;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if ((dilithiumKey->params->level == WC_ML_DSA_44_DRAFT) ||
(dilithiumKey->params->level == WC_ML_DSA_65_DRAFT) ||
(dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) {
ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey,
rng);
if (ret == 0)
ret = outSz;
}
else
#endif
{
ret = wc_dilithium_sign_ctx_msg(NULL, 0, buf, sz, sig,
&outSz, dilithiumKey, rng);
if (ret == 0)
ret = outSz;
}
}
#endif /* HAVE_DILITHIUM */
#if defined(HAVE_SPHINCS)
@ -30391,12 +30491,32 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = FALCON_LEVEL5_KEY;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2))
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL2_KEY;
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3))
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL3_KEY;
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5))
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL5_KEY;
}
#endif
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44)) {
cert->keyType = ML_DSA_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65)) {
cert->keyType = ML_DSA_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87)) {
cert->keyType = ML_DSA_LEVEL5_KEY;
}
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
else if ((sphincsKey != NULL) && (sphincsKey->level == 1)
@ -30486,15 +30606,32 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
}
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) {
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) {
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) {
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL5_KEY;
}
#endif
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_44)) {
cert->keyType = ML_DSA_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_65)) {
cert->keyType = ML_DSA_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_87)) {
cert->keyType = ML_DSA_LEVEL5_KEY;
}
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
else if ((sphincsKey != NULL) && (sphincsKey->level == 1)
@ -30799,12 +30936,20 @@ int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType,
falconKey = (falcon_key*)key;
else if (keyType == FALCON_LEVEL5_TYPE)
falconKey = (falcon_key*)key;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyType == DILITHIUM_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
#endif
else if (keyType == ML_DSA_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL1_TYPE)
sphincsKey = (sphincs_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL3_TYPE)
@ -31106,9 +31251,15 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
}
#endif
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1)
if ((cert->keyType == DILITHIUM_LEVEL2_KEY) ||
(cert->keyType == DILITHIUM_LEVEL3_KEY) ||
(cert->keyType == DILITHIUM_LEVEL5_KEY)) {
if ((cert->keyType == ML_DSA_LEVEL2_KEY) ||
(cert->keyType == ML_DSA_LEVEL3_KEY) ||
(cert->keyType == ML_DSA_LEVEL5_KEY)
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|| (cert->keyType == DILITHIUM_LEVEL2_KEY)
|| (cert->keyType == DILITHIUM_LEVEL3_KEY)
|| (cert->keyType == DILITHIUM_LEVEL5_KEY)
#endif
) {
if (dilithiumKey == NULL)
return PUBLIC_KEY_E;
der->publicKeySz = wc_Dilithium_PublicKeyToDer(dilithiumKey,
@ -31460,12 +31611,32 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
cert->keyType = FALCON_LEVEL5_KEY;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2))
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL2_KEY;
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3))
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL3_KEY;
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5))
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL5_KEY;
}
#endif
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44)) {
cert->keyType = ML_DSA_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65)) {
cert->keyType = ML_DSA_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87)) {
cert->keyType = ML_DSA_LEVEL5_KEY;
}
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
else if ((sphincsKey != NULL) && (sphincsKey->level == 1)
@ -31556,15 +31727,32 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
}
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) {
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) {
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) {
else if ((dilithiumKey != NULL) &&
(dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) {
cert->keyType = DILITHIUM_LEVEL5_KEY;
}
#endif
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_44)) {
cert->keyType = ML_DSA_LEVEL2_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_65)) {
cert->keyType = ML_DSA_LEVEL3_KEY;
}
else if ((dilithiumKey != NULL) &&
(dilithiumKey->level == WC_ML_DSA_87)) {
cert->keyType = ML_DSA_LEVEL5_KEY;
}
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_SPHINCS
else if ((sphincsKey != NULL) && (sphincsKey->level == 1)
@ -31776,12 +31964,20 @@ int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType,
falconKey = (falcon_key*)key;
else if (keyType == FALCON_LEVEL5_TYPE)
falconKey = (falcon_key*)key;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyType == DILITHIUM_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
#endif
else if (keyType == ML_DSA_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL1_TYPE)
sphincsKey = (sphincs_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL3_TYPE)
@ -31922,9 +32118,14 @@ int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf,
case FALCON_LEVEL5_TYPE:
falconKey = (falcon_key*)key;
break;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
case DILITHIUM_LEVEL2_TYPE:
case DILITHIUM_LEVEL3_TYPE:
case DILITHIUM_LEVEL5_TYPE:
#endif
case ML_DSA_LEVEL2_TYPE:
case ML_DSA_LEVEL3_TYPE:
case ML_DSA_LEVEL5_TYPE:
dilithiumKey = (dilithium_key*)key;
break;
case SPHINCS_FAST_LEVEL1_TYPE:
@ -32025,12 +32226,20 @@ int wc_SignCert_ex(int requestSz, int sType, byte* buf, word32 buffSz,
falconKey = (falcon_key*)key;
else if (keyType == FALCON_LEVEL5_TYPE)
falconKey = (falcon_key*)key;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyType == DILITHIUM_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
#endif
else if (keyType == ML_DSA_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL1_TYPE)
sphincsKey = (sphincs_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL3_TYPE)
@ -32204,12 +32413,20 @@ int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key)
falconKey = (falcon_key*)key;
else if (keyType == FALCON_LEVEL5_TYPE)
falconKey = (falcon_key*)key;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyType == DILITHIUM_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
#endif
else if (keyType == ML_DSA_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL1_TYPE)
sphincsKey = (sphincs_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL3_TYPE)
@ -32257,12 +32474,20 @@ int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key)
falconKey = (falcon_key*)key;
else if (keyType == FALCON_LEVEL5_TYPE)
falconKey = (falcon_key*)key;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
else if (keyType == DILITHIUM_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == DILITHIUM_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
#endif
else if (keyType == ML_DSA_LEVEL2_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL3_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == ML_DSA_LEVEL5_TYPE)
dilithiumKey = (dilithium_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL1_TYPE)
sphincsKey = (sphincs_key*)key;
else if (keyType == SPHINCS_FAST_LEVEL3_TYPE)

570
wolfcrypt/src/dilithium.c
View File

File diff suppressed because it is too large Load Diff

94
wolfcrypt/test/test.c
View File

@ -42145,13 +42145,17 @@ static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey,
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg,
(word32)sizeof(msg), &res, key);
#else
ret = wc_dilithium_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), &res,
key);
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (param >= WC_ML_DSA_DRAFT) {
ret = wc_dilithium_verify_msg(sig, sigLen, msg, (word32)sizeof(msg),
&res, key);
}
else
#endif
{
ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg,
(word32)sizeof(msg), &res, key);
}
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (res != 1)
@ -42166,7 +42170,6 @@ out:
static wc_test_ret_t dilithium_param_44_vfy_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_pub_key[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0xd8, 0xac, 0xaf, 0xd8, 0x2e, 0x14, 0x23, 0x78, 0xf7, 0x0d, 0x9a, 0x04,
0x2b, 0x92, 0x48, 0x67, 0x60, 0x55, 0x34, 0xd9, 0xac, 0x0b, 0xc4, 0x1f,
0x46, 0xe8, 0x85, 0xb9, 0x2e, 0x1b, 0x10, 0x3a, 0x75, 0x7a, 0xc2, 0xbc,
@ -42277,7 +42280,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void)
0x21, 0x53, 0xeb, 0xd3, 0xa6, 0xec, 0x7d, 0x3c, 0xb8, 0xcd, 0x91, 0x4c,
0x2f, 0x4b, 0x2e, 0x23, 0x4c, 0x0f, 0x0f, 0xe0, 0x14, 0xa5, 0xe7, 0xe5,
0x70, 0x8d, 0x8b, 0x9c
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_draft_pub_key[] = {
0xea, 0x05, 0x24, 0x0d, 0x80, 0x72, 0x25, 0x55, 0xf4, 0x5b,
0xc2, 0x13, 0x8b, 0x87, 0x5d, 0x31, 0x99, 0x2f, 0x1d, 0xa9,
0x41, 0x09, 0x05, 0x76, 0xa7, 0xb7, 0x5e, 0x8c, 0x44, 0xe2,
@ -42410,10 +42415,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void)
0xca, 0x7a, 0x54, 0xe5, 0x06, 0xe3, 0xda, 0x05, 0xf7, 0x77,
0x36, 0x8b, 0x81, 0x26, 0x99, 0x92, 0x42, 0xda, 0x45, 0xb1,
0xfe, 0x4b
#endif
};
#endif
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_sig[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0x27, 0x3b, 0x58, 0xa0, 0xcf, 0x00, 0x29, 0x5e, 0x1a, 0x63, 0xbf, 0xb4,
0x97, 0x16, 0xa1, 0x9c, 0x78, 0xd1, 0x33, 0xdc, 0x72, 0xde, 0xa3, 0xfc,
0xf4, 0x09, 0xb1, 0x09, 0x16, 0x3f, 0x80, 0x72, 0x22, 0x68, 0x65, 0x68,
@ -42616,7 +42620,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void)
0xe5, 0xea, 0x0b, 0x16, 0x3b, 0x3c, 0x3e, 0x45, 0x58, 0x63, 0x6a, 0x6f,
0x7c, 0x8c, 0x8d, 0x92, 0x99, 0x9c, 0xad, 0xb5, 0xb7, 0xce, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x16, 0x23, 0x36, 0x4a
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_draft_sig[] = {
0x5e, 0xc1, 0xce, 0x0e, 0x31, 0xea, 0x10, 0x52, 0xa3, 0x7a,
0xfe, 0x4d, 0xac, 0x07, 0x89, 0x5a, 0x45, 0xbd, 0x5a, 0xe5,
0x22, 0xed, 0x98, 0x4d, 0x2f, 0xc8, 0x27, 0x00, 0x99, 0x40,
@ -42859,12 +42865,22 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void)
0x35, 0x38, 0x3f, 0x4c, 0x7f, 0x80, 0x81, 0x8b, 0x9b, 0x9c,
0x9d, 0xa7, 0xa9, 0xcb, 0xe9, 0xf0, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x20, 0x32, 0x46
#endif
};
#endif
wc_test_ret_t ret;
return dilithium_param_vfy_test(WC_ML_DSA_44, ml_dsa_44_pub_key,
ret = dilithium_param_vfy_test(WC_ML_DSA_44, ml_dsa_44_pub_key,
(word32)sizeof(ml_dsa_44_pub_key), ml_dsa_44_sig,
(word32)sizeof(ml_dsa_44_sig));
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (ret == 0) {
ret = dilithium_param_vfy_test(WC_ML_DSA_44_DRAFT,
ml_dsa_44_draft_pub_key, (word32)sizeof(ml_dsa_44_draft_pub_key),
ml_dsa_44_draft_sig, (word32)sizeof(ml_dsa_44_draft_sig));
}
#endif
return ret;
}
#endif
@ -42872,7 +42888,6 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void)
static wc_test_ret_t dilithium_param_65_vfy_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_pub_key[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0x2c, 0x32, 0xfa, 0x59, 0x71, 0x16, 0x4a, 0x0e, 0x45, 0x0f, 0x21, 0xfd,
0x65, 0xee, 0x50, 0xb0, 0xbf, 0xea, 0x8e, 0x4e, 0xa2, 0x55, 0x71, 0xa6,
0x65, 0x48, 0x56, 0x20, 0x8a, 0x48, 0x9d, 0xd7, 0xc9, 0x2c, 0x80, 0x62,
@ -43036,7 +43051,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void)
0x09, 0x5b, 0xfd, 0x52, 0x6f, 0xd9, 0x3c, 0x1c, 0x02, 0x3b, 0x77, 0xb8,
0xa1, 0xe9, 0xa4, 0xb7, 0x42, 0x62, 0xee, 0xea, 0x43, 0xf3, 0xd8, 0xd0,
0x7a, 0x53, 0x91, 0x34, 0x7f, 0xe7, 0x9a, 0xc6
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_draft_pub_key[] = {
0x15, 0xc9, 0xe5, 0x53, 0x2f, 0xd8, 0x1f, 0xb4, 0xa3, 0x9f,
0xae, 0xad, 0xb3, 0x10, 0xd0, 0x72, 0x69, 0xd3, 0x02, 0xf3,
0xdf, 0x67, 0x5a, 0x31, 0x52, 0x19, 0xca, 0x39, 0x27, 0x77,
@ -43233,10 +43250,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void)
0xd8, 0x57, 0x9d, 0x48, 0x80, 0x6a, 0xef, 0x0c, 0xdd, 0x27,
0x99, 0xf9, 0xe7, 0xd0, 0xd2, 0x36, 0xd8, 0xed, 0x41, 0x14,
0x1b, 0x10
#endif
};
#endif
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_sig[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0xb1, 0xd1, 0x8e, 0x83, 0x0b, 0x0d, 0xd2, 0x71, 0xb2, 0xaa, 0x31, 0x38,
0x16, 0xf0, 0xb4, 0xbc, 0x64, 0x2b, 0x97, 0xa1, 0x08, 0x19, 0x4f, 0x52,
0xfe, 0x99, 0x1a, 0xa9, 0xd4, 0x08, 0x93, 0x99, 0x88, 0xfd, 0x6a, 0xd6,
@ -43513,7 +43529,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void)
0x96, 0x0d, 0x23, 0x2b, 0x37, 0x87, 0x8d, 0xc8, 0xf7, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x03, 0x0b, 0x13, 0x1a, 0x1d, 0x25
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_draft_sig[] = {
0x3e, 0xff, 0xf4, 0x48, 0x80, 0x2d, 0x88, 0x87, 0xf4, 0xcc,
0xa4, 0x61, 0xe1, 0x27, 0x20, 0x55, 0x66, 0xc8, 0xfe, 0x3e,
0xdd, 0xf5, 0x5c, 0x70, 0x6c, 0x54, 0xba, 0x50, 0x8a, 0xa2,
@ -43845,12 +43863,22 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void)
0xba, 0xdd, 0x02, 0x45, 0x7e, 0xc1, 0xdd, 0xeb, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x03, 0x0c, 0x15, 0x1c, 0x22, 0x28
#endif
};
#endif
wc_test_ret_t ret;
return dilithium_param_vfy_test(WC_ML_DSA_65, ml_dsa_65_pub_key,
ret = dilithium_param_vfy_test(WC_ML_DSA_65, ml_dsa_65_pub_key,
(word32)sizeof(ml_dsa_65_pub_key), ml_dsa_65_sig,
(word32)sizeof(ml_dsa_65_sig));
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (ret == 0) {
ret = dilithium_param_vfy_test(WC_ML_DSA_65_DRAFT,
ml_dsa_65_draft_pub_key, (word32)sizeof(ml_dsa_65_draft_pub_key),
ml_dsa_65_draft_sig, (word32)sizeof(ml_dsa_65_draft_sig));
}
#endif
return ret;
}
#endif
@ -43858,7 +43886,6 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void)
static wc_test_ret_t dilithium_param_87_vfy_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_pub_key[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0x8a, 0x66, 0xe3, 0x6e, 0x3c, 0x11, 0x70, 0x9f, 0x82, 0xdd, 0xeb, 0x9e,
0xc0, 0xd7, 0x25, 0x87, 0x0c, 0x65, 0x07, 0x9d, 0x47, 0x39, 0x5d, 0x04,
0x42, 0x5c, 0xd6, 0x0a, 0xdc, 0x39, 0x44, 0x04, 0xd9, 0x79, 0x43, 0x87,
@ -44075,7 +44102,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void)
0xf5, 0xdc, 0x9f, 0x3c, 0x6c, 0x69, 0x0d, 0x61, 0x49, 0xb2, 0xe0, 0xb2,
0xe5, 0xef, 0x19, 0xbe, 0x04, 0xf6, 0x6b, 0xad, 0x41, 0x4c, 0x5a, 0x50,
0xf6, 0xac, 0x1b, 0x25, 0x8a, 0xdd, 0xe3, 0x57, 0xab, 0x7c, 0x92, 0xe4
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_draft_pub_key[] = {
0xef, 0x49, 0x79, 0x47, 0x15, 0xc4, 0x8a, 0xa9, 0x74, 0x2a,
0xf0, 0x36, 0x94, 0x5c, 0x91, 0x1c, 0x5d, 0xff, 0x2c, 0x83,
0xf2, 0x8b, 0x04, 0xfc, 0x5d, 0x64, 0xbd, 0x49, 0x73, 0xcd,
@ -44336,10 +44365,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void)
0x2e, 0xfa, 0xcb, 0x5f, 0x5b, 0xd8, 0x09, 0x83, 0xe9, 0x40,
0xe9, 0x0e, 0x42, 0xdd, 0x17, 0xd7, 0x6e, 0x19, 0x8d, 0x95,
0x0a, 0x93
#endif
};
#endif
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_sig[] = {
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
0x20, 0xff, 0x12, 0xe1, 0x87, 0xf6, 0x11, 0x38, 0xff, 0x41, 0xd0, 0x8f,
0xcd, 0x7e, 0xd1, 0xf6, 0x21, 0x17, 0xd0, 0x46, 0xe9, 0x86, 0x83, 0x1b,
0xaf, 0xe5, 0x2b, 0x59, 0x21, 0xd1, 0x6b, 0xc9, 0xdb, 0x34, 0xdc, 0xba,
@ -44726,7 +44754,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void)
0x51, 0x68, 0x89, 0xad, 0xae, 0xc7, 0xd1, 0xde, 0xe2, 0xf9, 0xfe, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06,
0x0c, 0x18, 0x20, 0x24, 0x2f, 0x33, 0x3f
#else
};
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_draft_sig[] = {
0x78, 0xed, 0x1a, 0x3f, 0x41, 0xab, 0xf8, 0x93, 0x80, 0xf0,
0xc6, 0xbf, 0x4a, 0xde, 0xaf, 0x29, 0x93, 0xe5, 0x9a, 0xbf,
0x38, 0x08, 0x18, 0x33, 0xca, 0x7d, 0x5e, 0x65, 0xa4, 0xd2,
@ -45190,12 +45220,22 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void)
0x02, 0x6a, 0x70, 0xc8, 0xcd, 0xd0, 0xe2, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08,
0x12, 0x1c, 0x22, 0x2b, 0x33, 0x38, 0x3f
#endif
};
#endif
wc_test_ret_t ret;
return dilithium_param_vfy_test(WC_ML_DSA_87, ml_dsa_87_pub_key,
ret = dilithium_param_vfy_test(WC_ML_DSA_87, ml_dsa_87_pub_key,
(word32)sizeof(ml_dsa_87_pub_key), ml_dsa_87_sig,
(word32)sizeof(ml_dsa_87_sig));
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
if (ret == 0) {
ret = dilithium_param_vfy_test(WC_ML_DSA_87_DRAFT,
ml_dsa_87_draft_pub_key, (word32)sizeof(ml_dsa_87_draft_pub_key),
ml_dsa_87_draft_sig, (word32)sizeof(ml_dsa_87_draft_sig));
}
#endif
return ret;
}
#endif
#endif

6
wolfssl/wolfcrypt/asn.h
View File

@ -1186,6 +1186,9 @@ enum Key_Sum {
DILITHIUM_LEVEL2k = 218, /* 1.3.6.1.4.1.2.267.12.4.4 */
DILITHIUM_LEVEL3k = 221, /* 1.3.6.1.4.1.2.267.12.6.5 */
DILITHIUM_LEVEL5k = 225, /* 1.3.6.1.4.1.2.267.12.8.7 */
ML_DSA_LEVEL2k = 431, /* 2.16.840.1.101.3.4.3.17 */
ML_DSA_LEVEL3k = 432, /* 2.16.840.1.101.3.4.3.18 */
ML_DSA_LEVEL5k = 433, /* 2.16.840.1.101.3.4.3.19 */
SPHINCS_FAST_LEVEL1k = 281, /* 1 3 9999 6 7 4 */
SPHINCS_FAST_LEVEL3k = 283, /* 1 3 9999 6 8 3 + 2 (See GetOID() in asn.c) */
SPHINCS_FAST_LEVEL5k = 282, /* 1 3 9999 6 9 3 */
@ -2468,6 +2471,9 @@ enum cert_enums {
DILITHIUM_LEVEL2_KEY = 18,
DILITHIUM_LEVEL3_KEY = 19,
DILITHIUM_LEVEL5_KEY = 20,
ML_DSA_LEVEL2_KEY = 21,
ML_DSA_LEVEL3_KEY = 22,
ML_DSA_LEVEL5_KEY = 23,
SPHINCS_FAST_LEVEL1_KEY = 24,
SPHINCS_FAST_LEVEL3_KEY = 25,
SPHINCS_FAST_LEVEL5_KEY = 26,

6
wolfssl/wolfcrypt/asn_public.h
View File

@ -171,6 +171,9 @@ enum CertType {
DILITHIUM_LEVEL2_TYPE,
DILITHIUM_LEVEL3_TYPE,
DILITHIUM_LEVEL5_TYPE,
ML_DSA_LEVEL2_TYPE,
ML_DSA_LEVEL3_TYPE,
ML_DSA_LEVEL5_TYPE,
SPHINCS_FAST_LEVEL1_TYPE,
SPHINCS_FAST_LEVEL3_TYPE,
SPHINCS_FAST_LEVEL5_TYPE,
@ -223,6 +226,9 @@ enum Ctc_SigType {
CTC_DILITHIUM_LEVEL2 = 218,
CTC_DILITHIUM_LEVEL3 = 221,
CTC_DILITHIUM_LEVEL5 = 225,
CTC_ML_DSA_LEVEL2 = 431,
CTC_ML_DSA_LEVEL3 = 432,
CTC_ML_DSA_LEVEL5 = 433,
CTC_SPHINCS_FAST_LEVEL1 = 281,
CTC_SPHINCS_FAST_LEVEL3 = 283,

43
wolfssl/wolfcrypt/dilithium.h
View File

@ -128,6 +128,26 @@
(DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE)
#define ML_DSA_LEVEL2_KEY_SIZE 2560
#define ML_DSA_LEVEL2_SIG_SIZE 2420
#define ML_DSA_LEVEL2_PUB_KEY_SIZE 1312
#define ML_DSA_LEVEL2_PRV_KEY_SIZE \
(ML_DSA_LEVEL2_PUB_KEY_SIZE + ML_DSA_LEVEL2_KEY_SIZE)
#define ML_DSA_LEVEL3_KEY_SIZE 4032
#define ML_DSA_LEVEL3_SIG_SIZE 3309
#define ML_DSA_LEVEL3_PUB_KEY_SIZE 1952
#define ML_DSA_LEVEL3_PRV_KEY_SIZE \
(ML_DSA_LEVEL3_PUB_KEY_SIZE + ML_DSA_LEVEL3_KEY_SIZE)
#define ML_DSA_LEVEL5_KEY_SIZE 4896
#define ML_DSA_LEVEL5_SIG_SIZE 4627
#define ML_DSA_LEVEL5_PUB_KEY_SIZE 2592
#define ML_DSA_LEVEL5_PRV_KEY_SIZE \
(ML_DSA_LEVEL5_PUB_KEY_SIZE + ML_DSA_LEVEL5_KEY_SIZE)
/* Modulus. */
#define DILITHIUM_Q 0x7fe001
/* Number of bits in modulus. */
@ -496,6 +516,25 @@
#define DILITHIUM_LEVEL5_PRV_KEY_SIZE \
(DILITHIUM_LEVEL5_PUB_KEY_SIZE+DILITHIUM_LEVEL5_KEY_SIZE)
#define ML_DSA_LEVEL2_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_secret_key
#define ML_DSA_LEVEL2_SIG_SIZE OQS_SIG_ml_dsa_44_ipd_length_signature
#define ML_DSA_LEVEL2_PUB_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_public_key
#define ML_DSA_LEVEL2_PRV_KEY_SIZE \
(ML_DSA_LEVEL2_PUB_KEY_SIZE+ML_DSA_LEVEL2_KEY_SIZE)
#define ML_DSA_LEVEL3_KEY_SIZE OQS_SIG_ml_dsa_65_ipd_length_secret_key
#define ML_DSA_LEVEL3_SIG_SIZE OQS_SIG_ml_dsa_65_ipd_length_signature
#define ML_DSA_LEVEL3_PUB_KEY_SIZE OQS_SIG_ml_dsa_65_ipd_length_public_key
#define ML_DSA_LEVEL3_PRV_KEY_SIZE \
(ML_DSA_LEVEL3_PUB_KEY_SIZE+ML_DSA_LEVEL3_KEY_SIZE)
#define ML_DSA_LEVEL5_KEY_SIZE OQS_SIG_ml_dsa_87_ipd_length_secret_key
#define ML_DSA_LEVEL5_SIG_SIZE OQS_SIG_ml_dsa_87_ipd_length_signature
#define ML_DSA_LEVEL5_PUB_KEY_SIZE OQS_SIG_ml_dsa_87_ipd_length_public_key
#define ML_DSA_LEVEL5_PRV_KEY_SIZE \
(ML_DSA_LEVEL5_PUB_KEY_SIZE+ML_DSA_LEVEL5_KEY_SIZE)
#endif
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_KEY_SIZE
@ -760,10 +799,14 @@ WOLFSSL_API int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output,
#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
#define WC_ML_DSA_DRAFT 10
#define WC_ML_DSA_44 2
#define WC_ML_DSA_65 3
#define WC_ML_DSA_87 5
#define WC_ML_DSA_44_DRAFT (2 + WC_ML_DSA_DRAFT)
#define WC_ML_DSA_65_DRAFT (3 + WC_ML_DSA_DRAFT)
#define WC_ML_DSA_87_DRAFT (5 + WC_ML_DSA_DRAFT)
#define DILITHIUM_ML_DSA_44_KEY_SIZE 2560
#define DILITHIUM_ML_DSA_44_SIG_SIZE 2420