diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index a503186815..ea68155366 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -324,16 +324,6 @@ else() file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/) endif() -set(DILITHIUM_SOURCES) -if(ENABLE_DILITHIUM) - set( - DILITHIUM_SOURCES - - evp_extra/p_pqdsa_asn1.c - dilithium/ml_dsa.c - ) -endif() - set(CRYPTO_ARCH_OBJECTS "") if (ARCH STREQUAL "aarch64" AND CMAKE_GENERATOR MATCHES "Visual Studio") msbuild_aarch64_asm(TARGET crypto_objects ASM_FILES ${CRYPTO_ARCH_SOURCES} OUTPUT_OBJECTS CRYPTO_ARCH_OBJECTS) @@ -411,7 +401,7 @@ add_library( dh_extra/params.c dh_extra/dh_asn1.c digest_extra/digest_extra.c - ${DILITHIUM_SOURCES} + dilithium/ml_dsa.c dsa/dsa.c dsa/dsa_asn1.c ecdh_extra/ecdh_extra.c @@ -431,6 +421,7 @@ add_library( evp_extra/p_ed25519_asn1.c evp_extra/p_hmac_asn1.c evp_extra/p_kem_asn1.c + evp_extra/p_pqdsa_asn1.c evp_extra/p_rsa_asn1.c evp_extra/p_x25519.c evp_extra/p_x25519_asn1.c diff --git a/crypto/dilithium/p_pqdsa_test.cc b/crypto/dilithium/p_pqdsa_test.cc index 4d1dfec2b6..6cad6bd12c 100644 --- a/crypto/dilithium/p_pqdsa_test.cc +++ b/crypto/dilithium/p_pqdsa_test.cc @@ -13,9 +13,6 @@ #include "../fipsmodule/evp/internal.h" #include "../internal.h" #include "../fipsmodule/pqdsa/internal.h" - -#ifdef ENABLE_DILITHIUM - #include "../test/file_test.h" #include "../test/test_util.h" #include "ml_dsa.h" @@ -1518,13 +1515,3 @@ TEST_P(PQDSAParameterTest, ParsePublicKey) { bssl::UniquePtr pkey_from_der(EVP_parse_public_key(&cbs)); ASSERT_TRUE(pkey_from_der); } - -#else - -TEST(PQDSATest, EvpDisabled) { - ASSERT_EQ(nullptr, EVP_PKEY_CTX_new_id(EVP_PKEY_NONE, nullptr)); - bssl::UniquePtr pkey(EVP_PKEY_new()); - ASSERT_FALSE(EVP_PKEY_set_type(pkey.get(), EVP_PKEY_NONE)); -} - -#endif diff --git a/crypto/evp_extra/evp_asn1.c b/crypto/evp_extra/evp_asn1.c index 5537af6aba..1801d5abd2 100644 --- a/crypto/evp_extra/evp_asn1.c +++ b/crypto/evp_extra/evp_asn1.c @@ -99,7 +99,7 @@ static const EVP_PKEY_ASN1_METHOD *parse_key_type(CBS *cbs) { if (OBJ_cbs2nid(&oid) == NID_rsa) { return &rsa_asn1_meth; } -#ifdef ENABLE_DILITHIUM + // The pkey_id for the pqdsa_asn1_meth is EVP_PKEY_PQDSA, as this holds all // asn1 functions for pqdsa types. However, the incoming CBS has the OID for // the specific algorithm. So we must search explicitly for the algorithm. @@ -113,7 +113,6 @@ static const EVP_PKEY_ASN1_METHOD *parse_key_type(CBS *cbs) { return ret; } } -#endif return NULL; } diff --git a/crypto/evp_extra/evp_extra_test.cc b/crypto/evp_extra/evp_extra_test.cc index 6d85556c3d..42437c0efe 100644 --- a/crypto/evp_extra/evp_extra_test.cc +++ b/crypto/evp_extra/evp_extra_test.cc @@ -697,8 +697,6 @@ static const uint8_t kInvalidPrivateKey[] = { 0x48, 0x30, 0x01, 0xaa, 0x02, 0x86, 0xc0, 0x30, 0xdf, 0xe9, 0x80, }; -#ifdef ENABLE_DILITHIUM - // kExampleMLDSA65KeyDER is a ML-DSA private key in ASN.1, DER format. // Of course, you should never use this key anywhere but in an example. static const uint8_t kExampleMLDSA65KeyDER[] = { @@ -1015,8 +1013,6 @@ static const uint8_t kExampleMLDSA65KeyDER[] = { 0xE3, 0x1D, 0xF6, 0xF7, 0xEE, 0x9F, 0xA, 0xC5, 0x91, 0x14, 0x33, 0x4B, 0xDB, 0xC4, 0xEE, 0xC, 0xFB, 0xE4, 0xD1, 0x43, 0xC2, 0x1B, 0xC3, 0x2, 0x9B, 0x6B }; -#endif - static bssl::UniquePtr LoadExampleRSAKey() { bssl::UniquePtr rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER))); @@ -1493,12 +1489,8 @@ TEST(EVPExtraTest, d2i_PrivateKey) { sizeof(kExampleRSAPSSKeyPKCS8))); EXPECT_TRUE( ParsePrivateKey(EVP_PKEY_EC, kExampleECKeyDER, sizeof(kExampleECKeyDER))); - -#ifdef ENABLE_DILITHIUM EXPECT_TRUE(ParsePrivateKey(EVP_PKEY_PQDSA, kExampleMLDSA65KeyDER, sizeof(kExampleMLDSA65KeyDER))); -#endif - EXPECT_FALSE(ParsePrivateKey(EVP_PKEY_EC, kExampleBadECKeyDER, sizeof(kExampleBadECKeyDER))); ERR_clear_error(); diff --git a/crypto/evp_extra/internal.h b/crypto/evp_extra/internal.h index 8be477feb6..6f1de293fb 100644 --- a/crypto/evp_extra/internal.h +++ b/crypto/evp_extra/internal.h @@ -27,9 +27,7 @@ extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; -#ifdef ENABLE_DILITHIUM extern const EVP_PKEY_ASN1_METHOD pqdsa_asn1_meth; -#endif extern const EVP_PKEY_ASN1_METHOD kem_asn1_meth; extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; diff --git a/crypto/evp_extra/p_methods.c b/crypto/evp_extra/p_methods.c index bed85d9168..1899e2b6a8 100644 --- a/crypto/evp_extra/p_methods.c +++ b/crypto/evp_extra/p_methods.c @@ -20,9 +20,7 @@ const EVP_PKEY_ASN1_METHOD *const asn1_evp_pkey_methods[] = { &dsa_asn1_meth, &ed25519_asn1_meth, &x25519_asn1_meth, -#ifdef ENABLE_DILITHIUM &pqdsa_asn1_meth, -#endif &kem_asn1_meth, &hmac_asn1_meth, &dh_asn1_meth diff --git a/crypto/evp_extra/print.c b/crypto/evp_extra/print.c index 0eb6d46268..d446ab3aa1 100644 --- a/crypto/evp_extra/print.c +++ b/crypto/evp_extra/print.c @@ -64,12 +64,8 @@ #include "../internal.h" #include "../fipsmodule/evp/internal.h" #include "../fipsmodule/rsa/internal.h" - -#ifdef ENABLE_DILITHIUM #include "../dilithium/ml_dsa.h" #include "../fipsmodule/pqdsa/internal.h" -#endif - static int print_hex(BIO *bp, const uint8_t *data, size_t len, int off) { for (size_t i = 0; i < len; i++) { @@ -312,8 +308,6 @@ static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent) { return do_EC_KEY_print(bp, EVP_PKEY_get0_EC_KEY(pkey), indent, 2); } -#ifdef ENABLE_DILITHIUM - // MLDSA keys. static int do_mldsa_65_print(BIO *bp, const EVP_PKEY *pkey, int off, int ptype) { @@ -357,8 +351,6 @@ static int mldsa_65_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent) { return do_mldsa_65_print(bp, pkey, indent, 2); } -#endif - typedef struct { int type; int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent); @@ -385,14 +377,12 @@ static EVP_PKEY_PRINT_METHOD kPrintMethods[] = { eckey_priv_print, eckey_param_print, }, -#ifdef ENABLE_DILITHIUM { EVP_PKEY_PQDSA, mldsa_65_pub_print, mldsa_65_priv_print, NULL /* param_print */, }, -#endif }; static size_t kPrintMethodsLen = OPENSSL_ARRAY_SIZE(kPrintMethods); diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c index d26e042e79..ee16ef2ac1 100644 --- a/crypto/fipsmodule/bcm.c +++ b/crypto/fipsmodule/bcm.c @@ -119,9 +119,7 @@ #include "evp/p_hkdf.c" #include "evp/p_hmac.c" #include "evp/p_kem.c" -#ifdef ENABLE_DILITHIUM #include "evp/p_pqdsa.c" -#endif #include "evp/p_rsa.c" #include "hkdf/hkdf.c" #include "hmac/hmac.c" @@ -140,9 +138,7 @@ #include "modes/xts.c" #include "modes/polyval.c" #include "pbkdf/pbkdf.c" -#ifdef ENABLE_DILITHIUM #include "pqdsa/pqdsa.c" -#endif #include "rand/ctrdrbg.c" #include "rand/fork_detect.c" #include "rand/rand.c" diff --git a/crypto/fipsmodule/evp/evp_ctx.c b/crypto/fipsmodule/evp/evp_ctx.c index f30cc7d249..310d7ec674 100644 --- a/crypto/fipsmodule/evp/evp_ctx.c +++ b/crypto/fipsmodule/evp/evp_ctx.c @@ -75,9 +75,7 @@ DEFINE_LOCAL_DATA(struct fips_evp_pkey_methods, AWSLC_fips_evp_pkey_methods) { out->methods[4] = EVP_PKEY_hmac_pkey_meth(); out->methods[5] = EVP_PKEY_ed25519_pkey_meth(); out->methods[6] = EVP_PKEY_kem_pkey_meth(); -#ifdef ENABLE_DILITHIUM out->methods[7] = EVP_PKEY_pqdsa_pkey_meth(); -#endif } static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) { diff --git a/crypto/fipsmodule/evp/internal.h b/crypto/fipsmodule/evp/internal.h index c65391cbc7..d5186af738 100644 --- a/crypto/fipsmodule/evp/internal.h +++ b/crypto/fipsmodule/evp/internal.h @@ -381,16 +381,9 @@ typedef struct { void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); #define ED25519_PUBLIC_KEY_OFFSET 32 - -#ifdef ENABLE_DILITHIUM #define FIPS_EVP_PKEY_METHODS 8 #define NON_FIPS_EVP_PKEY_METHODS 3 #define ASN1_EVP_PKEY_METHODS 10 -#else -#define FIPS_EVP_PKEY_METHODS 7 -#define NON_FIPS_EVP_PKEY_METHODS 3 -#define ASN1_EVP_PKEY_METHODS 9 -#endif struct fips_evp_pkey_methods { const EVP_PKEY_METHOD * methods[FIPS_EVP_PKEY_METHODS]; @@ -403,9 +396,7 @@ const EVP_PKEY_METHOD *EVP_PKEY_hkdf_pkey_meth(void); const EVP_PKEY_METHOD *EVP_PKEY_hmac_pkey_meth(void); const EVP_PKEY_METHOD *EVP_PKEY_ed25519_pkey_meth(void); const EVP_PKEY_METHOD *EVP_PKEY_kem_pkey_meth(void); -#ifdef ENABLE_DILITHIUM const EVP_PKEY_METHOD *EVP_PKEY_pqdsa_pkey_meth(void); -#endif #if defined(__cplusplus) } // extern C diff --git a/crypto/x509/algorithm.c b/crypto/x509/algorithm.c index 88da490b82..13e34c7f5a 100644 --- a/crypto/x509/algorithm.c +++ b/crypto/x509/algorithm.c @@ -98,11 +98,9 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL); } -#ifdef ENABLE_DILITHIUM if (EVP_PKEY_id(pkey) == EVP_PKEY_PQDSA) { return X509_ALGOR_set0(algor, OBJ_nid2obj(pkey->pkey.pqdsa_key->pqdsa->nid), V_ASN1_UNDEF, NULL); } -#endif // Default behavior: look up the OID for the algorithm/hash pair and encode // that. @@ -143,12 +141,10 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg, // when |sigalg_nid| is |NID_rsassaPss|. if (pkey_nid != EVP_PKEY_id(pkey) && !(sigalg_nid == NID_rsassaPss && pkey_nid == NID_rsaEncryption && - EVP_PKEY_id(pkey) == EVP_PKEY_RSA_PSS) -#ifdef ENABLE_DILITHIUM - && !(sigalg_nid == NID_MLDSA65 && pkey_nid == NID_MLDSA65 && + EVP_PKEY_id(pkey) == EVP_PKEY_RSA_PSS) && + !(sigalg_nid == NID_MLDSA65 && pkey_nid == NID_MLDSA65 && EVP_PKEY_id(pkey) == EVP_PKEY_PQDSA) -#endif - ) { + ) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE); return 0; } @@ -164,11 +160,7 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg, if (sigalg_nid == NID_rsassaPss) { return x509_rsa_pss_to_ctx(ctx, sigalg, pkey); } -#ifdef ENABLE_DILITHIUM if (sigalg_nid == NID_ED25519 || sigalg_nid == NID_MLDSA65) { -#else - if (sigalg_nid == NID_ED25519) { -#endif if (sigalg->parameter != NULL) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER); return 0; diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc index 9286f88122..7fda8f0c58 100644 --- a/crypto/x509/x509_test.cc +++ b/crypto/x509/x509_test.cc @@ -576,7 +576,6 @@ w1AH9efZBw== -----END CERTIFICATE----- )"; -#ifdef ENABLE_DILITHIUM // This certificate is the example certificate provided in section 3 of //https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/ static const char kMLDSA65Cert[] = R"( @@ -946,8 +945,6 @@ DhQcIi8= -----END CERTIFICATE----- )"; -#endif - // kSANTypesLeaf is a leaf certificate (signed by |kSANTypesRoot|) which // contains SANS for example.com, test@example.com, 127.0.0.1, and // https://example.com/. (The latter is useless for now since crypto/x509 @@ -2923,8 +2920,6 @@ TEST(X509Test, Ed25519Sign) { ASSERT_TRUE(SignatureRoundTrips(md_ctx.get(), pub.get())); } -#ifdef ENABLE_DILITHIUM - TEST(X509Test, MLDSA65SignVerifyCert) { // This test generates a MLDSA65 keypair, generates and signs a // certificate, then verifies the certificate's signature. @@ -2995,8 +2990,6 @@ TEST(X509Test, TestBadParamsMLDSA65) { ERR_clear_error(); } -#endif - static bool PEMToDER(bssl::UniquePtr *out, size_t *out_len, const char *pem) { bssl::UniquePtr bio(BIO_new_mem_buf(pem, strlen(pem))); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index e09b68ffd7..bb35b3dc4f 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -198,11 +198,7 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int #define EVP_PKEY_HKDF NID_hkdf #define EVP_PKEY_HMAC NID_hmac #define EVP_PKEY_DH NID_dhKeyAgreement - -#ifdef ENABLE_DILITHIUM #define EVP_PKEY_PQDSA NID_PQDSA -#endif - #define EVP_PKEY_KEM NID_kem // EVP_PKEY_set_type sets the type of |pkey| to |type|. It returns one if @@ -944,24 +940,28 @@ OPENSSL_EXPORT int EVP_PKEY_kem_check_key(EVP_PKEY *key); // PQDSA specific functions. -#ifdef ENABLE_DILITHIUM // EVP_PKEY_CTX_pqdsa_set_params sets in |ctx| the parameters associated with // the signature scheme defined by the given |nid|. It returns one on success -// and zero on error. +// and zero on error. This API is marked as EXPERIMENTAL (using the deprecated +// warning) to indicate that this API may change as the standards around the +// signature schemes finalize. OPENSSL_EXPORT int EVP_PKEY_CTX_pqdsa_set_params(EVP_PKEY_CTX *ctx, int nid); // EVP_PKEY_pqdsa_new_raw_public_key generates a new EVP_PKEY object of type // EVP_PKEY_PQDSA, initializes the PQDSA key based on |nid| and populates the // public key part of the PQDSA key with the contents of |in|. It returns the -// pointer to the allocated PKEY on sucess and NULL on error. +// pointer to the allocated PKEY on sucess and NULL on error. This API is marked +// as EXPERIMENTAL to indicate that this API may change as the standards around +// the signature schemes finalize. OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_pqdsa_new_raw_public_key(int nid, const uint8_t *in, size_t len); // EVP_PKEY_pqdsa_new_raw_private_key generates a new EVP_PKEY object of type // EVP_PKEY_PQDSA, initializes the PQDSA key based on |nid| and populates the // secret key part of the PQDSA key with the contents of |in|. It returns the -// pointer to the allocated PKEY on sucess and NULL on error. + // pointer to the allocated PKEY on sucess and NULL on error. This API is marked +// as EXPERIMENTAL to indicate that this API may change as the standards around +// the signature schemes finalize. OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_pqdsa_new_raw_private_key(int nid, const uint8_t *in, size_t len); -#endif // Diffie-Hellman-specific control functions. diff --git a/include/openssl/pem.h b/include/openssl/pem.h index f560bad33b..b499a4a8fc 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -88,12 +88,8 @@ extern "C" { #define PEM_STRING_PUBLIC "PUBLIC KEY" #define PEM_STRING_RSA "RSA PRIVATE KEY" #define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" - -#ifdef ENABLE_DILITHIUM #define PEM_STRING_DILITHIUM3 "DILITHIUM3 PRIVATE KEY" #define PEM_STRING_DILITHIUM3_PUBLIC "DILITHIUM3 PUBLIC KEY" -#endif - #define PEM_STRING_DSA "DSA PRIVATE KEY" #define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" #define PEM_STRING_EC "EC PRIVATE KEY" diff --git a/tool/speed.cc b/tool/speed.cc index a0e4915472..26a7f65d44 100644 --- a/tool/speed.cc +++ b/tool/speed.cc @@ -867,7 +867,7 @@ static bool SpeedKEM(std::string selected) { SpeedSingleKEM("Kyber1024_R3", NID_KYBER1024_R3, selected); } -#if defined(ENABLE_DILITHIUM) && AWSLC_API_VERSION > 31 +#if AWSLC_API_VERSION > 31 static bool SpeedDigestSignNID(const std::string &name, int nid, const std::string &selected) { @@ -2866,7 +2866,7 @@ bool Speed(const std::vector &args) { #if AWSLC_API_VERSION > 16 !SpeedKEM(selected) || #endif -#if defined(ENABLE_DILITHIUM) && AWSLC_API_VERSION > 31 +#if AWSLC_API_VERSION > 31 !SpeedDigestSign(selected) || #endif !SpeedAEADSeal(EVP_aead_aes_128_gcm(), "AEAD-AES-128-GCM", kTLSADLen, selected) ||