Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add wolfcrypt ML-DSA (dilithium) support. #507

Merged
merged 1 commit into from
Oct 14, 2024
Merged

Add wolfcrypt ML-DSA (dilithium) support. #507

merged 1 commit into from
Oct 14, 2024

Conversation

philljj
Copy link
Contributor

@philljj philljj commented Sep 21, 2024
edited
Loading

Description

Adds wolfcrypt ML-DSA (wolfcrypt/src/dilithium.c) support to wolfBoot.

Also covers some missing testing for sim target with PQ.

Config

Added sim ML-DSA example:

  • config/examples/sim-ml-dsa.config

Use ML_DSA_LEVEL=<num> to configure the ML-DSA parameter set. See the config example and updated PQ docs for explanation of parameters.

Docs

Updated docs/PQ.md to describe ML-DSA and all three NIST approved PQ sig algs we have implemented.

Testing

  • Added script tools/scripts/sim-pq-sunnyday-update.sh. This is to simplify sim-PQ sunnyday tests.
  • Added LMS, XMSS, ML-DSA to .github/workflows/test-sunnyday-simulator.yml.
  • Added renode-nrf52 ML-DSA-44 test to github workflow.

Prereqs

Requires this PR to build:

Requires this PR to conform to FIPS 204:

Requires these PRs to update lib/wolfssl submodule to master:

@philljj philljj self-assigned this Sep 21, 2024
dgarske
dgarske requested changes Sep 23, 2024
View reviewed changes
src/image.c Outdated Show resolved Hide resolved
tools/keytools/Makefile Outdated Show resolved Hide resolved
@dgarske dgarske self-requested a review September 25, 2024 15:31
dgarske
dgarske previously requested changes Sep 25, 2024
View reviewed changes
src/image.c Show resolved Hide resolved
@dgarske dgarske removed their assignment Sep 25, 2024
@philljj philljj removed their assignment Oct 7, 2024
danielinux
danielinux requested changes Oct 8, 2024
View reviewed changes
Copy link
Member

@danielinux danielinux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested OK against wolfssl bf29b686

Please do:

  • update wolfSSL submodule to master
  • add simulator tests

@philljj philljj self-assigned this Oct 8, 2024
@danielinux
Copy link
Member

re: simulator tests

It looks like we don't have those tests for LMS/XMSS either. Can we perhaps extend test-sunnyday-simulator.yml workflow, adding cases for LMS, XMSS, ML-DSA?

@philljj
Copy link
Contributor Author

philljj commented Oct 8, 2024

re: simulator tests

It looks like we don't have those tests for LMS/XMSS either. Can we perhaps extend test-sunnyday-simulator.yml workflow, adding cases for LMS, XMSS, ML-DSA?

I'll add them all. It will be good to have sim coverage for all PQ as well!

@philljj
Copy link
Contributor Author

philljj commented Oct 9, 2024
edited
Loading

Can reproduce one of the failures locally. Seems to be from introduction of USE_WOLF_STRDUP over summer.

@danielinux danielinux dismissed dgarske’s stale review October 14, 2024 08:13

Comments have been addressed

@danielinux danielinux merged commit b97abd4 into wolfSSL:master Oct 14, 2024
99 checks passed
@philljj philljj deleted the ml_dsa branch October 14, 2024 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dgarske dgarske dgarske left review comments

@danielinux danielinux danielinux approved these changes

Assignees

@danielinux danielinux

@philljj philljj

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@philljj @danielinux @dgarske