Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes for WolfSSL ML-DSA implementation #7677

Merged
merged 1 commit into from
Jun 24, 2024
Merged

Fixes for WolfSSL ML-DSA implementation #7677

merged 1 commit into from
Jun 24, 2024

Conversation

Frauschi
Copy link
Contributor

Hi everybody,

After trying the new WolfSSL implementation of ML-DSA, I found some problems. On the one hand, interoperability has been lost to the OQS project due to different OIDs etc. (WolfSSL had ML-DSA implemented following the NIST draft, which is incompatible with the Round 3 version, but the OIDs have still been the Round 3 ones from OQS). Furthermore, private key files in PEM/DER format stored on disk typically contain both the private and the public key. The parsing code was unable to properly handle those keys, resulting in failing private key loading.

Both identified issues are fixed with the changes in this commit:

  • Update OIDs etc. to match OQS ML-DSA values (old ones were Dilithium Round 3 values)
  • Make sure private key files/buffers containing both the private and the public key are parsed correctly (adapt new code to the “old” behavior of the liboqs wrapper code).

Tested using in-house TLS client and server applications using WolfSSL and with OpenSSL s_client / s_server applications with OQS provider (current master branch), always using private key files generated by OQS.

@Frauschi
Fixes for WolfSSL ML-DSA implementation
7cd610b 
* Update OIDs etc. to match OQS ML-DSA values (old ones were Dilithium
  Round 3 values)
* Make sure private key files/buffers containing both the private and
  the public key are parsed correctly

Signed-off-by: Tobias Frauenschläger
<tobias.frauenschlaeger@oth-regensburg.de>
@wolfSSL-Bot
Copy link

Can one of the admins verify this patch?

@dgarske
Copy link
Contributor

dgarske commented Jun 24, 2024

Okay to test

@dgarske dgarske requested a review from anhu June 24, 2024 18:20
@dgarske
Copy link
Contributor

dgarske commented Jun 24, 2024

Retest this please

@dgarske
Copy link
Contributor

dgarske commented Jun 24, 2024

Contributor agreement on file. Okay to merge.

@SparkiDev SparkiDev removed the request for review from anhu June 24, 2024 23:12
@SparkiDev SparkiDev merged commit 5793f62 into wolfSSL:master Jun 24, 2024
119 checks passed
@Frauschi Frauschi deleted the mldsa_fixes branch June 25, 2024 08:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SparkiDev SparkiDev SparkiDev approved these changes

Assignees

@wolfSSL-Bot wolfSSL-Bot

@SparkiDev SparkiDev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Frauschi @wolfSSL-Bot @dgarske @SparkiDev @JacobBarthelmeh