Merge pull request #84 from bigbrett/ml-dsa-support

(initial) ML-DSA support
wolfSSL · Nov 20, 2024 · 77bebc4 · 77bebc4
2 parents 5e719bc + c975fa2
commit 77bebc4
Show file tree

Hide file tree

Showing 14 changed files with 1,410 additions and 10 deletions.
diff --git a/src/wh_client_crypto.c b/src/wh_client_crypto.c
diff --git a/src/wh_client_cryptocb.c b/src/wh_client_cryptocb.c
@@ -59,6 +59,11 @@ static int _xferSha256BlockAndUpdateDigest(whClientContext* ctx,
                                            wc_Sha256* sha256,
                                            whPacket* packet,
                                            uint32_t isLastBlock);
+static int _handlePqcSigKeyGen(whClientContext* ctx, wc_CryptoInfo* info);
+static int _handlePqcSign(whClientContext* ctx, wc_CryptoInfo* info);
+static int _handlePqcVerify(whClientContext* ctx, wc_CryptoInfo* info);
+static int _handlePqcSigCheckPrivKey(whClientContext* ctx, wc_CryptoInfo* info);
+
 #ifdef WOLFHSM_CFG_DMA
 static int _handleSha256Dma(wc_CryptoInfo* info, void* inCtx, whPacket* packet);
 #endif /* WOLFHSM_CFG_DMA */
@@ -331,6 +336,25 @@ int wh_Client_CryptoCb(int devId, wc_CryptoInfo* info, void* inCtx)
         } break;
 #endif /* HAVE_CURVE25519 */
 
+#if defined(HAVE_DILITHIUM) || defined(HAVE_FALCON)
+        case WC_PK_TYPE_PQC_SIG_KEYGEN:
+            ret = _handlePqcSigKeyGen(ctx, info);
+            break;
+
+        case WC_PK_TYPE_PQC_SIG_SIGN:
+            ret = _handlePqcSign(ctx, info);
+            break;
+
+        case WC_PK_TYPE_PQC_SIG_VERIFY:
+            ret = _handlePqcVerify(ctx, info);
+            break;
+
+        case WC_PK_TYPE_PQC_SIG_CHECK_PRIV_KEY:
+            ret = _handlePqcSigCheckPrivKey(ctx, info);
+            break;
+
+#endif /* HAVE_DILITHIUM || HAVE_FALCON */
+
         case WC_PK_TYPE_NONE:
         default:
             ret = CRYPTOCB_UNAVAILABLE;
@@ -727,6 +751,125 @@ static int _handleSha256Dma(wc_CryptoInfo* info, void* inCtx, whPacket* packet)
 #endif /* ! NO_SHA256 */
 
 
+#if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM)
+static int _handlePqcSigKeyGen(whClientContext* ctx, wc_CryptoInfo* info)
+{
+    int ret = CRYPTOCB_UNAVAILABLE;
+
+    /* Extract info parameters */
+    WC_RNG* rng  = info->pk.pqc_sig_kg.rng;
+    int     size = info->pk.pqc_sig_kg.size;
+    void*   key  = info->pk.pqc_sig_kg.key;
+    int     type = info->pk.pqc_sig_kg.type;
+
+    switch (type) {
+#ifdef HAVE_DILITHIUM
+        case WC_PQC_SIG_TYPE_DILITHIUM: {
+            int level = ((MlDsaKey*)key)->level;
+            ret = wh_Client_MlDsaMakeExportKey(ctx, level, key, size, rng);
+        } break;
+#endif /* HAVE_DILITHIUM */
+
+        /* Support for additional PQC algorithms should be added here */
+
+        default:
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+
+    return ret;
+}
+
+static int _handlePqcSign(whClientContext* ctx, wc_CryptoInfo* info)
+{
+    int ret = CRYPTOCB_UNAVAILABLE;
+
+    /* Extract info parameters */
+    const byte* in      = info->pk.pqc_sign.in;
+    word32      in_len  = info->pk.pqc_sign.inlen;
+    byte*       out     = info->pk.pqc_sign.out;
+    word32*     out_len = info->pk.pqc_sign.outlen;
+    WC_RNG*     rng     = info->pk.pqc_sign.rng;
+    void*       key     = info->pk.pqc_sign.key;
+    int         type    = info->pk.pqc_sign.type;
+
+    switch (type) {
+#ifdef HAVE_DILITHIUM
+        case WC_PQC_SIG_TYPE_DILITHIUM:
+            ret = wh_Client_MlDsaSign(ctx, in, in_len, out, out_len, rng, key);
+            break;
+#endif /* HAVE_DILITHIUM */
+
+        /* Support for additional PQC algorithms should be added here */
+
+        default:
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+
+    return ret;
+}
+
+static int _handlePqcVerify(whClientContext* ctx, wc_CryptoInfo* info)
+{
+    int ret = CRYPTOCB_UNAVAILABLE;
+
+    /* Extract info parameters */
+    const byte* sig     = info->pk.pqc_verify.sig;
+    word32      sig_len = info->pk.pqc_verify.siglen;
+    const byte* msg     = info->pk.pqc_verify.msg;
+    word32      msg_len = info->pk.pqc_verify.msglen;
+    int*        res     = info->pk.pqc_verify.res;
+    void*       key     = info->pk.pqc_verify.key;
+    int         type    = info->pk.pqc_verify.type;
+
+    switch (type) {
+#ifdef HAVE_DILITHIUM
+        case WC_PQC_SIG_TYPE_DILITHIUM:
+            ret = wh_Client_MlDsaVerify(ctx, sig, sig_len, msg, msg_len, res,
+                                        key);
+            break;
+#endif /* HAVE_DILITHIUM */
+
+        /* Support for additional PQC algorithms should be added here */
+
+        default:
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+
+    return ret;
+}
+
+static int _handlePqcSigCheckPrivKey(whClientContext* ctx, wc_CryptoInfo* info)
+{
+    int ret = CRYPTOCB_UNAVAILABLE;
+
+    /* Extract info parameters */
+    void*       key      = info->pk.pqc_sig_check.key;
+    const byte* pubKey   = info->pk.pqc_sig_check.pubKey;
+    word32      pubKeySz = info->pk.pqc_sig_check.pubKeySz;
+    int         type     = info->pk.pqc_sig_check.type;
+
+    switch (type) {
+#ifdef HAVE_DILITHIUM
+        case WC_PQC_SIG_TYPE_DILITHIUM:
+            ret = wh_Client_MlDsaCheckPrivKey(ctx, key, pubKey, pubKeySz);
+            break;
+#endif /* HAVE_DILITHIUM */
+
+        /* Support for additional PQC algorithms should be added here */
+
+        default:
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+
+    return ret;
+}
+#endif /* HAVE_FALCON || HAVE_DILITHIUM */
+
+
 #ifdef WOLFHSM_CFG_DMA
 int wh_Client_CryptoCbDma(int devId, wc_CryptoInfo* info, void* inCtx)
 {

diff --git a/src/wh_comm.c b/src/wh_comm.c
@@ -108,6 +108,11 @@ int wh_CommClient_SendRequest(whCommClient* context, uint16_t magic,
         return WH_ERROR_BADARGS;
     }
 
+    /* Check if the data size is within allowed limits */
+    if (data_size > WOLFHSM_CFG_COMM_DATA_LEN) {
+        return WH_ERROR_BADARGS;
+    }
+
     context->hdr->magic = magic;
     context->hdr->kind = wh_Translate16(magic, kind);
     context->hdr->seq = wh_Translate16(magic, context->seq + 1);
@@ -298,6 +303,11 @@ int wh_CommServer_SendResponse(whCommServer* context,
         return WH_ERROR_BADARGS;
     }
 
+    /* Check if the data size is within allowed limits */
+    if (data_size > WOLFHSM_CFG_COMM_DATA_LEN) {
+        return WH_ERROR_BADARGS;
+    }
+
     context->hdr->magic = magic;
     context->hdr->kind = wh_Translate16(magic, kind);
     context->hdr->seq = wh_Translate16(magic, seq);

diff --git a/src/wh_crypto.c b/src/wh_crypto.c
@@ -39,6 +39,7 @@
 #include "wolfssl/wolfcrypt/rsa.h"
 #include "wolfssl/wolfcrypt/curve25519.h"
 #include "wolfssl/wolfcrypt/ecc.h"
+#include "wolfssl/wolfcrypt/dilithium.h"
 
 #include "wolfhsm/wh_error.h"
 #include "wolfhsm/wh_utils.h"
@@ -246,4 +247,37 @@ int wh_Crypto_Curve25519DeserializeKey(const uint8_t* derBuffer,
 }
 #endif /* HAVE_CURVE25519 */
 
+#ifdef HAVE_DILITHIUM
+int wh_Crypto_MlDsaSerializeKeyDer(MlDsaKey* key, uint16_t max_size,
+                                   uint8_t* buffer, uint16_t* out_size)
+{
+    int ret = 0;
+
+    if ((key == NULL) || (buffer == NULL) || (out_size == NULL)) {
+        return WH_ERROR_BADARGS;
+    }
+
+    ret = wc_Dilithium_KeyToDer(key, buffer, max_size);
+
+    /* ASN.1 functions return the size of the DER encoded key on success */
+    if (ret > 0) {
+        *out_size = ret;
+        ret       = WH_ERROR_OK;
+    }
+    return ret;
+}
+
+int wh_Crypto_MlDsaDeserializeKeyDer(const uint8_t* buffer, uint16_t size,
+        MlDsaKey* key)
+{
+    word32 idx = 0;
+
+    if ((buffer == NULL) || (key == NULL)) {
+        return WH_ERROR_BADARGS;
+    }
+
+    return wc_Dilithium_PrivateKeyDecode(buffer, &idx, key, size);
+}
+#endif /* HAVE_DILITHIUM */
+
 #endif  /* !WOLFHSM_CFG_NO_CRYPTO */