Merge pull request #7026 from Frauschi/liboqs

Improve liboqs integration

Author: douzzer

cmake/functions.cmake

@@ -198,6 +198,7 @@ function(generate_build_flags)
         set(BUILD_SPHINCS "yes" PARENT_SCOPE)
         set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
         set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
+        set(BUILD_OQS_HELPER "yes" PARENT_SCOPE)
     endif()
     if(WOLFSSL_ARIA OR WOLFSSL_USER_SETTINGS)
         message(STATUS "ARIA functions.cmake found WOLFSSL_ARIA")
@@ -587,6 +588,11 @@ function(generate_lib_src_list LIB_SOURCES)
          wolfcrypt/src/wc_port.c
          wolfcrypt/src/error.c)
 
+    if(BUILD_OQS_HELPER)
+        list(APPEND LIB_SOURCES
+            wolfcrypt/src/port/liboqs/liboqs.c)
+    endif()
+
     if(BUILD_ARIA)
         list(APPEND LIB_SOURCES
             wolfcrypt/src/port/aria/aria-crypt.c

src/include.am

@@ -835,6 +835,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/falcon.c
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/dilithium.c
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sphincs.c
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_kyber.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/liboqs/liboqs.c
 endif
 
 if BUILD_LIBLMS

src/tls13.c

@@ -8911,7 +8911,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
                 ret = wc_falcon_sign_msg(args->sigData, args->sigDataSz,
                                          args->verify + HASH_SIG_SIZE +
                                          VERIFY_HEADER, (word32*)&sig->length,
-                                         (falcon_key*)ssl->hsKey);
+                                         (falcon_key*)ssl->hsKey, ssl->rng);
                 args->length = (word16)sig->length;
             }
             #endif
@@ -8920,7 +8920,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
                 ret = wc_dilithium_sign_msg(args->sigData, args->sigDataSz,
                                          args->verify + HASH_SIG_SIZE +
                                          VERIFY_HEADER, (word32*)&sig->length,
-                                         (dilithium_key*)ssl->hsKey);
+                                         (dilithium_key*)ssl->hsKey, ssl->rng);
                 args->length = (word16)sig->length;
             }
             #endif

wolfcrypt/benchmark/benchmark.c

@@ -11791,7 +11791,7 @@ void bench_falconKeySign(byte level)
                     x = FALCON_LEVEL5_SIG_SIZE;
                 }
 
-                ret = wc_falcon_sign_msg(msg, sizeof(msg), sig, &x, &key);
+                ret = wc_falcon_sign_msg(msg, sizeof(msg), sig, &x, &key, GLOBAL_RNG);
                 if (ret != 0) {
                     printf("wc_falcon_sign_msg failed\n");
                 }
@@ -11912,7 +11912,7 @@ void bench_dilithiumKeySign(byte level)
                     x = DILITHIUM_LEVEL5_SIG_SIZE;
                 }
 
-                ret = wc_dilithium_sign_msg(msg, sizeof(msg), sig, &x, &key);
+                ret = wc_dilithium_sign_msg(msg, sizeof(msg), sig, &x, &key, GLOBAL_RNG);
                 if (ret != 0) {
                     printf("wc_dilithium_sign_msg failed\n");
                 }
@@ -12058,7 +12058,7 @@ void bench_sphincsKeySign(byte level, byte optim)
                     x = SPHINCS_SMALL_LEVEL5_SIG_SIZE;
                 }
 
-                ret = wc_sphincs_sign_msg(msg, sizeof(msg), sig, &x, &key);
+                ret = wc_sphincs_sign_msg(msg, sizeof(msg), sig, &x, &key, GLOBAL_RNG);
                 if (ret != 0) {
                     printf("wc_sphincs_sign_msg failed\n");
                 }

wolfcrypt/src/asn.c

@@ -28901,7 +28901,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
     #if defined(HAVE_FALCON)
         if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && falconKey) {
             word32 outSz = sigSz;
-            ret = wc_falcon_sign_msg(buf, sz, sig, &outSz, falconKey);
+            ret = wc_falcon_sign_msg(buf, sz, sig, &outSz, falconKey, rng);
             if (ret == 0)
                 ret = outSz;
         }
@@ -28910,7 +28910,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
         if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
             dilithiumKey) {
             word32 outSz = sigSz;
-            ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey);
+            ret = wc_dilithium_sign_msg(buf, sz, sig, &outSz, dilithiumKey, rng);
             if (ret == 0)
                 ret = outSz;
         }
@@ -28919,7 +28919,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
         if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && !falconKey &&
             !dilithiumKey && sphincsKey) {
             word32 outSz = sigSz;
-            ret = wc_sphincs_sign_msg(buf, sz, sig, &outSz, sphincsKey);
+            ret = wc_sphincs_sign_msg(buf, sz, sig, &outSz, sphincsKey, rng);
             if (ret == 0)
                 ret = outSz;
         }

wolfcrypt/src/dilithium.c

@@ -59,7 +59,7 @@
  */
 int wc_dilithium_sign_msg(const byte* in, word32 inLen,
                           byte* out, word32 *outLen,
-                          dilithium_key* key)
+                          dilithium_key* key, WC_RNG* rng)
 {
     int ret = 0;
 #ifdef HAVE_LIBOQS
@@ -107,6 +107,10 @@ int wc_dilithium_sign_msg(const byte* in, word32 inLen,
         localOutLen = *outLen;
     }
 
+    if (ret == 0) {
+        ret = wolfSSL_liboqsRngMutexLock(rng);
+    }
+
     if ((ret == 0) &&
         (OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
          == OQS_ERROR)) {
@@ -117,6 +121,8 @@ int wc_dilithium_sign_msg(const byte* in, word32 inLen,
         *outLen = (word32)localOutLen;
     }
 
+    wolfSSL_liboqsRngMutexUnlock();
+
     if (oqssig != NULL) {
         OQS_SIG_free(oqssig);
     }

wolfcrypt/src/ext_kyber.c

@@ -39,6 +39,8 @@
 
 #if defined (HAVE_LIBOQS)
 
+#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
+
 static const char* OQS_ID2name(int id) {
     switch (id) {
         case KYBER_LEVEL1: return OQS_KEM_alg_kyber_512;
@@ -337,12 +339,16 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng)
             ret = BAD_FUNC_ARG;
         }
     }
+    if (ret == 0) {
+        ret = wolfSSL_liboqsRngMutexLock(rng);
+    }
     if (ret == 0) {
         if (OQS_KEM_keypair(kem, key->pub, key->priv) !=
             OQS_SUCCESS) {
             ret = BAD_FUNC_ARG;
         }
     }
+    wolfSSL_liboqsRngMutexUnlock();
     OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
 #ifdef HAVE_PQM4
@@ -422,12 +428,15 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss,
             ret = BAD_FUNC_ARG;
         }
     }
+    if (ret == 0) {
+        ret = wolfSSL_liboqsRngMutexLock(rng);
+    }
     if (ret == 0) {
         if (OQS_KEM_encaps(kem, ct, ss, key->pub) != OQS_SUCCESS) {
             ret = BAD_FUNC_ARG;
         }
     }
-
+    wolfSSL_liboqsRngMutexUnlock();
     OQS_KEM_free(kem);
 #endif /* HAVE_LIBOQS */
 #ifdef HAVE_PQM4

wolfcrypt/src/falcon.c

@@ -59,7 +59,7 @@
  */
 int wc_falcon_sign_msg(const byte* in, word32 inLen,
                               byte* out, word32 *outLen,
-                              falcon_key* key)
+                              falcon_key* key, WC_RNG* rng)
 {
     int ret = 0;
 #ifdef HAVE_LIBOQS
@@ -101,6 +101,10 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
         localOutLen = *outLen;
     }
 
+    if (ret == 0) {
+        ret = wolfSSL_liboqsRngMutexLock(rng);
+    }
+
     if ((ret == 0) &&
         (OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
          == OQS_ERROR)) {
@@ -111,6 +115,8 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
         *outLen = (word32)localOutLen;
     }
 
+    wolfSSL_liboqsRngMutexUnlock();
+
     if (oqssig != NULL) {
         OQS_SIG_free(oqssig);
     }

wolfcrypt/src/include.am

@@ -132,7 +132,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \
               wolfcrypt/src/port/Renesas/README.md \
-              wolfcrypt/src/port/cypress/psoc6_crypto.c
+              wolfcrypt/src/port/cypress/psoc6_crypto.c \
+              wolfcrypt/src/port/liboqs/liboqs.c
 
 $(ASYNC_FILES):
 	$(AM_V_at)touch $(srcdir)/$@

wolfcrypt/src/port/liboqs/liboqs.c

@@ -0,0 +1,111 @@
+/* liboqs.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+
+DESCRIPTION
+This library provides the support interfaces to the liboqs library providing
+implementations for Post-Quantum cryptography algorithms.
+
+*/
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+
+#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
+
+#if defined(HAVE_LIBOQS)
+
+/* RNG for liboqs */
+static WC_RNG liboqsDefaultRNG;
+static WC_RNG* liboqsCurrentRNG;
+
+static wolfSSL_Mutex liboqsRNGMutex;
+
+static int liboqs_init = 0;
+
+
+static void wolfSSL_liboqsGetRandomData(uint8_t* buffer, size_t numOfBytes)
+{
+    int ret = wc_RNG_GenerateBlock(liboqsCurrentRNG, buffer, numOfBytes);
+    if (ret != 0) {
+        // ToDo: liboqs exits programm if RNG fails, not sure what to do here
+    }
+}
+
+int wolfSSL_liboqsInit(void)
+{
+    int ret = 0;
+
+    if (liboqs_init == 0) {
+        ret = wc_InitMutex(&liboqsRNGMutex);
+        if (ret != 0) {
+            return ret;
+        }
+        ret = wc_LockMutex(&liboqsRNGMutex);
+        if (ret != 0) {
+            return ret;
+        }
+        ret = wc_InitRng(&liboqsDefaultRNG);
+        if (ret == 0) {
+            OQS_init();
+            liboqs_init = 1;
+        }
+        liboqsCurrentRNG = &liboqsDefaultRNG;
+        wc_UnLockMutex(&liboqsRNGMutex);
+
+        OQS_randombytes_custom_algorithm(wolfSSL_liboqsGetRandomData);
+    }
+
+    return ret;
+}
+
+int wolfSSL_liboqsRngMutexLock(WC_RNG* rng)
+{
+    int ret = wolfSSL_liboqsInit();
+    if (ret == 0) {
+        ret = wc_LockMutex(&liboqsRNGMutex);
+    }
+    if (ret == 0 && rng != NULL) {
+        /* Update the pointer with the RNG to use. This is safe as we locked the mutex */
+        liboqsCurrentRNG = rng;
+    }
+    return ret;
+}
+
+int wolfSSL_liboqsRngMutexUnlock(void)
+{
+    int ret = BAD_MUTEX_E;
+
+    liboqsCurrentRNG = &liboqsDefaultRNG;
+
+    if (liboqs_init) {
+        ret = wc_UnLockMutex(&liboqsRNGMutex);
+    }
+    return ret;
+}
+
+#endif /* HAVE_LIBOQS */