Skip to content

Add CryptoCb support for SLH-DSA #10466

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Frauschi wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add CryptoCb support for SLH-DSA #10466

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 97 additions & 0 deletions doc/dox_comments/header_files/wc_slhdsa.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,103 @@
int wc_SlhDsaKey_Init(SlhDsaKey* key, enum SlhDsaParam param,
void* heap, int devId);

/*!
\ingroup SLH_DSA

\brief Initializes an SLH-DSA key with a device-side key identifier (id).
Equivalent to wc_SlhDsaKey_Init() but also stashes a binary id that a
crypto callback can use to look up the underlying key material on the
device. Only available when wolfSSL is built with WOLF_PRIVATE_KEY_ID.

The id is copied into the key object; the caller may free its buffer
immediately after this call returns.

\return 0 on success.
\return BAD_FUNC_ARG if key is NULL, or if id is NULL while len > 0.
\return BUFFER_E if len is negative or greater than SLHDSA_MAX_ID_LEN.

\param [in,out] key Pointer to the SlhDsaKey to initialize.
\param [in] param Parameter set to use (see wc_SlhDsaKey_Init).
\param [in] id Pointer to the device-side key identifier bytes. May be
NULL if len is 0.
\param [in] len Number of bytes in id. Must be in [0, SLHDSA_MAX_ID_LEN].
\param [in] heap Pointer to heap hint for dynamic memory allocation.
May be NULL.
\param [in] devId Device identifier for the crypto callback. Should be
a registered cb devId, not INVALID_DEVID, for the id to be meaningful.

_Example_
\code
SlhDsaKey key;
unsigned char id[8] = { 0x01, 0x02, 0x03, 0x04,
0x05, 0x06, 0x07, 0x08 };
int ret;

ret = wc_SlhDsaKey_Init_id(&key, SLHDSA_SHAKE128F, id, sizeof(id),
NULL, devId);
if (ret != 0) {
// error initializing key with id
}
// ... use key, the cb resolves id -> device key ...
wc_SlhDsaKey_Free(&key);
\endcode

\sa wc_SlhDsaKey_Init
\sa wc_SlhDsaKey_Init_label
\sa wc_SlhDsaKey_Free
*/
int wc_SlhDsaKey_Init_id(SlhDsaKey* key, enum SlhDsaParam param,
const unsigned char* id, int len, void* heap, int devId);

/*!
\ingroup SLH_DSA

\brief Initializes an SLH-DSA key with a device-side key label.
Equivalent to wc_SlhDsaKey_Init() but also stashes a label string that
a crypto callback can use to look up the underlying key material on
the device. Only available when wolfSSL is built with
WOLF_PRIVATE_KEY_ID.

The label length is taken via XSTRLEN, so embedded NUL bytes terminate
the label. The copy stored in key->label is NOT guaranteed to be
NUL-terminated (when the input is exactly SLHDSA_MAX_LABEL_LEN bytes
the entire array is consumed). Consumers must read at most
key->labelLen bytes — do not pass key->label to C-string APIs.

\return 0 on success.
\return BAD_FUNC_ARG if key or label is NULL.
\return BUFFER_E if label is empty or longer than SLHDSA_MAX_LABEL_LEN.

\param [in,out] key Pointer to the SlhDsaKey to initialize.
\param [in] param Parameter set to use (see wc_SlhDsaKey_Init).
\param [in] label NUL-terminated device-side key label string.
\param [in] heap Pointer to heap hint for dynamic memory allocation.
May be NULL.
\param [in] devId Device identifier for the crypto callback. Should be
a registered cb devId, not INVALID_DEVID, for the label to be
meaningful.

_Example_
\code
SlhDsaKey key;
int ret;

ret = wc_SlhDsaKey_Init_label(&key, SLHDSA_SHAKE128F,
"device-key-1", NULL, devId);
if (ret != 0) {
// error initializing key with label
}
// ... use key, the cb resolves label -> device key ...
wc_SlhDsaKey_Free(&key);
\endcode

\sa wc_SlhDsaKey_Init
\sa wc_SlhDsaKey_Init_id
\sa wc_SlhDsaKey_Free
*/
int wc_SlhDsaKey_Init_label(SlhDsaKey* key, enum SlhDsaParam param,
const char* label, void* heap, int devId);

/*!
\ingroup SLH_DSA

Expand Down
10 changes: 8 additions & 2 deletions wolfcrypt/src/cryptocb.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1286,7 +1286,8 @@ int wc_CryptoCb_PqcDecapsulate(const byte* ciphertext, word32 ciphertextLen,
}
#endif /* WOLFSSL_HAVE_MLKEM */

#if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM)
#if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM) || \
defined(WOLFSSL_HAVE_SLHDSA)
int wc_CryptoCb_PqcSigGetDevId(int type, void* key)
{
int devId = INVALID_DEVID;
Expand All @@ -1305,6 +1306,11 @@ int wc_CryptoCb_PqcSigGetDevId(int type, void* key)
devId = ((falcon_key*) key)->devId;
}
#endif
#if defined(WOLFSSL_HAVE_SLHDSA)
if (type == WC_PQC_SIG_TYPE_SLHDSA) {
devId = ((SlhDsaKey*) key)->devId;
}
#endif

return devId;
}
Expand Down Expand Up @@ -1454,7 +1460,7 @@ int wc_CryptoCb_PqcSignatureCheckPrivKey(void* key, int type,

return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* HAVE_FALCON || HAVE_DILITHIUM */
#endif /* HAVE_FALCON || HAVE_DILITHIUM || WOLFSSL_HAVE_SLHDSA */

#ifndef NO_AES
#ifdef HAVE_AESGCM
Expand Down
Loading
Loading