Skip to content

Commit e3844b4

Browse files
author
Emma Stensland
committed
support for mldsa - csrs, ca signing and verifying
1 parent 7873126 commit e3844b4

31 files changed

Lines changed: 3958 additions & 920 deletions

Makefile.am

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,7 @@ man_MANS+= manpages/wolfssl-sign_verify.1
7373
man_MANS+= manpages/wolfssl-ecc.1
7474
man_MANS+= manpages/wolfssl-ed25519.1
7575
man_MANS+= manpages/wolfssl-dilithium.1
76+
man_MANS+= manpages/wolfssl-ml-dsa.1
7677
man_MANS+= manpages/wolfssl-xmss.1
7778
man_MANS+= manpages/wolfssl-xmssmt.1
7879
man_MANS+= manpages/wolfssl-rand.1

README.md

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -154,10 +154,7 @@ uqGDApXWYuBdjheL4Ysoq6YXtt6dnm8DkBVrnt+gAMCBFbBNPXxy2MODBDqya907
154154
iky6IRTUzkBy1fssv3Gr/jOsyN8J565NST3RpQ==
155155
-----END CERTIFICATE-----
156156
```
157-
A self-signed certificate can also be generated with a pure post-quantum
158-
ML-DSA (FIPS 204) key. `ml-dsa` and `dilithium` are interchangeable, and the
159-
level (`2`/`3`/`5`) selects ML-DSA-44/65/87. This needs wolfSSL built with
160-
`--enable-dilithium --enable-experimental`.
157+
A self-signed certificate can also be generated with post-quantum ML-DSA (FIPS 204) key. `ml-dsa` and `dilithium` are interchangeable command aliases, and the level (`2`/`3`/`5`) selects ML-DSA-44/65/87. This needs wolfSSL built with `--enable-dilithium --enable-experimental`.
161158
```
162159
wolfssl req -x509 -newkey ml-dsa:2 -keyout ml-dsa-key -days 3650 \
163160
-subj /CN=wolfSSL -out ml-dsa.cert
@@ -175,7 +172,7 @@ wolfssl dgst -sha256 -verify mykey.pub -signature readme.sig ./README.md
175172

176173
The following demonstrates how to create a root CA and use it to sign other certificates. This example uses ECC, but steps are similar for RSA.
177174

178-
In this scenario there are three entities A, B, and C, where A is meant to function as a root CA.
175+
In this scenario there are three entities A, B, and C, where A is meant to function as a root CA.
179176

180177
The following steps demonstrate how to generate keys and certificates for A, B, and C, where A is self-signed and B and C are signed by A
181178

configure.ac

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -135,6 +135,9 @@ AC_CHECK_FUNC([wolfSSL_X509_REQ_print],
135135
AC_CHECK_FUNC([wc_EncodeObjectId],
136136
[],
137137
[AM_CFLAGS="$AM_CFLAGS -DNO_WC_ENCODE_OBJECT_ID"])
138+
AC_CHECK_FUNC([wc_MlDsaKey_Init],
139+
[AM_CFLAGS="$AM_CFLAGS -DWOLFCLU_HAVE_MLDSA -DWOLFCLU_MLDSA_CHECKED"],
140+
[AM_CFLAGS="$AM_CFLAGS -DWOLFCLU_MLDSA_CHECKED"])
138141

139142

140143
###############################################

ide/winvs/user_settings.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,4 +56,6 @@
5656
#define HAVE_OCSP
5757
#define HAVE_OCSP_RESPONDER
5858

59+
#define WOLFSSL_HAVE_ERROR_QUEUE
60+
5961
#endif /* _WIN_USER_SETTINGS_H_ */

manpages/wolfssl-ca.1

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,15 @@ the configuration file (see -config).
2020
-out file output file for the signed certificate.
2121
.br
2222
.LP
23-
-keyfile file private key used to sign the certificate.
23+
-keyfile file private key used to sign the certificate (RSA, ECDSA, or
24+
.br
25+
ML-DSA). For ML-DSA, the companion public key must
26+
.br
27+
co-exist and is loaded automatically (e.g. <name>.pub
28+
.br
29+
for <name>.priv, or <stem>Pub.pem for <stem>.pem).
30+
.br
31+
The key may also be set via [CA_default] private_key.
2432
.br
2533
.LP
2634
-cert file CA certificate to issue from.
@@ -78,6 +86,11 @@ Sign a CSR as a CA with your CA certificate and key:
7886
wolfssl ca -in csr.pem -out cert.pem -keyfile ca-key.pem -cert ca-cert.pem -days 365 -md sha256
7987
.RE
8088
.LP
89+
Sign a CSR with an ML-DSA CA key:
90+
.RS
91+
wolfssl ca -in csr.pem -out cert.pem -keyfile ca-key.priv -cert ca-cert.pem -days 365
92+
.RE
93+
.LP
8194
View the certificate details after signing:
8295
.RS
8396
wolfssl x509 -in cert.pem -text -noout

manpages/wolfssl-genkey.1

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,11 @@ Generate a Dilithium key pair:
8484
wolfssl genkey dilithium -level 3 -out mykey -outform der -output KEYPAIR
8585
.br
8686
.LP
87+
Generate an ML-DSA-65 key pair (ML-DSA OIDs, not interchangeable with dilithium keys):
88+
.br
89+
wolfssl genkey ml-dsa -level 3 -out mykey -outform der -output KEYPAIR
90+
.br
91+
.LP
8792
Generate an XMSS key pair:
8893
.br
8994
wolfssl genkey xmss -height 10 -out mykey -outform raw -output KEYPAIR

manpages/wolfssl-ml-dsa.1

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
.\" Alias page: ml-dsa sign/verify is documented in wolfssl-sign_verify(1).
2+
.TH wolfSSL SSL1 "June 2026" "0.2.0" "wolfssl ml-dsa man page"
3+
.SH NAME
4+
wolfssl-ml-dsa, ml-dsa \- ML-DSA raw signing and verification
5+
.so man1/wolfssl-sign_verify.1

manpages/wolfssl-req.1

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,9 @@ key is written to stdout.
2626
.LP
2727
-newkey type:bits generate the private key to use with the request.
2828
.br
29-
RSA: rsa:2048. Dilithium (with -x509 and certgen):
29+
RSA: rsa:2048. ML-DSA: ml-dsa:N (or dilithium:N),
3030
.br
31-
dilithium:2, dilithium:3, dilithium:5, or ml-dsa:N.
31+
where N is 2, 3, or 5 (requires HAVE_DILITHIUM).
3232
.br
3333
For ECC keys, generate with ecparam first.
3434
.br
@@ -98,11 +98,24 @@ View a CSR in human-readable format:
9898
.RS
9999
wolfssl req -in mycsr.pem -text -noout
100100
.RE
101+
.LP
102+
Generate an ML-DSA-65 CSR with a new key:
103+
.RS
104+
wolfssl req -new -newkey ml-dsa:3 -keyout ml-dsa -out my.csr.pem -subj "/CN=example.com"
105+
.RE
106+
.LP
107+
Create a self-signed ML-DSA-44 CA certificate:
108+
.RS
109+
wolfssl req -x509 -newkey ml-dsa:2 -keyout ca-ml-dsa -out ca-ml-dsa.pem -days 3650 -subj "/CN=ML-DSA Root CA"
110+
.RE
101111
.SH SEE ALSO
102112
.BR wolfssl-genkey(1) ", " wolfssl-ca(1) ", " wolfssl-x509(1)
103113
.SH NOTES
104114
Available only when wolfSSL is built with certificate request support
105115
(WOLFSSL_CERT_REQ) and filesystem support.
116+
.LP
117+
For ML-DSA keys, -config and -extensions are ignored (only the subject DN is
118+
carried), and -text and -verify are not supported.
106119
.SH BUGS
107120
No known bugs at this time.
108121
.SH AUTHOR

manpages/wolfssl-sign_verify.1

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,9 @@ command.
1919
.br
2020
-ed25519 Ed25519 signing and verification (requires HAVE_ED25519).
2121
.br
22-
-dilithium Dilithium (ML-DSA) signing and verification (requires HAVE_DILITHIUM).
22+
-ml-dsa ML-DSA (Dilithium) signing and verification (requires HAVE_DILITHIUM).
23+
.br
24+
-dilithium is accepted as an alias for -ml-dsa.
2325
.br
2426
-xmss XMSS signing and verification (requires WOLFSSL_HAVE_XMSS).
2527
.br
@@ -73,6 +75,16 @@ wolfssl -rsa -verify -inkey pub.pem -inform pem -sigfile message.sig -out verify
7375
Verify with an ECC public key:
7476
.br
7577
wolfssl -ecc -verify -inkey pub.pem -inform pem -sigfile message.sig -in message.txt -pubin
78+
.br
79+
.LP
80+
Sign a file with an ML-DSA private key:
81+
.br
82+
wolfssl -ml-dsa -sign -inkey mykey.priv -inform der -in message.bin -out message.sig
83+
.br
84+
.LP
85+
Verify with an ML-DSA public key:
86+
.br
87+
wolfssl -ml-dsa -verify -inkey mykey.pub -inform der -sigfile message.sig -in message.bin -pubin
7688
.SH NOTES
7789
Available only when wolfSSL is built with filesystem support. The set of
7890
usable key types depends on the wolfSSL configure options.

manpages/wolfssl-x509.1

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,10 @@ Unless both -req and -signkey are used, -extfile and -extensions are
9898
silently ignored on output: the (re-encoded) certificate is written from
9999
the original input DER, not from any in-memory changes made while parsing
100100
extensions.
101+
.LP
102+
When -text is used on a certificate containing an ML-DSA SubjectPublicKey,
103+
the output shows the algorithm OID but does not decode key bytes due to
104+
library limitations.
101105
.SH EXAMPLES
102106
View certificate details in human-readable format:
103107
.RS

0 commit comments

Comments
 (0)