Merge pull request #6738 from philljj/wolfcrypt_lms_verify_only

Wolfcrypt LMS verify-only support

Author: JacobBarthelmeh

INSTALL

@@ -264,20 +264,20 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
     branch of the hash-sigs project.
 
     Currently the hash-sigs project only builds static libraries:
+      - hss_verify.a: a single-threaded verify-only static lib.
       - hss_lib.a: a single-threaded static lib.
       - hss_lib_thread.a: a multi-threaded static lib.
 
     The multi-threaded version will mainly have speedups for key
     generation and signing.
 
-    Additionally, the hash-sigs project can be modified to build
-    and install a shared library in /usr/local with either single
-    or multi-threaded versions.  If the shared version has been
-    built, libhss.so is the assumed name.
+    The default LMS build (--enable-lms) will look for
+    hss_lib.a first, and hss_lib_thread.a second, in a specified
+    hash-sigs dir.
 
-    wolfSSL supports either option, and by default will look for
-    hss_lib.a first, and hss_lib_thread.a second, and libhss.so
-    lastly, in a specified hash-sigs dir.
+    The LMS verify-only build (--enable-lms=verify-only) will look
+    for hss_verify.a only, which is a slimmer library that includes
+    only the minimal functions necessary for signature verification.
 
     How to get and build the hash-sigs library:
       $ mkdir ~/hash_sigs
@@ -299,12 +299,17 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
       $ ls *.a
       hss_lib_thread.a
 
+    To build verify-only:
+      $ make hss_verify.a
+      $ ls *.a
+      hss_verify.a
+
     Build wolfSSL with
     $ ./configure \
         --enable-static \
         --disable-shared \
-        --enable-lms=yes \
-        --with-liblms=<path to dir containing hss_lib_thread.a>
+        --enable-lms \
+        --with-liblms=<path to dir containing hss_lib.a or hss_lib_thread.a>
     $ make
 
     Run the benchmark against LMS/HSS with:

configure.ac

@@ -1141,6 +1141,49 @@ then
 fi
 
 
+# LMS
+AC_ARG_ENABLE([lms],
+    [AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])],
+    [ ENABLED_LMS=$enableval ],
+    [ ENABLED_LMS=no ]
+    )
+
+ENABLED_WC_LMS=no
+for v in `echo $ENABLED_LMS | tr "," " "`
+do
+  case $v in
+  yes)
+    ;;
+  no)
+    ;;
+  verify-only)
+    LMS_VERIFY_ONLY=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LMS_VERIFY_ONLY"
+    ;;
+  wolfssl)
+    ENABLED_WC_LMS=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_LMS"
+    ;;
+  *)
+    AC_MSG_ERROR([Invalid choice for LMS []: $ENABLED_LMS.])
+    break;;
+  esac
+done
+
+if test "$ENABLED_LMS" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_LMS"
+
+    if test "$ENABLED_WC_LMS" = "no";
+    then
+        # Default is to use hash-sigs LMS lib. Make sure it's enabled.
+        if test "$ENABLED_LIBLMS" = "no"; then
+            AC_MSG_ERROR([The default implementation for LMS is the hash-sigs LMS/HSS lib.
+            Please use --with-liblms.])
+        fi
+    fi
+fi
+
 # liblms
 # Get the path to the hash-sigs LMS HSS lib.
 ENABLED_LIBLMS="no"
@@ -1160,10 +1203,21 @@ AC_ARG_WITH([liblms],
                 tryliblmsdir="/usr/local"
             fi
 
-            # 1. By default use the hash-sigs single-threaded static library.
-            # 2. If 1 not found, then use the multi-threaded static lib.
-            # 3. If 2 not found, then use the multi-threaded dynamic lib.
-            if test -e $tryliblmsdir/hss_lib.a; then
+            # 1. If verify only build, use hss_verify.a
+            # 2. If normal build, by default use single-threaded hss_lib.a
+            # 3. If 2 not found, then use the multi-threaded hss_lib_thread.a
+            if test "$LMS_VERIFY_ONLY" = "yes"; then
+                if test -e $tryliblmsdir/hss_verify.a; then
+                    CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+                    LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_verify.a"
+                    enable_shared=no
+                    enable_static=yes
+                    liblms_linked=yes
+                else
+                    AC_MSG_ERROR([hss_verify.a isn't found.
+                    If it's already installed, specify its path using --with-liblms=/dir/])
+                fi
+            elif test -e $tryliblmsdir/hss_lib.a; then
                 CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
                 LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_lib.a"
                 enable_shared=no
@@ -1175,12 +1229,6 @@ AC_ARG_WITH([liblms],
                 enable_shared=no
                 enable_static=yes
                 liblms_linked=yes
-            elif test -e $tryliblmsdir/lib/libhss.so; then
-                LIBS="$LIBS -lhss"
-                CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir/include/hss"
-                LDFLAGS="$AM_LDFLAGS $LDFLAGS -L$tryliblmsdir/lib"
-
-                AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <hss.h>]], [[ param_set_t lm_type; param_set_t lm_ots_type; hss_get_public_key_len(4, &lm_type, &lm_ots_type); ]])], [ liblms_linked=yes ],[ liblms_linked=no ])
             else
                 AC_MSG_ERROR([liblms isn't found.
                 If it's already installed, specify its path using --with-liblms=/dir/])
@@ -1203,47 +1251,6 @@ AC_ARG_WITH([liblms],
     ]
 )
 
-
-# LMS
-AC_ARG_ENABLE([lms],
-    [AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])],
-    [ ENABLED_LMS=$enableval ],
-    [ ENABLED_LMS=no ]
-    )
-
-ENABLED_WC_LMS=no
-for v in `echo $ENABLED_LMS | tr "," " "`
-do
-  case $v in
-  yes)
-    ;;
-  no)
-    ;;
-  wolfssl)
-    ENABLED_WC_LMS=yes
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_LMS"
-    ;;
-  *)
-    AC_MSG_ERROR([Invalid choice for LMS []: $ENABLED_LMS.])
-    break;;
-  esac
-done
-
-if test "$ENABLED_LMS" != "no"
-then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_LMS"
-
-    if test "$ENABLED_WC_LMS" = "no";
-    then
-        # Default is to use hash-sigs LMS lib. Make sure it's enabled.
-        if test "$ENABLED_LIBLMS" = "no"; then
-            AC_MSG_ERROR([The default implementation for LMS is the hash-sigs LMS/HSS lib.
-            Please use --with-liblms.])
-        fi
-    fi
-fi
-
-
 # SINGLE THREADED
 AC_ARG_ENABLE([singlethreaded],
     [AS_HELP_STRING([--enable-singlethreaded],[Enable wolfSSL single threaded (default: disabled)])],

wolfcrypt/benchmark/benchmark.c

@@ -157,7 +157,7 @@
     #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
-#ifdef WOLFSSL_HAVE_LMS
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
     #include <wolfssl/wolfcrypt/lms.h>
 #ifdef HAVE_LIBLMS
     #include <wolfssl/wolfcrypt/ext_lms.h>
@@ -870,7 +870,7 @@ static const bench_alg bench_other_opt[] = {
 
 #endif /* !WOLFSSL_BENCHMARK_ALL && !NO_MAIN_DRIVER */
 
-#if defined(WOLFSSL_HAVE_LMS)
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
 typedef struct bench_pq_hash_sig_alg {
     /* Command line option string. */
     const char* str;
@@ -883,7 +883,7 @@ static const bench_pq_hash_sig_alg bench_pq_hash_sig_opt[] = {
     { "-lms_hss", BENCH_LMS_HSS},
     { NULL, 0}
 };
-#endif /* if defined(WOLFSSL_HAVE_LMS) */
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
 
 #if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
 /* The post-quantum-specific mapping of command line option to bit values and
@@ -2832,11 +2832,11 @@ static void* benchmarks_do(void* args)
     }
 #endif
 
-#ifdef WOLFSSL_HAVE_LMS
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
     if (bench_all || (bench_pq_hash_sig_algs & BENCH_LMS_HSS)) {
         bench_lms();
     }
-#endif
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
 
 #ifdef HAVE_ECC
     if (bench_all || (bench_asym_algs & BENCH_ECC_MAKEKEY) ||
@@ -7664,7 +7664,7 @@ void bench_kyber(int type)
 }
 #endif
 
-#ifdef WOLFSSL_HAVE_LMS
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
 /* WC_LMS_PARM_L2_H10_W2
  * signature length: 9300 */
 static const byte lms_priv_L2_H10_W2[64] =
@@ -8031,7 +8031,7 @@ void bench_lms(void)
     return;
 }
 
-#endif /* ifdef WOLFSSL_HAVE_LMS */
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
 
 #ifdef HAVE_ECC
 
@@ -10368,10 +10368,10 @@ static void Usage(void)
         print_alg(bench_pq_asym_opt2[i].str, &line);
 #endif /* HAVE_LIBOQS && HAVE_SPHINCS */
 #endif /* HAVE_PQC */
-#if defined(WOLFSSL_HAVE_LMS)
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
     for (i=0; bench_pq_hash_sig_opt[i].str != NULL; i++)
         print_alg(bench_pq_hash_sig_opt[i].str, &line);
-#endif /* if defined(WOLFSSL_HAVE_LMS) */
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
     printf("\n");
 #endif /* !WOLFSSL_BENCHMARK_ALL */
     e++;
@@ -10634,7 +10634,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                 }
             }
 
-        #if defined(WOLFSSL_HAVE_LMS)
+        #if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
             /* post-quantum stateful hash-based signatures */
             for (i=0; !optMatched && bench_pq_hash_sig_opt[i].str != NULL; i++) {
                 if (string_matches(argv[1], bench_pq_hash_sig_opt[i].str)) {
@@ -10643,7 +10643,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                     optMatched = 1;
                 }
             }
-        #endif /* if defined(WOLFSSL_HAVE_LMS) */
+        #endif
 #endif
             if (!optMatched) {
                 printf("Option not recognized: %s\n", argv[1]);