From 50bbdbbe4206edbfd77b1fb92f0c193c42cf2f17 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Wed, 25 Sep 2024 22:07:08 +1000 Subject: [PATCH] Dilithium: Final and draft available in one build Make draft version of ML-DSA compiled in with final. Use WC_ML_DSA_44_DRAFT, WC_ML_DSA_65_DRAFT and WC_ML_DSA_87_DRAFT for the level to get the draft implementation. --- tests/api.c | 870 +++++++++++++++++++++++++++++++-- wolfcrypt/src/asn.c | 487 +++++++++++++----- wolfcrypt/src/dilithium.c | 570 ++++++++++++++++----- wolfcrypt/test/test.c | 94 +++- wolfssl/wolfcrypt/asn.h | 6 + wolfssl/wolfcrypt/asn_public.h | 6 + wolfssl/wolfcrypt/dilithium.h | 43 ++ 7 files changed, 1755 insertions(+), 321 deletions(-) diff --git a/tests/api.c b/tests/api.c index 0e8ae3a811..f0b4b600b8 100644 --- a/tests/api.c +++ b/tests/api.c @@ -32875,7 +32875,6 @@ static int test_wc_dilithium_sign_vfy(void) { EXPECT_DECLS; #if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \ - !defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) && \ !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) && \ !defined(WOLFSSL_DILITHIUM_NO_SIGN) && !defined(WOLFSSL_DILITHIUM_NO_VERIFY) dilithium_key* key; @@ -33100,6 +33099,754 @@ static int test_wc_dilithium_check_key(void) #if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \ defined(WOLFSSL_DILITHIUM_PUBLIC_KEY) +static const unsigned char ml_dsa_public_der[] = { +#ifndef WOLFSSL_NO_ML_DSA_44 + 0x30, 0x82, 0x05, 0x32, 0x30, 0x0d, 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, + 0x11, 0x03, 0x82, 0x05, 0x21, 0x00, + 0xBC, 0x5F, 0xF8, 0x10, 0xEB, 0x08, 0x90, 0x48, + 0xB8, 0xAB, 0x30, 0x20, 0xA7, 0xBD, 0x3B, 0x16, + 0xC0, 0xE0, 0xCA, 0x3D, 0x6B, 0x97, 0xE4, 0x64, + 0x6C, 0x2C, 0xCA, 0xE0, 0xBB, 0xF1, 0x9E, 0xF7, + 0x23, 0x0A, 0x19, 0xD7, 0x5A, 0xDB, 0xDE, 0xD5, + 0x2D, 0xB8, 0x55, 0xE2, 0x52, 0xA7, 0x19, 0xFC, + 0xBD, 0x14, 0x7B, 0xA6, 0x7B, 0x2F, 0xAD, 0x14, + 0xED, 0x0E, 0x68, 0xFD, 0xFE, 0x8C, 0x65, 0xBA, + 0xDE, 0xAC, 0xB0, 0x91, 0x11, 0x93, 0xAD, 0xFA, + 0x87, 0x94, 0xD7, 0x8F, 0x8E, 0x3D, 0x66, 0x2A, + 0x1C, 0x49, 0xDA, 0x81, 0x9F, 0xD9, 0x59, 0xE7, + 0xF0, 0x78, 0xF2, 0x03, 0xC4, 0x56, 0xF8, 0xB6, + 0xE7, 0xC9, 0x41, 0x58, 0x98, 0xE5, 0x41, 0xC7, + 0x30, 0x32, 0xDB, 0xD6, 0x19, 0xEA, 0xF6, 0x0F, + 0x8D, 0x64, 0xF8, 0x68, 0x3D, 0xA9, 0x9E, 0xCA, + 0x51, 0x22, 0x0B, 0x0A, 0xCA, 0x28, 0x46, 0x40, + 0x99, 0xF5, 0x47, 0xC0, 0x27, 0x77, 0xBD, 0x37, + 0xD8, 0x4A, 0x59, 0xBD, 0x37, 0xED, 0x7A, 0x8A, + 0x92, 0x63, 0x3C, 0x75, 0xD0, 0x7C, 0x79, 0x3F, + 0xE7, 0x25, 0x2B, 0x58, 0x4A, 0xBF, 0x6A, 0x15, + 0xEE, 0x14, 0x50, 0x7E, 0x5E, 0x19, 0x3F, 0x89, + 0x86, 0x4D, 0x09, 0xAC, 0x87, 0x27, 0xA6, 0xD0, + 0x42, 0x1F, 0x0C, 0x19, 0xF0, 0xE2, 0xFB, 0xFC, + 0x21, 0x3D, 0x3F, 0xBD, 0x70, 0xF4, 0xF9, 0x76, + 0x2C, 0xEC, 0xFF, 0x23, 0x1E, 0x9C, 0x8A, 0x76, + 0x28, 0xD3, 0xF8, 0xB0, 0x85, 0x7B, 0x03, 0x2D, + 0x32, 0xDE, 0x62, 0xFF, 0x8E, 0xCB, 0xF4, 0x00, + 0x82, 0x89, 0xBF, 0x34, 0x40, 0x36, 0x65, 0xF8, + 0x1A, 0x08, 0x1A, 0xD5, 0xA8, 0x5A, 0x28, 0x2F, + 0x99, 0xBA, 0xB9, 0xE5, 0x38, 0x5A, 0xFB, 0xCC, + 0xCF, 0x44, 0xB7, 0x4C, 0x01, 0x96, 0xC7, 0x54, + 0x55, 0x27, 0xEC, 0x30, 0x26, 0xDA, 0x12, 0x80, + 0xC4, 0xEB, 0x37, 0xD0, 0x9C, 0xFE, 0x3E, 0xC4, + 0xB4, 0x91, 0x0B, 0x62, 0xEB, 0x98, 0x15, 0xA4, + 0x25, 0xC6, 0x59, 0x0F, 0xC4, 0xAD, 0x3F, 0xBB, + 0x22, 0x57, 0x52, 0xCC, 0x1F, 0xC5, 0x69, 0x3F, + 0x18, 0x7E, 0x7D, 0xEC, 0x4E, 0xEF, 0xBE, 0xB6, + 0xB9, 0x1B, 0xD9, 0x1C, 0x5E, 0x2E, 0xA6, 0xA9, + 0x1D, 0x14, 0xD0, 0x97, 0xBE, 0x20, 0x3F, 0xBA, + 0x0B, 0xF9, 0x37, 0xC9, 0x75, 0x07, 0xDC, 0x00, + 0x7C, 0x4C, 0xAA, 0x9B, 0x07, 0x85, 0x89, 0x29, + 0x66, 0xFF, 0x15, 0x90, 0x09, 0x24, 0xE5, 0x79, + 0xD4, 0xFB, 0xA0, 0x2B, 0xDA, 0x87, 0x55, 0x5F, + 0x07, 0x3D, 0xAE, 0x00, 0x51, 0x3E, 0x70, 0x80, + 0x9A, 0xBB, 0xC7, 0x11, 0xFB, 0xA2, 0xE7, 0x64, + 0x95, 0x77, 0xC4, 0x2A, 0xFD, 0xC2, 0x4B, 0xF7, + 0x41, 0x3E, 0x51, 0x26, 0x8A, 0xD6, 0xDB, 0x61, + 0x13, 0xB7, 0xD9, 0x19, 0x1A, 0xF9, 0xD0, 0x61, + 0xDB, 0xDE, 0xD5, 0xD6, 0x30, 0x87, 0x76, 0x50, + 0xC1, 0x24, 0xF1, 0x1B, 0xC4, 0xBD, 0xC3, 0xFD, + 0xC6, 0xA9, 0x00, 0xF6, 0x31, 0x26, 0xF9, 0x21, + 0xE8, 0x38, 0xAD, 0x0C, 0x22, 0x75, 0xA3, 0x38, + 0x9A, 0x39, 0xBD, 0x99, 0xA1, 0x34, 0x50, 0x45, + 0x50, 0x10, 0x1C, 0xD3, 0xE9, 0x5E, 0x6D, 0x14, + 0x96, 0xBE, 0x7D, 0xE6, 0x62, 0x7D, 0xF4, 0xFD, + 0x6C, 0x28, 0xBB, 0xF4, 0x0B, 0x30, 0xEF, 0xA9, + 0xB5, 0xC3, 0xD5, 0xC8, 0x5A, 0xB1, 0x4A, 0x65, + 0xC0, 0x2D, 0x6D, 0x47, 0x81, 0xFF, 0x13, 0xD3, + 0x28, 0x60, 0x85, 0x54, 0xB6, 0xD1, 0x5E, 0xD9, + 0x12, 0x89, 0xA6, 0xD5, 0x5A, 0xAC, 0x0C, 0x38, + 0xE3, 0x77, 0x06, 0xF7, 0x35, 0x5E, 0x9A, 0x4F, + 0xDA, 0x61, 0x5B, 0x87, 0x59, 0x26, 0xBF, 0xE5, + 0xA5, 0x9D, 0x9E, 0xF2, 0x73, 0xBF, 0x94, 0xA0, + 0x7C, 0xFA, 0x57, 0x31, 0x78, 0xF0, 0xE0, 0x04, + 0xB6, 0xE1, 0xEF, 0x0A, 0x83, 0x49, 0xE9, 0xBC, + 0xC0, 0x19, 0x81, 0xF2, 0x46, 0x0F, 0x0A, 0x27, + 0x43, 0xC2, 0x8D, 0x1E, 0x13, 0x8F, 0xFB, 0x76, + 0x5E, 0x7E, 0x33, 0x97, 0xB7, 0x91, 0x33, 0x35, + 0xD4, 0x02, 0xFE, 0x91, 0x80, 0x6A, 0xA8, 0xFC, + 0x81, 0x92, 0x53, 0xAF, 0x32, 0x69, 0x2F, 0xA6, + 0x51, 0xE8, 0x67, 0xF5, 0x90, 0x7E, 0xF4, 0x6F, + 0x00, 0x62, 0x5A, 0x03, 0x0E, 0xC9, 0x04, 0xED, + 0xAB, 0x21, 0x42, 0x6D, 0x59, 0x11, 0x9D, 0x2C, + 0xAA, 0x43, 0xBD, 0x93, 0x5D, 0xEC, 0x0A, 0x55, + 0x0C, 0x61, 0xEE, 0x4B, 0x27, 0x9C, 0x1C, 0xA3, + 0xA7, 0x9C, 0x79, 0xA6, 0x6E, 0x3F, 0x2D, 0x2F, + 0xAD, 0xB0, 0x0F, 0x59, 0xA3, 0xA4, 0x38, 0xAA, + 0x44, 0x57, 0x01, 0x06, 0x07, 0x30, 0x17, 0xFA, + 0x1C, 0x87, 0x57, 0x50, 0x01, 0x09, 0x72, 0x0D, + 0x12, 0x5B, 0xBA, 0x23, 0x1A, 0x0C, 0x36, 0x35, + 0x0C, 0x78, 0x08, 0x6D, 0xFD, 0xC8, 0xD6, 0x13, + 0xAE, 0xCA, 0x88, 0xC4, 0xCC, 0xAE, 0xB4, 0xA4, + 0x4D, 0x13, 0xAD, 0xB3, 0xC7, 0x17, 0xD6, 0x5C, + 0x82, 0xA3, 0x51, 0xB9, 0xB6, 0xEA, 0xBF, 0x6A, + 0x10, 0xF4, 0xB4, 0xE9, 0x62, 0x3E, 0x3A, 0x95, + 0xB4, 0xD4, 0x0A, 0x12, 0xA8, 0x18, 0xAC, 0x6B, + 0x38, 0x22, 0xDB, 0x82, 0xFB, 0x05, 0xDC, 0x42, + 0x02, 0x64, 0x8B, 0x44, 0x54, 0x68, 0x9A, 0xEB, + 0x69, 0xEA, 0x32, 0x5F, 0x03, 0xE3, 0x5D, 0xEF, + 0xA5, 0x47, 0x08, 0x48, 0x14, 0x20, 0xC6, 0xD6, + 0x97, 0xBB, 0x91, 0x2F, 0xCA, 0x0D, 0x3F, 0x19, + 0x2E, 0xF2, 0x97, 0xDF, 0xE7, 0x7F, 0xF3, 0x6B, + 0x21, 0x03, 0xF1, 0xAD, 0x1A, 0xEE, 0xCE, 0xD1, + 0xC8, 0x14, 0xC2, 0xCD, 0x7E, 0xF1, 0x6B, 0xCE, + 0x47, 0x6A, 0xD0, 0x4F, 0x94, 0x1A, 0xFC, 0x79, + 0xE3, 0x29, 0x54, 0x74, 0xA4, 0x10, 0x62, 0x51, + 0x8C, 0x00, 0x37, 0x86, 0x09, 0x34, 0xF0, 0xE5, + 0xE6, 0x52, 0xF7, 0x27, 0x49, 0xA6, 0x98, 0x63, + 0x2A, 0x09, 0x91, 0xF6, 0x13, 0xF5, 0xCB, 0x96, + 0xCA, 0x11, 0x78, 0xF9, 0x74, 0xF2, 0xC4, 0xAA, + 0x0C, 0xE6, 0x3D, 0xC2, 0x4E, 0x36, 0x4C, 0x92, + 0xA6, 0x43, 0xB9, 0x0A, 0x5F, 0x85, 0xA6, 0x2F, + 0xD4, 0xD8, 0xD2, 0xB1, 0x93, 0xD2, 0x9B, 0x18, + 0xBE, 0xDE, 0x26, 0x53, 0xFC, 0x5D, 0x3F, 0x24, + 0xF5, 0xB2, 0xC0, 0x18, 0xDB, 0xBC, 0xB6, 0xEF, + 0x00, 0xF3, 0x05, 0xBF, 0x93, 0x66, 0x6B, 0xD4, + 0x7F, 0xEA, 0x91, 0x93, 0xBC, 0x23, 0x3D, 0xB3, + 0x91, 0x21, 0x44, 0x2E, 0x93, 0x8D, 0xA5, 0xDD, + 0x07, 0xEE, 0x6E, 0x87, 0x9C, 0x5B, 0x9D, 0xFF, + 0x41, 0xEC, 0xEE, 0x5E, 0x05, 0x89, 0xAE, 0x61, + 0x75, 0xFF, 0x5E, 0xC6, 0xF6, 0xD2, 0x62, 0x9F, + 0x56, 0xB1, 0x8B, 0x4D, 0xE6, 0x6F, 0xCB, 0x13, + 0xDF, 0x04, 0x00, 0xA7, 0x97, 0xC9, 0x22, 0x70, + 0xF6, 0x9B, 0xDE, 0xBD, 0xDC, 0xB8, 0x8C, 0x42, + 0x48, 0x91, 0x9B, 0x56, 0xCD, 0xA7, 0x0B, 0x8A, + 0xC4, 0xF9, 0x42, 0x9C, 0x29, 0x2D, 0xA9, 0x4D, + 0x64, 0x78, 0x28, 0x07, 0x64, 0xFE, 0x23, 0x86, + 0xFC, 0x38, 0xCB, 0x09, 0x31, 0x45, 0x88, 0x39, + 0xEF, 0x4E, 0x7D, 0xE8, 0xF0, 0x68, 0x9D, 0x99, + 0x80, 0x59, 0x88, 0xC7, 0xF9, 0x61, 0x11, 0x85, + 0x2C, 0x89, 0x29, 0xE5, 0xA5, 0x40, 0xD3, 0xB7, + 0x8D, 0x71, 0x2D, 0xEC, 0xC3, 0x96, 0xFE, 0xF3, + 0xEC, 0x34, 0x40, 0x21, 0x84, 0xE4, 0xFD, 0x29, + 0xF3, 0x63, 0xEA, 0x80, 0xF6, 0xFC, 0x50, 0xBA, + 0x9A, 0x11, 0x35, 0x1A, 0xCE, 0xEA, 0x8F, 0xE6, + 0x8D, 0x54, 0x1E, 0x1A, 0xA5, 0x84, 0x8D, 0x9F, + 0x6E, 0x61, 0xDF, 0xB6, 0x2B, 0x2F, 0x23, 0xBC, + 0x50, 0x81, 0xE8, 0x2F, 0x76, 0x22, 0x6E, 0x03, + 0x28, 0x49, 0x82, 0xEC, 0x48, 0x48, 0x12, 0x09, + 0xB1, 0xA7, 0xD4, 0xC8, 0x79, 0x7E, 0x44, 0xBF, + 0xA8, 0x70, 0xB2, 0x20, 0x04, 0xDB, 0x74, 0xBD, + 0x7D, 0x47, 0x8D, 0x5B, 0x36, 0x14, 0xD2, 0xB1, + 0xDA, 0x75, 0x02, 0xB3, 0x98, 0xEB, 0x9D, 0xA8, + 0x0D, 0x06, 0x46, 0x1E, 0x90, 0xE0, 0x30, 0x60, + 0x44, 0x6A, 0xB4, 0xA8, 0x23, 0x84, 0x32, 0xBF, + 0xAF, 0x75, 0x2F, 0x39, 0x17, 0x91, 0x21, 0x4F, + 0x1E, 0x6B, 0x63, 0x59, 0x0D, 0x53, 0x60, 0x60, + 0xD1, 0xC2, 0x45, 0x30, 0x7B, 0xC5, 0xC1, 0xBA, + 0xC4, 0xAA, 0xA0, 0x99, 0xD3, 0x6B, 0xB6, 0xDC, + 0xBC, 0x97, 0x3C, 0xF2, 0xE6, 0x9F, 0x27, 0x34, + 0xD0, 0xF2, 0x9A, 0xEE, 0xC4, 0x56, 0x7B, 0x99, + 0xA1, 0x6B, 0xC1, 0x7C, 0x6C, 0xDD, 0xAC, 0xEF, + 0xE4, 0x99, 0x27, 0xFB, 0x14, 0xE7, 0xD9, 0x8D, + 0xD4, 0x26, 0x35, 0x19, 0x46, 0x9C, 0xCA, 0x3D, + 0xB4, 0x67, 0x9A, 0x68, 0xCE, 0xED, 0xA9, 0x55, + 0x59, 0x22, 0x10, 0xFC, 0x49, 0xAA, 0x5F, 0xBE, + 0x93, 0x4C, 0xC7, 0x3D, 0x84, 0xE4, 0xBA, 0x54, + 0x78, 0x00, 0x2D, 0x68, 0x90, 0x98, 0x90, 0x68, + 0xEF, 0x8F, 0xC9, 0x8C, 0x25, 0x32, 0xB8, 0x3B, + 0xF3, 0xCB, 0x9E, 0xF0, 0x28, 0x93, 0xC2, 0x15, + 0x24, 0x26, 0xB9, 0xD1, 0xA9, 0x47, 0x34, 0xDF, + 0xB4, 0xF9, 0x11, 0x35, 0x14, 0x3C, 0x9E, 0xED, + 0x18, 0xFD, 0x51, 0xAE, 0x87, 0x5D, 0x07, 0xA2, + 0x37, 0x75, 0x60, 0x6A, 0x73, 0x4F, 0xBA, 0x98, + 0xC0, 0x63, 0xB4, 0xA1, 0x62, 0x2E, 0x7F, 0xF2, + 0x1A, 0xA7, 0xE6, 0x52, 0xA3, 0xD6, 0xC1, 0x9F, + 0xE0, 0xDC, 0x67, 0x61, 0xB7, 0xD3, 0x53, 0x02, + 0xBF, 0x21, 0x4D, 0x30, 0x79, 0xF7, 0x60, 0x51, + 0x08, 0x2A, 0x87, 0x59, 0x29, 0x92, 0x0D, 0xC3, + 0xB3, 0xCB, 0x43, 0x21, 0x1A, 0x23, 0xA4, 0x3A, + 0x50, 0x33, 0x2F, 0xAF, 0x1A, 0xC2, 0x19, 0x1E, + 0x71, 0x71, 0x25, 0xF6, 0x3E, 0x25, 0x86, 0xC4, + 0xD8, 0x6D, 0xCA, 0x6B, 0xCD, 0x3D, 0x03, 0x8F, + 0x9D, 0x3A, 0x7B, 0x66, 0xCB, 0xC7, 0xDF, 0x34 +#elif !defined(WOLFSSL_NO_ML_DSA_65) + 0x30, 0x82, 0x07, 0xb2, 0x30, 0x0d, 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, + 0x12, 0x03, 0x82, 0x07, 0xa1, 0x00, + 0xD2, 0xFD, 0x03, 0xF3, 0xA1, 0xB7, 0xF6, 0x35, + 0xAF, 0x9F, 0x34, 0xD5, 0x80, 0xA9, 0x8F, 0x52, + 0x4C, 0x73, 0x5B, 0xD5, 0xBA, 0x23, 0x55, 0xDC, + 0x6E, 0x03, 0x5B, 0xD2, 0x17, 0x65, 0x58, 0x0C, + 0xBB, 0x11, 0x19, 0x23, 0xF1, 0x94, 0xA7, 0xCC, + 0x8A, 0x7B, 0xB2, 0xEB, 0xC5, 0xC0, 0xE7, 0x1A, + 0xA6, 0x37, 0xCC, 0x80, 0x0E, 0x61, 0x03, 0xB8, + 0x50, 0xA5, 0x39, 0xB2, 0xA3, 0x9E, 0x1B, 0x6D, + 0x71, 0x3E, 0x5D, 0xB8, 0x31, 0x4C, 0x9A, 0xE1, + 0xF8, 0xBF, 0x8A, 0x38, 0xF0, 0x6A, 0xFB, 0x9D, + 0x73, 0xB1, 0x61, 0xB0, 0xFF, 0xE3, 0xA4, 0x89, + 0x17, 0x06, 0xAE, 0x26, 0xD5, 0x4F, 0xFB, 0x49, + 0x6D, 0xF8, 0xDC, 0x0F, 0x19, 0x83, 0x50, 0x95, + 0x00, 0xC9, 0xAB, 0xBD, 0x28, 0xE5, 0x9B, 0x3F, + 0xCD, 0xAB, 0xBD, 0xAD, 0xAB, 0xD4, 0x5E, 0xC3, + 0x14, 0x99, 0x37, 0x8B, 0xDE, 0x84, 0x9E, 0x7C, + 0x1F, 0x19, 0xB7, 0x04, 0x4D, 0x67, 0xE0, 0x51, + 0x06, 0xD7, 0x13, 0x6D, 0x95, 0x38, 0x0D, 0x56, + 0x05, 0xD4, 0x46, 0x5D, 0x87, 0x75, 0x57, 0x06, + 0x5D, 0xF0, 0xA7, 0x5D, 0x3C, 0x28, 0x54, 0x2F, + 0x40, 0xFE, 0xED, 0x42, 0xEC, 0x7E, 0x28, 0x06, + 0x37, 0xB0, 0x83, 0xD9, 0x88, 0xBC, 0xA5, 0xF6, + 0x39, 0x4E, 0x02, 0x39, 0x6C, 0x46, 0x76, 0x18, + 0x4F, 0xB6, 0x33, 0x18, 0xDA, 0xFA, 0xF5, 0xBB, + 0xDD, 0xE0, 0x0E, 0x30, 0x8F, 0xE8, 0x40, 0x19, + 0xC2, 0x34, 0x0A, 0x3F, 0x3E, 0x1C, 0x08, 0x65, + 0x62, 0x49, 0x70, 0x71, 0x12, 0x83, 0x35, 0x6A, + 0xE1, 0x4B, 0xD6, 0xB9, 0x4D, 0x1C, 0x9A, 0xE1, + 0x88, 0xDE, 0x1A, 0x8A, 0x2C, 0xA8, 0x24, 0xA8, + 0xEA, 0xE2, 0xFE, 0x6A, 0xFB, 0x38, 0xD8, 0x3A, + 0x2D, 0x99, 0x99, 0x6A, 0xB2, 0x1F, 0xE3, 0xE8, + 0x4C, 0x0B, 0xE6, 0xB6, 0xDA, 0x08, 0x87, 0x9B, + 0x67, 0x73, 0x74, 0xFA, 0x7C, 0x69, 0x1B, 0x13, + 0xD4, 0x0F, 0xA9, 0xD4, 0xCC, 0x26, 0xB2, 0x28, + 0x8D, 0x5A, 0x8C, 0x9A, 0x43, 0x72, 0x43, 0x81, + 0x00, 0x4D, 0x61, 0xB0, 0xD5, 0x7F, 0xF4, 0x00, + 0x31, 0x4C, 0x8E, 0x30, 0xEE, 0x79, 0x6A, 0xF1, + 0x0F, 0x7E, 0xE2, 0x1B, 0xF1, 0x3D, 0x08, 0x18, + 0x04, 0x65, 0xAB, 0xC7, 0x2E, 0xDD, 0xB0, 0x80, + 0xC6, 0xA0, 0x71, 0x84, 0xE3, 0xEE, 0xDC, 0x47, + 0xC1, 0x9A, 0xA7, 0xF0, 0x9D, 0x1F, 0x33, 0x09, + 0xE1, 0x83, 0xA2, 0xBD, 0x9B, 0x05, 0x73, 0xDD, + 0xE4, 0x74, 0xA8, 0x1B, 0xA4, 0xF7, 0x8D, 0x0C, + 0x52, 0x3D, 0x0C, 0x04, 0xF9, 0x00, 0x60, 0xFD, + 0x57, 0x1A, 0x35, 0xC0, 0x37, 0xE0, 0x79, 0xC5, + 0xE2, 0x10, 0xD7, 0x39, 0x0D, 0xF5, 0x68, 0xF2, + 0xE2, 0xF0, 0x3C, 0xE4, 0x44, 0x20, 0xC8, 0x2F, + 0x3F, 0xE6, 0x9E, 0xB9, 0xB4, 0x8E, 0xE9, 0x09, + 0x62, 0xD6, 0xB0, 0xF2, 0x44, 0x40, 0x64, 0x8F, + 0x71, 0xED, 0xB2, 0x41, 0xEE, 0x65, 0x66, 0xFC, + 0x1A, 0x64, 0xCA, 0xBF, 0x66, 0xBE, 0x6F, 0xEC, + 0xBC, 0xB1, 0x38, 0x7C, 0x82, 0xA7, 0xBC, 0x20, + 0x2D, 0x9E, 0x36, 0x79, 0x98, 0xE2, 0xA2, 0x91, + 0xAF, 0x0C, 0xD1, 0x57, 0x06, 0x77, 0xFE, 0x8D, + 0x63, 0xA3, 0x28, 0x5A, 0x2E, 0xA6, 0xEB, 0x29, + 0xAF, 0x9D, 0xC1, 0xAE, 0xC1, 0xC3, 0x6C, 0x47, + 0x06, 0xB1, 0x2B, 0xAA, 0x20, 0x83, 0x96, 0x92, + 0xF2, 0x86, 0xA6, 0xE0, 0x32, 0x14, 0x68, 0xF7, + 0x47, 0x93, 0x45, 0xC4, 0xD5, 0x2F, 0xBD, 0xB2, + 0xF0, 0x67, 0x25, 0xB5, 0x54, 0xB8, 0x9E, 0x24, + 0x92, 0x61, 0x26, 0x81, 0xAC, 0xEB, 0xC6, 0xC7, + 0xBA, 0xDA, 0x92, 0x25, 0x81, 0x8D, 0xBC, 0x35, + 0xD6, 0x4C, 0x22, 0xC4, 0x8B, 0xFF, 0x80, 0xA7, + 0x30, 0xD0, 0x71, 0x6D, 0xFA, 0xC9, 0x9D, 0xFD, + 0x5B, 0x89, 0x92, 0x61, 0x1D, 0x0C, 0x93, 0xEE, + 0x90, 0xBD, 0xB2, 0x60, 0x02, 0x2A, 0xFE, 0x25, + 0xD9, 0x13, 0xE0, 0x6E, 0xFF, 0xB5, 0x9C, 0xB1, + 0xF8, 0xA6, 0x0C, 0xBF, 0xA5, 0xAB, 0x2F, 0x45, + 0x9A, 0x16, 0xF4, 0x67, 0xE9, 0x89, 0x52, 0x5E, + 0x0A, 0x37, 0xEB, 0xE5, 0x6E, 0x83, 0x3F, 0xDE, + 0x55, 0xDB, 0x9D, 0x15, 0x30, 0xAD, 0xCF, 0x45, + 0x84, 0x6D, 0xF2, 0x81, 0xE4, 0x7C, 0xAA, 0x1E, + 0x0A, 0x27, 0xEF, 0xDE, 0x21, 0x07, 0xD3, 0x54, + 0xCE, 0xA0, 0xF6, 0xA4, 0x54, 0x69, 0x2F, 0x04, + 0xCD, 0x83, 0x8E, 0xBD, 0xD4, 0x6E, 0x19, 0x1E, + 0x5D, 0x9C, 0x11, 0x83, 0x9A, 0x2C, 0x3F, 0x48, + 0x8A, 0x4F, 0xC7, 0xCD, 0x26, 0x5A, 0x7B, 0x5D, + 0x32, 0xB0, 0x8C, 0xBD, 0xBF, 0xAB, 0x9D, 0x2C, + 0xCD, 0x76, 0x22, 0x2C, 0x8E, 0xE3, 0x7D, 0xDC, + 0xBD, 0x2A, 0xA0, 0x63, 0xED, 0x86, 0x14, 0x73, + 0xA6, 0x45, 0x4C, 0xAE, 0xA3, 0x77, 0x85, 0x0B, + 0x1A, 0x2B, 0x9D, 0xDB, 0xBC, 0xB3, 0x74, 0xFA, + 0xB5, 0xB1, 0x2F, 0x35, 0x1C, 0x8E, 0x58, 0x88, + 0x87, 0x2E, 0x5C, 0xD1, 0xF6, 0x0A, 0x4F, 0xAE, + 0x1F, 0xF8, 0x37, 0xD1, 0x92, 0xC2, 0x2B, 0xEB, + 0x41, 0xEE, 0x6F, 0xA3, 0x92, 0xFC, 0xDF, 0x45, + 0x50, 0xFF, 0x46, 0xB5, 0xCE, 0x90, 0x6D, 0x01, + 0x7E, 0xF3, 0x07, 0x7D, 0xF1, 0x32, 0x30, 0x0D, + 0x8B, 0xBF, 0xA9, 0xBB, 0x03, 0xC7, 0x5E, 0x79, + 0xE2, 0xF0, 0x4C, 0x28, 0x4A, 0xD0, 0x6A, 0x44, + 0x39, 0x96, 0x49, 0xC3, 0xE2, 0xA2, 0xA8, 0xD1, + 0xEF, 0xE9, 0xB7, 0xA4, 0xE0, 0xC2, 0x71, 0x04, + 0x7A, 0xB7, 0x59, 0x08, 0xBF, 0xF7, 0xDF, 0x9E, + 0x30, 0xEC, 0xA5, 0x47, 0x74, 0x5B, 0xAE, 0x23, + 0xA8, 0x6F, 0xF9, 0xA8, 0xB5, 0x8C, 0x25, 0x38, + 0xB8, 0x8B, 0x86, 0x64, 0x01, 0x07, 0x69, 0x02, + 0xDC, 0x5F, 0x0B, 0xD7, 0x61, 0x68, 0x7B, 0x49, + 0xEA, 0xFE, 0x36, 0xD3, 0x50, 0xCB, 0xED, 0xFD, + 0xD3, 0x6C, 0x12, 0x1C, 0xF2, 0x37, 0x86, 0xBF, + 0xCF, 0x7E, 0x47, 0x07, 0x64, 0x96, 0xEA, 0xB6, + 0xBB, 0xDA, 0x77, 0x40, 0x49, 0xC2, 0xEB, 0xAB, + 0xE2, 0xDE, 0x99, 0xC4, 0xC2, 0x4F, 0x2D, 0xB7, + 0x36, 0x84, 0x01, 0x5B, 0x37, 0x39, 0x77, 0x49, + 0x67, 0x60, 0xCF, 0x9A, 0xC2, 0x3D, 0x8B, 0x62, + 0x31, 0x33, 0xDB, 0x2D, 0xE1, 0x0D, 0x73, 0xFA, + 0x6A, 0xD1, 0xC6, 0xDA, 0xC8, 0x43, 0x4F, 0x28, + 0xC6, 0xE2, 0x51, 0xCE, 0x72, 0x93, 0xCF, 0xF3, + 0xF3, 0xB6, 0x1E, 0xFC, 0xB5, 0xA4, 0x35, 0x12, + 0x36, 0x70, 0xF2, 0x98, 0x46, 0xA1, 0x3D, 0xF3, + 0xEE, 0x71, 0x26, 0x04, 0x46, 0x1F, 0x1B, 0xAB, + 0x8F, 0x4E, 0xBC, 0x83, 0x6D, 0xE0, 0x58, 0x97, + 0x8A, 0xE7, 0x34, 0x39, 0x6A, 0x98, 0x08, 0x1B, + 0x35, 0xCC, 0x98, 0x18, 0x8A, 0x86, 0x94, 0x9C, + 0x99, 0x27, 0x0D, 0x47, 0x09, 0x85, 0x4C, 0x5B, + 0x35, 0xB1, 0x7F, 0x48, 0xA3, 0x73, 0x13, 0x4C, + 0x81, 0x4C, 0xC8, 0xA0, 0xF3, 0xE2, 0xFA, 0x80, + 0x7F, 0x2A, 0x91, 0x85, 0x30, 0x90, 0x78, 0x64, + 0x77, 0x82, 0x82, 0xD7, 0x5E, 0x03, 0xA4, 0x1B, + 0x25, 0x04, 0xEE, 0xD8, 0x16, 0xA4, 0x17, 0xA3, + 0xAC, 0x6B, 0xA1, 0x60, 0x80, 0xC3, 0x9B, 0x73, + 0x10, 0x19, 0x20, 0x02, 0xA7, 0x28, 0xF7, 0xF2, + 0x03, 0x95, 0x00, 0x9A, 0x9E, 0x16, 0x76, 0x7C, + 0xE1, 0x97, 0x1F, 0x5D, 0xE7, 0xD2, 0x29, 0xA5, + 0x06, 0x13, 0x36, 0x9E, 0x43, 0x82, 0x04, 0x5A, + 0x8E, 0x81, 0x90, 0x1F, 0x4D, 0xBA, 0x81, 0x02, + 0xF3, 0xD4, 0x13, 0xFE, 0x35, 0xB3, 0x26, 0xA8, + 0x74, 0xF2, 0x33, 0xB7, 0x19, 0xA7, 0x13, 0x76, + 0x00, 0xD3, 0x5D, 0x33, 0xAE, 0xB6, 0xB7, 0x25, + 0x96, 0x24, 0x08, 0x3A, 0xA9, 0x68, 0x73, 0x0C, + 0x8F, 0x78, 0x29, 0x2A, 0xD2, 0x8F, 0x14, 0xEE, + 0xAB, 0xE6, 0x60, 0x83, 0x59, 0x84, 0xFE, 0x69, + 0xEF, 0x23, 0xDE, 0xC8, 0xC3, 0x27, 0xC0, 0xEB, + 0x0B, 0x88, 0x2D, 0x58, 0x7E, 0x1E, 0xC4, 0x33, + 0xDA, 0x85, 0xC9, 0xFD, 0x1E, 0x0A, 0x34, 0x99, + 0x4D, 0xEA, 0x24, 0x0C, 0x85, 0x44, 0x52, 0xD1, + 0x8C, 0x30, 0xF4, 0x96, 0xE4, 0x9E, 0xC9, 0x04, + 0xB6, 0x02, 0xE0, 0xF5, 0x06, 0x2E, 0xDC, 0xDA, + 0x03, 0x28, 0x0A, 0x53, 0xB4, 0x31, 0x35, 0x74, + 0xCC, 0x2C, 0x0D, 0x54, 0x71, 0xBC, 0x96, 0x13, + 0xBD, 0xFD, 0x66, 0x41, 0xF5, 0xBD, 0x12, 0x7B, + 0xAB, 0x5B, 0x5E, 0xB3, 0xD4, 0x99, 0xA3, 0x31, + 0x14, 0x04, 0x82, 0x20, 0xE8, 0x19, 0xF8, 0xEE, + 0x12, 0xCA, 0x92, 0x2C, 0x8F, 0x17, 0xD9, 0xC9, + 0xF5, 0x1A, 0xD5, 0xBD, 0x68, 0x83, 0xB1, 0x0E, + 0x6A, 0xA2, 0x48, 0x3B, 0xA4, 0x9D, 0xC5, 0x47, + 0xDA, 0x76, 0x86, 0x15, 0x13, 0x44, 0xF4, 0xE9, + 0x09, 0x9B, 0x38, 0xE4, 0x30, 0xB5, 0x22, 0x6B, + 0x05, 0x98, 0x32, 0xCF, 0x03, 0xDB, 0x48, 0xFB, + 0x02, 0xDB, 0xA4, 0xE6, 0x15, 0x93, 0xDC, 0x45, + 0x76, 0x36, 0x04, 0x91, 0x89, 0x0E, 0x53, 0xEC, + 0x0E, 0x6A, 0xC7, 0x3C, 0xF3, 0x2B, 0x25, 0xD8, + 0x23, 0xB3, 0x84, 0x56, 0xE2, 0x86, 0x50, 0x5A, + 0x54, 0x1E, 0x5A, 0xEE, 0xE9, 0x6B, 0x19, 0x14, + 0xF5, 0xF7, 0x66, 0x87, 0xCE, 0x2B, 0x01, 0x60, + 0x22, 0x7A, 0xBE, 0xD7, 0x79, 0x93, 0x59, 0x4B, + 0xCD, 0x83, 0x13, 0x66, 0x20, 0x6D, 0x75, 0x71, + 0x40, 0x82, 0xF1, 0xC4, 0x6F, 0x1F, 0x44, 0x39, + 0xAC, 0x81, 0xA5, 0x7A, 0xF3, 0x1C, 0x81, 0xC5, + 0x55, 0x30, 0x7A, 0x07, 0x0F, 0xFA, 0x94, 0xE0, + 0x47, 0x9B, 0x78, 0x4B, 0xBD, 0x88, 0xA6, 0x0C, + 0xD4, 0xC7, 0xCF, 0xD9, 0x4E, 0x6A, 0xFE, 0x02, + 0xF6, 0xB2, 0x1F, 0x72, 0xAF, 0x0D, 0xCD, 0x66, + 0x09, 0xD4, 0x0C, 0x96, 0x5C, 0x14, 0xE5, 0xF2, + 0x38, 0x91, 0x83, 0xE5, 0x3D, 0xE9, 0x30, 0xF7, + 0xDE, 0x1D, 0x44, 0x21, 0x5C, 0xF4, 0x91, 0x44, + 0x84, 0x4E, 0x8B, 0x87, 0xF7, 0x8A, 0x7F, 0x13, + 0x2A, 0xEF, 0xE2, 0x2B, 0xE8, 0x0B, 0x4E, 0x3A, + 0x05, 0xEE, 0x3A, 0x68, 0xCC, 0xF6, 0x09, 0xEF, + 0x44, 0x04, 0x74, 0x02, 0xE4, 0x49, 0x30, 0x46, + 0xE6, 0xF9, 0xC7, 0x67, 0xFF, 0x8A, 0x75, 0xE2, + 0x8B, 0x3C, 0xE0, 0x77, 0xFD, 0xE7, 0xE7, 0xEE, + 0xD3, 0x13, 0xB5, 0xBF, 0x7E, 0x46, 0x01, 0x27, + 0xCA, 0x81, 0x82, 0xE9, 0xBC, 0x79, 0x4C, 0x0D, + 0xFA, 0x73, 0x0F, 0xB9, 0x20, 0x08, 0x05, 0x75, + 0xA7, 0x51, 0xB5, 0xCA, 0xEC, 0x85, 0xA1, 0x09, + 0xB4, 0x42, 0x2B, 0xA2, 0x66, 0x74, 0x3F, 0x0D, + 0x03, 0x2B, 0xDA, 0x8F, 0x1C, 0xA6, 0x24, 0x8C, + 0xDB, 0x91, 0x75, 0x30, 0xDF, 0x13, 0x02, 0xA5, + 0xF8, 0xC1, 0x8D, 0xC6, 0x42, 0xD5, 0x24, 0x78, + 0xC9, 0x8C, 0x12, 0xA3, 0xF1, 0x6E, 0xF2, 0xB6, + 0x2B, 0x4F, 0x59, 0xEA, 0x1B, 0xB5, 0x8D, 0xE7, + 0xB6, 0x5B, 0x3C, 0x71, 0x53, 0xCE, 0x6D, 0xA5, + 0xE4, 0x95, 0x07, 0x46, 0xF8, 0x0E, 0x08, 0x7A, + 0x0E, 0x35, 0x86, 0xD0, 0x97, 0x79, 0x1B, 0xF3, + 0x6D, 0xEF, 0x86, 0x5D, 0x68, 0x59, 0x1D, 0x39, + 0xD0, 0x90, 0x37, 0x73, 0xEE, 0xA9, 0x62, 0x14, + 0x7F, 0x34, 0x70, 0x41, 0x38, 0xB5, 0x4D, 0xF7, + 0x92, 0x4C, 0xDD, 0x8C, 0x33, 0x3D, 0xB5, 0xE1, + 0xA4, 0x09, 0xCC, 0xB2, 0xB3, 0x4E, 0x2C, 0x3C, + 0x8C, 0x7F, 0xDD, 0x3F, 0xD8, 0xD0, 0x12, 0xCB, + 0xF3, 0x82, 0xAA, 0xA8, 0x5E, 0x83, 0xA1, 0x2F, + 0x23, 0x5A, 0x2D, 0x14, 0x7D, 0x03, 0x5B, 0x7B, + 0x28, 0xB3, 0x4B, 0x6F, 0x57, 0x94, 0x9F, 0x32, + 0x24, 0x82, 0xA7, 0xD4, 0xD3, 0xB1, 0x50, 0x45, + 0xC4, 0x20, 0xD5, 0xAD, 0xDC, 0x7F, 0x0E, 0x69, + 0xB4, 0xDC, 0x1C, 0xBA, 0x58, 0xB0, 0x1D, 0x87, + 0x24, 0x80, 0xB0, 0x6A, 0x26, 0x0D, 0x82, 0x7D, + 0x89, 0x1B, 0x13, 0xC4, 0xC5, 0xCA, 0x50, 0xC7, + 0x48, 0xDE, 0x3C, 0x77, 0x1B, 0xE6, 0x1E, 0x9A, + 0xA1, 0x70, 0x16, 0x5C, 0xB0, 0x1F, 0x4B, 0xF5, + 0xDA, 0x27, 0xA7, 0x79, 0x1D, 0x3A, 0xD3, 0xF6, + 0x26, 0x7B, 0x4C, 0xB4, 0xE6, 0x1B, 0x28, 0xFA, + 0x17, 0x08, 0x41, 0x8D, 0x93, 0x2D, 0xFC, 0x41, + 0x61, 0x88, 0x0C, 0x5D, 0x3B, 0x17, 0xA9, 0x66, + 0x3A, 0x90, 0x61, 0xFA, 0x8F, 0x18, 0x04, 0x31, + 0x58, 0x50, 0xFE, 0x4E, 0x73, 0x06, 0xC8, 0x82, + 0xB3, 0x82, 0x27, 0xE8, 0x67, 0xF8, 0x08, 0x72, + 0xCD, 0xC1, 0x94, 0x4D, 0x47, 0x26, 0x15, 0xEA, + 0x49, 0x00, 0xEF, 0x7D, 0x27, 0x0B, 0x88, 0x1D, + 0x41, 0x30, 0xF5, 0x6C, 0x5C, 0xC9, 0x80, 0xD9, + 0x2A, 0x47, 0xAD, 0xA6, 0x65, 0x7E, 0xB6, 0xF3, + 0x7A, 0x38, 0x5D, 0x2D, 0x8C, 0xC9, 0x93, 0xE1, + 0x44, 0x2E, 0xB0, 0x52, 0x81, 0x85, 0x36, 0x36, + 0x99, 0x1E, 0x34, 0xAA, 0xDC, 0x68, 0x95, 0x4D, + 0x04, 0xE7, 0xAD, 0xEF, 0x76, 0xBF, 0x88, 0x0F, + 0x05, 0x9B, 0x0C, 0xBB, 0x55, 0xD9, 0x15, 0xA4, + 0xB1, 0x23, 0xE2, 0xF1, 0x33, 0x9A, 0x07, 0x3C, + 0xBF, 0xBC, 0x40, 0x9B, 0xEF, 0xF6, 0x40, 0x0A, + 0xE0, 0x96, 0xD5, 0xAE, 0x18, 0xEC, 0x42, 0xCF, + 0xFA, 0xD5, 0xB4, 0x98, 0x0F, 0xA3, 0x5B, 0xF0, + 0x34, 0x13, 0xAD, 0xB5, 0xD7, 0xE6, 0x87, 0x6A, + 0xC3, 0x55, 0xD1, 0xC9, 0xED, 0x70, 0xCA, 0x2B, + 0x97, 0x39, 0x54, 0xD1, 0x2B, 0x3C, 0xDD, 0x76, + 0xAC, 0x68, 0x35, 0xDB, 0x96, 0x00, 0x3E, 0xD8, + 0xC4, 0xE2, 0x88, 0xB7, 0x1F, 0xD7, 0x7D, 0xBA, + 0xA7, 0x63, 0x57, 0x20, 0xE1, 0x2A, 0xE0, 0xA3, + 0x17, 0xDE, 0x80, 0x8C, 0x66, 0x4E, 0x31, 0x7F, + 0x55, 0x27, 0x57, 0x91, 0xF3, 0x24, 0x5C, 0xA4, + 0xFE, 0x5D, 0x4D, 0x41, 0x07, 0x7F, 0xC1, 0x50, + 0xA6, 0xE4, 0x03, 0xD5, 0xA2, 0x08, 0xE4, 0x6E, + 0xAD, 0xBE, 0x8F, 0x2C, 0xFB, 0x8A, 0xF4, 0x72, + 0xF4, 0xA0, 0xCE, 0xAC, 0x01, 0x52, 0x19, 0x47, + 0x8E, 0x6B, 0x86, 0xC9, 0x58, 0xCF, 0x86, 0x52, + 0x5B, 0x74, 0x85, 0xC1, 0x73, 0x4C, 0x7E, 0xF0, + 0x0E, 0x90, 0x68, 0x3F, 0xFF, 0x5D, 0xBD, 0x0A, + 0x7D, 0x41, 0x3A, 0x85, 0x50, 0x21, 0x02, 0x6A, + 0x1B, 0x32, 0x01, 0x3A, 0x46, 0x16, 0xCB, 0xCD, + 0x37, 0x00, 0xAC, 0xBC, 0x70, 0x5B, 0xE3, 0xEF, + 0xBA, 0x62, 0x5C, 0x69, 0xA0, 0x25, 0x26, 0x7B, + 0xCE, 0x9D, 0x13, 0x5E, 0x3F, 0x5B, 0x5C, 0xC8, + 0xC4, 0x39, 0x56, 0x40, 0x7E, 0x84, 0xB6, 0x66, + 0x31, 0x03, 0xE2, 0x9C, 0x24, 0x20, 0x35, 0x55, + 0x1A, 0xE7, 0x97, 0xF5, 0x6C, 0x63, 0x74, 0xBE, + 0x0C, 0x79, 0x8C, 0x0C, 0xF3, 0x98, 0xF1, 0xED +#else + 0x30, 0x82, 0x0a, 0x32, 0x30, 0x0d, 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, + 0x13, 0x03, 0x82, 0x0a, 0x21, 0x00, + 0x69, 0x24, 0xBB, 0x42, 0x57, 0xA7, 0xB9, 0xAF, + 0xF0, 0x95, 0xC3, 0x0B, 0xB3, 0x5C, 0x6A, 0xE4, + 0x19, 0x82, 0x63, 0x12, 0x0F, 0x80, 0x39, 0xAA, + 0x4E, 0x78, 0xE1, 0x74, 0xA7, 0x86, 0xCE, 0x00, + 0x83, 0x01, 0xE6, 0x66, 0xF5, 0x9D, 0x3E, 0xC5, + 0x04, 0x4D, 0xE4, 0x56, 0x78, 0x8F, 0xDE, 0x19, + 0xEB, 0x39, 0x67, 0x7B, 0x5F, 0x9F, 0xE1, 0x41, + 0x50, 0xDA, 0x46, 0x3A, 0x70, 0x6F, 0x3B, 0xAF, + 0x71, 0x5B, 0x95, 0x33, 0x6B, 0x2D, 0x68, 0x5A, + 0x7C, 0xD7, 0x88, 0x07, 0x13, 0xE4, 0x58, 0x7B, + 0xF7, 0xD8, 0x57, 0xBF, 0x7E, 0x31, 0x56, 0x96, + 0xB8, 0xD0, 0xD9, 0xD4, 0x9E, 0x14, 0x29, 0x18, + 0xBF, 0x09, 0x74, 0xE7, 0xF4, 0x32, 0x37, 0xD4, + 0xBE, 0x3A, 0xD3, 0x94, 0x59, 0x9E, 0x3D, 0x39, + 0xBB, 0x76, 0x49, 0x93, 0x25, 0x53, 0x44, 0x7E, + 0x5D, 0x5A, 0xCC, 0x34, 0x99, 0x93, 0x01, 0x76, + 0xEC, 0xD3, 0xA8, 0x44, 0xA4, 0x25, 0xF5, 0x0D, + 0x05, 0x11, 0xC9, 0x22, 0x6C, 0x4B, 0x9A, 0x24, + 0xF2, 0xA0, 0x11, 0xCD, 0x88, 0xD3, 0x23, 0x08, + 0xE0, 0x31, 0x2A, 0x0C, 0x87, 0xCC, 0x34, 0xA9, + 0x95, 0x82, 0x3C, 0x65, 0xF4, 0xF0, 0xF9, 0x8E, + 0x50, 0xC3, 0x77, 0x88, 0xCE, 0x38, 0xDC, 0x28, + 0xFB, 0x8B, 0x9B, 0xFA, 0xAF, 0xA9, 0x04, 0xB5, + 0x41, 0xEE, 0x71, 0x2F, 0x6A, 0x04, 0x1E, 0x06, + 0x11, 0x37, 0x4F, 0x6B, 0xF1, 0x7E, 0xAC, 0x0B, + 0xD5, 0x6F, 0x3B, 0x6B, 0xF3, 0x36, 0xDA, 0x92, + 0x42, 0x07, 0x0C, 0x24, 0x69, 0xA2, 0x0C, 0x4D, + 0x16, 0x16, 0x14, 0x9A, 0x61, 0x59, 0x25, 0x20, + 0x11, 0xD2, 0x99, 0xF9, 0x3F, 0x98, 0x6D, 0x87, + 0x5D, 0xD3, 0x0B, 0x38, 0xA2, 0x25, 0x49, 0x17, + 0x45, 0x70, 0x13, 0x8C, 0x2B, 0xB3, 0xAA, 0x9C, + 0xBE, 0xA9, 0x19, 0x74, 0xF3, 0xD8, 0x9B, 0xF5, + 0xAE, 0x32, 0xBE, 0x9E, 0x58, 0xB8, 0x54, 0xA2, + 0xF8, 0xE8, 0x6F, 0xF7, 0x67, 0x80, 0xC0, 0x34, + 0x90, 0xF4, 0x67, 0xDB, 0x06, 0x51, 0xC2, 0x0B, + 0x1D, 0xF6, 0x0E, 0xB9, 0x7A, 0x3C, 0x99, 0xD9, + 0xBD, 0x66, 0x4B, 0xE6, 0xA5, 0xE4, 0xC8, 0xA8, + 0xAD, 0x4C, 0xC3, 0x63, 0x90, 0xD7, 0x00, 0x4E, + 0x4B, 0xB4, 0x21, 0xDA, 0xED, 0x65, 0x4C, 0x35, + 0x7D, 0xA4, 0xD6, 0x84, 0x98, 0x93, 0x3E, 0xC7, + 0x17, 0x77, 0xAD, 0x64, 0xC2, 0xAE, 0x01, 0x3C, + 0x73, 0xEB, 0x45, 0x7C, 0x68, 0xEF, 0x9A, 0x74, + 0x5A, 0xDE, 0xEB, 0x4F, 0xDF, 0xC8, 0x79, 0xE7, + 0x74, 0xD0, 0x3F, 0xAF, 0x6B, 0x14, 0xAA, 0xB1, + 0x07, 0x52, 0xE2, 0x4B, 0x52, 0xD0, 0xF2, 0xD9, + 0x4D, 0x54, 0x0A, 0x1E, 0xBE, 0x10, 0xF5, 0x97, + 0xE5, 0x14, 0x44, 0x2D, 0x6C, 0x13, 0xC2, 0xE2, + 0x49, 0x8E, 0x8A, 0xF3, 0x01, 0x7C, 0x52, 0xDB, + 0x23, 0x3A, 0x90, 0x71, 0x7D, 0xF2, 0x5B, 0x4D, + 0x07, 0x2B, 0x7D, 0x88, 0xEE, 0x87, 0x31, 0xD1, + 0x68, 0x24, 0xC9, 0x5D, 0x1F, 0xB9, 0x83, 0xC4, + 0x49, 0xDE, 0xB4, 0x66, 0x27, 0x60, 0x60, 0xFE, + 0xE4, 0xC7, 0xEE, 0x38, 0x14, 0x51, 0xF2, 0x32, + 0xC2, 0x9C, 0x7C, 0x32, 0x20, 0x85, 0x0C, 0x61, + 0xD1, 0xC3, 0xC0, 0x0D, 0xB1, 0xCD, 0x97, 0x26, + 0xA0, 0x2A, 0x56, 0x60, 0x9F, 0x3A, 0x65, 0xD3, + 0xD1, 0x64, 0x60, 0x45, 0x88, 0xCD, 0x9B, 0x43, + 0x14, 0x12, 0xF1, 0xAD, 0xD9, 0x14, 0xC5, 0xC2, + 0xDA, 0xBB, 0xC9, 0x04, 0x67, 0xC0, 0xC4, 0xEA, + 0x5F, 0x76, 0xE2, 0x4A, 0xA6, 0x18, 0x76, 0x5F, + 0x8B, 0x06, 0x36, 0xD7, 0xB0, 0x65, 0xE1, 0xF4, + 0xE6, 0xF6, 0x22, 0xEA, 0xE1, 0x71, 0x52, 0x45, + 0x8C, 0x76, 0x65, 0x86, 0x77, 0x2D, 0x36, 0x3F, + 0xA9, 0x92, 0x14, 0xF4, 0x72, 0xB0, 0xDB, 0x8A, + 0x1E, 0x49, 0xD8, 0x2D, 0x02, 0x78, 0xF2, 0x95, + 0x8B, 0x0A, 0xAA, 0x15, 0x86, 0xDB, 0x13, 0x4B, + 0xDF, 0xD2, 0x43, 0x87, 0x42, 0x49, 0x50, 0x07, + 0xE2, 0xFE, 0x5B, 0x60, 0xE2, 0x46, 0x39, 0x92, + 0x26, 0x94, 0x7A, 0x12, 0xEA, 0x17, 0x63, 0x1C, + 0xAA, 0x53, 0x46, 0x87, 0xCB, 0x75, 0xC0, 0x60, + 0xB4, 0x79, 0x7E, 0xAB, 0x82, 0x77, 0xCC, 0x4F, + 0x8A, 0x7A, 0x20, 0x38, 0x76, 0x06, 0xEF, 0xE2, + 0xDB, 0xD3, 0xE7, 0x36, 0x24, 0x92, 0x77, 0xD9, + 0x0F, 0xCA, 0xB9, 0x92, 0xA8, 0xC9, 0x9E, 0x85, + 0xAB, 0x03, 0xEB, 0x4C, 0xAC, 0x5D, 0x88, 0x55, + 0x39, 0x58, 0x52, 0x8A, 0xF9, 0x29, 0x74, 0x71, + 0x81, 0x35, 0xF1, 0xD0, 0xC7, 0x93, 0xEB, 0x00, + 0x0E, 0xA0, 0xAE, 0xC3, 0xEC, 0x18, 0x58, 0xFD, + 0xD1, 0x86, 0x88, 0xD1, 0xDA, 0x27, 0x27, 0x8D, + 0xEB, 0xF2, 0xCA, 0x81, 0x10, 0xBA, 0x4A, 0x20, + 0x4F, 0x79, 0x30, 0xE1, 0xC8, 0xCE, 0xEC, 0xAF, + 0xB7, 0x3F, 0x75, 0xDD, 0xB3, 0x4C, 0x5C, 0x55, + 0x96, 0x8A, 0x79, 0x33, 0x05, 0x84, 0x26, 0xB5, + 0x5D, 0x03, 0x9F, 0x72, 0x92, 0xAC, 0x43, 0xF6, + 0x45, 0x84, 0xF6, 0xDF, 0x18, 0x7A, 0x1D, 0x6B, + 0x00, 0x3F, 0x51, 0x4C, 0xC1, 0x3B, 0x26, 0xC2, + 0xF3, 0x48, 0x19, 0x5A, 0xA3, 0x21, 0xDE, 0x6A, + 0x27, 0xEC, 0x11, 0x34, 0x8D, 0xE5, 0x0D, 0x82, + 0x5A, 0x29, 0x64, 0xC6, 0x31, 0x99, 0x2E, 0x4B, + 0x0B, 0x42, 0x5B, 0x1B, 0xEB, 0x4F, 0x96, 0x00, + 0xE3, 0xAD, 0xC4, 0x43, 0x1C, 0xF2, 0xE8, 0x8B, + 0x42, 0x23, 0xD2, 0xDB, 0x66, 0x3C, 0x3C, 0xE7, + 0x0E, 0xF8, 0x5D, 0xDD, 0x56, 0xA9, 0xBA, 0xF1, + 0x38, 0xA9, 0xD7, 0xED, 0xD8, 0x94, 0x13, 0x1C, + 0x3A, 0x8F, 0x41, 0xA0, 0x4E, 0xF9, 0xF8, 0x67, + 0x52, 0xB7, 0x21, 0x81, 0xFA, 0xBB, 0x37, 0xC8, + 0x6B, 0x87, 0x7E, 0x61, 0xD6, 0x0E, 0xED, 0x95, + 0xEE, 0xFF, 0xAB, 0xE6, 0x37, 0x6E, 0x14, 0xAC, + 0xA8, 0x17, 0xC5, 0xF4, 0x19, 0x61, 0xAF, 0x8A, + 0x78, 0x49, 0xBA, 0xC0, 0x94, 0x91, 0x7B, 0x2D, + 0x13, 0x22, 0x76, 0xB6, 0xB3, 0x48, 0x6A, 0xFF, + 0x95, 0x0D, 0x23, 0xD4, 0xAA, 0xDC, 0x24, 0xCE, + 0x98, 0xA5, 0x26, 0x9E, 0x1C, 0x69, 0x91, 0x79, + 0x60, 0xA3, 0x1E, 0xE0, 0x9A, 0x52, 0x7C, 0x35, + 0x81, 0x75, 0xCA, 0xA0, 0xCB, 0x1B, 0x01, 0x8E, + 0x95, 0x26, 0xD9, 0x35, 0x34, 0xEA, 0xDB, 0xAC, + 0xB5, 0x2B, 0x27, 0x3D, 0x73, 0x5E, 0x22, 0xDD, + 0x0D, 0x5C, 0x28, 0xFA, 0x3E, 0x47, 0xCF, 0xE9, + 0x0B, 0x52, 0x15, 0xAE, 0x24, 0xF1, 0x46, 0xC3, + 0x46, 0x4B, 0xFE, 0xAF, 0x01, 0xD2, 0x8D, 0xAA, + 0x55, 0x3C, 0x1E, 0x94, 0x42, 0x8A, 0x10, 0x4A, + 0x9D, 0x78, 0xAE, 0xC7, 0x62, 0x59, 0x1E, 0x88, + 0x79, 0xF7, 0x68, 0x51, 0xCF, 0xB4, 0x64, 0x85, + 0x66, 0x72, 0x1B, 0x0C, 0xAC, 0x1F, 0x14, 0xFE, + 0x16, 0x14, 0x9A, 0x9D, 0x82, 0x10, 0xCC, 0x8F, + 0x2F, 0x50, 0xDE, 0xF7, 0xB4, 0x6C, 0x84, 0x3B, + 0xE9, 0x3B, 0xD8, 0xD5, 0x56, 0x02, 0x49, 0x33, + 0x50, 0xAB, 0x56, 0x0E, 0xA5, 0xBA, 0x17, 0x71, + 0x64, 0x23, 0xBE, 0x0E, 0xB8, 0x36, 0x0A, 0xB1, + 0x09, 0xD8, 0xFB, 0x18, 0xBF, 0xEA, 0x04, 0x08, + 0x47, 0xB7, 0x33, 0x51, 0x45, 0xD4, 0xF2, 0x00, + 0xD1, 0x9C, 0xF6, 0xFE, 0x7B, 0xAC, 0x91, 0x7F, + 0x42, 0x6C, 0x9B, 0x3D, 0x39, 0xA9, 0xCA, 0x43, + 0x29, 0x81, 0x8F, 0x24, 0x0E, 0x7D, 0xA3, 0x82, + 0x76, 0x10, 0x72, 0xF4, 0xA6, 0x50, 0x5E, 0xA8, + 0xE7, 0x6C, 0x1E, 0x44, 0x6F, 0xEB, 0x66, 0x25, + 0xE3, 0x8D, 0xDB, 0xCD, 0x3C, 0xDA, 0x81, 0xE8, + 0x3B, 0xF7, 0x68, 0xF3, 0xE0, 0x1D, 0x9D, 0x26, + 0x3B, 0x36, 0x73, 0x03, 0xAE, 0x15, 0x6C, 0x0B, + 0x71, 0x83, 0x36, 0x4A, 0x1E, 0x79, 0x41, 0xA0, + 0x92, 0x98, 0xA3, 0xAD, 0xF7, 0xBD, 0x23, 0x1E, + 0x61, 0x14, 0xB9, 0xDC, 0xE7, 0x95, 0x2B, 0x11, + 0x3F, 0x78, 0x16, 0x31, 0x38, 0xB9, 0x26, 0x6F, + 0x84, 0x3F, 0x1E, 0xD9, 0x7D, 0x9C, 0x2B, 0x16, + 0x3A, 0x6E, 0x8B, 0xD4, 0xC1, 0xAB, 0x4E, 0x17, + 0x93, 0x67, 0xC5, 0xAC, 0x96, 0xCE, 0xCF, 0x50, + 0x50, 0xFE, 0x82, 0x1F, 0xDF, 0xA4, 0x4E, 0x9E, + 0x68, 0x0B, 0x61, 0xC6, 0x01, 0x89, 0x32, 0xDF, + 0x71, 0x78, 0x11, 0x45, 0x9A, 0xF2, 0x54, 0x2E, + 0x2C, 0xDE, 0x77, 0x17, 0x8C, 0x2E, 0x98, 0x80, + 0xF0, 0x11, 0xE4, 0x05, 0xEA, 0xFA, 0x59, 0xC8, + 0xCB, 0xBE, 0xD7, 0x6E, 0x5A, 0x19, 0x41, 0x10, + 0x4B, 0x1B, 0x9D, 0x3A, 0x60, 0x49, 0x1C, 0x95, + 0x47, 0x55, 0xE0, 0x2E, 0x89, 0x41, 0x03, 0xF1, + 0xF4, 0x97, 0x74, 0x75, 0xE9, 0xEA, 0x36, 0x60, + 0x9F, 0xD6, 0x7C, 0x9D, 0xE3, 0x18, 0xED, 0xA2, + 0x37, 0x0D, 0xCC, 0xDB, 0xB9, 0xCE, 0xF7, 0xAE, + 0x63, 0x60, 0x90, 0x5E, 0xC2, 0x20, 0x83, 0x8C, + 0x97, 0x69, 0x82, 0x34, 0x41, 0xCD, 0xD0, 0xDA, + 0x8E, 0xF0, 0xAB, 0xE5, 0xF2, 0xD1, 0xD7, 0x6E, + 0x2F, 0xE0, 0x8F, 0xEF, 0x53, 0xDE, 0x1D, 0x61, + 0x66, 0xAB, 0x1A, 0x92, 0xB1, 0xAC, 0x09, 0x3E, + 0x5A, 0xBF, 0x76, 0x58, 0xC4, 0xB5, 0x72, 0x87, + 0xF2, 0xD1, 0xFD, 0x7B, 0x82, 0xDE, 0xDA, 0xF8, + 0xD5, 0xA4, 0xFB, 0xAC, 0x4B, 0x35, 0xD5, 0x82, + 0x31, 0x69, 0x4E, 0x16, 0x24, 0x97, 0x57, 0x8A, + 0xBD, 0x7A, 0xA7, 0xC8, 0xFE, 0x7B, 0x35, 0x41, + 0xA7, 0xF1, 0x8E, 0x54, 0xE8, 0xB7, 0xF0, 0x87, + 0x64, 0xC5, 0xE6, 0x84, 0x49, 0xDF, 0x65, 0x59, + 0x01, 0x54, 0x98, 0x32, 0xD6, 0x28, 0xFA, 0x63, + 0xD2, 0xB2, 0xC5, 0xA1, 0x50, 0x93, 0x39, 0x94, + 0xA9, 0x86, 0x33, 0x17, 0xAD, 0x40, 0xD7, 0x78, + 0xD9, 0xD2, 0xC0, 0x5C, 0x78, 0x98, 0x85, 0x0B, + 0x90, 0x17, 0x32, 0x23, 0xC7, 0xA0, 0xAF, 0x89, + 0x0F, 0xD7, 0xE6, 0x62, 0x21, 0xB6, 0xF0, 0x63, + 0x18, 0xB2, 0xED, 0x5E, 0x19, 0x9C, 0xB4, 0x24, + 0x88, 0x5A, 0xB8, 0x41, 0xE7, 0xA4, 0x72, 0x6F, + 0xAB, 0xA2, 0xF9, 0xBB, 0x53, 0xBC, 0x32, 0x36, + 0x43, 0x4C, 0x35, 0xFB, 0xBE, 0x4B, 0x1A, 0x0F, + 0x93, 0xF5, 0x0C, 0x37, 0x89, 0x6C, 0x29, 0xF8, + 0xE3, 0x02, 0xAD, 0x31, 0xED, 0x33, 0x31, 0xD6, + 0x20, 0xE3, 0xB6, 0x29, 0x45, 0x51, 0x01, 0xA1, + 0xF1, 0xCC, 0x7B, 0xA5, 0xE4, 0x6E, 0x68, 0xED, + 0x4A, 0x8C, 0xCC, 0x87, 0xB4, 0xDC, 0x75, 0xBC, + 0x01, 0x62, 0xB6, 0x33, 0x0F, 0x83, 0x3F, 0xBA, + 0x25, 0x75, 0xDF, 0xAF, 0x5B, 0x5F, 0x28, 0xBC, + 0x54, 0xFF, 0x2B, 0xA8, 0x1E, 0x7A, 0x47, 0x31, + 0x3C, 0x15, 0x48, 0x2B, 0x60, 0x5E, 0x66, 0xBB, + 0x38, 0xC6, 0x19, 0x8F, 0x13, 0x92, 0x10, 0x40, + 0x80, 0xFB, 0xE7, 0x8B, 0x86, 0xB1, 0xBC, 0x9A, + 0x6F, 0xB8, 0x81, 0xF5, 0xC7, 0x82, 0x01, 0x47, + 0xE6, 0xBA, 0x14, 0xB8, 0x1A, 0xCC, 0xF2, 0x0C, + 0xAE, 0x96, 0x64, 0x10, 0x94, 0xC2, 0x16, 0x90, + 0x2E, 0xA5, 0xC1, 0x25, 0xF6, 0xC9, 0x35, 0xA1, + 0x50, 0xD7, 0xC9, 0xAC, 0xC5, 0xD9, 0xE2, 0xE5, + 0xD9, 0x0E, 0x38, 0xC0, 0x50, 0x3A, 0xA9, 0x42, + 0x60, 0x17, 0xC7, 0x6A, 0xAF, 0xCD, 0x52, 0x61, + 0xB5, 0x06, 0x27, 0x4E, 0xC1, 0x3A, 0x96, 0x79, + 0xFB, 0x09, 0x79, 0x60, 0x27, 0xA4, 0xBB, 0x75, + 0x9D, 0x92, 0x82, 0x79, 0xB9, 0x4D, 0x84, 0x1A, + 0x09, 0x73, 0x93, 0xBF, 0x7E, 0x5B, 0xD6, 0x9A, + 0x49, 0x6C, 0xC3, 0xDE, 0xCD, 0x2B, 0x0F, 0x07, + 0xF8, 0x33, 0x92, 0xAA, 0xDE, 0x33, 0xDC, 0x51, + 0xB2, 0xA8, 0x4F, 0x6A, 0x07, 0x63, 0x5D, 0xC0, + 0xEF, 0x57, 0xA9, 0xAD, 0x59, 0x59, 0xB6, 0xA5, + 0x0B, 0x7B, 0xA5, 0x09, 0xAD, 0x5B, 0x11, 0xFA, + 0xD2, 0x6B, 0x41, 0x9F, 0x9F, 0x1E, 0x3F, 0x9C, + 0x73, 0x29, 0xB5, 0xA9, 0x53, 0xD7, 0xCC, 0x87, + 0xB2, 0xDE, 0x21, 0x06, 0x11, 0xCF, 0x52, 0xA6, + 0x39, 0xEF, 0x2B, 0x39, 0x08, 0x01, 0x2C, 0xB8, + 0x8E, 0x1D, 0x6F, 0x57, 0x62, 0x50, 0x79, 0xCB, + 0x10, 0x3D, 0x6C, 0x98, 0x10, 0x1A, 0x11, 0xBD, + 0x22, 0x33, 0xB6, 0x56, 0x02, 0xCA, 0x30, 0x49, + 0xBD, 0x32, 0x05, 0x20, 0x41, 0x9F, 0x76, 0xB0, + 0x61, 0xE3, 0x59, 0x8D, 0xE3, 0x81, 0x52, 0xC8, + 0x87, 0x67, 0xD1, 0xA2, 0x4F, 0xBD, 0x02, 0xBB, + 0x10, 0xC3, 0x8E, 0xAC, 0xAE, 0x31, 0x7D, 0xE6, + 0xBB, 0x28, 0x7B, 0x4D, 0x2C, 0xAE, 0x5D, 0xA0, + 0x21, 0x49, 0x65, 0xD8, 0x77, 0x37, 0x78, 0x62, + 0x6E, 0x9B, 0x97, 0x28, 0x59, 0xD8, 0x48, 0x2B, + 0x8D, 0x05, 0x47, 0xE4, 0xF5, 0x6D, 0xFF, 0x87, + 0x68, 0x1D, 0x5B, 0xC5, 0x12, 0x0F, 0x61, 0x3F, + 0xBB, 0xD9, 0x1E, 0x1F, 0x14, 0xE6, 0xDE, 0xFE, + 0x67, 0x2E, 0x2A, 0x7E, 0xAB, 0xCB, 0xBB, 0x9B, + 0x11, 0x08, 0x2C, 0x5E, 0x70, 0x0A, 0xA0, 0xB1, + 0xF7, 0xC1, 0x78, 0x5F, 0xCE, 0xD1, 0x9A, 0x93, + 0xAF, 0xE7, 0xC5, 0x9F, 0xA2, 0x51, 0x9B, 0xCD, + 0xEB, 0x49, 0x4C, 0x3D, 0x13, 0xB2, 0x12, 0x5F, + 0x38, 0x53, 0x23, 0xB8, 0x16, 0xC6, 0x8F, 0x8F, + 0x56, 0x28, 0xC7, 0xC2, 0xAB, 0xFD, 0x02, 0x78, + 0xA3, 0x37, 0x07, 0x3D, 0xA7, 0x4D, 0x16, 0x09, + 0x96, 0x98, 0xC4, 0xB1, 0x14, 0xE8, 0xA8, 0xCE, + 0x34, 0x4E, 0x0A, 0x15, 0xD0, 0xFC, 0x7E, 0xD4, + 0x97, 0xB0, 0x01, 0xD5, 0x3D, 0x4C, 0x96, 0xDC, + 0x39, 0x54, 0xD3, 0xB4, 0xB9, 0x56, 0xCB, 0x9D, + 0x2A, 0x27, 0x2C, 0x51, 0xF1, 0x55, 0x9B, 0x22, + 0x90, 0x4B, 0x40, 0xCC, 0x85, 0x31, 0xE4, 0x0C, + 0xC4, 0x12, 0xC6, 0x8C, 0xB6, 0xEE, 0xA4, 0xA4, + 0x09, 0x0B, 0x38, 0xE2, 0x79, 0x73, 0x29, 0x98, + 0x54, 0x67, 0xE8, 0x18, 0xA5, 0x24, 0xD3, 0x22, + 0x8E, 0xAC, 0xAE, 0x78, 0x25, 0xD3, 0xDA, 0xD2, + 0xEA, 0xA4, 0x22, 0xFD, 0xC7, 0x7A, 0xED, 0x71, + 0xA2, 0x05, 0xDA, 0x78, 0x38, 0xD9, 0x45, 0xE7, + 0xFE, 0xC3, 0x7E, 0x4D, 0xCA, 0x67, 0xE5, 0x04, + 0xCE, 0x35, 0xE5, 0xB0, 0x45, 0xF5, 0x6F, 0x1E, + 0x8D, 0x75, 0x29, 0xEB, 0xD6, 0xF1, 0xAF, 0x7B, + 0x6E, 0x93, 0x9E, 0x2B, 0x7A, 0xB4, 0x02, 0x7D, + 0x37, 0xA5, 0x13, 0x5D, 0x17, 0x2D, 0xA1, 0xAF, + 0x9C, 0xA2, 0xF7, 0x28, 0xA6, 0xF3, 0x7D, 0xE6, + 0x0D, 0xD2, 0x3D, 0x97, 0xD1, 0x1E, 0x75, 0xAB, + 0x1F, 0xD5, 0x1F, 0x8E, 0x9A, 0x13, 0x97, 0xE5, + 0x82, 0x21, 0x59, 0xDB, 0x58, 0x38, 0x02, 0xB3, + 0x2E, 0xEB, 0xB4, 0x56, 0x7E, 0xCE, 0x37, 0x46, + 0xD1, 0xAE, 0x33, 0x31, 0x47, 0x85, 0x64, 0x3D, + 0xD2, 0xA0, 0x74, 0x1E, 0x7F, 0x1B, 0xF2, 0xD2, + 0x61, 0xF2, 0x21, 0x24, 0xE8, 0xDD, 0xD0, 0x8C, + 0x64, 0x0A, 0x48, 0xB5, 0x47, 0x17, 0x51, 0x7C, + 0x21, 0xCD, 0x32, 0x53, 0x28, 0xBC, 0x23, 0x9C, + 0xA0, 0x28, 0xB2, 0x63, 0x0D, 0x06, 0x3C, 0x8C, + 0xC2, 0x0B, 0xE9, 0xBD, 0xB4, 0x85, 0x02, 0xDA, + 0xDD, 0xE7, 0x3F, 0xFE, 0xD5, 0x96, 0x38, 0x16, + 0x53, 0x3E, 0x02, 0x0A, 0xED, 0x12, 0x08, 0x53, + 0x62, 0x55, 0xB1, 0xCC, 0xE9, 0x85, 0x43, 0x31, + 0x27, 0xFF, 0x4F, 0x04, 0xD5, 0xB1, 0xE2, 0xF2, + 0x10, 0x87, 0x04, 0xB8, 0xB9, 0x66, 0x58, 0x8C, + 0x01, 0x56, 0xAF, 0xC2, 0xAE, 0x19, 0x29, 0x86, + 0xFB, 0xEC, 0x44, 0x3B, 0xAE, 0xF6, 0xCB, 0x85, + 0xA6, 0xF2, 0x9C, 0x77, 0x92, 0x40, 0x5A, 0x24, + 0x11, 0x47, 0x10, 0xAE, 0x1C, 0x74, 0x64, 0x44, + 0xFD, 0xF5, 0xFB, 0x65, 0x9E, 0x5E, 0x34, 0x68, + 0x26, 0x20, 0x7B, 0x8C, 0x54, 0x46, 0x3A, 0x06, + 0x17, 0xCE, 0x17, 0xFF, 0x33, 0xE4, 0x0F, 0x93, + 0x1F, 0xE5, 0x76, 0x71, 0x5C, 0x93, 0x2E, 0xF2, + 0x9F, 0xD7, 0x6B, 0x04, 0xA6, 0x9B, 0x58, 0xE0, + 0x30, 0x3D, 0x8E, 0xF2, 0x56, 0x78, 0xC8, 0xB7, + 0x0A, 0xF1, 0x2E, 0x90, 0x45, 0x59, 0x1C, 0x04, + 0xE8, 0xB7, 0x71, 0x06, 0x94, 0x04, 0x15, 0x17, + 0x7E, 0x86, 0x85, 0x93, 0xA0, 0x9C, 0x7E, 0x14, + 0x61, 0x9A, 0x4B, 0x33, 0x2F, 0x9A, 0xDC, 0x3A, + 0x65, 0x8B, 0x86, 0x01, 0x7F, 0x32, 0x65, 0x6C, + 0x54, 0x29, 0xC1, 0x15, 0xE1, 0x10, 0x03, 0x7A, + 0x8C, 0xC7, 0xE5, 0x44, 0x67, 0x7D, 0x2D, 0xD2, + 0x39, 0xA5, 0x9D, 0x54, 0xD0, 0xF3, 0xC7, 0x46, + 0x0E, 0xC1, 0x52, 0x08, 0x34, 0x6B, 0xA5, 0x6D, + 0xF5, 0x08, 0x6C, 0x5D, 0xBC, 0xC4, 0x1E, 0x0C, + 0x95, 0xFC, 0xB6, 0x86, 0x1C, 0x2C, 0x0C, 0x32, + 0xAA, 0xF3, 0x45, 0x4E, 0xFE, 0xE2, 0xFF, 0xBA, + 0x21, 0x4B, 0x43, 0x0E, 0xF2, 0x48, 0xA5, 0x9B, + 0x32, 0x44, 0x4D, 0x8D, 0x0D, 0x3D, 0xB8, 0x7C, + 0x9D, 0x4B, 0x15, 0x36, 0xD1, 0x57, 0x72, 0x8E, + 0xE7, 0x58, 0x5E, 0xF5, 0x32, 0x77, 0x6A, 0x00, + 0x3A, 0x02, 0x3C, 0x0A, 0xB0, 0xE9, 0xFF, 0x55, + 0x71, 0x08, 0xC3, 0x90, 0x68, 0x4D, 0x56, 0x5A, + 0x66, 0x50, 0x63, 0x26, 0x6A, 0xE6, 0x67, 0x0E, + 0xD5, 0x3B, 0x0F, 0xAF, 0x8F, 0xF6, 0x78, 0x29, + 0xBB, 0x73, 0x78, 0x25, 0xB1, 0x53, 0xA9, 0x33, + 0x8C, 0xBE, 0x3D, 0xF1, 0xA4, 0x62, 0x84, 0x9B, + 0x93, 0xA8, 0x1F, 0x84, 0xED, 0x07, 0xBE, 0x6D, + 0x62, 0x40, 0x00, 0x32, 0x74, 0x73, 0x7F, 0x61, + 0x8D, 0xCB, 0x26, 0xE4, 0x82, 0x52, 0xCE, 0x42, + 0x04, 0xDD, 0x31, 0x39, 0xFF, 0x68, 0x76, 0xF4, + 0x3B, 0x30, 0x5D, 0x83, 0x56, 0x20, 0xFE, 0xDF, + 0x79, 0xAA, 0x67, 0x43, 0x3D, 0xC2, 0x52, 0x87, + 0x32, 0x0E, 0x99, 0x17, 0x96, 0x7B, 0x70, 0xB2, + 0xD8, 0x66, 0xD1, 0x7B, 0x69, 0x8B, 0xFF, 0xF2, + 0xB3, 0xAB, 0x95, 0x14, 0x94, 0x9E, 0x58, 0xB5, + 0x7C, 0x68, 0xA4, 0x54, 0x12, 0xC1, 0xFC, 0x42, + 0x1C, 0x76, 0x8B, 0xF5, 0xEE, 0x8A, 0x10, 0xC8, + 0xAE, 0xF5, 0x69, 0x26, 0xF5, 0x1E, 0xC6, 0x2C, + 0x11, 0x56, 0x9F, 0x31, 0xAA, 0x51, 0x78, 0x68, + 0xE5, 0xCA, 0xD8, 0x9E, 0x95, 0x80, 0x66, 0xEB, + 0x9E, 0xDD, 0x72, 0x71, 0xB3, 0x1C, 0xB4, 0xB1, + 0xD6, 0xCE, 0x21, 0x12, 0x25, 0xAE, 0xB5, 0xB5, + 0x7F, 0x74, 0x97, 0x19, 0xDA, 0x07, 0xEC, 0xBE, + 0xFE, 0x03, 0x88, 0x1D, 0xDE, 0x3D, 0x81, 0xE4, + 0x13, 0x5F, 0x2D, 0xC8, 0x1A, 0xF7, 0x79, 0x77, + 0x6C, 0x1B, 0x80, 0x57, 0x16, 0x2A, 0x6C, 0x98, + 0x2F, 0xBB, 0x4D, 0xA6, 0xA9, 0xAD, 0x28, 0x4A, + 0xB1, 0x0C, 0x70, 0x02, 0x20, 0x44, 0xF4, 0x6D, + 0x40, 0x0B, 0xF6, 0xAD, 0x71, 0x82, 0xD1, 0x97, + 0x78, 0x99, 0x83, 0xBE, 0x99, 0x22, 0x79, 0x79, + 0xA1, 0x33, 0x4B, 0xA1, 0x49, 0xD8, 0x69, 0xBA, + 0x1C, 0x40, 0x88, 0x12, 0x34, 0x35, 0xBF, 0x97, + 0x85, 0x41, 0x35, 0x6D, 0xAF, 0x17, 0x1F, 0x33, + 0xAD, 0xB1, 0xC9, 0x79, 0x07, 0xA0, 0xFB, 0x58, + 0x45, 0x07, 0x4A, 0x85, 0xD2, 0x6F, 0x54, 0x61, + 0x35, 0xAE, 0xD0, 0xF9, 0x1B, 0xE4, 0x53, 0x9C, + 0x12, 0xBF, 0x94, 0x11, 0xE4, 0xB5, 0x56, 0xF6, + 0x87, 0xD0, 0x69, 0xDB, 0x6B, 0x21, 0xFE, 0x2B, + 0x7F, 0x32, 0x18, 0x87, 0x44, 0x8C, 0xEA, 0x55, + 0xDB, 0x19, 0xFB, 0xB8, 0xB0, 0x48, 0x2A, 0x55, + 0xAE, 0xC1, 0x67, 0x38, 0xD7, 0x4C, 0xD2, 0x65, + 0x09, 0x38, 0x36, 0xBE, 0x99, 0xD4, 0xFB, 0x53, + 0xE9, 0xB0, 0x14, 0xB0, 0x37, 0xCD, 0xBF, 0xE9 +#endif + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT static const unsigned char dilithium_public_der[] = { #ifndef WOLFSSL_NO_ML_DSA_44 0x30, 0x82, 0x05, 0x34, 0x30, 0x0d, 0x06, 0x0b, @@ -33848,6 +34595,7 @@ static const unsigned char dilithium_public_der[] = { #endif }; #endif +#endif static int test_wc_dilithium_public_der_decode(void) { @@ -33871,9 +34619,21 @@ static int test_wc_dilithium_public_der_decode(void) ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0); #else ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0); +#endif + ExpectIntEQ(wc_Dilithium_PublicKeyDecode(ml_dsa_public_der, &idx, key, + (word32)sizeof(ml_dsa_public_der)), 0); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + idx = 0; +#ifndef WOLFSSL_NO_ML_DSA_44 + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44_DRAFT), 0); +#elif !defined(WOLFSSL_NO_ML_DSA_65) + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65_DRAFT), 0); +#else + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87_DRAFT), 0); #endif ExpectIntEQ(wc_Dilithium_PublicKeyDecode(dilithium_public_der, &idx, key, (word32)sizeof(dilithium_public_der)), 0); +#endif wc_dilithium_free(key); XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -33900,19 +34660,19 @@ static int test_wc_dilithium_der(void) #ifndef WOLFSSL_NO_ML_DSA_44 pubLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE; - pubDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + 24; - privDerLen = DILITHIUM_LEVEL2_KEY_SIZE + 30; - keyDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + DILITHIUM_LEVEL2_KEY_SIZE + 34; + pubDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + 22; + privDerLen = DILITHIUM_LEVEL2_KEY_SIZE + 28; + keyDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + DILITHIUM_LEVEL2_KEY_SIZE + 32; #elif !defined(WOLFSSL_NO_ML_DSA_65) pubLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE; - pubDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + 24; - privDerLen = DILITHIUM_LEVEL3_KEY_SIZE + 30; - keyDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + DILITHIUM_LEVEL3_KEY_SIZE + 34; + pubDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + 22; + privDerLen = DILITHIUM_LEVEL3_KEY_SIZE + 28; + keyDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + DILITHIUM_LEVEL3_KEY_SIZE + 32; #else pubLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE; - pubDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + 24; - privDerLen = DILITHIUM_LEVEL5_KEY_SIZE + 30; - keyDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE + 34; + pubDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + 22; + privDerLen = DILITHIUM_LEVEL5_KEY_SIZE + 28; + keyDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE + 32; #endif key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -34089,7 +34849,6 @@ static int test_wc_dilithium_make_key_from_seed(void) #if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \ !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) dilithium_key* key; -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT #ifndef WOLFSSL_NO_ML_DSA_44 static const byte seed_44[] = { 0x93, 0xEF, 0x2E, 0x6E, 0xF1, 0xFB, 0x08, 0x99, @@ -36294,15 +37053,15 @@ static int test_wc_dilithium_make_key_from_seed(void) 0xDA, 0xC1, 0x7F, 0x93, 0x6F, 0x54, 0xC4, 0xC7 }; #endif /* WOLFSSL_NO_ML_DSA_87 */ -#else +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT #ifndef WOLFSSL_NO_ML_DSA_44 - static const byte seed_44[] = { + static const byte seed_44_draft[] = { 0xBA, 0xC0, 0x59, 0x52, 0x75, 0x5B, 0x26, 0x47, 0x01, 0xCA, 0x7D, 0x80, 0x6D, 0xFA, 0x08, 0x35, 0x10, 0x28, 0xF6, 0x7B, 0x0E, 0x83, 0xC4, 0x24, 0x01, 0x6F, 0x66, 0xCC, 0x83, 0x87, 0xD4, 0x69 }; - static const byte pk_44[] = { + static const byte pk_44_draft[] = { 0x86, 0xF0, 0x0C, 0x20, 0xE0, 0xDA, 0xEE, 0x5E, 0x1E, 0xDE, 0x71, 0x39, 0x49, 0x0C, 0xC8, 0xCF, 0xEF, 0xC9, 0xAB, 0x62, 0x3B, 0x8D, 0xEF, 0x0B, @@ -36468,7 +37227,7 @@ static int test_wc_dilithium_make_key_from_seed(void) 0xFC, 0xDD, 0x2D, 0x4C, 0xE2, 0x99, 0x33, 0x04, 0xE4, 0x26, 0x15, 0x37, 0x6C, 0x32, 0xB9, 0x17 }; - static const byte sk_44[] = { + static const byte sk_44_draft[] = { 0x86, 0xF0, 0x0C, 0x20, 0xE0, 0xDA, 0xEE, 0x5E, 0x1E, 0xDE, 0x71, 0x39, 0x49, 0x0C, 0xC8, 0xCF, 0xEF, 0xC9, 0xAB, 0x62, 0x3B, 0x8D, 0xEF, 0x0B, @@ -36792,13 +37551,13 @@ static int test_wc_dilithium_make_key_from_seed(void) }; #endif /* !WOLFSSL_NO_ML_DSA_44 */ #ifndef WOLFSSL_NO_ML_DSA_65 - static const byte seed_65[] = { + static const byte seed_65_draft[] = { 0x41, 0xAF, 0x98, 0x7B, 0x02, 0x6E, 0x47, 0x5F, 0x37, 0x91, 0x7F, 0x2A, 0x6A, 0x9A, 0x87, 0xE7, 0x51, 0xAD, 0xF9, 0x5B, 0x92, 0x7F, 0x2D, 0xCE, 0xF0, 0xD4, 0xF3, 0xDA, 0x8F, 0x8C, 0x86, 0x6B }; - static const byte pk_65[] = { + static const byte pk_65_draft[] = { 0xDC, 0x38, 0xE5, 0x5F, 0xDF, 0x2E, 0x9D, 0xD4, 0x34, 0x5C, 0xAE, 0x1A, 0x7D, 0xF4, 0x2E, 0x2E, 0xBC, 0x58, 0x57, 0x80, 0x55, 0x02, 0xE4, 0x3F, @@ -37044,7 +37803,7 @@ static int test_wc_dilithium_make_key_from_seed(void) 0x36, 0xE3, 0x3C, 0x70, 0xE3, 0xEA, 0xAC, 0x34, 0x32, 0xB7, 0x0D, 0xBA, 0x7C, 0xAB, 0xE6, 0x18 }; - static const byte sk_65[] = { + static const byte sk_65_draft[] = { 0xDC, 0x38, 0xE5, 0x5F, 0xDF, 0x2E, 0x9D, 0xD4, 0x34, 0x5C, 0xAE, 0x1A, 0x7D, 0xF4, 0x2E, 0x2E, 0xBC, 0x58, 0x57, 0x80, 0x55, 0x02, 0xE4, 0x3F, @@ -37552,13 +38311,13 @@ static int test_wc_dilithium_make_key_from_seed(void) }; #endif /* WOLFSSL_NO_ML_DSA_65 */ #ifndef WOLFSSL_NO_ML_DSA_87 - static const byte seed_87[] = { + static const byte seed_87_draft[] = { 0x22, 0x5F, 0x77, 0x07, 0x5E, 0x66, 0xCE, 0x1C, 0x99, 0xBA, 0x95, 0xB4, 0xFC, 0xDF, 0x25, 0x8B, 0xBB, 0x6F, 0xA5, 0xFE, 0x9C, 0x34, 0x9F, 0x0F, 0xDE, 0x3F, 0x71, 0xD5, 0x33, 0x9F, 0x6F, 0xD8 }; - static const byte pk_87[] = { + static const byte pk_87_draft[] = { 0x8C, 0x52, 0x4B, 0xD9, 0xAC, 0x48, 0x5C, 0xC6, 0x9A, 0xA0, 0x75, 0x64, 0xE1, 0x4F, 0x0F, 0x60, 0x13, 0x0E, 0xDE, 0x34, 0x08, 0xA5, 0xD4, 0x81, @@ -37884,7 +38643,7 @@ static int test_wc_dilithium_make_key_from_seed(void) 0x01, 0x33, 0x82, 0x84, 0x37, 0x03, 0xEB, 0x0E, 0xB1, 0x5F, 0x1B, 0x60, 0x8A, 0x2C, 0x9F, 0x39 }; - static const byte sk_87[] = { + static const byte sk_87_draft[] = { 0x8C, 0x52, 0x4B, 0xD9, 0xAC, 0x48, 0x5C, 0xC6, 0x9A, 0xA0, 0x75, 0x64, 0xE1, 0x4F, 0x0F, 0x60, 0x13, 0x0E, 0xDE, 0x34, 0x08, 0xA5, 0xD4, 0x81, @@ -38514,18 +39273,36 @@ static int test_wc_dilithium_make_key_from_seed(void) ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_44), 0); ExpectIntEQ(XMEMCMP(key->p, pk_44, sizeof(pk_44)), 0); ExpectIntEQ(XMEMCMP(key->k, sk_44, sizeof(sk_44)), 0); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44_DRAFT), 0); + ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_44_draft), 0); + ExpectIntEQ(XMEMCMP(key->p, pk_44_draft, sizeof(pk_44_draft)), 0); + ExpectIntEQ(XMEMCMP(key->k, sk_44_draft, sizeof(sk_44_draft)), 0); +#endif #endif #ifndef WOLFSSL_NO_ML_DSA_65 ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0); ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_65), 0); ExpectIntEQ(XMEMCMP(key->p, pk_65, sizeof(pk_65)), 0); ExpectIntEQ(XMEMCMP(key->k, sk_65, sizeof(sk_65)), 0); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65_DRAFT), 0); + ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_65_draft), 0); + ExpectIntEQ(XMEMCMP(key->p, pk_65_draft, sizeof(pk_65_draft)), 0); + ExpectIntEQ(XMEMCMP(key->k, sk_65_draft, sizeof(sk_65_draft)), 0); +#endif #endif #ifndef WOLFSSL_NO_ML_DSA_87 ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0); ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_87), 0); ExpectIntEQ(XMEMCMP(key->p, pk_87, sizeof(pk_87)), 0); ExpectIntEQ(XMEMCMP(key->k, sk_87, sizeof(sk_87)), 0); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87_DRAFT), 0); + ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_87_draft), 0); + ExpectIntEQ(XMEMCMP(key->p, pk_87_draft, sizeof(pk_87_draft)), 0); + ExpectIntEQ(XMEMCMP(key->k, sk_87_draft, sizeof(sk_87_draft)), 0); +#endif #endif wc_dilithium_free(key); @@ -38538,8 +39315,7 @@ static int test_wc_dilithium_sig_kats(void) { EXPECT_DECLS; #if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \ - !defined(WOLFSSL_DILITHIUM_NO_SIGN) && \ - !defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + !defined(WOLFSSL_DILITHIUM_NO_SIGN) dilithium_key* key; #ifndef WOLFSSL_NO_ML_DSA_44 static const byte sk_44[] = { @@ -43356,7 +44132,6 @@ static int test_wc_dilithium_verify_kats(void) !defined(WOLFSSL_DILITHIUM_NO_VERIFY) dilithium_key* key; int res; -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT #ifndef WOLFSSL_NO_ML_DSA_44 static const byte pk_44[] = { 0x09, 0xB4, 0x88, 0x7D, 0x97, 0xBC, 0xF6, 0x37, @@ -45457,9 +46232,9 @@ static int test_wc_dilithium_verify_kats(void) 0x29, 0x2E, 0x36 }; #endif -#else +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT #ifndef WOLFSSL_NO_ML_DSA_44 - static const byte pk_44[] = { + static const byte pk_44_draft[] = { 0x35, 0x07, 0x31, 0x3A, 0xE3, 0x7A, 0xF6, 0x96, 0x6C, 0x11, 0xA9, 0xE4, 0x0B, 0xEB, 0xEC, 0xE9, 0x2B, 0x67, 0x3F, 0xD2, 0x67, 0x3C, 0x1C, 0x4C, @@ -45625,7 +46400,7 @@ static int test_wc_dilithium_verify_kats(void) 0x29, 0x4D, 0xB2, 0xE2, 0xD5, 0x9F, 0xD4, 0xB9, 0x13, 0xB4, 0x33, 0x80, 0x27, 0x84, 0x7E, 0xF4 }; - static const byte msg_44[] = { + static const byte msg_44_draft[] = { 0x5C, 0x70, 0x7F, 0xBF, 0xF4, 0xFF, 0xE5, 0x9B, 0x09, 0xAA, 0xF8, 0xDB, 0x21, 0xAD, 0xBE, 0xBA, 0xC6, 0xB2, 0x65, 0x37, 0x9A, 0x9A, 0x43, 0x3A, @@ -45643,7 +46418,7 @@ static int test_wc_dilithium_verify_kats(void) 0x9E, 0xC6, 0x26, 0x80, 0x9E, 0xCE, 0x19, 0x8D, 0x6A, 0x6B, 0x09, 0x03, 0x45, 0xDF, 0x22, 0x7D }; - static const byte sig_44[] = { + static const byte sig_44_draft[] = { 0x08, 0xF0, 0x10, 0xFA, 0x63, 0x3F, 0x2B, 0xA1, 0x46, 0x81, 0x34, 0xC4, 0xBC, 0xAB, 0x62, 0x17, 0x0B, 0x64, 0xEA, 0x00, 0x2D, 0xD6, 0x8A, 0xE5, @@ -45950,7 +46725,7 @@ static int test_wc_dilithium_verify_kats(void) }; #endif #ifndef WOLFSSL_NO_ML_DSA_65 - static const byte pk_65[] = { + static const byte pk_65_draft[] = { 0x6C, 0x84, 0x14, 0x38, 0x08, 0x56, 0xCB, 0x52, 0xD7, 0x9C, 0x4B, 0x29, 0x13, 0x9F, 0xB1, 0x83, 0x9B, 0x86, 0x06, 0xF5, 0x94, 0x8B, 0x9D, 0x72, @@ -46196,7 +46971,7 @@ static int test_wc_dilithium_verify_kats(void) 0xCF, 0xE4, 0x67, 0x21, 0x03, 0x65, 0x84, 0x34, 0xD0, 0x32, 0x7A, 0xDD, 0xCD, 0x66, 0xBC, 0xB6 }; - static const byte msg_65[] = { + static const byte msg_65_draft[] = { 0xDB, 0x84, 0x94, 0xBA, 0x19, 0xC4, 0x11, 0x8F, 0xB1, 0x5D, 0x0A, 0xCF, 0x42, 0x54, 0xFD, 0x37, 0x48, 0x3F, 0xCF, 0x47, 0x48, 0xFD, 0x18, 0x44, @@ -46226,7 +47001,7 @@ static int test_wc_dilithium_verify_kats(void) 0x03, 0xEA, 0xFE, 0xF1, 0x70, 0xC1, 0xF1, 0xD2, 0x8E, 0x99, 0xBB }; - static const byte sig_65[] = { + static const byte sig_65_draft[] = { 0xF7, 0x78, 0x9A, 0x45, 0xA3, 0x58, 0x73, 0x30, 0xE7, 0xFC, 0xF7, 0x06, 0x95, 0xF7, 0xF6, 0x96, 0x88, 0xA2, 0xB8, 0xD0, 0xCE, 0x54, 0xF0, 0x90, @@ -46644,7 +47419,7 @@ static int test_wc_dilithium_verify_kats(void) }; #endif #ifndef WOLFSSL_NO_ML_DSA_87 - static const byte pk_87[] = { + static const byte pk_87_draft[] = { 0x2D, 0x1E, 0x6B, 0xED, 0x84, 0x52, 0xEB, 0xF1, 0x26, 0xED, 0xE7, 0x0C, 0xA0, 0xA2, 0xB5, 0x0D, 0x03, 0x34, 0x2D, 0x5B, 0x13, 0xB2, 0xAE, 0x21, @@ -46970,12 +47745,12 @@ static int test_wc_dilithium_verify_kats(void) 0x54, 0xAD, 0xB4, 0xB4, 0x17, 0x0A, 0xC7, 0x12, 0x7F, 0x93, 0x17, 0x5C, 0x1E, 0xB2, 0x25, 0x12 }; - static const byte msg_87[] = { + static const byte msg_87_draft[] = { 0x14, 0x42, 0x63, 0x34, 0x94, 0x09, 0x60, 0x77, 0x3B, 0xFF, 0x65, 0xF0, 0x8D, 0x1D, 0xE4, 0x89, 0xC4, 0xC3, 0xED, 0x36 }; - static const byte sig_87[] = { + static const byte sig_87_draft[] = { 0x13, 0xE8, 0x99, 0xEE, 0xDC, 0xCC, 0x0F, 0xBA, 0x62, 0x91, 0x44, 0xE4, 0xAC, 0x06, 0x79, 0x06, 0xB5, 0x32, 0x6B, 0x8F, 0x9A, 0x6C, 0xCB, 0xAB, @@ -47574,6 +48349,15 @@ static int test_wc_dilithium_verify_kats(void) ExpectIntEQ(wc_dilithium_verify_msg(sig_44, (word32)sizeof(sig_44), msg_44, (word32)sizeof(msg_44), &res, key), 0); ExpectIntEQ(res, 1); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44_DRAFT), 0); + ExpectIntEQ(wc_dilithium_import_public(pk_44_draft, + (word32)sizeof(pk_44_draft), key), 0); + ExpectIntEQ(wc_dilithium_verify_msg(sig_44_draft, + (word32)sizeof(sig_44_draft), msg_44_draft, + (word32)sizeof(msg_44_draft), &res, key), 0); + ExpectIntEQ(res, 1); +#endif #endif #ifndef WOLFSSL_NO_ML_DSA_65 ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0); @@ -47582,6 +48366,15 @@ static int test_wc_dilithium_verify_kats(void) ExpectIntEQ(wc_dilithium_verify_msg(sig_65, (word32)sizeof(sig_65), msg_65, (word32)sizeof(msg_65), &res, key), 0); ExpectIntEQ(res, 1); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65_DRAFT), 0); + ExpectIntEQ(wc_dilithium_import_public(pk_65_draft, + (word32)sizeof(pk_65_draft), key), 0); + ExpectIntEQ(wc_dilithium_verify_msg(sig_65_draft, + (word32)sizeof(sig_65_draft), msg_65_draft, + (word32)sizeof(msg_65_draft), &res, key), 0); + ExpectIntEQ(res, 1); +#endif #endif #ifndef WOLFSSL_NO_ML_DSA_87 ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0); @@ -47590,6 +48383,15 @@ static int test_wc_dilithium_verify_kats(void) ExpectIntEQ(wc_dilithium_verify_msg(sig_87, (word32)sizeof(sig_87), msg_87, (word32)sizeof(msg_87), &res, key), 0); ExpectIntEQ(res, 1); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87_DRAFT), 0); + ExpectIntEQ(wc_dilithium_import_public(pk_87_draft, + (word32)sizeof(pk_87_draft), key), 0); + ExpectIntEQ(wc_dilithium_verify_msg(sig_87_draft, + (word32)sizeof(sig_87_draft), msg_87_draft, + (word32)sizeof(msg_87_draft), &res, key), 0); + ExpectIntEQ(res, 1); +#endif #endif wc_dilithium_free(key); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index bea4c89d0e..334bb8d5f1 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -4233,6 +4233,7 @@ static word32 SetBitString16Bit(word16 val, byte* output) static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 9}; #endif /* HAVE_FACON */ #ifdef HAVE_DILITHIUM +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */ static const byte sigDilithium_Level2Oid[] = {43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4}; @@ -4244,6 +4245,19 @@ static word32 SetBitString16Bit(word16 val, byte* output) /* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */ static const byte sigDilithium_Level5Oid[] = {43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7}; +#endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + + /* ML-DSA Level 2: 2.16.840.1.101.3.4.3.17 */ + static const byte sigMlDsa_Level2Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 17}; + + /* ML-DSA Level 3: 2.16.840.1.101.3.4.3.18 */ + static const byte sigMlDsa_Level3Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 18}; + + /* ML-DSA Level 5: 2.16.840.1.101.3.4.3.19 */ + static const byte sigMlDsa_Level5Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 19}; #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS /* Sphincs Fast Level 1: 1 3 9999 6 7 4 */ @@ -4307,6 +4321,7 @@ static word32 SetBitString16Bit(word16 val, byte* output) static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 9}; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */ static const byte keyDilithium_Level2Oid[] = {43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4}; @@ -4318,6 +4333,19 @@ static word32 SetBitString16Bit(word16 val, byte* output) /* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */ static const byte keyDilithium_Level5Oid[] = {43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7}; +#endif + + /* ML-DSA Level 2: 2.16.840.1.101.3.4.3.17 */ + static const byte keyMlDsa_Level2Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 17}; + + /* ML-DSA Level 3: 2.16.840.1.101.3.4.3.18 */ + static const byte keyMlDsa_Level3Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 18}; + + /* ML-DSA Level 5: 2.16.840.1.101.3.4.3.19 */ + static const byte keyMlDsa_Level5Oid[] = + {96, 134, 72, 1, 101, 3, 4, 3, 19}; #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS /* Sphincs Fast Level 1: 1 3 9999 6 7 4 */ @@ -4861,7 +4889,8 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(sigFalcon_Level5Oid); break; #endif /* HAVE_FALCON */ - #ifdef HAVE_DILITHIUM + #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case CTC_DILITHIUM_LEVEL2: oid = sigDilithium_Level2Oid; *oidSz = sizeof(sigDilithium_Level2Oid); @@ -4874,7 +4903,20 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) oid = sigDilithium_Level5Oid; *oidSz = sizeof(sigDilithium_Level5Oid); break; - #endif /* HAVE_DILITHIUM */ + #endif + case CTC_ML_DSA_LEVEL2: + oid = sigMlDsa_Level2Oid; + *oidSz = sizeof(sigMlDsa_Level2Oid); + break; + case CTC_ML_DSA_LEVEL3: + oid = sigMlDsa_Level3Oid; + *oidSz = sizeof(sigMlDsa_Level3Oid); + break; + case CTC_ML_DSA_LEVEL5: + oid = sigMlDsa_Level5Oid; + *oidSz = sizeof(sigMlDsa_Level5Oid); + break; + #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS case CTC_SPHINCS_FAST_LEVEL1: oid = sigSphincsFast_Level1Oid; @@ -4972,7 +5014,8 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(keyFalcon_Level5Oid); break; #endif /* HAVE_FALCON */ - #ifdef HAVE_DILITHIUM + #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: oid = keyDilithium_Level2Oid; *oidSz = sizeof(keyDilithium_Level2Oid); @@ -4985,7 +5028,20 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) oid = keyDilithium_Level5Oid; *oidSz = sizeof(keyDilithium_Level5Oid); break; - #endif /* HAVE_DILITHIUM */ + #endif + case ML_DSA_LEVEL2k: + oid = keyMlDsa_Level2Oid; + *oidSz = sizeof(keyMlDsa_Level2Oid); + break; + case ML_DSA_LEVEL3k: + oid = keyMlDsa_Level3Oid; + *oidSz = sizeof(keyMlDsa_Level3Oid); + break; + case ML_DSA_LEVEL5k: + oid = keyMlDsa_Level5Oid; + *oidSz = sizeof(keyMlDsa_Level5Oid); + break; + #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS case SPHINCS_FAST_LEVEL1k: oid = keySphincsFast_Level1Oid; @@ -7712,9 +7768,15 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_SIGN) && \ !defined(WOLFSSL_DILITHIUM_NO_VERIFY) && !defined(WOLFSSL_DILITHIUM_NO_ASN1) - if ((ks == DILITHIUM_LEVEL2k) || - (ks == DILITHIUM_LEVEL3k) || - (ks == DILITHIUM_LEVEL5k)) { + if ((ks == ML_DSA_LEVEL2k) || + (ks == ML_DSA_LEVEL3k) || + (ks == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (ks == DILITHIUM_LEVEL2k) + || (ks == DILITHIUM_LEVEL3k) + || (ks == DILITHIUM_LEVEL5k) + #endif + ) { #ifdef WOLFSSL_SMALL_STACK dilithium_key* key_pair = NULL; #else @@ -7736,15 +7798,27 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, return ret; } - if (ks == DILITHIUM_LEVEL2k) { - ret = wc_dilithium_set_level(key_pair, 2); + + if (ks == ML_DSA_LEVEL2k) { + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_44); + } + else if (ks == ML_DSA_LEVEL3k) { + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_65); + } + else if (ks == ML_DSA_LEVEL5k) { + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_87); + } + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if (ks == DILITHIUM_LEVEL2k) { + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_44_DRAFT); } else if (ks == DILITHIUM_LEVEL3k) { - ret = wc_dilithium_set_level(key_pair, 3); + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_65_DRAFT); } else if (ks == DILITHIUM_LEVEL5k) { - ret = wc_dilithium_set_level(key_pair, 5); + ret = wc_dilithium_set_level(key_pair, WC_ML_DSA_87_DRAFT); } + #endif if (ret < 0) { #ifdef WOLFSSL_SMALL_STACK @@ -8230,31 +8304,28 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, if (wc_dilithium_init(dilithium) != 0) { tmpIdx = 0; - if (wc_dilithium_set_level(dilithium, 2) - == 0) { + if (wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) { if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium, - keySz) == 0) { - *algoID = DILITHIUM_LEVEL2k; + keySz) == 0) { + *algoID = ML_DSA_LEVEL2k; } else { WOLFSSL_MSG("Not Dilithium Level 2 DER key"); } } - else if (wc_dilithium_set_level(dilithium, 3) - == 0) { + else if (wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) { if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium, - keySz) == 0) { - *algoID = DILITHIUM_LEVEL3k; + keySz) == 0) { + *algoID = ML_DSA_LEVEL3k; } else { WOLFSSL_MSG("Not Dilithium Level 3 DER key"); } } - else if (wc_dilithium_set_level(dilithium, 5) - == 0) { + else if (wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) { if (wc_Dilithium_PrivateKeyDecode(key, &tmpIdx, dilithium, - keySz) == 0) { - *algoID = DILITHIUM_LEVEL5k; + keySz) == 0) { + *algoID = ML_DSA_LEVEL5k; } else { WOLFSSL_MSG("Not Dilithium Level 5 DER key"); @@ -12744,16 +12815,15 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx, break; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: - cert->pkCurveOID = DILITHIUM_LEVEL2k; - ret = StoreKey(cert, source, &srcIdx, maxIdx); - break; case DILITHIUM_LEVEL3k: - cert->pkCurveOID = DILITHIUM_LEVEL3k; - ret = StoreKey(cert, source, &srcIdx, maxIdx); - break; case DILITHIUM_LEVEL5k: - cert->pkCurveOID = DILITHIUM_LEVEL5k; + #endif + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: + cert->pkCurveOID = cert->keyOID; ret = StoreKey(cert, source, &srcIdx, maxIdx); break; #endif /* HAVE_DILITHIUM */ @@ -16114,9 +16184,14 @@ static WC_INLINE int IsSigAlgoECC(word32 algoOID) || (algoOID == FALCON_LEVEL5k) #endif #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT || (algoOID == DILITHIUM_LEVEL2k) || (algoOID == DILITHIUM_LEVEL3k) || (algoOID == DILITHIUM_LEVEL5k) + #endif + || (algoOID == ML_DSA_LEVEL2k) + || (algoOID == ML_DSA_LEVEL3k) + || (algoOID == ML_DSA_LEVEL5k) #endif #ifdef HAVE_SPHINCS || (algoOID == SPHINCS_FAST_LEVEL1k) @@ -16475,9 +16550,14 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: + #endif + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: wc_dilithium_free(sigCtx->key.dilithium); XFREE(sigCtx->key.dilithium, sigCtx->heap, DYNAMIC_TYPE_DILITHIUM); @@ -16649,9 +16729,14 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID, break; #endif #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case CTC_DILITHIUM_LEVEL2: case CTC_DILITHIUM_LEVEL3: case CTC_DILITHIUM_LEVEL5: + #endif + case CTC_ML_DSA_LEVEL2: + case CTC_ML_DSA_LEVEL3: + case CTC_ML_DSA_LEVEL5: /* Hashes done in signing operation. */ break; #endif @@ -17103,83 +17188,55 @@ static int ConfirmSignature(SignatureCtx* sigCtx, #if defined(HAVE_DILITHIUM) && \ !defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \ !defined(WOLFSSL_DILITHIUM_NO_ASN1) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: + case DILITHIUM_LEVEL3k: + case DILITHIUM_LEVEL5k: + #endif + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: { word32 idx = 0; - sigCtx->verify = 0; - sigCtx->key.dilithium = - (dilithium_key*)XMALLOC(sizeof(dilithium_key), - sigCtx->heap, - DYNAMIC_TYPE_DILITHIUM); - if (sigCtx->key.dilithium == NULL) { - ERROR_OUT(MEMORY_E, exit_cs); + int level; + if (keyOID == ML_DSA_LEVEL2k) { + level = WC_ML_DSA_44; } - if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium, - sigCtx->heap, sigCtx->devId)) < 0) { - goto exit_cs; + else if (keyOID == ML_DSA_LEVEL3k) { + level = WC_ML_DSA_65; } - if ((ret = wc_dilithium_set_level( - sigCtx->key.dilithium, 2)) - < 0) { - goto exit_cs; - } - if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx, - sigCtx->key.dilithium, keySz)) < 0) { - WOLFSSL_MSG("ASN Key import error Dilithium Level 2"); - goto exit_cs; - } - break; - } - case DILITHIUM_LEVEL3k: - { - word32 idx = 0; - sigCtx->verify = 0; - sigCtx->key.dilithium = - (dilithium_key*)XMALLOC(sizeof(dilithium_key), - sigCtx->heap, - DYNAMIC_TYPE_DILITHIUM); - if (sigCtx->key.dilithium == NULL) { - ERROR_OUT(MEMORY_E, exit_cs); + else if (keyOID == ML_DSA_LEVEL5k) { + level = WC_ML_DSA_87; } - if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium, - sigCtx->heap, sigCtx->devId)) < 0) { - goto exit_cs; + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if (keyOID == DILITHIUM_LEVEL2k) { + level = WC_ML_DSA_44_DRAFT; } - if ((ret = wc_dilithium_set_level( - sigCtx->key.dilithium, 3)) - < 0) { - goto exit_cs; + else if (keyOID == DILITHIUM_LEVEL3k) { + level = WC_ML_DSA_65_DRAFT; } - if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx, - sigCtx->key.dilithium, keySz)) < 0) { - WOLFSSL_MSG("ASN Key import error Dilithium Level 3"); - goto exit_cs; + else if (keyOID == DILITHIUM_LEVEL5k) { + level = WC_ML_DSA_87_DRAFT; } - break; - } - case DILITHIUM_LEVEL5k: - { - word32 idx = 0; + #endif sigCtx->verify = 0; - sigCtx->key.dilithium = - (dilithium_key*)XMALLOC(sizeof(dilithium_key), - sigCtx->heap, - DYNAMIC_TYPE_DILITHIUM); + sigCtx->key.dilithium = (dilithium_key*)XMALLOC( + sizeof(dilithium_key), sigCtx->heap, + DYNAMIC_TYPE_DILITHIUM); if (sigCtx->key.dilithium == NULL) { ERROR_OUT(MEMORY_E, exit_cs); } if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium, - sigCtx->heap, sigCtx->devId)) < 0) { + sigCtx->heap, sigCtx->devId)) < 0) { goto exit_cs; } - if ((ret = wc_dilithium_set_level( - sigCtx->key.dilithium, 5)) - < 0) { + if ((ret = wc_dilithium_set_level(sigCtx->key.dilithium, + level)) < 0) { goto exit_cs; } if ((ret = wc_Dilithium_PublicKeyDecode(key, &idx, sigCtx->key.dilithium, keySz)) < 0) { - WOLFSSL_MSG("ASN Key import error Dilithium Level 5"); + WOLFSSL_MSG("ASN Key import error Dilithium"); goto exit_cs; } break; @@ -17509,6 +17566,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, } #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_VERIFY) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: @@ -17518,6 +17576,15 @@ static int ConfirmSignature(SignatureCtx* sigCtx, sigCtx->key.dilithium); break; } + #endif + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: + { + ret = wc_dilithium_verify_ctx_msg(sig, sigSz, NULL, 0, buf, + bufSz, &sigCtx->verify, sigCtx->key.dilithium); + break; + } #endif /* HAVE_DILITHIUM */ #if defined(HAVE_SPHINCS) case SPHINCS_FAST_LEVEL1k: @@ -17712,39 +17779,22 @@ static int ConfirmSignature(SignatureCtx* sigCtx, } #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: - { - if (sigCtx->verify == 1) { - ret = 0; - } - else { - WOLFSSL_MSG("DILITHIUM_LEVEL2 Verify didn't match"); - ret = ASN_SIG_CONFIRM_E; - } - break; - } case DILITHIUM_LEVEL3k: - { - if (sigCtx->verify == 1) { - ret = 0; - } - else { - WOLFSSL_MSG("DILITHIUM_LEVEL3 Verify didn't match"); - ret = ASN_SIG_CONFIRM_E; - } - break; - } case DILITHIUM_LEVEL5k: - { + #endif + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: if (sigCtx->verify == 1) { ret = 0; } else { - WOLFSSL_MSG("DILITHIUM_LEVEL5 Verify didn't match"); + WOLFSSL_MSG("DILITHIUM Verify didn't match"); ret = ASN_SIG_CONFIRM_E; } break; - } #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS case SPHINCS_FAST_LEVEL1k: @@ -24720,12 +24770,20 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----"; wcchar END_FALCON_LEVEL5_PRIV = "-----END FALCON_LEVEL5 PRIVATE KEY-----"; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT wcchar BEGIN_DILITHIUM_LEVEL2_PRIV = "-----BEGIN DILITHIUM_LEVEL2 PRIVATE KEY-----"; wcchar END_DILITHIUM_LEVEL2_PRIV = "-----END DILITHIUM_LEVEL2 PRIVATE KEY-----"; wcchar BEGIN_DILITHIUM_LEVEL3_PRIV = "-----BEGIN DILITHIUM_LEVEL3 PRIVATE KEY-----"; wcchar END_DILITHIUM_LEVEL3_PRIV = "-----END DILITHIUM_LEVEL3 PRIVATE KEY-----"; wcchar BEGIN_DILITHIUM_LEVEL5_PRIV = "-----BEGIN DILITHIUM_LEVEL5 PRIVATE KEY-----"; wcchar END_DILITHIUM_LEVEL5_PRIV = "-----END DILITHIUM_LEVEL5 PRIVATE KEY-----"; + #endif + wcchar BEGIN_ML_DSA_LEVEL2_PRIV = "-----BEGIN ML_DSA_LEVEL2 PRIVATE KEY-----"; + wcchar END_ML_DSA_LEVEL2_PRIV = "-----END ML_DSA_LEVEL2 PRIVATE KEY-----"; + wcchar BEGIN_ML_DSA_LEVEL3_PRIV = "-----BEGIN ML_DSA_LEVEL3 PRIVATE KEY-----"; + wcchar END_ML_DSA_LEVEL3_PRIV = "-----END ML_DSA_LEVEL3 PRIVATE KEY-----"; + wcchar BEGIN_ML_DSA_LEVEL5_PRIV = "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----"; + wcchar END_ML_DSA_LEVEL5_PRIV = "-----END ML_DSA_LEVEL5 PRIVATE KEY-----"; #endif /* HAVE_DILITHIUM */ #if defined(HAVE_SPHINCS) wcchar BEGIN_SPHINCS_FAST_LEVEL1_PRIV = "-----BEGIN SPHINCS_FAST_LEVEL1 PRIVATE KEY-----"; @@ -24876,6 +24934,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer) break; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2_TYPE: if (header) *header = BEGIN_DILITHIUM_LEVEL2_PRIV; if (footer) *footer = END_DILITHIUM_LEVEL2_PRIV; @@ -24891,6 +24950,22 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer) if (footer) *footer = END_DILITHIUM_LEVEL5_PRIV; ret = 0; break; + #endif + case ML_DSA_LEVEL2_TYPE: + if (header) *header = BEGIN_ML_DSA_LEVEL2_PRIV; + if (footer) *footer = END_ML_DSA_LEVEL2_PRIV; + ret = 0; + break; + case ML_DSA_LEVEL3_TYPE: + if (header) *header = BEGIN_ML_DSA_LEVEL3_PRIV; + if (footer) *footer = END_ML_DSA_LEVEL3_PRIV; + ret = 0; + break; + case ML_DSA_LEVEL5_TYPE: + if (header) *header = BEGIN_ML_DSA_LEVEL5_PRIV; + if (footer) *footer = END_ML_DSA_LEVEL5_PRIV; + ret = 0; + break; #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS case SPHINCS_FAST_LEVEL1_TYPE: @@ -28782,9 +28857,14 @@ static int EncodePublicKey(int keyType, byte* output, int outLen, break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2_KEY: case DILITHIUM_LEVEL3_KEY: case DILITHIUM_LEVEL5_KEY: + #endif + case ML_DSA_LEVEL2_KEY: + case ML_DSA_LEVEL3_KEY: + case ML_DSA_LEVEL5_KEY: ret = wc_Dilithium_PublicKeyToDer(dilithiumKey, output, (word32)outLen, 1); if (ret <= 0) { @@ -29606,9 +29686,15 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, } #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1) - if ((cert->keyType == DILITHIUM_LEVEL2_KEY) || - (cert->keyType == DILITHIUM_LEVEL3_KEY) || - (cert->keyType == DILITHIUM_LEVEL5_KEY)) { + if ((cert->keyType == ML_DSA_LEVEL2_KEY) || + (cert->keyType == ML_DSA_LEVEL3_KEY) || + (cert->keyType == ML_DSA_LEVEL5_KEY) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (cert->keyType == DILITHIUM_LEVEL2_KEY) + || (cert->keyType == DILITHIUM_LEVEL3_KEY) + || (cert->keyType == DILITHIUM_LEVEL5_KEY) + #endif + ) { if (dilithiumKey == NULL) return PUBLIC_KEY_E; @@ -30149,9 +30235,23 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz, if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey && dilithiumKey) { word32 outSz = sigSz; - ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey, rng); - if (ret == 0) - ret = outSz; + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if ((dilithiumKey->params->level == WC_ML_DSA_44_DRAFT) || + (dilithiumKey->params->level == WC_ML_DSA_65_DRAFT) || + (dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) { + ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey, + rng); + if (ret == 0) + ret = outSz; + } + else + #endif + { + ret = wc_dilithium_sign_ctx_msg(NULL, 0, buf, sz, sig, + &outSz, dilithiumKey, rng); + if (ret == 0) + ret = outSz; + } } #endif /* HAVE_DILITHIUM */ #if defined(HAVE_SPHINCS) @@ -30386,12 +30486,32 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = FALCON_LEVEL5_KEY; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) { cert->keyType = DILITHIUM_LEVEL2_KEY; - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) { cert->keyType = DILITHIUM_LEVEL3_KEY; - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) { cert->keyType = DILITHIUM_LEVEL5_KEY; + } + #endif + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44)) { + cert->keyType = ML_DSA_LEVEL2_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65)) { + cert->keyType = ML_DSA_LEVEL3_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87)) { + cert->keyType = ML_DSA_LEVEL5_KEY; + } #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS else if ((sphincsKey != NULL) && (sphincsKey->level == 1) @@ -30481,15 +30601,32 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, } #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) { + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) { cert->keyType = DILITHIUM_LEVEL2_KEY; } - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) { + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) { cert->keyType = DILITHIUM_LEVEL3_KEY; } - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) { + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) { cert->keyType = DILITHIUM_LEVEL5_KEY; } + #endif + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_44)) { + cert->keyType = ML_DSA_LEVEL2_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_65)) { + cert->keyType = ML_DSA_LEVEL3_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_87)) { + cert->keyType = ML_DSA_LEVEL5_KEY; + } #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS else if ((sphincsKey != NULL) && (sphincsKey->level == 1) @@ -30794,12 +30931,20 @@ int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, falconKey = (falcon_key*)key; else if (keyType == FALCON_LEVEL5_TYPE) falconKey = (falcon_key*)key; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT else if (keyType == DILITHIUM_LEVEL2_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL3_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL5_TYPE) dilithiumKey = (dilithium_key*)key; +#endif + else if (keyType == ML_DSA_LEVEL2_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL3_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL5_TYPE) + dilithiumKey = (dilithium_key*)key; else if (keyType == SPHINCS_FAST_LEVEL1_TYPE) sphincsKey = (sphincs_key*)key; else if (keyType == SPHINCS_FAST_LEVEL3_TYPE) @@ -31101,9 +31246,15 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey, } #endif #if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_ASN1) - if ((cert->keyType == DILITHIUM_LEVEL2_KEY) || - (cert->keyType == DILITHIUM_LEVEL3_KEY) || - (cert->keyType == DILITHIUM_LEVEL5_KEY)) { + if ((cert->keyType == ML_DSA_LEVEL2_KEY) || + (cert->keyType == ML_DSA_LEVEL3_KEY) || + (cert->keyType == ML_DSA_LEVEL5_KEY) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (cert->keyType == DILITHIUM_LEVEL2_KEY) + || (cert->keyType == DILITHIUM_LEVEL3_KEY) + || (cert->keyType == DILITHIUM_LEVEL5_KEY) + #endif + ) { if (dilithiumKey == NULL) return PUBLIC_KEY_E; der->publicKeySz = wc_Dilithium_PublicKeyToDer(dilithiumKey, @@ -31455,12 +31606,32 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = FALCON_LEVEL5_KEY; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) { cert->keyType = DILITHIUM_LEVEL2_KEY; - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) { cert->keyType = DILITHIUM_LEVEL3_KEY; - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) { cert->keyType = DILITHIUM_LEVEL5_KEY; + } + #endif + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44)) { + cert->keyType = ML_DSA_LEVEL2_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65)) { + cert->keyType = ML_DSA_LEVEL3_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87)) { + cert->keyType = ML_DSA_LEVEL5_KEY; + } #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS else if ((sphincsKey != NULL) && (sphincsKey->level == 1) @@ -31551,15 +31722,32 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, } #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 2)) { + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_44_DRAFT)) { cert->keyType = DILITHIUM_LEVEL2_KEY; } - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 3)) { + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_65_DRAFT)) { cert->keyType = DILITHIUM_LEVEL3_KEY; } - else if ((dilithiumKey != NULL) && (dilithiumKey->level == 5)) { + else if ((dilithiumKey != NULL) && + (dilithiumKey->params->level == WC_ML_DSA_87_DRAFT)) { cert->keyType = DILITHIUM_LEVEL5_KEY; } + #endif + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_44)) { + cert->keyType = ML_DSA_LEVEL2_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_65)) { + cert->keyType = ML_DSA_LEVEL3_KEY; + } + else if ((dilithiumKey != NULL) && + (dilithiumKey->level == WC_ML_DSA_87)) { + cert->keyType = ML_DSA_LEVEL5_KEY; + } #endif /* HAVE_DILITHIUM */ #ifdef HAVE_SPHINCS else if ((sphincsKey != NULL) && (sphincsKey->level == 1) @@ -31771,12 +31959,20 @@ int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, falconKey = (falcon_key*)key; else if (keyType == FALCON_LEVEL5_TYPE) falconKey = (falcon_key*)key; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT else if (keyType == DILITHIUM_LEVEL2_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL3_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL5_TYPE) dilithiumKey = (dilithium_key*)key; +#endif + else if (keyType == ML_DSA_LEVEL2_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL3_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL5_TYPE) + dilithiumKey = (dilithium_key*)key; else if (keyType == SPHINCS_FAST_LEVEL1_TYPE) sphincsKey = (sphincs_key*)key; else if (keyType == SPHINCS_FAST_LEVEL3_TYPE) @@ -31917,9 +32113,14 @@ int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf, case FALCON_LEVEL5_TYPE: falconKey = (falcon_key*)key; break; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2_TYPE: case DILITHIUM_LEVEL3_TYPE: case DILITHIUM_LEVEL5_TYPE: +#endif + case ML_DSA_LEVEL2_TYPE: + case ML_DSA_LEVEL3_TYPE: + case ML_DSA_LEVEL5_TYPE: dilithiumKey = (dilithium_key*)key; break; case SPHINCS_FAST_LEVEL1_TYPE: @@ -32020,12 +32221,20 @@ int wc_SignCert_ex(int requestSz, int sType, byte* buf, word32 buffSz, falconKey = (falcon_key*)key; else if (keyType == FALCON_LEVEL5_TYPE) falconKey = (falcon_key*)key; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT else if (keyType == DILITHIUM_LEVEL2_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL3_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL5_TYPE) dilithiumKey = (dilithium_key*)key; +#endif + else if (keyType == ML_DSA_LEVEL2_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL3_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL5_TYPE) + dilithiumKey = (dilithium_key*)key; else if (keyType == SPHINCS_FAST_LEVEL1_TYPE) sphincsKey = (sphincs_key*)key; else if (keyType == SPHINCS_FAST_LEVEL3_TYPE) @@ -32199,12 +32408,20 @@ int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key) falconKey = (falcon_key*)key; else if (keyType == FALCON_LEVEL5_TYPE) falconKey = (falcon_key*)key; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT else if (keyType == DILITHIUM_LEVEL2_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL3_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL5_TYPE) dilithiumKey = (dilithium_key*)key; +#endif + else if (keyType == ML_DSA_LEVEL2_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL3_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL5_TYPE) + dilithiumKey = (dilithium_key*)key; else if (keyType == SPHINCS_FAST_LEVEL1_TYPE) sphincsKey = (sphincs_key*)key; else if (keyType == SPHINCS_FAST_LEVEL3_TYPE) @@ -32252,12 +32469,20 @@ int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key) falconKey = (falcon_key*)key; else if (keyType == FALCON_LEVEL5_TYPE) falconKey = (falcon_key*)key; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT else if (keyType == DILITHIUM_LEVEL2_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL3_TYPE) dilithiumKey = (dilithium_key*)key; else if (keyType == DILITHIUM_LEVEL5_TYPE) dilithiumKey = (dilithium_key*)key; +#endif + else if (keyType == ML_DSA_LEVEL2_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL3_TYPE) + dilithiumKey = (dilithium_key*)key; + else if (keyType == ML_DSA_LEVEL5_TYPE) + dilithiumKey = (dilithium_key*)key; else if (keyType == SPHINCS_FAST_LEVEL1_TYPE) sphincsKey = (sphincs_key*)key; else if (keyType == SPHINCS_FAST_LEVEL3_TYPE) diff --git a/wolfcrypt/src/dilithium.c b/wolfcrypt/src/dilithium.c index da465efcc3..06c6fcc2bd 100644 --- a/wolfcrypt/src/dilithium.c +++ b/wolfcrypt/src/dilithium.c @@ -292,6 +292,44 @@ static const wc_dilithium_params dilithium_params[] = { PARAMS_ML_DSA_87_Z_ENC_SIZE, PARAMS_ML_DSA_87_PK_SIZE, PARAMS_ML_DSA_87_SIG_SIZE }, #endif +#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) +#ifndef WOLFSSL_NO_ML_DSA_44 + { WC_ML_DSA_44_DRAFT, PARAMS_ML_DSA_44_K, PARAMS_ML_DSA_44_L, + PARAMS_ML_DSA_44_ETA, PARAMS_ML_DSA_44_ETA_BITS, + PARAMS_ML_DSA_44_TAU, PARAMS_ML_DSA_44_BETA, PARAMS_ML_DSA_44_OMEGA, + PARAMS_ML_DSA_44_LAMBDA, + PARAMS_ML_DSA_44_GAMMA1_BITS, PARAMS_ML_DSA_44_GAMMA2, + PARAMS_ML_DSA_44_W1_ENC_SZ, PARAMS_ML_DSA_44_A_SIZE, + PARAMS_ML_DSA_44_S1_SIZE, PARAMS_ML_DSA_44_S1_ENC_SIZE, + PARAMS_ML_DSA_44_S2_SIZE, PARAMS_ML_DSA_44_S2_ENC_SIZE, + PARAMS_ML_DSA_44_Z_ENC_SIZE, + PARAMS_ML_DSA_44_PK_SIZE, PARAMS_ML_DSA_44_SIG_SIZE }, +#endif +#ifndef WOLFSSL_NO_ML_DSA_65 + { WC_ML_DSA_65_DRAFT, PARAMS_ML_DSA_65_K, PARAMS_ML_DSA_65_L, + PARAMS_ML_DSA_65_ETA, PARAMS_ML_DSA_65_ETA_BITS, + PARAMS_ML_DSA_65_TAU, PARAMS_ML_DSA_65_BETA, PARAMS_ML_DSA_65_OMEGA, + PARAMS_ML_DSA_65_LAMBDA, + PARAMS_ML_DSA_65_GAMMA1_BITS, PARAMS_ML_DSA_65_GAMMA2, + PARAMS_ML_DSA_65_W1_ENC_SZ, PARAMS_ML_DSA_65_A_SIZE, + PARAMS_ML_DSA_65_S1_SIZE, PARAMS_ML_DSA_65_S1_ENC_SIZE, + PARAMS_ML_DSA_65_S2_SIZE, PARAMS_ML_DSA_65_S2_ENC_SIZE, + PARAMS_ML_DSA_65_Z_ENC_SIZE, + PARAMS_ML_DSA_65_PK_SIZE, PARAMS_ML_DSA_65_SIG_SIZE }, +#endif +#ifndef WOLFSSL_NO_ML_DSA_87 + { WC_ML_DSA_87_DRAFT, PARAMS_ML_DSA_87_K, PARAMS_ML_DSA_87_L, + PARAMS_ML_DSA_87_ETA, PARAMS_ML_DSA_87_ETA_BITS, + PARAMS_ML_DSA_87_TAU, PARAMS_ML_DSA_87_BETA, PARAMS_ML_DSA_87_OMEGA, + PARAMS_ML_DSA_87_LAMBDA, + PARAMS_ML_DSA_87_GAMMA1_BITS, PARAMS_ML_DSA_87_GAMMA2, + PARAMS_ML_DSA_87_W1_ENC_SZ, PARAMS_ML_DSA_87_A_SIZE, + PARAMS_ML_DSA_87_S1_SIZE, PARAMS_ML_DSA_87_S1_ENC_SIZE, + PARAMS_ML_DSA_87_S2_SIZE, PARAMS_ML_DSA_87_S2_ENC_SIZE, + PARAMS_ML_DSA_87_Z_ENC_SIZE, + PARAMS_ML_DSA_87_PK_SIZE, PARAMS_ML_DSA_87_SIG_SIZE }, +#endif +#endif }; /* Number of ML-DSA parameter sets compiled in. */ #define DILITHIUM_PARAMS_CNT \ @@ -354,9 +392,6 @@ static int dilithium_shake256(wc_Shake* shake256, const byte* data, return ret; } -#if !defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) || \ - (!defined(WOLFSSL_DILITHIUM_NO_SIGN) || \ - !defined(WOLFSSL_DILITHIUM_NO_VERIFY)) /* 256-bit hash using SHAKE-256. * * FIPS 204. 8.3: H(v,d) <- SHAKE256(v,d) @@ -394,9 +429,7 @@ static int dilithium_hash256(wc_Shake* shake256, const byte* data1, return ret; } -#endif -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT #if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY) /* 256-bit hash of context and message using SHAKE-256. * @@ -586,7 +619,6 @@ static int dilithium_get_hash_oid(int hash, byte* oidBuffer, word32* oidLen) return ret; } #endif -#endif /* !WOLFSSL_DILITHIUM_FIPS204_DRAFT */ #ifndef WOLFSSL_DILITHIUM_SMALL /* 128-bit hash using SHAKE-128. @@ -2772,8 +2804,8 @@ static int dilithium_vec_expand_mask(wc_Shake* shake256, byte* seed, * @return 0 on success. * @return Negative on hash error. */ -static int dilithium_sample_in_ball_ex(wc_Shake* shake256, const byte* seed, - word32 seedLen, byte tau, sword32* c, byte* block) +static int dilithium_sample_in_ball_ex(int level, wc_Shake* shake256, + const byte* seed, word32 seedLen, byte tau, sword32* c, byte* block) { int ret = 0; unsigned int k; @@ -2786,14 +2818,18 @@ static int dilithium_sample_in_ball_ex(wc_Shake* shake256, const byte* seed, XMEMSET(c, 0, DILITHIUM_POLY_SIZE); /* Generate a block of data from seed. */ -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT - ret = dilithium_shake256(shake256, seed, seedLen, block, - DILITHIUM_GEN_C_BLOCK_BYTES); -#else - (void)seedLen; - ret = dilithium_shake256(shake256, seed, DILITHIUM_SEED_SZ, block, - DILITHIUM_GEN_C_BLOCK_BYTES); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (level >= WC_ML_DSA_DRAFT) { + ret = dilithium_shake256(shake256, seed, DILITHIUM_SEED_SZ, block, + DILITHIUM_GEN_C_BLOCK_BYTES); + } + else #endif + { + (void)level; + ret = dilithium_shake256(shake256, seed, seedLen, block, + DILITHIUM_GEN_C_BLOCK_BYTES); + } } if (ret == 0) { /* Copy first 8 bytes of first hash block as random sign bits. */ @@ -2850,8 +2886,8 @@ static int dilithium_sample_in_ball_ex(wc_Shake* shake256, const byte* seed, * @return MEMORY_E when dynamic memory allocation fails. * @return Negative on hash error. */ -static int dilithium_sample_in_ball(wc_Shake* shake256, const byte* seed, - word32 seedLen, byte tau, sword32* c, void* heap) +static int dilithium_sample_in_ball(int level, wc_Shake* shake256, + const byte* seed, word32 seedLen, byte tau, sword32* c, void* heap) { int ret = 0; #if defined(WOLFSSL_SMALL_STACK) @@ -2871,8 +2907,8 @@ static int dilithium_sample_in_ball(wc_Shake* shake256, const byte* seed, #endif if (ret == 0) { - ret = dilithium_sample_in_ball_ex(shake256, seed, seedLen, tau, c, - block); + ret = dilithium_sample_in_ball_ex(level, shake256, seed, seedLen, tau, + c, block); } #if defined(WOLFSSL_SMALL_STACK) @@ -5478,9 +5514,7 @@ static int dilithium_make_key_from_seed(dilithium_key* key, const byte* seed) sword32* s2 = NULL; sword32* t = NULL; byte* pub_seed = key->k; -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT byte kl[2]; -#endif /* Allocate memory for large intermediates. */ #ifdef WC_DILITHIUM_CACHE_MATRIX_A @@ -5541,19 +5575,25 @@ static int dilithium_make_key_from_seed(dilithium_key* key, const byte* seed) #endif if (ret == 0) { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT - kl[0] = params->k; - kl[1] = params->l; - /* Step 1: Create public seed, private seed and K from seed. - * Step 9; Alg 24, Step 1: Public seed is placed into private key. */ - ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2, - pub_seed, DILITHIUM_SEEDS_SZ); -#else - /* Step 2: Create public seed, private seed and K from seed. - * Step 9; Alg 18, Step 1: Public seed is placed into private key. */ - ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ, pub_seed, - DILITHIUM_SEEDS_SZ); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (key->params->level >= WC_ML_DSA_DRAFT) { + /* Step 2: Create public seed, private seed and K from seed. + * Step 9; Alg 18, Step 1: Public seed is placed into private key. + */ + ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ, + pub_seed, DILITHIUM_SEEDS_SZ); + } + else #endif + { + kl[0] = params->k; + kl[1] = params->l; + /* Step 1: Create public seed, private seed and K from seed. + * Step 9; Alg 24, Step 1: Public seed is placed into private key. + */ + ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2, + pub_seed, DILITHIUM_SEEDS_SZ); + } } if (ret == 0) { /* Step 7; Alg 22 Step 1: Copy public seed into public key. */ @@ -5637,9 +5677,7 @@ static int dilithium_make_key_from_seed(dilithium_key* key, const byte* seed) byte* pub_seed = key->k; unsigned int r; unsigned int s; -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT byte kl[2]; -#endif /* Allocate memory for large intermediates. */ if (ret == 0) { @@ -5668,19 +5706,25 @@ static int dilithium_make_key_from_seed(dilithium_key* key, const byte* seed) } if (ret == 0) { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT - kl[0] = params->k; - kl[1] = params->l; - /* Step 1: Create public seed, private seed and K from seed. - * Step 9; Alg 24, Step 1: Public seed is placed into private key. */ - ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2, - pub_seed, DILITHIUM_SEEDS_SZ); -#else - /* Step 2: Create public seed, private seed and K from seed. - * Step 9; Alg 18, Step 1: Public seed is placed into private key. */ - ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ, pub_seed, - DILITHIUM_SEEDS_SZ); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (key->params->level >= WC_ML_DSA_DRAFT) { + /* Step 2: Create public seed, private seed and K from seed. + * Step 9; Alg 18, Step 1: Public seed is placed into private key. + */ + ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ, + pub_seed, DILITHIUM_SEEDS_SZ); + } + else #endif + { + kl[0] = params->k; + kl[1] = params->l; + /* Step 1: Create public seed, private seed and K from seed. + * Step 9; Alg 24, Step 1: Public seed is placed into private key. + */ + ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2, + pub_seed, DILITHIUM_SEEDS_SZ); + } } if (ret == 0) { byte* priv_seed = key->k + DILITHIUM_PUB_SEED_SZ; @@ -6150,8 +6194,8 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, w1e, params->w1EncSz, commit, params->lambda / 4); if (ret == 0) { /* Step 17: Compute c from first 256 bits of commit. */ - ret = dilithium_sample_in_ball(&key->shake, commit, - params->lambda / 4, params->tau, c, key->heap); + ret = dilithium_sample_in_ball(params->level, &key->shake, + commit, params->lambda / 4, params->tau, c, key->heap); } if (ret == 0) { sword32 hi; @@ -6561,8 +6605,9 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, w1e, params->w1EncSz, commit, params->lambda / 4); if (ret == 0) { /* Step 17: Compute c from first 256 bits of commit. */ - ret = dilithium_sample_in_ball_ex(&key->shake, commit, - params->lambda / 4, params->tau, c, blocks); + ret = dilithium_sample_in_ball_ex(params->level, + &key->shake, commit, params->lambda / 4, params->tau, c, + blocks); } if (ret == 0) { /* Step 18: NTT(c). */ @@ -6739,7 +6784,6 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, #endif } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign a message with the key and a seed. * * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx) @@ -6790,7 +6834,6 @@ static int dilithium_sign_ctx_msg_with_seed(dilithium_key* key, return ret; } -#endif /* Sign a message with the key and a seed. * @@ -6840,7 +6883,6 @@ static int dilithium_sign_msg_with_seed(dilithium_key* key, const byte* seed, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign a message with the key and a random number generator. * * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx) @@ -6904,7 +6946,6 @@ static int dilithium_sign_ctx_msg(dilithium_key* key, WC_RNG* rng, return ret; } -#endif /* Sign a message with the key and a random number generator. * @@ -6967,7 +7008,6 @@ static int dilithium_sign_msg(dilithium_key* key, WC_RNG* rng, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign a pre-hashed message with the key and a seed. * * FIPS 204. 5.4.1: Algorithm 4 HashML-DSA.Sign(sk, M, ctx, PH) @@ -7088,7 +7128,6 @@ static int dilithium_sign_ctx_hash(dilithium_key* key, WC_RNG* rng, return ret; } -#endif #endif /* !WOLFSSL_DILITHIUM_NO_SIGN */ @@ -7268,8 +7307,8 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu, } if ((ret == 0) && valid) { /* Step 9: Compute c from commit. */ - ret = dilithium_sample_in_ball(&key->shake, commit, params->lambda / 4, - params->tau, c, key->heap); + ret = dilithium_sample_in_ball(params->level, &key->shake, commit, + params->lambda / 4, params->tau, c, key->heap); } if ((ret == 0) && valid) { /* Step 10: w = NTT-1(A o NTT(z) - NTT(c) o NTT(t1)) */ @@ -7386,10 +7425,10 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu, /* Step 9: Compute c from first 256 bits of commit. */ #ifdef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC - ret = dilithium_sample_in_ball_ex(&key->shake, commit, + ret = dilithium_sample_in_ball_ex(params->level, &key->shake, commit, params->lambda / 4, params->tau, c, key->block); #else - ret = dilithium_sample_in_ball_ex(&key->shake, commit, + ret = dilithium_sample_in_ball_ex(params->level, &key->shake, commit, params->lambda / 4, params->tau, c, block); #endif } @@ -7553,7 +7592,6 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu, #endif /* !WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM */ } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Verify signature of message using public key. * * @param [in, out] key Dilithium key. @@ -7599,7 +7637,6 @@ static int dilithium_verify_ctx_msg(dilithium_key* key, const byte* ctx, return ret; } -#endif /* Verify signature of message using public key. * @@ -7644,7 +7681,6 @@ static int dilithium_verify_msg(dilithium_key* key, const byte* msg, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Verify signature of message using public key. * * @param [in, out] key Dilithium key. @@ -7699,7 +7735,6 @@ static int dilithium_verify_ctx_hash(dilithium_key* key, const byte* ctx, return ret; } -#endif #endif /* WOLFSSL_DILITHIUM_NO_VERIFY */ #elif defined(HAVE_LIBOQS) @@ -7779,18 +7814,18 @@ static int oqs_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig, /* check and set up out length */ if (ret == 0) { if ((key->level == WC_ML_DSA_44) && - (*sigLen < DILITHIUM_LEVEL2_SIG_SIZE)) { - *sigLen = DILITHIUM_LEVEL2_SIG_SIZE; + (*sigLen < ML_DSA_LEVEL2_SIG_SIZE)) { + *sigLen = ML_DSA_LEVEL2_SIG_SIZE; ret = BUFFER_E; } else if ((key->level == WC_ML_DSA_65) && - (*sigLen < DILITHIUM_LEVEL3_SIG_SIZE)) { - *sigLen = DILITHIUM_LEVEL3_SIG_SIZE; + (*sigLen < ML_DSA_LEVEL3_SIG_SIZE)) { + *sigLen = ML_DSA_LEVEL3_SIG_SIZE; ret = BUFFER_E; } else if ((key->level == WC_ML_DSA_87) && - (*sigLen < DILITHIUM_LEVEL5_SIG_SIZE)) { - *sigLen = DILITHIUM_LEVEL5_SIG_SIZE; + (*sigLen < ML_DSA_LEVEL5_SIG_SIZE)) { + *sigLen = ML_DSA_LEVEL5_SIG_SIZE; ret = BUFFER_E; } localOutLen = *sigLen; @@ -7945,7 +7980,6 @@ int wc_dilithium_make_key_from_seed(dilithium_key* key, const byte* seed) #endif #ifndef WOLFSSL_DILITHIUM_NO_SIGN -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign the message using the dilithium private key. * * ctx [in] Context of signature. @@ -8002,7 +8036,6 @@ int wc_dilithium_sign_ctx_msg(const byte* ctx, byte ctxLen, const byte* msg, return ret; } -#endif /* Sign the message using the dilithium private key. * @@ -8054,7 +8087,6 @@ int wc_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign the message hash using the dilithium private key. * * ctx [in] Context of signature. @@ -8145,7 +8177,6 @@ int wc_dilithium_sign_ctx_msg_with_seed(const byte* ctx, byte ctxLen, return ret; } -#endif /* Sign the message using the dilithium private key. * @@ -8183,7 +8214,6 @@ int wc_dilithium_sign_msg_with_seed(const byte* msg, word32 msgLen, byte* sig, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Sign the message using the dilithium private key. * * ctx [in] Context of signature. @@ -8230,11 +8260,9 @@ int wc_dilithium_sign_ctx_hash_with_seed(const byte* ctx, byte ctxLen, return ret; } -#endif #endif /* !WOLFSSL_DILITHIUM_NO_SIGN */ #ifndef WOLFSSL_DILITHIUM_NO_VERIFY -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Verify the message using the dilithium public key. * * sig [in] Signature to verify. @@ -8278,7 +8306,6 @@ int wc_dilithium_verify_ctx_msg(const byte* sig, word32 sigLen, const byte* ctx, return ret; } -#endif /* Verify the message using the dilithium public key. * @@ -8330,7 +8357,6 @@ int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg, return ret; } -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT /* Verify the message using the dilithium public key. * * sig [in] Signature to verify. @@ -8377,7 +8403,6 @@ int wc_dilithium_verify_ctx_hash(const byte* sig, word32 sigLen, return ret; } -#endif #endif /* WOLFSSL_DILITHIUM_NO_VERIFY */ /* Initialize the dilithium private/public key. @@ -8498,8 +8523,17 @@ int wc_dilithium_set_level(dilithium_key* key, byte level) if (key == NULL) { ret = BAD_FUNC_ARG; } - if ((ret == 0) && (level != WC_ML_DSA_44) && (level != WC_ML_DSA_65) && - (level != WC_ML_DSA_87)) { + if ((ret == 0) && ((level == WC_ML_DSA_44) || (level == WC_ML_DSA_65) || + (level == WC_ML_DSA_87))) { + /* Nothing to do. */ + } +#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + else if ((ret == 0) && ((level == WC_ML_DSA_44_DRAFT) || + (level == WC_ML_DSA_65_DRAFT) || (level == WC_ML_DSA_87_DRAFT))) { + /* Nothing to do. */ + } +#endif + else { ret = BAD_FUNC_ARG; } @@ -8532,7 +8566,7 @@ int wc_dilithium_set_level(dilithium_key* key, byte level) #endif /* WOLFSSL_WC_DILITHIUM */ /* Store level and indicate public and private key are not set. */ - key->level = level; + key->level = level % WC_ML_DSA_DRAFT; key->pubKeySet = 0; key->prvKeySet = 0; } @@ -8607,15 +8641,30 @@ int wc_dilithium_size(dilithium_key* key) int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); if (key != NULL) { - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = DILITHIUM_LEVEL2_KEY_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = DILITHIUM_LEVEL3_KEY_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = DILITHIUM_LEVEL5_KEY_SIZE; } + else + #endif + if (key->level == WC_ML_DSA_44) { + ret = ML_DSA_LEVEL2_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + ret = ML_DSA_LEVEL3_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + ret = ML_DSA_LEVEL5_KEY_SIZE; + } } return ret; @@ -8633,15 +8682,29 @@ int wc_dilithium_priv_size(dilithium_key* key) int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); if (key != NULL) { - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = DILITHIUM_LEVEL2_PRV_KEY_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = DILITHIUM_LEVEL3_PRV_KEY_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = DILITHIUM_LEVEL5_PRV_KEY_SIZE; } + #endif + if (key->level == WC_ML_DSA_44) { + ret = ML_DSA_LEVEL2_PRV_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + ret = ML_DSA_LEVEL3_PRV_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + ret = ML_DSA_LEVEL5_PRV_KEY_SIZE; + } } return ret; @@ -8680,15 +8743,30 @@ int wc_dilithium_pub_size(dilithium_key* key) int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); if (key != NULL) { - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = DILITHIUM_LEVEL2_PUB_KEY_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = DILITHIUM_LEVEL3_PUB_KEY_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = DILITHIUM_LEVEL5_PUB_KEY_SIZE; } + else + #endif + if (key->level == WC_ML_DSA_44) { + ret = ML_DSA_LEVEL2_PUB_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + ret = ML_DSA_LEVEL3_PUB_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + ret = ML_DSA_LEVEL5_PUB_KEY_SIZE; + } } return ret; @@ -8726,15 +8804,30 @@ int wc_dilithium_sig_size(dilithium_key* key) int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); if (key != NULL) { - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = DILITHIUM_LEVEL2_SIG_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = DILITHIUM_LEVEL3_SIG_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = DILITHIUM_LEVEL5_SIG_SIZE; } + else + #endif + if (key->level == WC_ML_DSA_44) { + ret = ML_DSA_LEVEL2_SIG_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + ret = ML_DSA_LEVEL3_SIG_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + ret = ML_DSA_LEVEL5_SIG_SIZE; + } } return ret; @@ -8947,7 +9040,11 @@ int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen) if (ret == 0) { /* Get length passed in for checking. */ inLen = *outLen; - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { /* Set out length. */ *outLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE; /* Validate length passed in. */ @@ -8955,7 +9052,7 @@ int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen) ret = BUFFER_E; } } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { /* Set out length. */ *outLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE; /* Validate length passed in. */ @@ -8963,7 +9060,7 @@ int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen) ret = BUFFER_E; } } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { /* Set out length. */ *outLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE; /* Validate length passed in. */ @@ -8971,6 +9068,32 @@ int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen) ret = BUFFER_E; } } + else + #endif + if (key->level == WC_ML_DSA_44) { + /* Set out length. */ + *outLen = ML_DSA_LEVEL2_PUB_KEY_SIZE; + /* Validate length passed in. */ + if (inLen < ML_DSA_LEVEL2_PUB_KEY_SIZE) { + ret = BUFFER_E; + } + } + else if (key->level == WC_ML_DSA_65) { + /* Set out length. */ + *outLen = ML_DSA_LEVEL3_PUB_KEY_SIZE; + /* Validate length passed in. */ + if (inLen < ML_DSA_LEVEL3_PUB_KEY_SIZE) { + ret = BUFFER_E; + } + } + else if (key->level == WC_ML_DSA_87) { + /* Set out length. */ + *outLen = ML_DSA_LEVEL5_PUB_KEY_SIZE; + /* Validate length passed in. */ + if (inLen < ML_DSA_LEVEL5_PUB_KEY_SIZE) { + ret = BUFFER_E; + } + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9009,24 +9132,48 @@ int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key) ret = BAD_FUNC_ARG; } if (ret == 0) { - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { /* Check length. */ if (inLen != DILITHIUM_LEVEL2_PUB_KEY_SIZE) { ret = BAD_FUNC_ARG; } } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { /* Check length. */ if (inLen != DILITHIUM_LEVEL3_PUB_KEY_SIZE) { ret = BAD_FUNC_ARG; } } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { /* Check length. */ if (inLen != DILITHIUM_LEVEL5_PUB_KEY_SIZE) { ret = BAD_FUNC_ARG; } } + else + #endif + if (key->level == WC_ML_DSA_44) { + /* Check length. */ + if (inLen != ML_DSA_LEVEL2_PUB_KEY_SIZE) { + ret = BAD_FUNC_ARG; + } + } + else if (key->level == WC_ML_DSA_65) { + /* Check length. */ + if (inLen != ML_DSA_LEVEL3_PUB_KEY_SIZE) { + ret = BAD_FUNC_ARG; + } + } + else if (key->level == WC_ML_DSA_87) { + /* Check length. */ + if (inLen != ML_DSA_LEVEL5_PUB_KEY_SIZE) { + ret = BAD_FUNC_ARG; + } + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9109,9 +9256,9 @@ static int dilithium_set_priv_key(const byte* priv, word32 privSz, #endif /* Validate parameters. */ - if ((privSz != DILITHIUM_LEVEL2_KEY_SIZE) && - (privSz != DILITHIUM_LEVEL3_KEY_SIZE) && - (privSz != DILITHIUM_LEVEL5_KEY_SIZE)) { + if ((privSz != ML_DSA_LEVEL2_KEY_SIZE) && + (privSz != ML_DSA_LEVEL3_KEY_SIZE) && + (privSz != ML_DSA_LEVEL5_KEY_SIZE)) { ret = BAD_FUNC_ARG; } @@ -9277,15 +9424,30 @@ int wc_dilithium_export_private(dilithium_key* key, byte* out, if (ret == 0) { inLen = *outLen; /* check and set up out length */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { *outLen = DILITHIUM_LEVEL2_KEY_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { *outLen = DILITHIUM_LEVEL3_KEY_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { *outLen = DILITHIUM_LEVEL5_KEY_SIZE; } + else + #endif + if (key->level == WC_ML_DSA_44) { + *outLen = ML_DSA_LEVEL2_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + *outLen = ML_DSA_LEVEL3_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + *outLen = ML_DSA_LEVEL5_KEY_SIZE; + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9370,15 +9532,30 @@ int wc_Dilithium_PrivateKeyDecode(const byte* input, word32* inOutIdx, if (ret == 0) { /* Get OID sum for level. */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { keytype = DILITHIUM_LEVEL2k; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { keytype = DILITHIUM_LEVEL3k; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { keytype = DILITHIUM_LEVEL5k; } + else + #endif + if (key->level == WC_ML_DSA_44) { + keytype = ML_DSA_LEVEL2k; + } + else if (key->level == WC_ML_DSA_65) { + keytype = ML_DSA_LEVEL3k; + } + else if (key->level == WC_ML_DSA_87) { + keytype = ML_DSA_LEVEL5k; + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9392,24 +9569,48 @@ int wc_Dilithium_PrivateKeyDecode(const byte* input, word32* inOutIdx, } if ((ret == 0) && (pubKey == NULL) && (pubKeyLen == 0)) { /* Check if the public key is included in the private key. */ - if ((key->level == WC_ML_DSA_44) && + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if ((key->params->level == WC_ML_DSA_44_DRAFT) && (privKeyLen == DILITHIUM_LEVEL2_PRV_KEY_SIZE)) { pubKey = privKey + DILITHIUM_LEVEL2_KEY_SIZE; pubKeyLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE; privKeyLen -= DILITHIUM_LEVEL2_PUB_KEY_SIZE; } - else if ((key->level == WC_ML_DSA_65) && + else if ((key->params->level == WC_ML_DSA_65_DRAFT) && (privKeyLen == DILITHIUM_LEVEL3_PRV_KEY_SIZE)) { pubKey = privKey + DILITHIUM_LEVEL3_KEY_SIZE; pubKeyLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE; privKeyLen -= DILITHIUM_LEVEL3_PUB_KEY_SIZE; } - else if ((key->level == WC_ML_DSA_87) && + else if ((key->params->level == WC_ML_DSA_87_DRAFT) && (privKeyLen == DILITHIUM_LEVEL5_PRV_KEY_SIZE)) { pubKey = privKey + DILITHIUM_LEVEL5_KEY_SIZE; pubKeyLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE; privKeyLen -= DILITHIUM_LEVEL5_PUB_KEY_SIZE; } + else + #endif + if ((key->level == WC_ML_DSA_44) && + (privKeyLen == ML_DSA_LEVEL2_PRV_KEY_SIZE)) { + pubKey = privKey + ML_DSA_LEVEL2_KEY_SIZE; + pubKeyLen = ML_DSA_LEVEL2_PUB_KEY_SIZE; + privKeyLen -= ML_DSA_LEVEL2_PUB_KEY_SIZE; + } + else if ((key->level == WC_ML_DSA_65) && + (privKeyLen == ML_DSA_LEVEL3_PRV_KEY_SIZE)) { + pubKey = privKey + ML_DSA_LEVEL3_KEY_SIZE; + pubKeyLen = ML_DSA_LEVEL3_PUB_KEY_SIZE; + privKeyLen -= ML_DSA_LEVEL3_PUB_KEY_SIZE; + } + else if ((key->level == WC_ML_DSA_87) && + (privKeyLen == ML_DSA_LEVEL5_PRV_KEY_SIZE)) { + pubKey = privKey + ML_DSA_LEVEL5_KEY_SIZE; + pubKeyLen = ML_DSA_LEVEL5_PUB_KEY_SIZE; + privKeyLen -= ML_DSA_LEVEL5_PUB_KEY_SIZE; + } } if (ret == 0) { @@ -9444,23 +9645,38 @@ int wc_Dilithium_PrivateKeyDecode(const byte* input, word32* inOutIdx, #if defined(WOLFSSL_DILITHIUM_NO_ASN1) #ifndef WOLFSSL_NO_ML_DSA_44 +static unsigned char ml_dsa_oid_44[] = { + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11 +}; +#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) static unsigned char dilithium_oid_44[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x04, 0x04 }; #endif +#endif #ifndef WOLFSSL_NO_ML_DSA_65 +static unsigned char ml_dsa_oid_65[] = { + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12 +}; +#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) static unsigned char dilithium_oid_65[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x06, 0x05 }; #endif +#endif #ifndef WOLFSSL_NO_ML_DSA_87 +static unsigned char ml_dsa_oid_87[] = { + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13 +}; +#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) static unsigned char dilithium_oid_87[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b, 0x0c, 0x08, 0x07 }; #endif +#endif static int dilitihium_get_der_length(const byte* input, word32* inOutIdx, int *length, word32 inSz) @@ -9577,15 +9793,30 @@ int wc_Dilithium_PublicKeyDecode(const byte* input, word32* inOutIdx, #if !defined(WOLFSSL_DILITHIUM_NO_ASN1) /* Get OID sum for level. */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { keytype = DILITHIUM_LEVEL2k; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { keytype = DILITHIUM_LEVEL3k; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { keytype = DILITHIUM_LEVEL5k; } + else + #endif + if (key->level == WC_ML_DSA_44) { + keytype = ML_DSA_LEVEL2k; + } + else if (key->level == WC_ML_DSA_65) { + keytype = ML_DSA_LEVEL3k; + } + else if (key->level == WC_ML_DSA_87) { + keytype = ML_DSA_LEVEL5k; + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9597,27 +9828,54 @@ int wc_Dilithium_PublicKeyDecode(const byte* input, word32* inOutIdx, } #else /* Get OID sum for level. */ + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else #ifndef WOLFSSL_NO_ML_DSA_44 - if (key->level == WC_ML_DSA_44) { + if (key->params->level == WC_ML_DSA_44_DRAFT) { oid = dilithium_oid_44; oidLen = (int)sizeof(dilithium_oid_44); } else #endif #ifndef WOLFSSL_NO_ML_DSA_65 - if (key->level == WC_ML_DSA_65) { + if (key->params->level == WC_ML_DSA_65_DRAFT) { oid = dilithium_oid_65; oidLen = (int)sizeof(dilithium_oid_65); } else #endif #ifndef WOLFSSL_NO_ML_DSA_87 - if (key->level == WC_ML_DSA_87) { + if (key->params->level == WC_ML_DSA_87_DRAFT) { oid = dilithium_oid_87; oidLen = (int)sizeof(dilithium_oid_87); } else #endif + #endif + #ifndef WOLFSSL_NO_ML_DSA_44 + if (key->level == WC_ML_DSA_44) { + oid = ml_dsa_oid_44; + oidLen = (int)sizeof(ml_dsa_oid_44); + } + else + #endif + #ifndef WOLFSSL_NO_ML_DSA_65 + if (key->level == WC_ML_DSA_65) { + oid = ml_dsa_oid_65; + oidLen = (int)sizeof(ml_dsa_oid_65); + } + else + #endif + #ifndef WOLFSSL_NO_ML_DSA_87 + if (key->level == WC_ML_DSA_87) { + oid = ml_dsa_oid_87; + oidLen = (int)sizeof(ml_dsa_oid_87); + } + else + #endif { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9708,18 +9966,36 @@ int wc_Dilithium_PublicKeyToDer(dilithium_key* key, byte* output, word32 len, if (ret == 0) { /* Get OID and length for level. */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { keytype = DILITHIUM_LEVEL2k; pubKeyLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE; } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { keytype = DILITHIUM_LEVEL3k; pubKeyLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE; } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { keytype = DILITHIUM_LEVEL5k; pubKeyLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE; } + else + #endif + if (key->level == WC_ML_DSA_44) { + keytype = ML_DSA_LEVEL2k; + pubKeyLen = ML_DSA_LEVEL2_PUB_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_65) { + keytype = ML_DSA_LEVEL3k; + pubKeyLen = ML_DSA_LEVEL3_PUB_KEY_SIZE; + } + else if (key->level == WC_ML_DSA_87) { + keytype = ML_DSA_LEVEL5k; + pubKeyLen = ML_DSA_LEVEL5_PUB_KEY_SIZE; + } else { /* Level not set. */ ret = BAD_FUNC_ARG; @@ -9762,18 +10038,36 @@ int wc_Dilithium_KeyToDer(dilithium_key* key, byte* output, word32 len) /* Validate parameters and check public and private key set. */ if ((key != NULL) && key->prvKeySet && key->pubKeySet) { /* Create DER for level. */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL2_KEY_SIZE, key->p, DILITHIUM_LEVEL2_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL2k); } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL3_KEY_SIZE, key->p, DILITHIUM_LEVEL3_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL3k); } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL5_KEY_SIZE, key->p, DILITHIUM_LEVEL5_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL5k); } + else + #endif + if (key->level == WC_ML_DSA_44) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL2_KEY_SIZE, key->p, + ML_DSA_LEVEL2_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL2k); + } + else if (key->level == WC_ML_DSA_65) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL3_KEY_SIZE, key->p, + ML_DSA_LEVEL3_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL3k); + } + else if (key->level == WC_ML_DSA_87) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL5_KEY_SIZE, key->p, + ML_DSA_LEVEL5_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL5k); + } } return ret; @@ -9798,18 +10092,36 @@ int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output, word32 len) /* Validate parameters and check private key set. */ if ((key != NULL) && key->prvKeySet) { /* Create DER for level. */ - if (key->level == WC_ML_DSA_44) { + #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT) + if (key->params == NULL) { + ret = BAD_FUNC_ARG; + } + else if (key->params->level == WC_ML_DSA_44_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL2_KEY_SIZE, NULL, 0, output, len, DILITHIUM_LEVEL2k); } - else if (key->level == WC_ML_DSA_65) { + else if (key->params->level == WC_ML_DSA_65_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL3_KEY_SIZE, NULL, 0, output, len, DILITHIUM_LEVEL3k); } - else if (key->level == WC_ML_DSA_87) { + else if (key->params->level == WC_ML_DSA_87_DRAFT) { ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL5_KEY_SIZE, NULL, 0, output, len, DILITHIUM_LEVEL5k); } + else + #endif + if (key->level == WC_ML_DSA_44) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL2_KEY_SIZE, NULL, 0, output, + len, ML_DSA_LEVEL2k); + } + else if (key->level == WC_ML_DSA_65) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL3_KEY_SIZE, NULL, 0, output, + len, ML_DSA_LEVEL3k); + } + else if (key->level == WC_ML_DSA_87) { + ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL5_KEY_SIZE, NULL, 0, output, + len, ML_DSA_LEVEL5k); + } } return ret; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index ca8094ea13..9c9208a2a7 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -42108,13 +42108,17 @@ static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey, if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT - ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg, - (word32)sizeof(msg), &res, key); -#else - ret = wc_dilithium_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), &res, - key); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (param >= WC_ML_DSA_DRAFT) { + ret = wc_dilithium_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), + &res, key); + } + else #endif + { + ret = wc_dilithium_verify_ctx_msg(sig, sigLen, NULL, 0, msg, + (word32)sizeof(msg), &res, key); + } if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (res != 1) @@ -42129,7 +42133,6 @@ static wc_test_ret_t dilithium_param_vfy_test(int param, const byte* pubKey, static wc_test_ret_t dilithium_param_44_vfy_test(void) { WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_pub_key[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0xd8, 0xac, 0xaf, 0xd8, 0x2e, 0x14, 0x23, 0x78, 0xf7, 0x0d, 0x9a, 0x04, 0x2b, 0x92, 0x48, 0x67, 0x60, 0x55, 0x34, 0xd9, 0xac, 0x0b, 0xc4, 0x1f, 0x46, 0xe8, 0x85, 0xb9, 0x2e, 0x1b, 0x10, 0x3a, 0x75, 0x7a, 0xc2, 0xbc, @@ -42240,7 +42243,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void) 0x21, 0x53, 0xeb, 0xd3, 0xa6, 0xec, 0x7d, 0x3c, 0xb8, 0xcd, 0x91, 0x4c, 0x2f, 0x4b, 0x2e, 0x23, 0x4c, 0x0f, 0x0f, 0xe0, 0x14, 0xa5, 0xe7, 0xe5, 0x70, 0x8d, 0x8b, 0x9c -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_draft_pub_key[] = { 0xea, 0x05, 0x24, 0x0d, 0x80, 0x72, 0x25, 0x55, 0xf4, 0x5b, 0xc2, 0x13, 0x8b, 0x87, 0x5d, 0x31, 0x99, 0x2f, 0x1d, 0xa9, 0x41, 0x09, 0x05, 0x76, 0xa7, 0xb7, 0x5e, 0x8c, 0x44, 0xe2, @@ -42373,10 +42378,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void) 0xca, 0x7a, 0x54, 0xe5, 0x06, 0xe3, 0xda, 0x05, 0xf7, 0x77, 0x36, 0x8b, 0x81, 0x26, 0x99, 0x92, 0x42, 0xda, 0x45, 0xb1, 0xfe, 0x4b -#endif }; +#endif WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_sig[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0x27, 0x3b, 0x58, 0xa0, 0xcf, 0x00, 0x29, 0x5e, 0x1a, 0x63, 0xbf, 0xb4, 0x97, 0x16, 0xa1, 0x9c, 0x78, 0xd1, 0x33, 0xdc, 0x72, 0xde, 0xa3, 0xfc, 0xf4, 0x09, 0xb1, 0x09, 0x16, 0x3f, 0x80, 0x72, 0x22, 0x68, 0x65, 0x68, @@ -42579,7 +42583,9 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void) 0xe5, 0xea, 0x0b, 0x16, 0x3b, 0x3c, 0x3e, 0x45, 0x58, 0x63, 0x6a, 0x6f, 0x7c, 0x8c, 0x8d, 0x92, 0x99, 0x9c, 0xad, 0xb5, 0xb7, 0xce, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x16, 0x23, 0x36, 0x4a -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_44_draft_sig[] = { 0x5e, 0xc1, 0xce, 0x0e, 0x31, 0xea, 0x10, 0x52, 0xa3, 0x7a, 0xfe, 0x4d, 0xac, 0x07, 0x89, 0x5a, 0x45, 0xbd, 0x5a, 0xe5, 0x22, 0xed, 0x98, 0x4d, 0x2f, 0xc8, 0x27, 0x00, 0x99, 0x40, @@ -42822,12 +42828,22 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void) 0x35, 0x38, 0x3f, 0x4c, 0x7f, 0x80, 0x81, 0x8b, 0x9b, 0x9c, 0x9d, 0xa7, 0xa9, 0xcb, 0xe9, 0xf0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x20, 0x32, 0x46 -#endif }; +#endif + wc_test_ret_t ret; - return dilithium_param_vfy_test(WC_ML_DSA_44, ml_dsa_44_pub_key, + ret = dilithium_param_vfy_test(WC_ML_DSA_44, ml_dsa_44_pub_key, (word32)sizeof(ml_dsa_44_pub_key), ml_dsa_44_sig, (word32)sizeof(ml_dsa_44_sig)); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (ret == 0) { + ret = dilithium_param_vfy_test(WC_ML_DSA_44_DRAFT, + ml_dsa_44_draft_pub_key, (word32)sizeof(ml_dsa_44_draft_pub_key), + ml_dsa_44_draft_sig, (word32)sizeof(ml_dsa_44_draft_sig)); + } +#endif + + return ret; } #endif @@ -42835,7 +42851,6 @@ static wc_test_ret_t dilithium_param_44_vfy_test(void) static wc_test_ret_t dilithium_param_65_vfy_test(void) { WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_pub_key[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0x2c, 0x32, 0xfa, 0x59, 0x71, 0x16, 0x4a, 0x0e, 0x45, 0x0f, 0x21, 0xfd, 0x65, 0xee, 0x50, 0xb0, 0xbf, 0xea, 0x8e, 0x4e, 0xa2, 0x55, 0x71, 0xa6, 0x65, 0x48, 0x56, 0x20, 0x8a, 0x48, 0x9d, 0xd7, 0xc9, 0x2c, 0x80, 0x62, @@ -42999,7 +43014,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void) 0x09, 0x5b, 0xfd, 0x52, 0x6f, 0xd9, 0x3c, 0x1c, 0x02, 0x3b, 0x77, 0xb8, 0xa1, 0xe9, 0xa4, 0xb7, 0x42, 0x62, 0xee, 0xea, 0x43, 0xf3, 0xd8, 0xd0, 0x7a, 0x53, 0x91, 0x34, 0x7f, 0xe7, 0x9a, 0xc6 -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_draft_pub_key[] = { 0x15, 0xc9, 0xe5, 0x53, 0x2f, 0xd8, 0x1f, 0xb4, 0xa3, 0x9f, 0xae, 0xad, 0xb3, 0x10, 0xd0, 0x72, 0x69, 0xd3, 0x02, 0xf3, 0xdf, 0x67, 0x5a, 0x31, 0x52, 0x19, 0xca, 0x39, 0x27, 0x77, @@ -43196,10 +43213,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void) 0xd8, 0x57, 0x9d, 0x48, 0x80, 0x6a, 0xef, 0x0c, 0xdd, 0x27, 0x99, 0xf9, 0xe7, 0xd0, 0xd2, 0x36, 0xd8, 0xed, 0x41, 0x14, 0x1b, 0x10 -#endif }; +#endif WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_sig[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0xb1, 0xd1, 0x8e, 0x83, 0x0b, 0x0d, 0xd2, 0x71, 0xb2, 0xaa, 0x31, 0x38, 0x16, 0xf0, 0xb4, 0xbc, 0x64, 0x2b, 0x97, 0xa1, 0x08, 0x19, 0x4f, 0x52, 0xfe, 0x99, 0x1a, 0xa9, 0xd4, 0x08, 0x93, 0x99, 0x88, 0xfd, 0x6a, 0xd6, @@ -43476,7 +43492,9 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void) 0x96, 0x0d, 0x23, 0x2b, 0x37, 0x87, 0x8d, 0xc8, 0xf7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x0b, 0x13, 0x1a, 0x1d, 0x25 -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_65_draft_sig[] = { 0x3e, 0xff, 0xf4, 0x48, 0x80, 0x2d, 0x88, 0x87, 0xf4, 0xcc, 0xa4, 0x61, 0xe1, 0x27, 0x20, 0x55, 0x66, 0xc8, 0xfe, 0x3e, 0xdd, 0xf5, 0x5c, 0x70, 0x6c, 0x54, 0xba, 0x50, 0x8a, 0xa2, @@ -43808,12 +43826,22 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void) 0xba, 0xdd, 0x02, 0x45, 0x7e, 0xc1, 0xdd, 0xeb, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x0c, 0x15, 0x1c, 0x22, 0x28 -#endif }; +#endif + wc_test_ret_t ret; - return dilithium_param_vfy_test(WC_ML_DSA_65, ml_dsa_65_pub_key, + ret = dilithium_param_vfy_test(WC_ML_DSA_65, ml_dsa_65_pub_key, (word32)sizeof(ml_dsa_65_pub_key), ml_dsa_65_sig, (word32)sizeof(ml_dsa_65_sig)); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (ret == 0) { + ret = dilithium_param_vfy_test(WC_ML_DSA_65_DRAFT, + ml_dsa_65_draft_pub_key, (word32)sizeof(ml_dsa_65_draft_pub_key), + ml_dsa_65_draft_sig, (word32)sizeof(ml_dsa_65_draft_sig)); + } +#endif + + return ret; } #endif @@ -43821,7 +43849,6 @@ static wc_test_ret_t dilithium_param_65_vfy_test(void) static wc_test_ret_t dilithium_param_87_vfy_test(void) { WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_pub_key[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0x8a, 0x66, 0xe3, 0x6e, 0x3c, 0x11, 0x70, 0x9f, 0x82, 0xdd, 0xeb, 0x9e, 0xc0, 0xd7, 0x25, 0x87, 0x0c, 0x65, 0x07, 0x9d, 0x47, 0x39, 0x5d, 0x04, 0x42, 0x5c, 0xd6, 0x0a, 0xdc, 0x39, 0x44, 0x04, 0xd9, 0x79, 0x43, 0x87, @@ -44038,7 +44065,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void) 0xf5, 0xdc, 0x9f, 0x3c, 0x6c, 0x69, 0x0d, 0x61, 0x49, 0xb2, 0xe0, 0xb2, 0xe5, 0xef, 0x19, 0xbe, 0x04, 0xf6, 0x6b, 0xad, 0x41, 0x4c, 0x5a, 0x50, 0xf6, 0xac, 0x1b, 0x25, 0x8a, 0xdd, 0xe3, 0x57, 0xab, 0x7c, 0x92, 0xe4 -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_draft_pub_key[] = { 0xef, 0x49, 0x79, 0x47, 0x15, 0xc4, 0x8a, 0xa9, 0x74, 0x2a, 0xf0, 0x36, 0x94, 0x5c, 0x91, 0x1c, 0x5d, 0xff, 0x2c, 0x83, 0xf2, 0x8b, 0x04, 0xfc, 0x5d, 0x64, 0xbd, 0x49, 0x73, 0xcd, @@ -44299,10 +44328,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void) 0x2e, 0xfa, 0xcb, 0x5f, 0x5b, 0xd8, 0x09, 0x83, 0xe9, 0x40, 0xe9, 0x0e, 0x42, 0xdd, 0x17, 0xd7, 0x6e, 0x19, 0x8d, 0x95, 0x0a, 0x93 -#endif }; +#endif WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_sig[] = { -#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT 0x20, 0xff, 0x12, 0xe1, 0x87, 0xf6, 0x11, 0x38, 0xff, 0x41, 0xd0, 0x8f, 0xcd, 0x7e, 0xd1, 0xf6, 0x21, 0x17, 0xd0, 0x46, 0xe9, 0x86, 0x83, 0x1b, 0xaf, 0xe5, 0x2b, 0x59, 0x21, 0xd1, 0x6b, 0xc9, 0xdb, 0x34, 0xdc, 0xba, @@ -44689,7 +44717,9 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void) 0x51, 0x68, 0x89, 0xad, 0xae, 0xc7, 0xd1, 0xde, 0xe2, 0xf9, 0xfe, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x0c, 0x18, 0x20, 0x24, 0x2f, 0x33, 0x3f -#else + }; +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + WOLFSSL_SMALL_STACK_STATIC const byte ml_dsa_87_draft_sig[] = { 0x78, 0xed, 0x1a, 0x3f, 0x41, 0xab, 0xf8, 0x93, 0x80, 0xf0, 0xc6, 0xbf, 0x4a, 0xde, 0xaf, 0x29, 0x93, 0xe5, 0x9a, 0xbf, 0x38, 0x08, 0x18, 0x33, 0xca, 0x7d, 0x5e, 0x65, 0xa4, 0xd2, @@ -45153,12 +45183,22 @@ static wc_test_ret_t dilithium_param_87_vfy_test(void) 0x02, 0x6a, 0x70, 0xc8, 0xcd, 0xd0, 0xe2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x12, 0x1c, 0x22, 0x2b, 0x33, 0x38, 0x3f -#endif }; +#endif + wc_test_ret_t ret; - return dilithium_param_vfy_test(WC_ML_DSA_87, ml_dsa_87_pub_key, + ret = dilithium_param_vfy_test(WC_ML_DSA_87, ml_dsa_87_pub_key, (word32)sizeof(ml_dsa_87_pub_key), ml_dsa_87_sig, (word32)sizeof(ml_dsa_87_sig)); +#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + if (ret == 0) { + ret = dilithium_param_vfy_test(WC_ML_DSA_87_DRAFT, + ml_dsa_87_draft_pub_key, (word32)sizeof(ml_dsa_87_draft_pub_key), + ml_dsa_87_draft_sig, (word32)sizeof(ml_dsa_87_draft_sig)); + } +#endif + + return ret; } #endif #endif diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index cc7073101c..0ab2cb73fc 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1186,6 +1186,9 @@ enum Key_Sum { DILITHIUM_LEVEL2k = 218, /* 1.3.6.1.4.1.2.267.12.4.4 */ DILITHIUM_LEVEL3k = 221, /* 1.3.6.1.4.1.2.267.12.6.5 */ DILITHIUM_LEVEL5k = 225, /* 1.3.6.1.4.1.2.267.12.8.7 */ + ML_DSA_LEVEL2k = 431, /* 2.16.840.1.101.3.4.3.17 */ + ML_DSA_LEVEL3k = 432, /* 2.16.840.1.101.3.4.3.18 */ + ML_DSA_LEVEL5k = 433, /* 2.16.840.1.101.3.4.3.19 */ SPHINCS_FAST_LEVEL1k = 281, /* 1 3 9999 6 7 4 */ SPHINCS_FAST_LEVEL3k = 283, /* 1 3 9999 6 8 3 + 2 (See GetOID() in asn.c) */ SPHINCS_FAST_LEVEL5k = 282, /* 1 3 9999 6 9 3 */ @@ -2468,6 +2471,9 @@ enum cert_enums { DILITHIUM_LEVEL2_KEY = 18, DILITHIUM_LEVEL3_KEY = 19, DILITHIUM_LEVEL5_KEY = 20, + ML_DSA_LEVEL2_KEY = 21, + ML_DSA_LEVEL3_KEY = 22, + ML_DSA_LEVEL5_KEY = 23, SPHINCS_FAST_LEVEL1_KEY = 24, SPHINCS_FAST_LEVEL3_KEY = 25, SPHINCS_FAST_LEVEL5_KEY = 26, diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 83ef40eb46..50663e8fd7 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -171,6 +171,9 @@ enum CertType { DILITHIUM_LEVEL2_TYPE, DILITHIUM_LEVEL3_TYPE, DILITHIUM_LEVEL5_TYPE, + ML_DSA_LEVEL2_TYPE, + ML_DSA_LEVEL3_TYPE, + ML_DSA_LEVEL5_TYPE, SPHINCS_FAST_LEVEL1_TYPE, SPHINCS_FAST_LEVEL3_TYPE, SPHINCS_FAST_LEVEL5_TYPE, @@ -223,6 +226,9 @@ enum Ctc_SigType { CTC_DILITHIUM_LEVEL2 = 218, CTC_DILITHIUM_LEVEL3 = 221, CTC_DILITHIUM_LEVEL5 = 225, + CTC_ML_DSA_LEVEL2 = 431, + CTC_ML_DSA_LEVEL3 = 432, + CTC_ML_DSA_LEVEL5 = 433, CTC_SPHINCS_FAST_LEVEL1 = 281, CTC_SPHINCS_FAST_LEVEL3 = 283, diff --git a/wolfssl/wolfcrypt/dilithium.h b/wolfssl/wolfcrypt/dilithium.h index 7f30679e59..eb68e20265 100644 --- a/wolfssl/wolfcrypt/dilithium.h +++ b/wolfssl/wolfcrypt/dilithium.h @@ -128,6 +128,26 @@ (DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE) +#define ML_DSA_LEVEL2_KEY_SIZE 2560 +#define ML_DSA_LEVEL2_SIG_SIZE 2420 +#define ML_DSA_LEVEL2_PUB_KEY_SIZE 1312 +#define ML_DSA_LEVEL2_PRV_KEY_SIZE \ + (ML_DSA_LEVEL2_PUB_KEY_SIZE + ML_DSA_LEVEL2_KEY_SIZE) + +#define ML_DSA_LEVEL3_KEY_SIZE 4032 +#define ML_DSA_LEVEL3_SIG_SIZE 3309 +#define ML_DSA_LEVEL3_PUB_KEY_SIZE 1952 +#define ML_DSA_LEVEL3_PRV_KEY_SIZE \ + (ML_DSA_LEVEL3_PUB_KEY_SIZE + ML_DSA_LEVEL3_KEY_SIZE) + +#define ML_DSA_LEVEL5_KEY_SIZE 4896 +#define ML_DSA_LEVEL5_SIG_SIZE 4627 +#define ML_DSA_LEVEL5_PUB_KEY_SIZE 2592 +#define ML_DSA_LEVEL5_PRV_KEY_SIZE \ + (ML_DSA_LEVEL5_PUB_KEY_SIZE + ML_DSA_LEVEL5_KEY_SIZE) + + + /* Modulus. */ #define DILITHIUM_Q 0x7fe001 /* Number of bits in modulus. */ @@ -496,6 +516,25 @@ #define DILITHIUM_LEVEL5_PRV_KEY_SIZE \ (DILITHIUM_LEVEL5_PUB_KEY_SIZE+DILITHIUM_LEVEL5_KEY_SIZE) + +#define ML_DSA_LEVEL2_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_secret_key +#define ML_DSA_LEVEL2_SIG_SIZE OQS_SIG_ml_dsa_44_ipd_length_signature +#define ML_DSA_LEVEL2_PUB_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_public_key +#define ML_DSA_LEVEL2_PRV_KEY_SIZE \ + (ML_DSA_LEVEL2_PUB_KEY_SIZE+ML_DSA_LEVEL2_KEY_SIZE) + +#define ML_DSA_LEVEL3_KEY_SIZE OQS_SIG_ml_dsa_65_ipd_length_secret_key +#define ML_DSA_LEVEL3_SIG_SIZE OQS_SIG_ml_dsa_65_ipd_length_signature +#define ML_DSA_LEVEL3_PUB_KEY_SIZE OQS_SIG_ml_dsa_65_ipd_length_public_key +#define ML_DSA_LEVEL3_PRV_KEY_SIZE \ + (ML_DSA_LEVEL3_PUB_KEY_SIZE+ML_DSA_LEVEL3_KEY_SIZE) + +#define ML_DSA_LEVEL5_KEY_SIZE OQS_SIG_ml_dsa_87_ipd_length_secret_key +#define ML_DSA_LEVEL5_SIG_SIZE OQS_SIG_ml_dsa_87_ipd_length_signature +#define ML_DSA_LEVEL5_PUB_KEY_SIZE OQS_SIG_ml_dsa_87_ipd_length_public_key +#define ML_DSA_LEVEL5_PRV_KEY_SIZE \ + (ML_DSA_LEVEL5_PUB_KEY_SIZE+ML_DSA_LEVEL5_KEY_SIZE) + #endif #define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_KEY_SIZE @@ -760,10 +799,14 @@ WOLFSSL_API int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output, #endif /* WOLFSSL_DILITHIUM_NO_ASN1 */ +#define WC_ML_DSA_DRAFT 10 #define WC_ML_DSA_44 2 #define WC_ML_DSA_65 3 #define WC_ML_DSA_87 5 +#define WC_ML_DSA_44_DRAFT (2 + WC_ML_DSA_DRAFT) +#define WC_ML_DSA_65_DRAFT (3 + WC_ML_DSA_DRAFT) +#define WC_ML_DSA_87_DRAFT (5 + WC_ML_DSA_DRAFT) #define DILITHIUM_ML_DSA_44_KEY_SIZE 2560 #define DILITHIUM_ML_DSA_44_SIG_SIZE 2420