Conversation
Frauschi
force-pushed
the
pkcs11_dilithium
branch
from
0d9a00d to
ddf8b8a
Compare
There was a problem hiding this comment.
Pull request overview
This pull request adds ML-DSA (Module-Lattice-Based Digital Signature Algorithm, formerly known as Dilithium) signature support to the PKCS#11 interface, enabling hardware security module offloading for post-quantum cryptographic operations. The implementation follows the established patterns for RSA and ECC in the wolfSSL PKCS#11 integration, and also fixes casting errors introduced in PR #9780 by replacing uintptr_t with the portable wc_ptr_t type.
Changes:
- Added ML-DSA key type, mechanisms, and parameter structures to PKCS#11 header definitions
- Implemented ML-DSA key generation, signing, verification, import, and private key checking functions
- Fixed casting issues using
wc_ptr_tinstead ofuintptr_tfor better portability - Added new macro wrappers for ML-DSA functions to support upcoming Dilithium to ML-DSA naming transition
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| wolfssl/wolfcrypt/wc_pkcs11.h | Added PKCS11_KEY_TYPE_MLDSA enum value for ML-DSA key type |
| wolfssl/wolfcrypt/pkcs11.h | Added PKCS#11 constants (CKK_ML_DSA, CKM_ML_DSA, etc.) and structures for ML-DSA parameter sets and signing contexts |
| wolfssl/wolfcrypt/dilithium.h | Added macro wrappers for sign/verify context hash functions and key decode functions to support naming transition |
| wolfcrypt/src/wc_pkcs11.c | Core implementation: ML-DSA key creation, finding, generation, signing, verification, and checking functions; fixed casting from uintptr_t to wc_ptr_t |
| .wolfssl_known_macro_extras | Added NO_PKCS11_MLDSA macro for disabling ML-DSA PKCS#11 support |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Frauschi
force-pushed
the
pkcs11_dilithium
branch
from
ddf8b8a to
e2083fc
Compare
|
Copilot feedback is addressed and incorporated. |
Frauschi
force-pushed
the
pkcs11_dilithium
branch
from
e2083fc to
555d88e
Compare
Offload ML-DSA operations onto a PKCS#11 token via the cryptoCb interface: * Key generation * Signature generation * Signature verification * Key import Both the pure and pre-hash versions are supported. Not yet supported are the pre-hash versions that also offload the hashing onto the token. This also fixes casting errors introduced in wolfSSL#9780 due to usage of uintptr_t, which is unavailable without including stdint.h on some platforms. Use the wolfssl own wc_ptr_t instead.
Frauschi
force-pushed
the
pkcs11_dilithium
branch
from
555d88e to
f99717a
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 14 out of 14 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| * Create a PKCS#11 object containing the ML-DSA private key data. | ||
| * | ||
| * @param handle [out] Handle to private key object. | ||
| * @param session [in] Session object. | ||
| * @param key [in] ML-DSA key. | ||
| * @param mechInfo [in] Pointer to a filled MECHANISM_INFO object. | ||
| * @return WC_HW_E when a PKCS#11 library call fails. | ||
| * @return 0 on success. | ||
| */ |
There was a problem hiding this comment.
Missing asterisk at the beginning of the comment line. The comment block should have consistent formatting with an asterisk on each line.
| * Create a PKCS#11 object containing the ML-DSA private key data. | |
| * | |
| * @param handle [out] Handle to private key object. | |
| * @param session [in] Session object. | |
| * @param key [in] ML-DSA key. | |
| * @param mechInfo [in] Pointer to a filled MECHANISM_INFO object. | |
| * @return WC_HW_E when a PKCS#11 library call fails. | |
| * @return 0 on success. | |
| */ | |
| * Create a PKCS#11 object containing the ML-DSA private key data. | |
| * | |
| * @param handle [out] Handle to private key object. | |
| * @param session [in] Session object. | |
| * @param key [in] ML-DSA key. | |
| * @param mechInfo [in] Pointer to a filled MECHANISM_INFO object. | |
| * @return WC_HW_E when a PKCS#11 library call fails. | |
| * @return 0 on success. | |
| */ |
| paramSet.preHash.pContext = NULL; | ||
| paramSet.preHash.ulContextLen = 0; | ||
| } | ||
| paramSet.preHash.hedgeVariant = CKH_HEDGE_REQUIRED; |
There was a problem hiding this comment.
The hedge variant is hardcoded to CKH_HEDGE_REQUIRED in the signing function. Consider making this configurable through the info structure to allow callers to specify deterministic or preferred hedge modes when needed.
This PR adds ML-DSA signature support to the PKCS#11 interface.
It enables offloading the following ML-DSA operations onto a PKCS#11 token via the cryptoCb interface:
Both the pure and pre-hash versions of ML-DSA are supported. Not yet supported are the pre-hash versions that also offload the hashing onto the token.
This also fixes casting errors introduced in #9780 due to the usage of
uintptr_t, which is unavailable without includingstdint.hon some platforms. We now use the ownwc_ptr_tinstead.Within
wc_pkcs11.c, the newMlDsa_xxxfunctions are already used to simplify the upcoming name change from Dilithium to MlDsa. For that, some new macros have been added to cover all required functions.The new functionality has been tested successfully with wolfPKCS11 using wolfSSL/wolfPKCS11#161 as well as with a prototype PKCS#11 middleware for a new PQC-capable secure element from [redacted].