Skip to content

Commit fa3fadb

Browse files
committed
JNI/JCE: add SLH-DSA (FIPS 205) to wolfCrypt JNI and wolfJCE
1 parent d686a43 commit fa3fadb

55 files changed

Lines changed: 10470 additions & 811 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/line-length-check.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,14 @@ jobs:
6161
continue
6262
fi
6363
64+
# Skip certificate/key files. These carry encoded key material
65+
# and OpenSSL text dumps (long Issuer/Subject lines) that cannot
66+
# be wrapped
67+
if [[ "$file" =~ \.(pem|der)$ ]]; then
68+
echo "Skipping $file (certificate/key file)"
69+
continue
70+
fi
71+
6472
echo "Checking: $file"
6573
6674
# Get added lines with actual file line numbers and check their length

.github/workflows/main.yml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -176,6 +176,46 @@ jobs:
176176
jdk_version: ${{ matrix.jdk_version }}
177177
wolfssl_configure: ${{ matrix.wolfssl_configure }}
178178

179+
# ----------------------- SLH-DSA (FIPS 205) --------------------------
180+
# SLH-DSA provides full keygen/sign/verify in wolfJCE and requires wolfSSL
181+
# to be built with --enable-slhdsa. It is not pulled in by --enable-all.
182+
# The --enable-slhdsa option is comma-separated:
183+
# (default/yes) the six SHAKE parameter sets (128s/128f/192s/192f/
184+
# 256s/256f), full keygen + sign + verify
185+
# sha2 -> adds the six SHA2 parameter sets (SLH-DSA-SHA2-*)
186+
# 128f, sha2-128f, ... -> select individual parameter sets
187+
# small -> WOLFSSL_WC_SLHDSA_SMALL (low-memory codepath)
188+
# small-mem -> WOLFSSL_WC_SLHDSA_SMALL_MEM (lower-memory codepath)
189+
# verify-only -> WOLFSSL_SLHDSA_VERIFY_ONLY (no keygen/sign)
190+
# Extra options do not imply 'yes': parameter sets must be selected via
191+
# 'yes', 'sha2', or per-set tokens, otherwise no set is compiled in and
192+
# native wolfSSL fails to build ("No parameters defined"). SHAKE256/SHA-3
193+
# dependencies are auto-enabled by wolfSSL configure, so no --enable-sha3
194+
# is needed. JUnit tests probe per parameter set and per capability, so
195+
# each permutation runs what it can and skips the rest. Permutations:
196+
# default SHAKE-only, all 12 sets, all 12 + small codepath, a reduced
197+
# per-set selection + small-mem codepath, verify-only degradation, and
198+
# --enable-all interop.
199+
linux-zulu-slhdsa:
200+
strategy:
201+
matrix:
202+
os: [ 'ubuntu-latest', 'macos-latest' ]
203+
jdk_version: [ '11', '21', '24' ]
204+
wolfssl_configure:
205+
- '--enable-jni --enable-slhdsa'
206+
- '--enable-jni --enable-slhdsa=yes,sha2'
207+
- '--enable-jni --enable-slhdsa=yes,sha2,small'
208+
- '--enable-jni --enable-slhdsa=128f,sha2-128f,small-mem'
209+
- '--enable-jni --enable-slhdsa=yes,sha2,verify-only'
210+
- '--enable-jni --enable-all --enable-slhdsa=yes,sha2'
211+
name: ${{ matrix.os }} (Zulu JDK ${{ matrix.jdk_version }}, ${{ matrix.wolfssl_configure }})
212+
uses: ./.github/workflows/linux-common.yml
213+
with:
214+
os: ${{ matrix.os }}
215+
jdk_distro: "zulu"
216+
jdk_version: ${{ matrix.jdk_version }}
217+
wolfssl_configure: ${{ matrix.wolfssl_configure }}
218+
179219
# ------------------ Facebook Infer static analysis -------------------
180220
# Run Facebook infer over PR code, only running on Linux with one
181221
# JDK/version for now.

IDE/Android/app/src/main/cpp/CMakeLists.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -378,6 +378,7 @@ add_library(wolfcryptjni SHARED
378378
${wolfcryptjni_DIR}/jni/jni_md5.c
379379
${wolfcryptjni_DIR}/jni/jni_mldsa.c
380380
${wolfcryptjni_DIR}/jni/jni_mlkem.c
381+
${wolfcryptjni_DIR}/jni/jni_slhdsa.c
381382
${wolfcryptjni_DIR}/jni/jni_native_struct.c
382383
${wolfcryptjni_DIR}/jni/jni_pwdbased.c
383384
${wolfcryptjni_DIR}/jni/jni_rng.c

IDE/WIN/wolfcryptjni.vcxproj

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,7 @@
101101
<ClCompile Include="..\..\jni\jni_md5.c" />
102102
<ClCompile Include="..\..\jni\jni_mldsa.c" />
103103
<ClCompile Include="..\..\jni\jni_mlkem.c" />
104+
<ClCompile Include="..\..\jni\jni_slhdsa.c" />
104105
<ClCompile Include="..\..\jni\jni_native_struct.c" />
105106
<ClCompile Include="..\..\jni\jni_pwdbased.c" />
106107
<ClCompile Include="..\..\jni\jni_rng.c" />

IDE/WIN/wolfcryptjni.vcxproj.filters

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -197,6 +197,9 @@
197197
<ClCompile Include="..\..\jni\jni_mldsa.c">
198198
<Filter>Source Files</Filter>
199199
</ClCompile>
200+
<ClCompile Include="..\..\jni\jni_slhdsa.c">
201+
<Filter>Source Files</Filter>
202+
</ClCompile>
200203
<ClCompile Include="..\..\jni\jni_native_struct.c">
201204
<Filter>Source Files</Filter>
202205
</ClCompile>

README.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,16 @@ JDK SUN provider: it registers the LMS `Signature` (verification) and
6363
`KeyFactory` (public-key) services. wolfJCE does not generate LMS keys or sign,
6464
since stateful hash-based signing belongs in hardware (NIST SP 800-208).
6565

66+
**Note on SLH-DSA (FIPS 205):** SLH-DSA support is **not** enabled by default
67+
in `--enable-jni`. To use the SLH-DSA `Signature`, `KeyPairGenerator`, and
68+
`KeyFactory` services (and SLH-DSA keys in the WKS KeyStore), add
69+
`--enable-slhdsa` to the native wolfSSL `./configure` line. The parameter-set
70+
families are selected by the configure value: `--enable-slhdsa` builds the six
71+
SHAKE sets, and `--enable-slhdsa=yes,sha2` builds all twelve and is the
72+
recommended configuration for SHA2 parameter-set support (the
73+
`SLH-DSA-SHA2-128f` default lives in the SHA2 family). Without SLH-DSA, wolfJCE
74+
compiles and runs normally but the SLH-DSA services are not registered.
75+
6676
**wolfSSL Standard Build**:
6777
```
6878
$ cd wolfssl-x.x.x

README_JCE.md

Lines changed: 80 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -235,6 +235,56 @@ The JCE provider currently supports the following algorithms:
235235
OID: 1.3.6.1.5.5.7.6.35
236236
LMS (also registered as HSS/LMS)
237237
OID: 1.2.840.113549.1.9.16.3.17
238+
SLH-DSA (any SLH-DSA parameter set key)
239+
SLH-DSA-SHA2-128s
240+
OID: 2.16.840.1.101.3.4.3.20
241+
SLH-DSA-SHA2-128f
242+
OID: 2.16.840.1.101.3.4.3.21
243+
SLH-DSA-SHA2-192s
244+
OID: 2.16.840.1.101.3.4.3.22
245+
SLH-DSA-SHA2-192f
246+
OID: 2.16.840.1.101.3.4.3.23
247+
SLH-DSA-SHA2-256s
248+
OID: 2.16.840.1.101.3.4.3.24
249+
SLH-DSA-SHA2-256f
250+
OID: 2.16.840.1.101.3.4.3.25
251+
SLH-DSA-SHAKE-128s
252+
OID: 2.16.840.1.101.3.4.3.26
253+
SLH-DSA-SHAKE-128f
254+
OID: 2.16.840.1.101.3.4.3.27
255+
SLH-DSA-SHAKE-192s
256+
OID: 2.16.840.1.101.3.4.3.28
257+
SLH-DSA-SHAKE-192f
258+
OID: 2.16.840.1.101.3.4.3.29
259+
SLH-DSA-SHAKE-256s
260+
OID: 2.16.840.1.101.3.4.3.30
261+
SLH-DSA-SHAKE-256f
262+
OID: 2.16.840.1.101.3.4.3.31
263+
HASH-SLH-DSA (pre-hash, any SLH-DSA parameter set key)
264+
SLH-DSA-SHA2-128s-WITH-SHA256
265+
OID: 2.16.840.1.101.3.4.3.35
266+
SLH-DSA-SHA2-128f-WITH-SHA256
267+
OID: 2.16.840.1.101.3.4.3.36
268+
SLH-DSA-SHA2-192s-WITH-SHA512
269+
OID: 2.16.840.1.101.3.4.3.37
270+
SLH-DSA-SHA2-192f-WITH-SHA512
271+
OID: 2.16.840.1.101.3.4.3.38
272+
SLH-DSA-SHA2-256s-WITH-SHA512
273+
OID: 2.16.840.1.101.3.4.3.39
274+
SLH-DSA-SHA2-256f-WITH-SHA512
275+
OID: 2.16.840.1.101.3.4.3.40
276+
SLH-DSA-SHAKE-128s-WITH-SHAKE128
277+
OID: 2.16.840.1.101.3.4.3.41
278+
SLH-DSA-SHAKE-128f-WITH-SHAKE128
279+
OID: 2.16.840.1.101.3.4.3.42
280+
SLH-DSA-SHAKE-192s-WITH-SHAKE256
281+
OID: 2.16.840.1.101.3.4.3.43
282+
SLH-DSA-SHAKE-192f-WITH-SHAKE256
283+
OID: 2.16.840.1.101.3.4.3.44
284+
SLH-DSA-SHAKE-256s-WITH-SHAKE256
285+
OID: 2.16.840.1.101.3.4.3.45
286+
SLH-DSA-SHAKE-256f-WITH-SHAKE256
287+
OID: 2.16.840.1.101.3.4.3.46
238288

239289
KeyAgreement Class
240290
DiffieHellman
@@ -262,6 +312,19 @@ The JCE provider currently supports the following algorithms:
262312
ML-DSA-44 (alias OID: 2.16.840.1.101.3.4.3.17)
263313
ML-DSA-65 (alias OID: 2.16.840.1.101.3.4.3.18)
264314
ML-DSA-87 (alias OID: 2.16.840.1.101.3.4.3.19)
315+
SLH-DSA (defaults to SLH-DSA-SHA2-128f, set overridable via init())
316+
SLH-DSA-SHA2-128s (alias OID: 2.16.840.1.101.3.4.3.20)
317+
SLH-DSA-SHA2-128f (alias OID: 2.16.840.1.101.3.4.3.21)
318+
SLH-DSA-SHA2-192s (alias OID: 2.16.840.1.101.3.4.3.22)
319+
SLH-DSA-SHA2-192f (alias OID: 2.16.840.1.101.3.4.3.23)
320+
SLH-DSA-SHA2-256s (alias OID: 2.16.840.1.101.3.4.3.24)
321+
SLH-DSA-SHA2-256f (alias OID: 2.16.840.1.101.3.4.3.25)
322+
SLH-DSA-SHAKE-128s (alias OID: 2.16.840.1.101.3.4.3.26)
323+
SLH-DSA-SHAKE-128f (alias OID: 2.16.840.1.101.3.4.3.27)
324+
SLH-DSA-SHAKE-192s (alias OID: 2.16.840.1.101.3.4.3.28)
325+
SLH-DSA-SHAKE-192f (alias OID: 2.16.840.1.101.3.4.3.29)
326+
SLH-DSA-SHAKE-256s (alias OID: 2.16.840.1.101.3.4.3.30)
327+
SLH-DSA-SHAKE-256f (alias OID: 2.16.840.1.101.3.4.3.31)
265328
ML-KEM (defaults to ML-KEM-768, level overridable via init())
266329
ML-KEM-512 (alias OID: 2.16.840.1.101.3.4.4.1)
267330
ML-KEM-768 (alias OID: 2.16.840.1.101.3.4.4.2)
@@ -275,6 +338,19 @@ The JCE provider currently supports the following algorithms:
275338
ML-DSA-44 (alias OID: 2.16.840.1.101.3.4.3.17)
276339
ML-DSA-65 (alias OID: 2.16.840.1.101.3.4.3.18)
277340
ML-DSA-87 (alias OID: 2.16.840.1.101.3.4.3.19)
341+
SLH-DSA
342+
SLH-DSA-SHA2-128s (alias OID: 2.16.840.1.101.3.4.3.20)
343+
SLH-DSA-SHA2-128f (alias OID: 2.16.840.1.101.3.4.3.21)
344+
SLH-DSA-SHA2-192s (alias OID: 2.16.840.1.101.3.4.3.22)
345+
SLH-DSA-SHA2-192f (alias OID: 2.16.840.1.101.3.4.3.23)
346+
SLH-DSA-SHA2-256s (alias OID: 2.16.840.1.101.3.4.3.24)
347+
SLH-DSA-SHA2-256f (alias OID: 2.16.840.1.101.3.4.3.25)
348+
SLH-DSA-SHAKE-128s (alias OID: 2.16.840.1.101.3.4.3.26)
349+
SLH-DSA-SHAKE-128f (alias OID: 2.16.840.1.101.3.4.3.27)
350+
SLH-DSA-SHAKE-192s (alias OID: 2.16.840.1.101.3.4.3.28)
351+
SLH-DSA-SHAKE-192f (alias OID: 2.16.840.1.101.3.4.3.29)
352+
SLH-DSA-SHAKE-256s (alias OID: 2.16.840.1.101.3.4.3.30)
353+
SLH-DSA-SHAKE-256f (alias OID: 2.16.840.1.101.3.4.3.31)
278354
ML-KEM
279355
ML-KEM-512 (alias OID: 2.16.840.1.101.3.4.4.1)
280356
ML-KEM-768 (alias OID: 2.16.840.1.101.3.4.4.2)
@@ -422,9 +498,10 @@ FIPS 140-2/3.
422498
#### Stored Object Compatibility
423499

424500
The WKS KeyStore supports storage of PrivateKey, Certificate, and SecretKey
425-
objects. PrivateKey storage includes RSA, ECC, and ML-DSA (FIPS 204) keys.
426-
ML-DSA key support requires native wolfSSL to be built with ML-DSA enabled
427-
(see the ML-DSA note in [README.md](./README.md)).
501+
objects. PrivateKey storage includes RSA, ECC, ML-DSA (FIPS 204), and SLH-DSA
502+
(FIPS 205) keys. ML-DSA and SLH-DSA key support requires native wolfSSL to be
503+
built with the respective algorithm enabled (see the ML-DSA and SLH-DSA notes
504+
in [README.md](./README.md)).
428505

429506
#### Converting Other KeyStore Formats to WKS
430507

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MFICAQAwCwYJYIZIAWUDBAMUBEBIDLnGQ7/b2dqaWSNZ6GNUDPTUVnm6hv7L66kx
3+
FwCox6bgJKhKGBBNzcbaIyRn3paVgQCmys5D5P38exqM+ut+
4+
-----END PRIVATE KEY-----

0 commit comments

Comments
 (0)