Skip to content

Commit da3be64

Browse files
committed
Address tinytls13 review: ML-DSA-44, canonical ML-DSA/ML-KEM macros, optimizer-measured static-mem bucket guidance, footprint hygiene
1 parent 41fad5f commit da3be64

7 files changed

Lines changed: 99 additions & 94 deletions

File tree

certs/mldsa/ecc-leaf-mldsa44.pem

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIK4zCCAVmgAwIBAgIURMREBesDbhFE7MTpbJAhFuwlmNgwCwYJYIZIAWUDBAMR
3+
MFoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
4+
bWFuMRAwDgYDVQQKDAd3b2xmU1NMMRUwEwYDVQQDDAxUZXN0IG1sZHNhNDQwHhcN
5+
MjYwNjI0MTkyODM5WhcNMzYwNjIxMTkyODM5WjAUMRIwEAYDVQQDDAlsb2NhbGhv
6+
c3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223It
7+
zpTqK/rLIAk5LBboYQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo0Iw
8+
QDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUCI++yiTAwHwYDVR0jBBgwFoAUswU7
9+
xg6AYh+iTpNtmT4TaDnG/DIwCwYJYIZIAWUDBAMRA4IJdQBp2TdyejDOdGyPgB2n
10+
c4X+/TQ1EhPeHNs4dZ3gxtmRmYtilgonNPtuEm31DNp0RrcB4BXK6PKhJP27fTAR
11+
wuwtfdoU7SnC8tsGr1eX3IKGq3+GCMzunJJgMN0zz6mDi25K3c025AxWFxdHOhhQ
12+
QguUxoZ/GWJsH/e2LJL5qTyeJvHNi/30cNjImsZXFeatQlv87/f1vcwCK4T5/ajd
13+
GWn4g1ktgRxzvtozBhg7Hw0CbOj0jXFIA+3k/GDCw9RxckBJ8Yn/ddMZNbljduZk
14+
zLykzjZsrX9badyy8pFgJaGsptgo/SOcxBhHIpjjGu9rTmi1QxAl1yliNoJXBxJR
15+
RmZijJ619Vmq6w00PSJnM4hP8O7DN8WZ/dZ9f78/WJsNXsv6s036QFwcpj5wo7ex
16+
OB6ZJSEXkIM9w4mPNpPUyAXfl9GauLGiXANFyqPmm/31CV5nL5INAON5Ft2vbOG8
17+
RGQySPVV4Cb9WuTtn0iMYgwqdYMxZJbgFUD4RvXiAl5fsLE8N7AHf7Cuua/k+mgZ
18+
PfH04f2Harzt100Y5J365x5b2ia7QpqRgYeubbCuW8Zd8nVT7+Imo3mgVwNWM9c8
19+
nskP0uHq51y5qrY3s0DSb8FKcZnZD7zQ70l8EVnlTD2G3QeiE8Id0XqubtrEO+DT
20+
vyZuMwU4x5NQKGyPUL6tHeUkt7hEWom9sCvIFkeOa4OadGuktxOdDc3f3w2VgG5/
21+
4nzlP/Y0PSziTw5RuV/G+f4V3VpWlSPCn2CfoTxjoVak/abCiWrijZ8lR3c4ERAl
22+
AevDEIxpvq5jIlv506vXw2CZeq6195KtsPGhrNkaax7ThZJQPFH/NR5Tu0Y2EBJG
23+
0lth79qhKKgQDmhf5VNkomblrqW2R6Dm8CvYRuHwmGSk+FfH4ULavv/fuVXaW+h4
24+
MYjTV8wq4Jdl9qi9G+rfncUzZc2L8/zKisGjuzK0AoWVhs5UgS+/3xjCbsuWkYHG
25+
siJ2kuZvl7KWR7Oc5OWfaRvAokNtglYWCtUzpD86V08X4l3U77Xi5UFJMjGcVVW6
26+
2F/WRyhq653vxvclDtkVyBaYDCcnHND7jGpqBcbJDTJyFE/Z3/GPFiYr1mYkVL/v
27+
jPZ9qklFeWPXCKRVAHESMfFPozMNvdOpWqW0nxZ4P4rjcSKDfXX5wsQC4tW53pK/
28+
0fpqGrNVY5xsIu8zV6OYpvbaPoaDxHS+clvDB9PrJlvjZUFBWPAiCzjYJNgcVFqU
29+
39/aAKWj24dbDarp5QEM8rReQiLvCjzD8ARb1zVAnaeyhaMaxCgwp5v/IEcSShH6
30+
mNX2dcsht10lic5DxJ8Up9ZFNTZhDSD+1E0tX4Vt0DPR8ZVYbW56rnXHTdYiwKhm
31+
4lXia11zR2f4pl3JD23yYRvSfPJTilWkUO+wAazmP5vRPELyodO4vvqDL+lOkwff
32+
7IV6JFCLdOV22RpwMHlO7YZkWpoauocljvfZBLLTOqlmcxKGN+T1na9D39jly5oi
33+
9Aqb4dK6AFaFw5k78kcei3OLNdCDD8dssY1sReMeLM7ENuj4T7XjJh3PVDBDhRS7
34+
0WPjztBAsVkqOvIRxINjoXTIRvTL0u8P/NUWKhduSDKe+NIvHChuF5VycgAS6G2p
35+
C3ZqsVM0D3D4s2AvalPJfyhhBN6c9dVeUfjBCNPWk8z7v+d38VHSAPkq5C4Sp5W3
36+
dD2Wm4ohgkDe1AkvcTtCHSK5tyo8mV0NyObbuMw5YnYyJ5h2CS/PaEfRME+VOsTI
37+
FLhgy0EZwRfxV+3Q6pTRA3DC0NR50F3teF50HbcmuXxae4FL3F/4qGjErubs6tbD
38+
M8QzgBLjALl82UrbtFItELLfTjQC7HtOZgwIGqOwd00Eoy6pqwe2AWzYz63A4F1z
39+
1PPYPAsjfWtfkQmjFeMcljAYaY0YUGox8139lcL8m/7l+2fLhv62m940rRrg41D1
40+
DTiCIqJTe070lq20iJZ/zWUnrWM/Vhn5PVnc4mgQ7d0uIAJ9j8wxgqw5UYNGYKRw
41+
Vf3IqsAyYxPsBo9iibBUy4qPMtPA/wN25B22gorjda2Cp0pQWdBjGSRrFjaO8Bx1
42+
oFJ8nOuzPbG5Q5VJbwGrCxDt7kSueh1ernEAsNAXCWf0L9v+dgJBsYreytCFO7hO
43+
N+29BKEUh0qXwXmO45gc5Lzw0l19NiBbkm2vYBpW/xh6QHzk22WvPTzMilasDOZK
44+
aNDiIOXFqKBi4JcmVpJK04BPCiY69pbSL/OpJS+4oR2tKqYo2+U3z89AHNaiLvuB
45+
v+37j1Z8jMjyZNm+Ex+cKh6PaVTv+sk72goCTfx6hex0WrSDMiU+A9nHho002/oj
46+
jH3cokwIrpUWd0UpEpMvoNPlCaX9j3s2mL1RxGSy4nd+oabobtGuRRcPDxMK6eRY
47+
nd3Bksk05pAVqOnAYZNLIYc3ZypXu6ayK4fOL69Ke41OfbWWHZz+or3htceDwZet
48+
4sAuvL86l1LjFF3kq/G9Z/OxwITrWjocLJemWC32spgelsmOcKV0p6K70JkVFQY6
49+
c9wl2I360F2oP09wVKd+U7cPvHIMUsQyl0xXR3+bqTVdG4fDqRMksD1nkAQEJvyb
50+
Tiinf9pUV9raJN/h6fYKu9tis9GRcdy7XPS0t/uLsVHhmhQv+drlCvaigJadpGUN
51+
79I5WKsFtxXjTLuCxQ9mQspNm9QX8aMnvZLUM7v1oLVxywyWucWSsHBvRM5LP4Kk
52+
ZrReaVsxyrNHZlfZ0UZoVpoE79FzpYOHj9jh081rY6frEM2a1wYNZFb/hKoN/6FM
53+
VVKB19glO7oh1AknhueGaDcbAUuVYhHCEpOZVWbD+uQt4FiI1NNjAJSVzsd2Y6Gw
54+
2/BbAyrdf7lAOopyY4bzJPQsuNCM+kdWNUBrkceWl7d+r3nJUN+g94sMtPIUVQRq
55+
HWweWk8ZZK167I+/3jPE32H73Dp/8GRuzF8UquAZ0TtBepzaP8BRn2LMUiycqXU9
56+
Buq9TC2XpyEBGWN3/ferZ8bBURKKSOJk8GRcElIsXc7e8XgAVCCT8D11ZQgKhAjM
57+
dq6UyK8ufg6jpfx19QvCxduGNZb1KhRSfuGUQXJZMJ6/iOhLqvGSTxCE7sPIk91v
58+
SAIuxvNEjgFeVFaKn3ETUt51lgANHykqPUJOUWNqgZOaq67HyNHa8PQKFhwnOUZM
59+
Zm2Fhqby9PgUNz0/U1aCj5G91OIMDSEoSnF0gITBAAAAAAAAAAAAAAAAAAAAAAAA
60+
AAAAFiUxOw==
61+
-----END CERTIFICATE-----

certs/mldsa/ecc-leaf-mldsa65.pem

Lines changed: 0 additions & 79 deletions
This file was deleted.

certs/mldsa/include.am

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,10 @@ EXTRA_DIST += \
2828
certs/mldsa/mldsa44-key.pem \
2929
certs/mldsa/mldsa44-cert.pem \
3030
certs/mldsa/mldsa44-cert.der \
31+
certs/mldsa/ecc-leaf-mldsa44.pem \
3132
certs/mldsa/mldsa65-key.pem \
3233
certs/mldsa/mldsa65-cert.pem \
3334
certs/mldsa/mldsa65-cert.der \
34-
certs/mldsa/ecc-leaf-mldsa65.pem \
3535
certs/mldsa/mldsa87-key.pem \
3636
certs/mldsa/mldsa87-cert.pem \
3737
certs/mldsa/mldsa87-cert.der \

configure.ac

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2950,7 +2950,7 @@ then
29502950
rsaverify) AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_RSA_VERIFY" ;;
29512951
sha384) AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA384" ;;
29522952
mldsa) tinytls13_mldsa=yes
2953-
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_MLDSA -DWOLFSSL_DILITHIUM_VERIFY_ONLY -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_NO_ML_DSA_44 -DWOLFSSL_NO_ML_DSA_87" ;;
2953+
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_MLDSA -DWOLFSSL_MLDSA_VERIFY_ONLY -DWOLFSSL_MLDSA_VERIFY_SMALL_MEM -DWOLFSSL_NO_ML_DSA_65 -DWOLFSSL_NO_ML_DSA_87" ;;
29542954
no) ;;
29552955
*) AC_MSG_ERROR([Invalid --enable-tinytls13 value: $v. Valid: psk cert server mutualauth staticmem asm p256 sha384 mldsa rsaverify.]) ;;
29562956
esac
@@ -2961,7 +2961,7 @@ then
29612961
# verify ML-DSA certificates, so keep ASN.1 there.
29622962
if test "$tinytls13_mldsa" = "yes" && test "$tinytls13_base" != "cert"
29632963
then
2964-
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DILITHIUM_NO_ASN1"
2964+
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MLDSA_NO_ASN1"
29652965
fi
29662966

29672967
if test "$tinytls13_base" = "cert"

examples/configs/tinytls13_smoke.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -156,11 +156,11 @@ int main(int argc, char** argv)
156156
#ifdef WOLFSSL_TINY_TLS13_CERT
157157
/* Server presents a P-256 ECDSA leaf; the client validates it against the
158158
* CA. The leaf is signed by the CA whose algorithm this profile verifies,
159-
* so a completed handshake drives that verify path (ECDSA, ML-DSA-65, or
159+
* so a completed handshake drives that verify path (ECDSA, ML-DSA-44, or
160160
* RSA-PSS). */
161161
#if defined(WOLFSSL_HAVE_MLDSA)
162-
XSNPRINTF(sCert, sizeof(sCert), "%s/mldsa/ecc-leaf-mldsa65.pem", certDir);
163-
XSNPRINTF(cCa, sizeof(cCa), "%s/mldsa/mldsa65-cert.pem", certDir);
162+
XSNPRINTF(sCert, sizeof(sCert), "%s/mldsa/ecc-leaf-mldsa44.pem", certDir);
163+
XSNPRINTF(cCa, sizeof(cCa), "%s/mldsa/mldsa44-cert.pem", certDir);
164164
#elif defined(WOLFSSL_TINY_TLS13_RSA_VERIFY)
165165
XSNPRINTF(sCert, sizeof(sCert), "%s/rsapss/ecc-leaf-rsapss.pem", certDir);
166166
XSNPRINTF(cCa, sizeof(cCa), "%s/rsapss/ca-rsapss.pem", certDir);

examples/configs/user_settings_tinytls13.h

Lines changed: 23 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,16 @@ extern "C" {
7575
* static memory pool above. */
7676
#define WOLFSSL_NO_MALLOC
7777
#endif
78+
#if 0 /* Static-memory pool buckets for a tinytls13 PSK handshake, measured with
79+
* wolfSSL's memory-bucket-optimizer. The distribution sets the minimum
80+
* pool size (~320 KB for client+server, ~half a single role), so enable
81+
* these only once your buffer matches; re-run the optimizer for your own
82+
* role/adders. Left out of the floor because forcing a large distribution
83+
* breaks consumers that load a smaller buffer. */
84+
#define WOLFMEM_BUCKETS 64,96,160,288,816,3408,5088,6176,10784
85+
#define WOLFMEM_DIST 92,34,36,421,63,20,3,1,2
86+
#define WOLFMEM_DEF_BUCKETS 9
87+
#endif
7888

7989
/* ===== SPEED ============================================================ */
8090
#if 0 /* tiny+fast: assembly crypto instead of small-C (size up, speed up) */
@@ -103,23 +113,28 @@ extern "C" {
103113
#endif
104114

105115
/* ===== PQC ADDERS (valid on either profile; SHA-3/SHAKE pulled in auto) = */
106-
#if 0 /* ML-DSA-65 verify-only. Use with the cert profile (Profile B) for TLS
116+
#if 0 /* ML-DSA-44 verify-only. Use with the cert profile (Profile B) for TLS
107117
* auth: the PSK floor has no certificate to verify, so on Profile A
108-
* this only confirms the umbrella builds. */
118+
* this only confirms the umbrella builds. ML-DSA-44 is the right tier
119+
* for a tiny stack paired with X25519/P-256 + AES-128 — higher levels
120+
* add no security against that classical floor. */
109121
#define WOLFSSL_HAVE_MLDSA
110-
#define WOLFSSL_DILITHIUM_VERIFY_ONLY
111-
#define WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
122+
#define WOLFSSL_MLDSA_VERIFY_ONLY
123+
#define WOLFSSL_MLDSA_VERIFY_SMALL_MEM
112124
#ifndef WOLFSSL_TINY_TLS13_CERT
113125
/* PSK floor never parses a cert; the cert profile needs ML-DSA ASN.1
114126
* to decode and verify ML-DSA certificates, so keep it there. */
115-
#define WOLFSSL_DILITHIUM_NO_ASN1
127+
#define WOLFSSL_MLDSA_NO_ASN1
116128
#endif
117-
#define WOLFSSL_NO_ML_DSA_44
129+
#define WOLFSSL_NO_ML_DSA_65
118130
#define WOLFSSL_NO_ML_DSA_87
119131
#endif
120-
#if 0 /* ML-KEM-768 + X25519MLKEM768 hybrid */
132+
#if 0 /* ML-KEM-768 + X25519MLKEM768 hybrid (768 is the widely-adopted tier;
133+
* disable 512/1024) */
121134
#define WOLFSSL_HAVE_MLKEM
122-
#define WOLFSSL_WC_MLKEM
135+
#define WOLFSSL_NO_ML_KEM_512
136+
#define WOLFSSL_NO_ML_KEM_1024
137+
#define WOLFSSL_MLKEM_DYNAMIC_KEYS
123138
#endif
124139

125140
/* ===== PLATFORM (bare-metal defaults; adjust for your target) ========== */

wolfssl/wolfcrypt/settings.h

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2028,13 +2028,19 @@
20282028
#undef NO_PWDBASED
20292029
#define NO_PWDBASED
20302030

2031-
/* Footprint hygiene. */
2031+
/* Footprint hygiene. NO_FILESYSTEM stays template-only so examples link. */
20322032
#undef NO_ERROR_STRINGS
20332033
#define NO_ERROR_STRINGS
20342034
#undef WOLFSSL_SMALL_STACK
20352035
#define WOLFSSL_SMALL_STACK
20362036
#undef NO_SESSION_CACHE
20372037
#define NO_SESSION_CACHE
2038+
#undef NO_CLIENT_CACHE
2039+
#define NO_CLIENT_CACHE
2040+
#undef NO_HANDSHAKE_DONE_CB
2041+
#define NO_HANDSHAKE_DONE_CB
2042+
#undef NO_SIG_WRAPPER
2043+
#define NO_SIG_WRAPPER
20382044
#undef SINGLE_THREADED
20392045
#define SINGLE_THREADED
20402046

@@ -2053,6 +2059,8 @@
20532059
#ifdef WOLFSSL_TINY_TLS13_STATIC_MEM
20542060
#undef WOLFSSL_STATIC_MEMORY
20552061
#define WOLFSSL_STATIC_MEMORY
2062+
/* Size a tiny WOLFMEM_* pool with the memory-bucket-optimizer; see the
2063+
* measured starting point in user_settings_tinytls13.h. */
20562064
#endif
20572065

20582066
/* Profile A: no X.509 at all (the cert variant keeps ASN/certs). */

0 commit comments

Comments
 (0)