Skip to content

Commit 7cd610b

Browse files
committed
Fixes for WolfSSL ML-DSA implementation
* Update OIDs etc. to match OQS ML-DSA values (old ones were Dilithium Round 3 values) * Make sure private key files/buffers containing both the private and the public key are parsed correctly Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
1 parent 0900e00 commit 7cd610b

7 files changed

Lines changed: 67 additions & 28 deletions

File tree

src/internal.c

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28443,9 +28443,10 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
2844328443
/* Set start of data to beginning of buffer. */
2844428444
idx = 0;
2844528445
/* Decode the key assuming it is a Dilithium private key. */
28446-
ret = wc_dilithium_import_private(ssl->buffers.key->buffer,
28447-
ssl->buffers.key->length,
28448-
(dilithium_key*)ssl->hsKey);
28446+
ret = wc_Dilithium_PrivateKeyDecode(ssl->buffers.key->buffer,
28447+
&idx,
28448+
(dilithium_key*)ssl->hsKey,
28449+
ssl->buffers.key->length);
2844928450
if (ret == 0) {
2845028451
WOLFSSL_MSG("Using Dilithium private key");
2845128452

@@ -28870,9 +28871,10 @@ int DecodeAltPrivateKey(WOLFSSL *ssl, word32* length)
2887028871
/* Set start of data to beginning of buffer. */
2887128872
idx = 0;
2887228873
/* Decode the key assuming it is a Dilithium private key. */
28873-
ret = wc_dilithium_import_private(ssl->buffers.altKey->buffer,
28874-
ssl->buffers.altKey->length,
28875-
(dilithium_key*)ssl->hsAltKey);
28874+
ret = wc_Dilithium_PrivateKeyDecode(ssl->buffers.altKey->buffer,
28875+
&idx,
28876+
(dilithium_key*)ssl->hsAltKey,
28877+
ssl->buffers.altKey->length);
2887628878
if (ret == 0) {
2887728879
WOLFSSL_MSG("Using Dilithium private key");
2887828880

src/ssl_load.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -962,6 +962,7 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
962962
DerBuffer* der, int* keyFormat, void* heap, byte* keyType, int* keySize)
963963
{
964964
int ret;
965+
word32 idx;
965966
dilithium_key* key;
966967

967968
/* Allocate a Dilithium key to parse into. */
@@ -996,7 +997,8 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
996997

997998
if (ret == 0) {
998999
/* Decode as a Dilithium private key. */
999-
ret = wc_dilithium_import_private(der->buffer, der->length, key);
1000+
idx = 0;
1001+
ret = wc_Dilithium_PrivateKeyDecode(der->buffer, &idx, key, der->length);
10001002
if (ret == 0) {
10011003
/* Get the minimum Dilithium key size from SSL or SSL context
10021004
* object. */

wolfcrypt/src/asn.c

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4206,17 +4206,17 @@ static word32 SetBitString16Bit(word16 val, byte* output)
42064206
static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 9};
42074207
#endif /* HAVE_FACON */
42084208
#ifdef HAVE_DILITHIUM
4209-
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.7.4.4 */
4209+
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */
42104210
static const byte sigDilithium_Level2Oid[] =
4211-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 4, 4};
4211+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4};
42124212

4213-
/* Dilithium Level 3: 1.3.6.1.4.1.2.267.7.6.5 */
4213+
/* Dilithium Level 3: 1.3.6.1.4.1.2.267.12.6.5 */
42144214
static const byte sigDilithium_Level3Oid[] =
4215-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 6, 5};
4215+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 6, 5};
42164216

4217-
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.7.8.7 */
4217+
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */
42184218
static const byte sigDilithium_Level5Oid[] =
4219-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 8, 7};
4219+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7};
42204220
#endif /* HAVE_DILITHIUM */
42214221
#ifdef HAVE_SPHINCS
42224222
/* Sphincs Fast Level 1: 1 3 9999 6 7 4 */
@@ -4280,17 +4280,17 @@ static word32 SetBitString16Bit(word16 val, byte* output)
42804280
static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 9};
42814281
#endif /* HAVE_FALCON */
42824282
#ifdef HAVE_DILITHIUM
4283-
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.7.4.4 */
4283+
/* Dilithium Level 2: 1.3.6.1.4.1.2.267.12.4.4 */
42844284
static const byte keyDilithium_Level2Oid[] =
4285-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 4, 4};
4285+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 4, 4};
42864286

4287-
/* Dilithium Level 3: 1.3.6.1.4.1.2.267.7.6.5 */
4287+
/* Dilithium Level 3: 1.3.6.1.4.1.2.267.12.6.5 */
42884288
static const byte keyDilithium_Level3Oid[] =
4289-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 6, 5};
4289+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 6, 5};
42904290

4291-
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.7.8.7 */
4291+
/* Dilithium Level 5: 1.3.6.1.4.1.2.267.12.8.7 */
42924292
static const byte keyDilithium_Level5Oid[] =
4293-
{43, 6, 1, 4, 1, 2, 130, 11, 7, 8, 7};
4293+
{43, 6, 1, 4, 1, 2, 130, 11, 12, 8, 7};
42944294
#endif /* HAVE_DILITHIUM */
42954295
#ifdef HAVE_SPHINCS
42964296
/* Sphincs Fast Level 1: 1 3 9999 6 7 4 */

wolfcrypt/src/dilithium.c

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6702,6 +6702,29 @@ int wc_Dilithium_PrivateKeyDecode(const byte* input, word32* inOutIdx,
67026702
ret = DecodeAsymKey_Assign(input, inOutIdx, inSz, &privKey, &privKeyLen,
67036703
&pubKey, &pubKeyLen, keytype);
67046704
}
6705+
6706+
if ((pubKey == NULL) && (pubKeyLen == 0)) {
6707+
/* Check if the public key is included in the private key. */
6708+
if ((key->level == 2) &&
6709+
(privKeyLen == DILITHIUM_LEVEL2_PRV_KEY_SIZE)) {
6710+
pubKey = privKey + DILITHIUM_LEVEL2_KEY_SIZE;
6711+
pubKeyLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
6712+
privKeyLen -= DILITHIUM_LEVEL2_PUB_KEY_SIZE;
6713+
}
6714+
else if ((key->level == 3) &&
6715+
(privKeyLen != DILITHIUM_LEVEL3_PRV_KEY_SIZE)) {
6716+
pubKey = privKey + DILITHIUM_LEVEL3_KEY_SIZE;
6717+
pubKeyLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
6718+
privKeyLen -= DILITHIUM_LEVEL3_PUB_KEY_SIZE;
6719+
}
6720+
else if ((key->level == 5) &&
6721+
(privKeyLen != DILITHIUM_LEVEL5_PRV_KEY_SIZE)) {
6722+
pubKey = privKey + DILITHIUM_LEVEL5_KEY_SIZE;
6723+
pubKeyLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
6724+
privKeyLen -= DILITHIUM_LEVEL5_PUB_KEY_SIZE;
6725+
}
6726+
}
6727+
67056728
if (ret == 0) {
67066729
/* Check whether public key data was found. */
67076730
if (pubKeyLen == 0) {
@@ -6747,6 +6770,18 @@ int wc_Dilithium_PublicKeyDecode(const byte* input, word32* inOutIdx,
67476770
ret = BAD_FUNC_ARG;
67486771
}
67496772

6773+
if (ret == 0) {
6774+
/* Try to import the key directly. */
6775+
ret = wc_dilithium_import_public(input, inSz, key);
6776+
}
6777+
if (ret == 0) {
6778+
return 0;
6779+
}
6780+
else {
6781+
/* Not successful, decode it first. */
6782+
ret = 0;
6783+
}
6784+
67506785
if (ret == 0) {
67516786
/* Get OID sum for level. */
67526787
if (key->level == 2) {

wolfssl/internal.h

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1796,11 +1796,11 @@ enum Misc {
17961796
FALCON_LEVEL5_SA_MINOR = 0xB1,
17971797

17981798
DILITHIUM_LEVEL2_SA_MAJOR = 0xFE,
1799-
DILITHIUM_LEVEL2_SA_MINOR = 0xA0,
1799+
DILITHIUM_LEVEL2_SA_MINOR = 0xD0,
18001800
DILITHIUM_LEVEL3_SA_MAJOR = 0xFE,
1801-
DILITHIUM_LEVEL3_SA_MINOR = 0xA3,
1801+
DILITHIUM_LEVEL3_SA_MINOR = 0xD1,
18021802
DILITHIUM_LEVEL5_SA_MAJOR = 0xFE,
1803-
DILITHIUM_LEVEL5_SA_MINOR = 0xA5,
1803+
DILITHIUM_LEVEL5_SA_MINOR = 0xD2,
18041804

18051805
MIN_RSA_SHA512_PSS_BITS = 512 * 2 + 8 * 8, /* Min key size */
18061806
MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */

wolfssl/wolfcrypt/asn.h

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1164,9 +1164,9 @@ enum Key_Sum {
11641164
DHk = 647, /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
11651165
FALCON_LEVEL1k = 273, /* 1.3.9999.3.6 */
11661166
FALCON_LEVEL5k = 276, /* 1.3.9999.3.9 */
1167-
DILITHIUM_LEVEL2k = 213, /* 1.3.6.1.4.1.2.267.7.4.4 */
1168-
DILITHIUM_LEVEL3k = 216, /* 1.3.6.1.4.1.2.267.7.6.5 */
1169-
DILITHIUM_LEVEL5k = 220, /* 1.3.6.1.4.1.2.267.7.8.7 */
1167+
DILITHIUM_LEVEL2k = 218, /* 1.3.6.1.4.1.2.267.12.4.4 */
1168+
DILITHIUM_LEVEL3k = 221, /* 1.3.6.1.4.1.2.267.12.6.5 */
1169+
DILITHIUM_LEVEL5k = 225, /* 1.3.6.1.4.1.2.267.12.8.7 */
11701170
SPHINCS_FAST_LEVEL1k = 281, /* 1 3 9999 6 7 4 */
11711171
SPHINCS_FAST_LEVEL3k = 283, /* 1 3 9999 6 8 3 + 2 (See GetOID() in asn.c) */
11721172
SPHINCS_FAST_LEVEL5k = 282, /* 1 3 9999 6 9 3 */

wolfssl/wolfcrypt/asn_public.h

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -218,9 +218,9 @@ enum Ctc_SigType {
218218
CTC_FALCON_LEVEL1 = 273,
219219
CTC_FALCON_LEVEL5 = 276,
220220

221-
CTC_DILITHIUM_LEVEL2 = 213,
222-
CTC_DILITHIUM_LEVEL3 = 216,
223-
CTC_DILITHIUM_LEVEL5 = 220,
221+
CTC_DILITHIUM_LEVEL2 = 218,
222+
CTC_DILITHIUM_LEVEL3 = 221,
223+
CTC_DILITHIUM_LEVEL5 = 225,
224224

225225
CTC_SPHINCS_FAST_LEVEL1 = 281,
226226
CTC_SPHINCS_FAST_LEVEL3 = 283,

0 commit comments

Comments
 (0)