Skip to content

Commit

Permalink
LMS fixes
Browse files Browse the repository at this point in the history 
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <[email protected]>
  • Loading branch information
@Frauschi
Frauschi committed Feb 26, 2025
1 parent 9db5499 commit af40171
Show file tree
Hide file tree
Showing 5 changed files with 38 additions and 3 deletions.
12 changes: 10 additions & 2 deletions CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -655,6 +655,16 @@ else()
endif()
endif()

# LMS
add_option(WOLFSSL_LMS
"Enable the wolfSSL LMS implementation (default: disabled)"
"no" "yes;no")

# XMSS
add_option(WOLFSSL_XMSS
"Enable the wolfSSL XMSS implementation (default: disabled)"
"no" "yes;no")

# TODO: - Lean PSK
# - Lean TLS
# - Low resource
Expand All @@ -668,8 +678,6 @@ endif()
# - Atomic user record layer
# - Public key callbacks
# - Microchip/Atmel CryptoAuthLib
# - XMSS
# - LMS
# - dual-certs

# AES-CBC
Expand Down
16 changes: 16 additions & 0 deletions cmake/functions.cmake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,12 @@ function(generate_build_flags)
set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
set(BUILD_OQS_HELPER "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_LMS OR WOLFSSL_USER_SETTINGS)
set(BUILD_WC_LMS "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_XMSS OR WOLFSSL_USER_SETTINGS)
set(BUILD_WC_XMSS "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_ARIA OR WOLFSSL_USER_SETTINGS)
message(STATUS "ARIA functions.cmake found WOLFSSL_ARIA")
# we cannot actually build, as we only have pre-compiled bin
Expand Down Expand Up @@ -818,6 +824,16 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/ext_kyber.c)
endif()

if(BUILD_WC_LMS)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_lms.c)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_lms_impl.c)
endif()

if(BUILD_WC_XMSS)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_xmss.c)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_xmss_impl.c)
endif()

if(BUILD_LIBZ)
list(APPEND LIB_SOURCES wolfcrypt/src/compress.c)
endif()
Expand Down
8 changes: 8 additions & 0 deletions cmake/options.h.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -382,6 +382,14 @@ extern "C" {
#cmakedefine HAVE_ECC_KOBLITZ
#undef HAVE_ECC_CDH
#cmakedefine HAVE_ECC_CDH
#undef WOLFSSL_HAVE_LMS
#cmakedefine WOLFSSL_HAVE_LMS
#undef WOLFSSL_WC_LMS
#cmakedefine WOLFSSL_WC_LMS
#undef WOLFSSL_HAVE_XMSS
#cmakedefine WOLFSSL_HAVE_XMSS
#undef WOLFSSL_WC_XMSS
#cmakedefine WOLFSSL_WC_XMSS

#ifdef __cplusplus
}
Expand Down
3 changes: 2 additions & 1 deletion wolfcrypt/src/wc_lms.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1162,7 +1162,8 @@ int wc_LmsKey_ImportPubRaw(LmsKey* key, const byte* in, word32 inLen)
if (ret == 0) {
XMEMCPY(key->pub, in, inLen);

key->state = WC_LMS_STATE_VERIFYONLY;
if (key->state != WC_LMS_STATE_OK)
key->state = WC_LMS_STATE_VERIFYONLY;
}

return ret;
Expand Down
2 changes: 2 additions & 0 deletions zephyr/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,8 @@ if(CONFIG_WOLFSSL)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_encrypt.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_kyber.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_kyber_poly.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_lms.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_lms_impl.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_pkcs11.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_port.c)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wolfevent.c)
Expand Down

0 comments on commit af40171

Please sign in to comment.