Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .github/workflows/pq-all.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
name: Quantum Resistant Tests

# START OF COMMON SECTION
Expand Down Expand Up @@ -233,7 +233,11 @@
{"name": "mldsa-no-asn1-fips204-draft-opensslextra", "minutes": 1.2,
"configure": ["--enable-intelasm", "--enable-sp-asm",
"--enable-dilithium=yes,draft", "--enable-opensslextra",
"CPPFLAGS=-DWOLFSSL_MLDSA_NO_ASN1"]}
"CPPFLAGS=-DWOLFSSL_MLDSA_NO_ASN1"]},
{"name": "pkcs7-mldsa-only", "minutes": 1.2,
"comment": "PKCS#7 SignedData with ML-DSA as the only signature algorithm (no RSA, no ECC); guards the ML-DSA-only PKCS7 build path",
"configure": ["--enable-cryptonly", "--enable-mldsa",
"--enable-pkcs7", "--disable-rsa", "--disable-ecc"]}
]
EOF
.github/scripts/parallel-make-check.py \
Expand Down
18 changes: 18 additions & 0 deletions certs/mldsa/README.txt
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,24 @@ File variants, per level N in {44, 65, 87}:
mldsa<N>_oqskeypair.der liboqs concatenated (priv || pub) format
mldsa<N>_pub-spki.der SubjectPublicKeyInfo wrapping the public key

Self-signed certificates and their matching keys (used by the PKCS#7/CMS
SignedData tests), per level N in {44, 65, 87}:
mldsa<N>-cert.pem / mldsa<N>-cert.der self-signed ML-DSA certificate
mldsa<N>-key.pem matching private key (PEM,
seed-and-expanded PKCS#8)
mldsa<N>-key.der matching private key (DER,
expanded-only PKCS#8)

The mldsa<N>-key.der files were derived from the matching mldsa<N>-key.pem
using OpenSSL 3.5+, selecting the portable expanded-only private-key shape:

openssl pkey -in mldsa<N>-key.pem \
-provparam ml-dsa.output_formats=priv -outform DER \
-out mldsa<N>-key.der

Unlike the standalone mldsa<N>_priv-only.der vectors above, these correspond
to the public key in mldsa<N>-cert.der.

The *_pub-spki.der files were derived from the matching *_priv-only.der files
using OpenSSL 3.5+:

Expand Down
3 changes: 3 additions & 0 deletions certs/mldsa/include.am
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,16 @@ EXTRA_DIST += \
certs/mldsa/mldsa87_bare-seed.der \
certs/mldsa/mldsa87_bare-priv.der \
certs/mldsa/mldsa44-key.pem \
certs/mldsa/mldsa44-key.der \
certs/mldsa/mldsa44-cert.pem \
certs/mldsa/mldsa44-cert.der \
certs/mldsa/ecc-leaf-mldsa44.pem \
certs/mldsa/mldsa65-key.pem \
certs/mldsa/mldsa65-key.der \
certs/mldsa/mldsa65-cert.pem \
certs/mldsa/mldsa65-cert.der \
certs/mldsa/mldsa87-key.pem \
certs/mldsa/mldsa87-key.der \
certs/mldsa/mldsa87-cert.pem \
certs/mldsa/mldsa87-cert.der \
certs/mldsa/bench_mldsa_44_key.der \
Expand Down
Binary file added certs/mldsa/mldsa44-key.der
Binary file not shown.
Binary file added certs/mldsa/mldsa65-key.der
Binary file not shown.
Binary file added certs/mldsa/mldsa87-key.der
Binary file not shown.
47 changes: 41 additions & 6 deletions certs/renewcerts.sh
Original file line number Diff line number Diff line change
Expand Up @@ -1187,13 +1187,19 @@ EOF
############################################################
#### ML-DSA (FIPS 204) self-signed certificates ###
############################################################
# ML-DSA requires an OpenSSL 3.x binary with ML-DSA support
# (via oqsprovider or built-in). Detect support by probing candidates.
# ML-DSA requires an OpenSSL 3.5+ binary with the built-in ML-DSA provider.
# Besides key/cert generation the block also produces the expanded-only
# PKCS#8 key.der (-provparam ml-dsa.output_formats=priv, a 3.5+ built-in
# construct) that the PKCS#7 tests decode without keygen-from-seed. The
# probe below requires both keygen and that conversion, so the common
# unsuitable binaries (oqsprovider or pre-3.5, which lack the expanded-only
# conversion) are rejected here and the block is skipped cleanly rather
# than aborting after writing a cert.der but no matching key.der.
OPENSSL3=""
for candidate in \
"/usr/local/opt/openssl@3.2/bin/openssl" \
"/usr/local/opt/openssl@3.5/bin/openssl" \
"/usr/local/opt/openssl@3/bin/openssl" \
"/opt/homebrew/opt/openssl@3.2/bin/openssl" \
"/opt/homebrew/opt/openssl@3.5/bin/openssl" \
"/opt/homebrew/opt/openssl@3/bin/openssl" \
"openssl"; do
if [ "$candidate" = "openssl" ]; then
Expand All @@ -1203,7 +1209,23 @@ EOF
# Skip non-existent or non-executable absolute paths.
[ -x "$candidate" ] || continue
fi
if "$candidate" genpkey -algorithm mldsa44 -out /dev/null 2>/dev/null; then
probe_key="$(mktemp)" || continue
# Probe every level the loop below generates (44/65/87), for both
# keygen and the expanded-only conversion, so a partially-capable
# binary is rejected up front rather than aborting mid-loop.
probe_ok=1
for probe_level in 44 65 87; do
if ! "$candidate" genpkey -algorithm "mldsa${probe_level}" \
-out "$probe_key" 2>/dev/null || \
! "$candidate" pkey -in "$probe_key" \
-provparam ml-dsa.output_formats=priv -outform DER \
-out /dev/null 2>/dev/null; then
probe_ok=0
break
fi
done
rm -f "$probe_key"
if [ "$probe_ok" -eq 1 ]; then
OPENSSL3="$candidate"
break
fi
Expand All @@ -1230,6 +1252,19 @@ EOF
-outform DER -out "mldsa/mldsa${level}-cert.der"
check_result $? "ML-DSA-${level} DER conversion"

# Matching private key in the portable expanded-only PKCS#8 DER
# shape, used by the PKCS#7/CMS SignedData tests. Derived from the
# same mldsa${level}-key.pem so it corresponds to the public key in
# mldsa${level}-cert.der. The expanded-only form (no seed) decodes
# via ImportPrivRaw without keygen-from-seed or the ASN template,
# so the tests pass in WOLFSSL_MLDSA_NO_MAKE_KEY and non-template
# builds too; the seed-and-expanded default would not. The probe
# above already verified this binary supports the conversion.
"$OPENSSL3" pkey -in "mldsa/mldsa${level}-key.pem" \
-provparam ml-dsa.output_formats=priv -outform DER \
-out "mldsa/mldsa${level}-key.der"
check_result $? "ML-DSA-${level} key DER conversion"

echo "End of ML-DSA-${level} section"
done

Expand All @@ -1254,7 +1289,7 @@ EOF
echo "End of ecc-leaf-mldsa44 section"
echo "---------------------------------------------------------------------"
else
echo "Skipping ML-DSA cert generation (no OpenSSL 3.3+ with ML-DSA support found)"
echo "Skipping ML-DSA cert generation (no OpenSSL 3.5+ built-in ML-DSA provider found)"
echo "---------------------------------------------------------------------"
fi

Expand Down
5 changes: 3 additions & 2 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -11802,8 +11802,9 @@ AS_IF([test "x$ENABLED_INTEL_QA_SYNC" = "xyes" || test "x$ENABLED_OCTEON_SYNC" =
# checks for pkcs7 needed enables
AS_IF([test "x$ENABLED_PKCS7" = "xyes" && \
test "x$ENABLED_RSA" = "xno" && \
test "x$ENABLED_ECC" = "xno"],
[AC_MSG_ERROR([please enable ecc or rsa if enabling pkcs7.])])
test "x$ENABLED_ECC" = "xno" && \
test "x$ENABLED_MLDSA" = "xno"],
[AC_MSG_ERROR([please enable ecc, rsa or mldsa if enabling pkcs7.])])

AS_IF([test "x$ENABLED_PKCS7" = "xyes" && \
test "x$ENABLED_SHA" = "xno" && \
Expand Down
14 changes: 14 additions & 0 deletions wolfcrypt/src/hash.c
Original file line number Diff line number Diff line change
Expand Up @@ -353,6 +353,20 @@ enum wc_HashType wc_OidGetHash(int oid)
hash_type = WC_ERR_TRACE(WC_HASH_TYPE_NONE);
#endif
break;
case SHAKE128h:
Comment thread
dgarske marked this conversation as resolved.
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
hash_type = WC_HASH_TYPE_SHAKE128;
#else
hash_type = WC_ERR_TRACE(WC_HASH_TYPE_NONE);
#endif
break;
case SHAKE256h:
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE256)
hash_type = WC_HASH_TYPE_SHAKE256;
#else
hash_type = WC_ERR_TRACE(WC_HASH_TYPE_NONE);
#endif
break;
case SM3h:
#ifdef WOLFSSL_SM3
hash_type = WC_HASH_TYPE_SM3;
Expand Down
Loading
Loading