From 2ef90b1f89bde938d2f901e21055db6f5884be1b Mon Sep 17 00:00:00 2001 From: jordan Date: Thu, 23 Jan 2025 15:33:26 -0500 Subject: [PATCH] ML-DSA/Dilithium: update ssl code for ML_DSA final. --- src/internal.c | 105 +++++++++++++++++++++++++++++------- src/ssl.c | 91 +++++++++++++++++++++++-------- src/ssl_load.c | 129 +++++++++++++++++++++++++++++++++++++++++--- src/tls13.c | 6 +-- src/x509.c | 46 ++++++++++++---- wolfcrypt/src/asn.c | 2 +- 6 files changed, 316 insertions(+), 63 deletions(-) diff --git a/src/internal.c b/src/internal.c index bbef239ea5..36a02d9f27 100644 --- a/src/internal.c +++ b/src/internal.c @@ -14889,6 +14889,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: if (ssl->options.minDilithiumKeySz < 0 || DILITHIUM_LEVEL2_KEY_SIZE @@ -14913,6 +14914,31 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) ret = DILITHIUM_KEY_SIZE_E; } break; + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + case ML_DSA_LEVEL2k: + if (ssl->options.minDilithiumKeySz < 0 || + ML_DSA_LEVEL2_KEY_SIZE + < (word16)ssl->options.minDilithiumKeySz) { + WOLFSSL_MSG("Dilithium key size in cert chain error"); + ret = DILITHIUM_KEY_SIZE_E; + } + break; + case ML_DSA_LEVEL3k: + if (ssl->options.minDilithiumKeySz < 0 || + ML_DSA_LEVEL3_KEY_SIZE + < (word16)ssl->options.minDilithiumKeySz) { + WOLFSSL_MSG( "Dilithium key size in cert chain error"); + ret = DILITHIUM_KEY_SIZE_E; + } + break; + case ML_DSA_LEVEL5k: + if (ssl->options.minDilithiumKeySz < 0 || + ML_DSA_LEVEL5_KEY_SIZE + < (word16)ssl->options.minDilithiumKeySz) { + WOLFSSL_MSG("Dilithium key size in cert chain error"); + ret = DILITHIUM_KEY_SIZE_E; + } + break; #endif /* HAVE_DILITHIUM */ default: WOLFSSL_MSG("Key size not checked"); @@ -16541,9 +16567,14 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) && \ !defined(WOLFSSL_DILITHIUM_NO_VERIFY) + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: + #endif { int keyRet = 0; if (ssl->peerDilithiumKey == NULL) { @@ -16557,18 +16588,32 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, } if (keyRet == 0) { - if (args->dCert->keyOID == DILITHIUM_LEVEL2k) { + if (args->dCert->keyOID == ML_DSA_LEVEL2k) { + keyRet = wc_dilithium_set_level( + ssl->peerDilithiumKey, WC_ML_DSA_44); + } + else if (args->dCert->keyOID == ML_DSA_LEVEL3k) { + keyRet = wc_dilithium_set_level( + ssl->peerDilithiumKey, WC_ML_DSA_65); + } + else if (args->dCert->keyOID == ML_DSA_LEVEL5k) { + keyRet = wc_dilithium_set_level( + ssl->peerDilithiumKey, WC_ML_DSA_87); + } + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if (args->dCert->keyOID == DILITHIUM_LEVEL2k) { keyRet = wc_dilithium_set_level( - ssl->peerDilithiumKey, 2); + ssl->peerDilithiumKey, WC_ML_DSA_44_DRAFT); } else if (args->dCert->keyOID == DILITHIUM_LEVEL3k) { keyRet = wc_dilithium_set_level( - ssl->peerDilithiumKey, 3); + ssl->peerDilithiumKey, WC_ML_DSA_65_DRAFT); } else if (args->dCert->keyOID == DILITHIUM_LEVEL5k) { keyRet = wc_dilithium_set_level( - ssl->peerDilithiumKey, 5); + ssl->peerDilithiumKey, WC_ML_DSA_87_DRAFT); } + #endif } if (keyRet != 0 || @@ -28487,6 +28532,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo) } #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT if (ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2) { /* Certificate has Dilithium level 2 key, only match with it. */ return sigAlgo == dilithium_level2_sa_algo; @@ -28499,6 +28545,19 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo) /* Certificate has Dilithium level 5 key, only match with it. */ return sigAlgo == dilithium_level5_sa_algo; } + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL2) { + /* Certificate has ML-DSA level 2 key, only match with it. */ + return sigAlgo == dilithium_level2_sa_algo; + } + if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL3) { + /* Certificate has ML-DSA level 3 key, only match with it. */ + return sigAlgo == dilithium_level3_sa_algo; + } + if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL5) { + /* Certificate has ML-DSA level 5 key, only match with it. */ + return sigAlgo == dilithium_level5_sa_algo; + } #endif /* HAVE_DILITHIUM */ #ifdef WC_RSA_PSS /* RSA certificate and PSS sig alg. */ @@ -28661,10 +28720,16 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz, } #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) - if (ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2 || - ssl->pkCurveOID == CTC_DILITHIUM_LEVEL3 || - ssl->pkCurveOID == CTC_DILITHIUM_LEVEL5) { - /* Matched Dilithium - set chosen and finished. */ + if (ssl->pkCurveOID == CTC_ML_DSA_LEVEL2 || + ssl->pkCurveOID == CTC_ML_DSA_LEVEL3 || + ssl->pkCurveOID == CTC_ML_DSA_LEVEL5 + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || ssl->pkCurveOID == CTC_DILITHIUM_LEVEL2 + || ssl->pkCurveOID == CTC_DILITHIUM_LEVEL3 + || ssl->pkCurveOID == CTC_DILITHIUM_LEVEL5 + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + ) { + /* Matched ML-DSA or Dilithium - set chosen and finished. */ ssl->options.sigAlgo = sigAlgo; ssl->options.hashAlgo = hashAlgo; ret = 0; @@ -29292,13 +29357,13 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) } if (ret == 0) { if (ssl->buffers.keyType == dilithium_level2_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 2); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_44); } else if (ssl->buffers.keyType == dilithium_level3_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 3); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_65); } else if (ssl->buffers.keyType == dilithium_level5_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 5); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_87); } } if (ret == 0) { @@ -29632,13 +29697,13 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) } if (ssl->buffers.keyType == dilithium_level2_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 2); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_44); } else if (ssl->buffers.keyType == dilithium_level3_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 3); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_65); } else if (ssl->buffers.keyType == dilithium_level5_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, 5); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsKey, WC_ML_DSA_87); } else { /* What if ssl->buffers.keyType is 0? We might want to do something @@ -29845,15 +29910,15 @@ int DecodeAltPrivateKey(WOLFSSL *ssl, word32* length) if (ret == 0) { if (ssl->buffers.altKeyType == dilithium_level2_sa_algo) { ret = wc_dilithium_set_level( - (dilithium_key*)ssl->hsAltKey, 2); + (dilithium_key*)ssl->hsAltKey, WC_ML_DSA_44); } else if (ssl->buffers.altKeyType == dilithium_level3_sa_algo) { ret = wc_dilithium_set_level( - (dilithium_key*)ssl->hsAltKey, 3); + (dilithium_key*)ssl->hsAltKey, WC_ML_DSA_65); } else if (ssl->buffers.altKeyType == dilithium_level5_sa_algo) { ret = wc_dilithium_set_level( - (dilithium_key*)ssl->hsAltKey, 5); + (dilithium_key*)ssl->hsAltKey, WC_ML_DSA_87); } } if (ret == 0) { @@ -30064,13 +30129,13 @@ int DecodeAltPrivateKey(WOLFSSL *ssl, word32* length) } if (ssl->buffers.altKeyType == dilithium_level2_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 2); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_44); } else if (ssl->buffers.altKeyType == dilithium_level3_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 3); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_65); } else if (ssl->buffers.altKeyType == dilithium_level5_sa_algo) { - ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, 5); + ret = wc_dilithium_set_level((dilithium_key*)ssl->hsAltKey, WC_ML_DSA_87); } else { /* What if ssl->buffers.keyType is 0? We might want to do something diff --git a/src/ssl.c b/src/ssl.c index 0b68f7930a..06e35fceb5 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5749,6 +5749,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: if (cm->minDilithiumKeySz < 0 || DILITHIUM_LEVEL2_KEY_SIZE < (word16)cm->minDilithiumKeySz) { @@ -5770,6 +5771,28 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) WOLFSSL_MSG("\tCA Dilithium level 5 key size error"); } break; + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + case ML_DSA_LEVEL2k: + if (cm->minDilithiumKeySz < 0 || + ML_DSA_LEVEL2_KEY_SIZE < (word16)cm->minDilithiumKeySz) { + ret = DILITHIUM_KEY_SIZE_E; + WOLFSSL_MSG("\tCA Dilithium level 2 key size error"); + } + break; + case ML_DSA_LEVEL3k: + if (cm->minDilithiumKeySz < 0 || + ML_DSA_LEVEL3_KEY_SIZE < (word16)cm->minDilithiumKeySz) { + ret = DILITHIUM_KEY_SIZE_E; + WOLFSSL_MSG("\tCA Dilithium level 3 key size error"); + } + break; + case ML_DSA_LEVEL5k: + if (cm->minDilithiumKeySz < 0 || + ML_DSA_LEVEL5_KEY_SIZE < (word16)cm->minDilithiumKeySz) { + ret = DILITHIUM_KEY_SIZE_E; + WOLFSSL_MSG("\tCA Dilithium level 5 key size error"); + } + break; #endif /* HAVE_DILITHIUM */ default: @@ -6788,9 +6811,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, } #endif #if defined(HAVE_DILITHIUM) - if ((keyOID == DILITHIUM_LEVEL2k) || - (keyOID == DILITHIUM_LEVEL3k) || - (keyOID == DILITHIUM_LEVEL5k)) { + if ((keyOID == ML_DSA_LEVEL2k) || + (keyOID == ML_DSA_LEVEL3k) || + (keyOID == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (keyOID == DILITHIUM_LEVEL2k) + || (keyOID == DILITHIUM_LEVEL3k) + || (keyOID == DILITHIUM_LEVEL5k) + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + ) { type = DYNAMIC_TYPE_DILITHIUM; } #endif @@ -6820,9 +6849,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, } #endif #if defined(HAVE_DILITHIUM) - if ((keyOID == DILITHIUM_LEVEL2k) || - (keyOID == DILITHIUM_LEVEL3k) || - (keyOID == DILITHIUM_LEVEL5k)) { + if ((keyOID == ML_DSA_LEVEL2k) || + (keyOID == ML_DSA_LEVEL3k) || + (keyOID == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (keyOID == DILITHIUM_LEVEL2k) + || (keyOID == DILITHIUM_LEVEL3k) + || (keyOID == DILITHIUM_LEVEL5k) + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + ) { ret = wc_CryptoCb_PqcSignatureCheckPrivKey(pkey, WC_PQC_SIG_TYPE_DILITHIUM, pubKey, pubSz); @@ -6859,9 +6894,15 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, } #endif #if defined(HAVE_DILITHIUM) - if ((keyOID == DILITHIUM_LEVEL2k) || - (keyOID == DILITHIUM_LEVEL3k) || - (keyOID == DILITHIUM_LEVEL5k)) { + if ((keyOID == ML_DSA_LEVEL2k) || + (keyOID == ML_DSA_LEVEL3k) || + (keyOID == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (keyOID == DILITHIUM_LEVEL2k) || + || (keyOID == DILITHIUM_LEVEL3k) || + || (keyOID == DILITHIUM_LEVEL5k) + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + ) { wc_dilithium_free((dilithium_key*)pkey); } #endif @@ -7686,31 +7727,31 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, /* Test if Dilithium key. Try all levels. */ if (priv) { - isDilithium = ((wc_dilithium_set_level(dilithium, 2) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) && (wc_dilithium_import_private(mem, (word32)memSz, dilithium) == 0)); if (!isDilithium) { - isDilithium = ((wc_dilithium_set_level(dilithium, 3) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) && (wc_dilithium_import_private(mem, (word32)memSz, dilithium) == 0)); } if (!isDilithium) { - isDilithium = ((wc_dilithium_set_level(dilithium, 5) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) && (wc_dilithium_import_private(mem, (word32)memSz, dilithium) == 0)); } } else { - isDilithium = ((wc_dilithium_set_level(dilithium, 2) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_44) == 0) && (wc_dilithium_import_public(mem, (word32)memSz, dilithium) == 0)); if (!isDilithium) { - isDilithium = ((wc_dilithium_set_level(dilithium, 3) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_65) == 0) && (wc_dilithium_import_public(mem, (word32)memSz, dilithium) == 0)); } if (!isDilithium) { - isDilithium = ((wc_dilithium_set_level(dilithium, 5) == 0) && + isDilithium = ((wc_dilithium_set_level(dilithium, WC_ML_DSA_87) == 0) && (wc_dilithium_import_public(mem, (word32)memSz, dilithium) == 0)); } @@ -12038,13 +12079,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl) *sigAlgo = FALCON_LEVEL5k; break; case dilithium_level2_sa_algo: - *sigAlgo = DILITHIUM_LEVEL2k; + *sigAlgo = ML_DSA_LEVEL2k; break; case dilithium_level3_sa_algo: - *sigAlgo = DILITHIUM_LEVEL3k; + *sigAlgo = ML_DSA_LEVEL3k; break; case dilithium_level5_sa_algo: - *sigAlgo = DILITHIUM_LEVEL5k; + *sigAlgo = ML_DSA_LEVEL5k; break; case sm2_sa_algo: *sigAlgo = SM2k; @@ -18298,12 +18339,20 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { "Falcon Level 5"}, #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT { CTC_DILITHIUM_LEVEL2, DILITHIUM_LEVEL2k, oidKeyType, "Dilithium Level 2", "Dilithium Level 2"}, { CTC_DILITHIUM_LEVEL3, DILITHIUM_LEVEL3k, oidKeyType, "Dilithium Level 3", "Dilithium Level 3"}, { CTC_DILITHIUM_LEVEL5, DILITHIUM_LEVEL5k, oidKeyType, "Dilithium Level 5", "Dilithium Level 5"}, + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + { CTC_ML_DSA_LEVEL2, ML_DSA_LEVEL2k, oidKeyType, + "ML_DSA Level 2", "ML_DSA Level 2"}, + { CTC_ML_DSA_LEVEL3, ML_DSA_LEVEL3k, oidKeyType, + "ML_DSA Level 3", "ML_DSA Level 3"}, + { CTC_ML_DSA_LEVEL5, ML_DSA_LEVEL5k, oidKeyType, + "ML_DSA Level 5", "ML_DSA Level 5"}, #endif /* HAVE_DILITHIUM */ /* oidCurveType */ @@ -18686,13 +18735,13 @@ static int SaToNid(byte sa, int* nid) *nid = CTC_FALCON_LEVEL5; break; case dilithium_level2_sa_algo: - *nid = CTC_DILITHIUM_LEVEL2; + *nid = CTC_ML_DSA_LEVEL2; break; case dilithium_level3_sa_algo: - *nid = CTC_DILITHIUM_LEVEL3; + *nid = CTC_ML_DSA_LEVEL3; break; case dilithium_level5_sa_algo: - *nid = CTC_DILITHIUM_LEVEL5; + *nid = CTC_ML_DSA_LEVEL5; break; case sm2_sa_algo: *nid = WC_NID_sm2; diff --git a/src/ssl_load.c b/src/ssl_load.c index 02f42bb930..305744aaf3 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -961,21 +961,38 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl, ret = wc_dilithium_init(key); if (ret == 0) { /* Set up key to parse the format specified. */ - if ((*keyFormat == DILITHIUM_LEVEL2k) || ((*keyFormat == 0) && + if ((*keyFormat == ML_DSA_LEVEL2k) || ((*keyFormat == 0) && + ((der->length == ML_DSA_LEVEL2_KEY_SIZE) || + (der->length == ML_DSA_LEVEL2_PRV_KEY_SIZE)))) { + ret = wc_dilithium_set_level(key, WC_ML_DSA_44); + } + else if ((*keyFormat == ML_DSA_LEVEL3k) || ((*keyFormat == 0) && + ((der->length == ML_DSA_LEVEL3_KEY_SIZE) || + (der->length == ML_DSA_LEVEL3_PRV_KEY_SIZE)))) { + ret = wc_dilithium_set_level(key, WC_ML_DSA_65); + } + else if ((*keyFormat == ML_DSA_LEVEL5k) || ((*keyFormat == 0) && + ((der->length == ML_DSA_LEVEL5_KEY_SIZE) || + (der->length == ML_DSA_LEVEL5_PRV_KEY_SIZE)))) { + ret = wc_dilithium_set_level(key, WC_ML_DSA_87); + } + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if ((*keyFormat == DILITHIUM_LEVEL2k) || ((*keyFormat == 0) && ((der->length == DILITHIUM_LEVEL2_KEY_SIZE) || (der->length == DILITHIUM_LEVEL2_PRV_KEY_SIZE)))) { - ret = wc_dilithium_set_level(key, 2); + ret = wc_dilithium_set_level(key, WC_ML_DSA_44_DRAFT); } else if ((*keyFormat == DILITHIUM_LEVEL3k) || ((*keyFormat == 0) && ((der->length == DILITHIUM_LEVEL3_KEY_SIZE) || (der->length == DILITHIUM_LEVEL3_PRV_KEY_SIZE)))) { - ret = wc_dilithium_set_level(key, 3); + ret = wc_dilithium_set_level(key, WC_ML_DSA_65_DRAFT); } else if ((*keyFormat == DILITHIUM_LEVEL5k) || ((*keyFormat == 0) && ((der->length == DILITHIUM_LEVEL5_KEY_SIZE) || (der->length == DILITHIUM_LEVEL5_PRV_KEY_SIZE)))) { - ret = wc_dilithium_set_level(key, 5); + ret = wc_dilithium_set_level(key, WC_ML_DSA_87_DRAFT); } + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ else { wc_dilithium_free(key); ret = ALGO_ID_E; @@ -993,7 +1010,20 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl, ctx->minDilithiumKeySz; /* Format is known. */ - if (*keyFormat == DILITHIUM_LEVEL2k) { + if (*keyFormat == ML_DSA_LEVEL2k) { + *keyType = dilithium_level2_sa_algo; + *keySize = ML_DSA_LEVEL2_KEY_SIZE; + } + else if (*keyFormat == ML_DSA_LEVEL3k) { + *keyType = dilithium_level3_sa_algo; + *keySize = ML_DSA_LEVEL3_KEY_SIZE; + } + else if (*keyFormat == ML_DSA_LEVEL5k) { + *keyType = dilithium_level5_sa_algo; + *keySize = ML_DSA_LEVEL5_KEY_SIZE; + } + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if (*keyFormat == DILITHIUM_LEVEL2k) { *keyType = dilithium_level2_sa_algo; *keySize = DILITHIUM_LEVEL2_KEY_SIZE; } @@ -1005,6 +1035,7 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl, *keyType = dilithium_level5_sa_algo; *keySize = DILITHIUM_LEVEL5_KEY_SIZE; } + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ /* Check that the size of the Dilithium key is enough. */ if (*keySize < minKeySz) { @@ -1147,9 +1178,17 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, !defined(WOLFSSL_DILITHIUM_NO_ASN1) /* Try Falcon if key format is Dilithium level 2k, 3k or 5k or yet unknown. */ - if ((ret == 0) && ((*keyFormat == 0) || (*keyFormat == DILITHIUM_LEVEL2k) || - (*keyFormat == DILITHIUM_LEVEL3k) || - (*keyFormat == DILITHIUM_LEVEL5k))) { + if ((ret == 0) && + ((*keyFormat == 0) || + (*keyFormat == ML_DSA_LEVEL2k) || + (*keyFormat == ML_DSA_LEVEL3k) || + (*keyFormat == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (*keyFormat == DILITHIUM_LEVEL2k) || + || (*keyFormat == DILITHIUM_LEVEL3k) || + || (*keyFormat == DILITHIUM_LEVEL5k) + #endif + )) { ret = ProcessBufferTryDecodeDilithium(ctx, ssl, der, keyFormat, heap, keyType, keySz); } @@ -1461,9 +1500,14 @@ static void wolfssl_set_have_from_key_oid(WOLFSSL_CTX* ctx, WOLFSSL* ssl, break; #endif /* HAVE_FALCON */ #ifdef HAVE_DILITHIUM + case ML_DSA_LEVEL2k: + case ML_DSA_LEVEL3k: + case ML_DSA_LEVEL5k: + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: + #endif if (ssl != NULL) { ssl->options.haveDilithiumSig = 1; } @@ -1532,9 +1576,14 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl, break; #endif #ifdef HAVE_DILITHIUM + case CTC_ML_DSA_LEVEL2: + case CTC_ML_DSA_LEVEL3: + case CTC_ML_DSA_LEVEL5: + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case CTC_DILITHIUM_LEVEL2: case CTC_DILITHIUM_LEVEL3: case CTC_DILITHIUM_LEVEL5: + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ WOLFSSL_MSG("Dilithium cert signature"); if (ssl) { ssl->options.haveDilithiumSig = 1; @@ -1705,6 +1754,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: keyType = dilithium_level2_sa_algo; /* Dilithium is fixed key size */ @@ -1735,6 +1785,37 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DILITHIUM_KEY_SIZE_E); } break; + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + case ML_DSA_LEVEL2k: + keyType = dilithium_level2_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL2_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; + case ML_DSA_LEVEL3k: + keyType = dilithium_level3_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL3_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; + case ML_DSA_LEVEL5k: + keyType = dilithium_level5_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL5_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; #endif /* HAVE_DILITHIUM */ default: @@ -1894,6 +1975,7 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, break; #endif /* HAVE_FALCON */ #if defined(HAVE_DILITHIUM) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: keyType = dilithium_level2_sa_algo; /* Dilithium is fixed key size */ @@ -1924,6 +2006,37 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DILITHIUM_KEY_SIZE_E); } break; + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + case ML_DSA_LEVEL2k: + keyType = dilithium_level2_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL2_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; + case ML_DSA_LEVEL3k: + keyType = dilithium_level3_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL3_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; + case ML_DSA_LEVEL5k: + keyType = dilithium_level5_sa_algo; + /* Dilithium is fixed key size */ + keySz = ML_DSA_LEVEL5_KEY_SIZE; + if (checkKeySz) { + ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : + ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, + DILITHIUM_KEY_SIZE_E); + } + break; #endif /* HAVE_DILITHIUM */ default: diff --git a/src/tls13.c b/src/tls13.c index ac0cc13637..b1d92de992 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -10149,13 +10149,13 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, #endif #ifdef HAVE_DILITHIUM case dilithium_level2_sa_algo: - ret = decodeDilithiumKey(ssl, 2); + ret = decodeDilithiumKey(ssl, WC_ML_DSA_44); break; case dilithium_level3_sa_algo: - ret = decodeDilithiumKey(ssl, 3); + ret = decodeDilithiumKey(ssl, WC_ML_DSA_65); break; case dilithium_level5_sa_algo: - ret = decodeDilithiumKey(ssl, 5); + ret = decodeDilithiumKey(ssl, WC_ML_DSA_87); break; #endif #ifdef HAVE_FALCON diff --git a/src/x509.c b/src/x509.c index be8b15d0da..e7488f0ed3 100644 --- a/src/x509.c +++ b/src/x509.c @@ -11051,9 +11051,15 @@ static int CertFromX509(Cert* cert, WOLFSSL_X509* x509) } #endif #if defined(HAVE_DILITHIUM) - if ((x509->pubKeyOID == DILITHIUM_LEVEL2k) || - (x509->pubKeyOID == DILITHIUM_LEVEL3k) || - (x509->pubKeyOID == DILITHIUM_LEVEL5k)) { + if ((x509->pubKeyOID == ML_DSA_LEVEL2k) || + (x509->pubKeyOID == ML_DSA_LEVEL3k) || + (x509->pubKeyOID == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (x509->pubKeyOID == DILITHIUM_LEVEL2k) + || (x509->pubKeyOID == DILITHIUM_LEVEL3k) + || (x509->pubKeyOID == DILITHIUM_LEVEL5k) + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ + ) { dilithium = (dilithium_key*)XMALLOC(sizeof(dilithium_key), NULL, DYNAMIC_TYPE_DILITHIUM); if (dilithium == NULL) { @@ -11069,18 +11075,32 @@ static int CertFromX509(Cert* cert, WOLFSSL_X509* x509) return ret; } - if (x509->pubKeyOID == DILITHIUM_LEVEL2k) { + if (x509->pubKeyOID == ML_DSA_LEVEL2k) { + type = ML_DSA_LEVEL2_TYPE; + wc_dilithium_set_level(dilithium, WC_ML_DSA_44); + } + else if (x509->pubKeyOID == ML_DSA_LEVEL3k) { + type = ML_DSA_LEVEL3_TYPE; + wc_dilithium_set_level(dilithium, WC_ML_DSA_65); + } + else if (x509->pubKeyOID == ML_DSA_LEVEL5k) { + type = ML_DSA_LEVEL5_TYPE; + wc_dilithium_set_level(dilithium, WC_ML_DSA_87); + } + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + else if (x509->pubKeyOID == DILITHIUM_LEVEL2k) { type = DILITHIUM_LEVEL2_TYPE; - wc_dilithium_set_level(dilithium, 2); + wc_dilithium_set_level(dilithium, WC_ML_DSA_44_DRAFT); } else if (x509->pubKeyOID == DILITHIUM_LEVEL3k) { type = DILITHIUM_LEVEL3_TYPE; - wc_dilithium_set_level(dilithium, 3); + wc_dilithium_set_level(dilithium, WC_ML_DSA_65_DRAFT); } else if (x509->pubKeyOID == DILITHIUM_LEVEL5k) { type = DILITHIUM_LEVEL5_TYPE; - wc_dilithium_set_level(dilithium, 5); + wc_dilithium_set_level(dilithium, WC_ML_DSA_87_DRAFT); } + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ ret = wc_Dilithium_PublicKeyDecode(x509->pubKey.buffer, &idx, dilithium, x509->pubKey.length); @@ -11261,9 +11281,15 @@ static int CertFromX509(Cert* cert, WOLFSSL_X509* x509) } #endif #if defined(HAVE_DILITHIUM) - if ((x509->pubKeyOID == DILITHIUM_LEVEL2k) || - (x509->pubKeyOID == DILITHIUM_LEVEL3k) || - (x509->pubKeyOID == DILITHIUM_LEVEL5k)) { + if ((x509->pubKeyOID == ML_DSA_LEVEL2k) || + (x509->pubKeyOID == ML_DSA_LEVEL3k) || + (x509->pubKeyOID == ML_DSA_LEVEL5k) + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + || (x509->pubKeyOID == DILITHIUM_LEVEL2k) + || (x509->pubKeyOID == DILITHIUM_LEVEL3k) + || (x509->pubKeyOID == DILITHIUM_LEVEL5k) + #endif + ) { wc_dilithium_free(dilithium); XFREE(dilithium, NULL, DYNAMIC_TYPE_DILITHIUM); } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ba649e9413..1041533d4c 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -17833,7 +17833,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: - #endif + #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */ case ML_DSA_LEVEL2k: case ML_DSA_LEVEL3k: case ML_DSA_LEVEL5k: