diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index 51bc44b35e..23729d579c 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -324,18 +324,6 @@ else()
file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/)
endif()
-set(DILITHIUM_SOURCES)
-if(ENABLE_DILITHIUM)
- set(
- DILITHIUM_SOURCES
-
- evp_extra/p_pqdsa.c
- evp_extra/p_pqdsa_asn1.c
- ml_dsa/ml_dsa.c
- pqdsa/pqdsa.c
- )
-endif()
-
set(CRYPTO_ARCH_OBJECTS "")
if (ARCH STREQUAL "aarch64" AND CMAKE_GENERATOR MATCHES "Visual Studio")
msbuild_aarch64_asm(TARGET crypto_objects ASM_FILES ${CRYPTO_ARCH_SOURCES} OUTPUT_OBJECTS CRYPTO_ARCH_OBJECTS)
@@ -413,7 +401,6 @@ add_library(
dh_extra/params.c
dh_extra/dh_asn1.c
digest_extra/digest_extra.c
- ${DILITHIUM_SOURCES}
dsa/dsa.c
dsa/dsa_asn1.c
ecdh_extra/ecdh_extra.c
@@ -433,6 +420,8 @@ add_library(
evp_extra/p_ed25519_asn1.c
evp_extra/p_hmac_asn1.c
evp_extra/p_kem_asn1.c
+ evp_extra/p_pqdsa.c
+ evp_extra/p_pqdsa_asn1.c
evp_extra/p_rsa_asn1.c
evp_extra/p_x25519.c
evp_extra/p_x25519_asn1.c
@@ -450,6 +439,7 @@ add_library(
kyber/kem_kyber.c
lhash/lhash.c
mem.c
+ ml_dsa/ml_dsa.c
obj/obj.c
obj/obj_xref.c
ocsp/ocsp_asn.c
@@ -480,6 +470,7 @@ add_library(
poly1305/poly1305_arm.c
poly1305/poly1305_vec.c
pool/pool.c
+ pqdsa/pqdsa.c
rand_extra/deterministic.c
rand_extra/entropy_passive.c
rand_extra/forkunsafe.c
diff --git a/crypto/evp_extra/evp_asn1.c b/crypto/evp_extra/evp_asn1.c
index 72c15293d6..69d34a492d 100644
--- a/crypto/evp_extra/evp_asn1.c
+++ b/crypto/evp_extra/evp_asn1.c
@@ -99,7 +99,7 @@ static const EVP_PKEY_ASN1_METHOD *parse_key_type(CBS *cbs) {
if (OBJ_cbs2nid(&oid) == NID_rsa) {
return &rsa_asn1_meth;
}
-#ifdef ENABLE_DILITHIUM
+
// The pkey_id for the pqdsa_asn1_meth is EVP_PKEY_PQDSA, as this holds all
// asn1 functions for pqdsa types. However, the incoming CBS has the OID for
// the specific algorithm. So we must search explicitly for the algorithm.
@@ -113,7 +113,7 @@ static const EVP_PKEY_ASN1_METHOD *parse_key_type(CBS *cbs) {
return ret;
}
}
-#endif
+
return NULL;
}
diff --git a/crypto/evp_extra/evp_extra_test.cc b/crypto/evp_extra/evp_extra_test.cc
index 6d85556c3d..b8c42c60f1 100644
--- a/crypto/evp_extra/evp_extra_test.cc
+++ b/crypto/evp_extra/evp_extra_test.cc
@@ -697,8 +697,6 @@ static const uint8_t kInvalidPrivateKey[] = {
0x48, 0x30, 0x01, 0xaa, 0x02, 0x86, 0xc0, 0x30, 0xdf, 0xe9, 0x80,
};
-#ifdef ENABLE_DILITHIUM
-
// kExampleMLDSA65KeyDER is a ML-DSA private key in ASN.1, DER format.
// Of course, you should never use this key anywhere but in an example.
static const uint8_t kExampleMLDSA65KeyDER[] = {
@@ -1015,8 +1013,6 @@ static const uint8_t kExampleMLDSA65KeyDER[] = {
0xE3, 0x1D, 0xF6, 0xF7, 0xEE, 0x9F, 0xA, 0xC5, 0x91, 0x14, 0x33, 0x4B, 0xDB,
0xC4, 0xEE, 0xC, 0xFB, 0xE4, 0xD1, 0x43, 0xC2, 0x1B, 0xC3, 0x2, 0x9B, 0x6B };
-#endif
-
static bssl::UniquePtr<EVP_PKEY> LoadExampleRSAKey() {
bssl::UniquePtr<RSA> rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER,
sizeof(kExampleRSAKeyDER)));
@@ -1494,10 +1490,8 @@ TEST(EVPExtraTest, d2i_PrivateKey) {
EXPECT_TRUE(
ParsePrivateKey(EVP_PKEY_EC, kExampleECKeyDER, sizeof(kExampleECKeyDER)));
-#ifdef ENABLE_DILITHIUM
EXPECT_TRUE(ParsePrivateKey(EVP_PKEY_PQDSA, kExampleMLDSA65KeyDER,
sizeof(kExampleMLDSA65KeyDER)));
-#endif
EXPECT_FALSE(ParsePrivateKey(EVP_PKEY_EC, kExampleBadECKeyDER,
sizeof(kExampleBadECKeyDER)));
diff --git a/crypto/evp_extra/internal.h b/crypto/evp_extra/internal.h
index 9e7826c887..f8cbff80a5 100644
--- a/crypto/evp_extra/internal.h
+++ b/crypto/evp_extra/internal.h
@@ -27,9 +27,7 @@ extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth;
-#ifdef ENABLE_DILITHIUM
extern const EVP_PKEY_ASN1_METHOD pqdsa_asn1_meth;
-#endif
extern const EVP_PKEY_ASN1_METHOD kem_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
@@ -39,9 +37,7 @@ extern const EVP_PKEY_METHOD hkdf_pkey_meth;
extern const EVP_PKEY_METHOD hmac_pkey_meth;
extern const EVP_PKEY_METHOD dh_pkey_meth;
extern const EVP_PKEY_METHOD dsa_pkey_meth;
-#ifdef ENABLE_DILITHIUM
extern const EVP_PKEY_METHOD pqdsa_pkey_meth;
-#endif
// evp_pkey_set_method behaves like |EVP_PKEY_set_type|, but takes a pointer to
// a method table. This avoids depending on every |EVP_PKEY_ASN1_METHOD|.
diff --git a/crypto/evp_extra/p_methods.c b/crypto/evp_extra/p_methods.c
index 08f0759c15..6dce228f19 100644
--- a/crypto/evp_extra/p_methods.c
+++ b/crypto/evp_extra/p_methods.c
@@ -11,9 +11,7 @@ static const EVP_PKEY_METHOD *const non_fips_pkey_evp_methods[] = {
&x25519_pkey_meth,
&dh_pkey_meth,
&dsa_pkey_meth,
-#ifdef ENABLE_DILITHIUM
&pqdsa_pkey_meth
-#endif
};
const EVP_PKEY_ASN1_METHOD *const asn1_evp_pkey_methods[] = {
@@ -23,9 +21,7 @@ const EVP_PKEY_ASN1_METHOD *const asn1_evp_pkey_methods[] = {
&dsa_asn1_meth,
&ed25519_asn1_meth,
&x25519_asn1_meth,
-#ifdef ENABLE_DILITHIUM
&pqdsa_asn1_meth,
-#endif
&kem_asn1_meth,
&hmac_asn1_meth,
&dh_asn1_meth
diff --git a/crypto/evp_extra/p_pqdsa_test.cc b/crypto/evp_extra/p_pqdsa_test.cc
index 10e4753af1..7866b6af5b 100644
--- a/crypto/evp_extra/p_pqdsa_test.cc
+++ b/crypto/evp_extra/p_pqdsa_test.cc
@@ -12,11 +12,8 @@
#include <vector>
#include "../fipsmodule/evp/internal.h"
#include "../internal.h"
-#include "../pqdsa/internal.h"
-
-#ifdef ENABLE_DILITHIUM
-
#include "../ml_dsa/ml_dsa.h"
+#include "../pqdsa/internal.h"
#include "../test/file_test.h"
#include "../test/test_util.h"
@@ -1518,13 +1515,3 @@ TEST_P(PQDSAParameterTest, ParsePublicKey) {
bssl::UniquePtr<EVP_PKEY> pkey_from_der(EVP_parse_public_key(&cbs));
ASSERT_TRUE(pkey_from_der);
}
-
-#else
-
-TEST(PQDSATest, EvpDisabled) {
- ASSERT_EQ(nullptr, EVP_PKEY_CTX_new_id(EVP_PKEY_NONE, nullptr));
- bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
- ASSERT_FALSE(EVP_PKEY_set_type(pkey.get(), EVP_PKEY_NONE));
-}
-
-#endif
diff --git a/crypto/evp_extra/print.c b/crypto/evp_extra/print.c
index 06e13353ec..9163c99edf 100644
--- a/crypto/evp_extra/print.c
+++ b/crypto/evp_extra/print.c
@@ -64,12 +64,8 @@
#include "../internal.h"
#include "../fipsmodule/evp/internal.h"
#include "../fipsmodule/rsa/internal.h"
-
-#ifdef ENABLE_DILITHIUM
#include "../ml_dsa/ml_dsa.h"
#include "../pqdsa/internal.h"
-#endif
-
static int print_hex(BIO *bp, const uint8_t *data, size_t len, int off) {
for (size_t i = 0; i < len; i++) {
@@ -312,8 +308,6 @@ static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent) {
return do_EC_KEY_print(bp, EVP_PKEY_get0_EC_KEY(pkey), indent, 2);
}
-#ifdef ENABLE_DILITHIUM
-
// MLDSA keys.
static int do_mldsa_65_print(BIO *bp, const EVP_PKEY *pkey, int off, int ptype) {
@@ -357,8 +351,6 @@ static int mldsa_65_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent) {
return do_mldsa_65_print(bp, pkey, indent, 2);
}
-#endif
-
typedef struct {
int type;
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent);
@@ -385,14 +377,12 @@ static EVP_PKEY_PRINT_METHOD kPrintMethods[] = {
eckey_priv_print,
eckey_param_print,
},
-#ifdef ENABLE_DILITHIUM
{
EVP_PKEY_PQDSA,
mldsa_65_pub_print,
mldsa_65_priv_print,
NULL /* param_print */,
},
-#endif
};
static size_t kPrintMethodsLen = OPENSSL_ARRAY_SIZE(kPrintMethods);
diff --git a/crypto/fipsmodule/evp/internal.h b/crypto/fipsmodule/evp/internal.h
index e8acc244c7..46ff161ba1 100644
--- a/crypto/fipsmodule/evp/internal.h
+++ b/crypto/fipsmodule/evp/internal.h
@@ -381,16 +381,9 @@ typedef struct {
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
#define ED25519_PUBLIC_KEY_OFFSET 32
-
-#ifdef ENABLE_DILITHIUM
#define FIPS_EVP_PKEY_METHODS 7
#define NON_FIPS_EVP_PKEY_METHODS 4
#define ASN1_EVP_PKEY_METHODS 10
-#else
-#define FIPS_EVP_PKEY_METHODS 7
-#define NON_FIPS_EVP_PKEY_METHODS 3
-#define ASN1_EVP_PKEY_METHODS 9
-#endif
struct fips_evp_pkey_methods {
const EVP_PKEY_METHOD * methods[FIPS_EVP_PKEY_METHODS];
@@ -403,9 +396,7 @@ const EVP_PKEY_METHOD *EVP_PKEY_hkdf_pkey_meth(void);
const EVP_PKEY_METHOD *EVP_PKEY_hmac_pkey_meth(void);
const EVP_PKEY_METHOD *EVP_PKEY_ed25519_pkey_meth(void);
const EVP_PKEY_METHOD *EVP_PKEY_kem_pkey_meth(void);
-#ifdef ENABLE_DILITHIUM
const EVP_PKEY_METHOD *EVP_PKEY_pqdsa_pkey_meth(void);
-#endif
#if defined(__cplusplus)
} // extern C
diff --git a/crypto/x509/algorithm.c b/crypto/x509/algorithm.c
index 28bda5b1e2..4b17b6276e 100644
--- a/crypto/x509/algorithm.c
+++ b/crypto/x509/algorithm.c
@@ -98,11 +98,9 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
}
-#ifdef ENABLE_DILITHIUM
if (EVP_PKEY_id(pkey) == EVP_PKEY_PQDSA) {
return X509_ALGOR_set0(algor, OBJ_nid2obj(pkey->pkey.pqdsa_key->pqdsa->nid), V_ASN1_UNDEF, NULL);
}
-#endif
// Default behavior: look up the OID for the algorithm/hash pair and encode
// that.
@@ -143,12 +141,9 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
// when |sigalg_nid| is |NID_rsassaPss|.
if (pkey_nid != EVP_PKEY_id(pkey) &&
!(sigalg_nid == NID_rsassaPss && pkey_nid == NID_rsaEncryption &&
- EVP_PKEY_id(pkey) == EVP_PKEY_RSA_PSS)
-#ifdef ENABLE_DILITHIUM
- && !(sigalg_nid == NID_MLDSA65 && pkey_nid == NID_MLDSA65 &&
- EVP_PKEY_id(pkey) == EVP_PKEY_PQDSA)
-#endif
- ) {
+ EVP_PKEY_id(pkey) == EVP_PKEY_RSA_PSS) &&
+ !(sigalg_nid == NID_MLDSA65 && pkey_nid == NID_MLDSA65 &&
+ EVP_PKEY_id(pkey) == EVP_PKEY_PQDSA)) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
return 0;
}
@@ -164,11 +159,8 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
if (sigalg_nid == NID_rsassaPss) {
return x509_rsa_pss_to_ctx(ctx, sigalg, pkey);
}
-#ifdef ENABLE_DILITHIUM
+
if (sigalg_nid == NID_ED25519 || sigalg_nid == NID_MLDSA65) {
-#else
- if (sigalg_nid == NID_ED25519) {
-#endif
if (sigalg->parameter != NULL) {
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER);
return 0;
diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc
index ffe88a97c4..6a5b99d74c 100644
--- a/crypto/x509/x509_test.cc
+++ b/crypto/x509/x509_test.cc
@@ -576,7 +576,6 @@ w1AH9efZBw==
-----END CERTIFICATE-----
)";
-#ifdef ENABLE_DILITHIUM
// This certificate is the example certificate provided in section 3 of
//https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/
static const char kMLDSA65Cert[] = R"(
@@ -946,8 +945,6 @@ DhQcIi8=
-----END CERTIFICATE-----
)";
-#endif
-
// kSANTypesLeaf is a leaf certificate (signed by |kSANTypesRoot|) which
// contains SANS for example.com, test@example.com, 127.0.0.1, and
// https://example.com/. (The latter is useless for now since crypto/x509
@@ -2923,8 +2920,6 @@ TEST(X509Test, Ed25519Sign) {
ASSERT_TRUE(SignatureRoundTrips(md_ctx.get(), pub.get()));
}
-#ifdef ENABLE_DILITHIUM
-
TEST(X509Test, MLDSA65SignVerifyCert) {
// This test generates a MLDSA65 keypair, generates and signs a
// certificate, then verifies the certificate's signature.
@@ -2995,8 +2990,6 @@ TEST(X509Test, TestBadParamsMLDSA65) {
ERR_clear_error();
}
-#endif
-
static bool PEMToDER(bssl::UniquePtr<uint8_t> *out, size_t *out_len,
const char *pem) {
bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(pem, strlen(pem)));
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index e09b68ffd7..4e44bd3f35 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -198,11 +198,7 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int
#define EVP_PKEY_HKDF NID_hkdf
#define EVP_PKEY_HMAC NID_hmac
#define EVP_PKEY_DH NID_dhKeyAgreement
-
-#ifdef ENABLE_DILITHIUM
#define EVP_PKEY_PQDSA NID_PQDSA
-#endif
-
#define EVP_PKEY_KEM NID_kem
// EVP_PKEY_set_type sets the type of |pkey| to |type|. It returns one if
@@ -944,7 +940,6 @@ OPENSSL_EXPORT int EVP_PKEY_kem_check_key(EVP_PKEY *key);
// PQDSA specific functions.
-#ifdef ENABLE_DILITHIUM
// EVP_PKEY_CTX_pqdsa_set_params sets in |ctx| the parameters associated with
// the signature scheme defined by the given |nid|. It returns one on success
// and zero on error.
@@ -961,7 +956,6 @@ OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_pqdsa_new_raw_public_key(int nid, const uint8_
// secret key part of the PQDSA key with the contents of |in|. It returns the
// pointer to the allocated PKEY on sucess and NULL on error.
OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_pqdsa_new_raw_private_key(int nid, const uint8_t *in, size_t len);
-#endif
// Diffie-Hellman-specific control functions.
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index f560bad33b..5402a5509b 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -88,12 +88,6 @@ extern "C" {
#define PEM_STRING_PUBLIC "PUBLIC KEY"
#define PEM_STRING_RSA "RSA PRIVATE KEY"
#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
-
-#ifdef ENABLE_DILITHIUM
-#define PEM_STRING_DILITHIUM3 "DILITHIUM3 PRIVATE KEY"
-#define PEM_STRING_DILITHIUM3_PUBLIC "DILITHIUM3 PUBLIC KEY"
-#endif
-
#define PEM_STRING_DSA "DSA PRIVATE KEY"
#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
#define PEM_STRING_EC "EC PRIVATE KEY"
diff --git a/tool/speed.cc b/tool/speed.cc
index 9eadf13b2c..0b0176b8bd 100644
--- a/tool/speed.cc
+++ b/tool/speed.cc
@@ -867,7 +867,7 @@ static bool SpeedKEM(std::string selected) {
SpeedSingleKEM("Kyber1024_R3", NID_KYBER1024_R3, selected);
}
-#if defined(ENABLE_DILITHIUM) && AWSLC_API_VERSION > 31
+#if AWSLC_API_VERSION > 31
static bool SpeedDigestSignNID(const std::string &name, int nid,
const std::string &selected) {
@@ -2866,7 +2866,7 @@ bool Speed(const std::vector<std::string> &args) {
#if AWSLC_API_VERSION > 16
!SpeedKEM(selected) ||
#endif
-#if defined(ENABLE_DILITHIUM) && AWSLC_API_VERSION > 31
+#if AWSLC_API_VERSION > 31
!SpeedDigestSign(selected) ||
#endif
!SpeedAEADSeal(EVP_aead_aes_128_gcm(), "AEAD-AES-128-GCM", kTLSADLen, selected) ||