Rename ML-DSA wc_PqcSignatureType entry

Author: Frauschi

src/ssl_api_pk.c

@@ -122,7 +122,7 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
             case DILITHIUM_LEVEL5k:
         #endif
                 ret = wc_CryptoCb_PqcSignatureCheckPrivKey(pkey,
-                    WC_PQC_SIG_TYPE_DILITHIUM, pubKey, pubSz);
+                    WC_PQC_SIG_TYPE_MLDSA, pubKey, pubSz);
                 break;
     #endif
     #if defined(HAVE_FALCON)

wolfcrypt/src/cryptocb.c

@@ -1176,7 +1176,7 @@ int wc_CryptoCb_PqcKemGetDevId(int type, void* key)
         return devId;
 
     /* get devId */
-    if (type == WC_PQC_KEM_TYPE_KYBER) {
+    if (type == WC_PQC_KEM_TYPE_MLKEM) {
         devId = ((KyberKey*) key)->devId;
     }
 
@@ -1299,7 +1299,7 @@ int wc_CryptoCb_PqcSigGetDevId(int type, void* key)
 
     /* get devId */
 #if defined(HAVE_DILITHIUM)
-    if (type == WC_PQC_SIG_TYPE_DILITHIUM) {
+    if (type == WC_PQC_SIG_TYPE_MLDSA) {
         devId = ((dilithium_key*) key)->devId;
     }
 #endif

wolfcrypt/src/wc_mldsa.c

@@ -10146,7 +10146,7 @@ int wc_MlDsaKey_MakeKey(wc_MlDsaKey* key, WC_RNG* rng)
     #endif
         {
             ret = wc_CryptoCb_MakePqcSignatureKey(rng,
-                WC_PQC_SIG_TYPE_DILITHIUM, key->level, key);
+                WC_PQC_SIG_TYPE_MLDSA, key->level, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10272,7 +10272,7 @@ int wc_MlDsaKey_SignCtx(wc_MlDsaKey* key, const byte* ctx, byte ctxLen,
     #endif
         {
             ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, ctx, ctxLen,
-                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10322,7 +10322,7 @@ int wc_MlDsaKey_Sign(wc_MlDsaKey* key, byte* sig, word32 *sigLen,
     #endif
         {
             ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, NULL, 0,
-                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10377,7 +10377,7 @@ int wc_MlDsaKey_SignCtxHash(wc_MlDsaKey* key, const byte* ctx, byte ctxLen,
     #endif
         {
             ret = wc_CryptoCb_PqcSign(hash, hashLen, sig, sigLen, ctx, ctxLen,
-                    (word32)hashAlg, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    (word32)hashAlg, rng, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10591,7 +10591,7 @@ int wc_MlDsaKey_VerifyCtx(wc_MlDsaKey* key, const byte* sig, word32 sigLen,
     #endif
         {
             ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, ctx, ctxLen,
-                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10641,7 +10641,7 @@ int wc_MlDsaKey_Verify(wc_MlDsaKey* key, const byte* sig, word32 sigLen,
     #endif
         {
             ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, NULL, 0,
-                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -10696,7 +10696,7 @@ int wc_MlDsaKey_VerifyCtxHash(wc_MlDsaKey* key, const byte* sig, word32 sigLen,
     #endif
         {
             ret = wc_CryptoCb_PqcVerify(sig, sigLen, hash, hashLen, ctx, ctxLen,
-                    (word32)hashAlg, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
+                    (word32)hashAlg, res, WC_PQC_SIG_TYPE_MLDSA, key);
             if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
                 return ret;
             /* fall-through when unavailable */
@@ -11010,7 +11010,7 @@ void wc_MlDsaKey_Free(wc_MlDsaKey* key)
         if (key->devId != INVALID_DEVID) {
             (void)wc_CryptoCb_Free(key->devId, WC_ALGO_TYPE_PK,
                              WC_PK_TYPE_PQC_SIG_KEYGEN,
-                             WC_PQC_SIG_TYPE_DILITHIUM,
+                             WC_PQC_SIG_TYPE_MLDSA,
                              (void*)key);
             /* always continue to software cleanup */
         }

wolfcrypt/src/wc_mlkem.c

@@ -582,7 +582,7 @@ int wc_MlKemKey_Free(MlKemKey* key)
 #if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
         if (key->devId != INVALID_DEVID) {
             (void)wc_CryptoCb_Free(key->devId, WC_ALGO_TYPE_PK,
-                WC_PK_TYPE_PQC_KEM_KEYGEN, WC_PQC_KEM_TYPE_KYBER, (void*)key);
+                WC_PK_TYPE_PQC_KEM_KEYGEN, WC_PQC_KEM_TYPE_MLKEM, (void*)key);
             /* always continue to software cleanup */
         }
 #endif
@@ -669,7 +669,7 @@ int wc_MlKemKey_MakeKey(MlKemKey* key, WC_RNG* rng)
 #else
     if (ret == 0) {
 #endif
-        ret = wc_CryptoCb_MakePqcKemKey(rng, WC_PQC_KEM_TYPE_KYBER, key->type,
+        ret = wc_CryptoCb_MakePqcKemKey(rng, WC_PQC_KEM_TYPE_MLKEM, key->type,
             key);
         if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
             return ret;
@@ -1409,7 +1409,7 @@ int wc_MlKemKey_Encapsulate(MlKemKey* key, unsigned char* ct, unsigned char* ss,
     if (ret == 0) {
 #endif
         ret = wc_CryptoCb_PqcEncapsulate(ct, ctlen, ss, WC_ML_KEM_SS_SZ, rng,
-            WC_PQC_KEM_TYPE_KYBER, key);
+            WC_PQC_KEM_TYPE_MLKEM, key);
         if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
             return ret;
         /* fall-through when unavailable */
@@ -1896,7 +1896,7 @@ int wc_MlKemKey_Decapsulate(MlKemKey* key, unsigned char* ss,
     if (ret == 0) {
 #endif
         ret = wc_CryptoCb_PqcDecapsulate(ct, ctSz, ss, WC_ML_KEM_SS_SZ,
-            WC_PQC_KEM_TYPE_KYBER, key);
+            WC_PQC_KEM_TYPE_MLKEM, key);
         if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
             return ret;
         /* fall-through when unavailable */

wolfcrypt/src/wc_pkcs11.c

@@ -4703,7 +4703,7 @@ static int Pkcs11PqcKemKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_kem_kg.type) {
-        case WC_PQC_KEM_TYPE_KYBER:
+        case WC_PQC_KEM_TYPE_MLKEM:
             ret = Pkcs11MlKemKeyGen(session,
                                     (MlKemKey*)info->pk.pqc_kem_kg.key);
             break;
@@ -4720,7 +4720,7 @@ static int Pkcs11PqcKemEncapsulate(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_encaps.type) {
-        case WC_PQC_KEM_TYPE_KYBER:
+        case WC_PQC_KEM_TYPE_MLKEM:
             ret = Pkcs11MlKemEncapsulate(session, info);
             break;
         default:
@@ -4736,7 +4736,7 @@ static int Pkcs11PqcKemDecapsulate(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_decaps.type) {
-        case WC_PQC_KEM_TYPE_KYBER:
+        case WC_PQC_KEM_TYPE_MLKEM:
             ret = Pkcs11MlKemDecapsulate(session, info);
             break;
         default:
@@ -5426,7 +5426,7 @@ static int Pkcs11PqcSigKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_sig_kg.type) {
-        case WC_PQC_SIG_TYPE_DILITHIUM:
+        case WC_PQC_SIG_TYPE_MLDSA:
             ret = Pkcs11MldsaKeyGen(session,
                                     (wc_MlDsaKey*)info->pk.pqc_sig_kg.key);
             break;
@@ -5451,7 +5451,7 @@ static int Pkcs11PqcSigSign(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_sign.type) {
-        case WC_PQC_SIG_TYPE_DILITHIUM:
+        case WC_PQC_SIG_TYPE_MLDSA:
             ret = Pkcs11MldsaSign(session, info);
             break;
         default:
@@ -5476,7 +5476,7 @@ static int Pkcs11PqcSigVerify(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_verify.type) {
-        case WC_PQC_SIG_TYPE_DILITHIUM:
+        case WC_PQC_SIG_TYPE_MLDSA:
             ret = Pkcs11MldsaVerify(session, info);
             break;
         default:
@@ -5502,7 +5502,7 @@ static int Pkcs11PqcSigCheckPrivKey(Pkcs11Session* session, wc_CryptoInfo* info)
     int ret = 0;
 
     switch (info->pk.pqc_sig_check.type) {
-        case WC_PQC_SIG_TYPE_DILITHIUM:
+        case WC_PQC_SIG_TYPE_MLDSA:
             ret = Pkcs11MldsaCheckPrivKey(session, info);
             break;
         default:
@@ -6632,7 +6632,7 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
     #ifdef HAVE_DILITHIUM
             if (info->free.algo == WC_ALGO_TYPE_PK &&
                 info->free.type == WC_PK_TYPE_PQC_SIG_KEYGEN &&
-                info->free.subType == WC_PQC_SIG_TYPE_DILITHIUM) {
+                info->free.subType == WC_PQC_SIG_TYPE_MLDSA) {
                 ret = Pkcs11OpenSession(token, &session, readWrite);
                 if (ret == 0) {
                     ret = Pkcs11MldsaDeletePrivKey(&session,
@@ -6645,7 +6645,7 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
     #ifdef WOLFSSL_HAVE_MLKEM
             if (info->free.algo == WC_ALGO_TYPE_PK &&
                 info->free.type == WC_PK_TYPE_PQC_KEM_KEYGEN &&
-                info->free.subType == WC_PQC_KEM_TYPE_KYBER) {
+                info->free.subType == WC_PQC_KEM_TYPE_MLKEM) {
                 ret = Pkcs11OpenSession(token, &session, readWrite);
                 if (ret == 0) {
                     ret = Pkcs11MlKemDeletePrivKey(&session,

wolfcrypt/test/test.c

@@ -72266,7 +72266,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     #endif /* WOLFSSL_HAVE_SLHDSA */
     #ifdef WOLFSSL_HAVE_MLKEM
         if (info->pk.type == WC_PK_TYPE_PQC_KEM_KEYGEN) {
-            if ((info->pk.pqc_kem_kg.type == WC_PQC_KEM_TYPE_KYBER) &&
+            if ((info->pk.pqc_kem_kg.type == WC_PQC_KEM_TYPE_MLKEM) &&
                 (info->pk.pqc_kem_kg.key != NULL)) {
                 MlKemKey* key = (MlKemKey*)info->pk.pqc_kem_kg.key;
                 int hashDevId = key->hash.devId;
@@ -72286,7 +72286,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
             }
         }
         else if (info->pk.type == WC_PK_TYPE_PQC_KEM_ENCAPS) {
-            if ((info->pk.pqc_encaps.type == WC_PQC_KEM_TYPE_KYBER) &&
+            if ((info->pk.pqc_encaps.type == WC_PQC_KEM_TYPE_MLKEM) &&
                 (info->pk.pqc_encaps.key != NULL)) {
                 MlKemKey* key = (MlKemKey*)info->pk.pqc_encaps.key;
                 int hashDevId = key->hash.devId;
@@ -72309,7 +72309,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
             }
         }
         else if (info->pk.type == WC_PK_TYPE_PQC_KEM_DECAPS) {
-            if ((info->pk.pqc_decaps.type == WC_PQC_KEM_TYPE_KYBER) &&
+            if ((info->pk.pqc_decaps.type == WC_PQC_KEM_TYPE_MLKEM) &&
                 (info->pk.pqc_decaps.key != NULL)) {
                 MlKemKey* key = (MlKemKey*)info->pk.pqc_decaps.key;
                 int hashDevId = key->hash.devId;
@@ -73051,7 +73051,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                 case WC_PK_TYPE_PQC_SIG_KEYGEN:
                 {
             #ifdef HAVE_DILITHIUM
-                    if (info->free.subType == WC_PQC_SIG_TYPE_DILITHIUM) {
+                    if (info->free.subType == WC_PQC_SIG_TYPE_MLDSA) {
                         dilithium_key* dil = (dilithium_key*)info->free.obj;
                         dil->devId = INVALID_DEVID;
                         wc_dilithium_free(dil);
@@ -73072,7 +73072,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
 #ifdef WOLFSSL_HAVE_MLKEM
                 case WC_PK_TYPE_PQC_KEM_KEYGEN:
                 {
-                    if (info->free.subType == WC_PQC_KEM_TYPE_KYBER) {
+                    if (info->free.subType == WC_PQC_KEM_TYPE_MLKEM) {
                         MlKemKey* mlkem = (MlKemKey*)info->free.obj;
                         mlkem->devId = INVALID_DEVID;
                         mlkem->hash.devId = INVALID_DEVID;

wolfssl/wolfcrypt/types.h

@@ -1591,11 +1591,14 @@ enum wc_PkType {
     enum wc_PqcKemType {
         WC_PQC_KEM_TYPE_NONE = 0,
         #define _WC_PQC_KEM_TYPE_MAX WC_PQC_KEM_TYPE_NONE
-        WC_PQC_KEM_TYPE_KYBER = 1,
+        WC_PQC_KEM_TYPE_MLKEM = 1,
         #undef _WC_PQC_KEM_TYPE_MAX
-        #define _WC_PQC_KEM_TYPE_MAX WC_PQC_KEM_TYPE_KYBER
+        #define _WC_PQC_KEM_TYPE_MAX WC_PQC_KEM_TYPE_MLKEM
         WC_PQC_KEM_TYPE_MAX = _WC_PQC_KEM_TYPE_MAX
     };
+
+    /* Pre-standardization name retained for backwards compatibility. */
+    #define WC_PQC_KEM_TYPE_KYBER WC_PQC_KEM_TYPE_MLKEM
 #endif
 
 #if defined(HAVE_DILITHIUM) || defined(HAVE_FALCON) || \
@@ -1605,9 +1608,9 @@ enum wc_PkType {
         WC_PQC_SIG_TYPE_NONE = 0,
         #define _WC_PQC_SIG_TYPE_MAX WC_PQC_SIG_TYPE_NONE
     #if defined(HAVE_DILITHIUM)
-        WC_PQC_SIG_TYPE_DILITHIUM = 1,
+        WC_PQC_SIG_TYPE_MLDSA = 1,
         #undef _WC_PQC_SIG_TYPE_MAX
-        #define _WC_PQC_SIG_TYPE_MAX WC_PQC_SIG_TYPE_DILITHIUM
+        #define _WC_PQC_SIG_TYPE_MAX WC_PQC_SIG_TYPE_MLDSA
     #endif
     #if defined(HAVE_FALCON)
         WC_PQC_SIG_TYPE_FALCON = 2,
@@ -1621,6 +1624,9 @@ enum wc_PkType {
     #endif
         WC_PQC_SIG_TYPE_MAX = _WC_PQC_SIG_TYPE_MAX
     };
+
+    /* Pre-standardization name retained for backwards compatibility. */
+    #define WC_PQC_SIG_TYPE_DILITHIUM WC_PQC_SIG_TYPE_MLDSA
 #endif
 
 #if defined(WOLFSSL_HAVE_LMS) || defined(WOLFSSL_HAVE_XMSS)