Added PKCS#11 3.2 ML-DSA support in lib: (#809)

- OpenSSL >= 3.5 only
- Hedge variants supported.
- Tests with tests vectors
- Multiple-part signature/verify not supported

Co-authored-by: Antoine Lochet <antoine.2.lochet@atos.net>

Author: antoinelochet

.github/workflows/ci.yml

@@ -75,6 +75,46 @@ jobs:
         run: |
           make check || (find . -name test-suite.log -exec cat {} \; && false)
 
+  linux_ossl_35:
+    name: Linux with OpenSSL 3.5.5
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v4
+      - name: Prepare
+        env:
+          OPENSSL_VERSION: 3.5.5
+          OPENSSL_SHA256: "b28c91532a8b65a1f983b4c28b7488174e4a01008e29ce8e69bd789f28bc2a89"
+          OPENSSL_INSTALL_DIR: /usr/local/openssl-3.5
+          LDFLAGS: "-Wl,-rpath,/usr/local/openssl-3.5/lib64 -L/usr/local/openssl-3.5/lib64"
+          PKG_CONFIG_PATH: "/usr/local/openssl-3.5/lib64/pkgconfig"
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -y libcppunit-dev p11-kit build-essential checkinstall zlib1g-dev sudo autoconf libtool git
+          # Install OpenSSL 3.5
+          curl -L -O https://github.com/openssl/openssl/releases/download/openssl-${{ env.OPENSSL_VERSION }}/openssl-${{ env.OPENSSL_VERSION }}.tar.gz
+          echo "${OPENSSL_SHA256}  openssl-${{ env.OPENSSL_VERSION }}.tar.gz" | sha256sum -c -
+          tar -xf openssl-${{ env.OPENSSL_VERSION }}.tar.gz
+          cd openssl-${{ env.OPENSSL_VERSION }}
+          ./config shared zlib no-ssl3 no-weak-ssl-ciphers --prefix=${{ env.OPENSSL_INSTALL_DIR }} --openssldir=${{ env.OPENSSL_INSTALL_DIR }}
+          make -j$(nproc) > build.log
+          sudo make install > install.log
+          cd ${{ env.OPENSSL_INSTALL_DIR }}
+          sudo ln -sf lib64 lib
+      - name: Build
+        env:
+          # Once all OpenSSL deprecations fixed, uncomment this
+          #   CXXFLAGS: -Werror
+          OPENSSL_INSTALL_DIR: /usr/local/openssl-3.5
+          LDFLAGS: "-Wl,-rpath,/usr/local/openssl-3.5/lib64 -L/usr/local/openssl-3.5/lib64"
+          PKG_CONFIG_PATH: "/usr/local/openssl-3.5/lib64/pkgconfig"
+        run: |
+          ./autogen.sh
+          ./configure --with-crypto-backend=openssl --with-openssl=${{ env.OPENSSL_INSTALL_DIR }}
+          make -j$(nproc)
+      - name: Test
+        run: |
+          make check || (find . -name test-suite.log -exec cat {} \; && false)
+
   macos:
     name: macOS (${{ matrix.backend }})
     runs-on: macos-14

CMAKE-NOTES.md

@@ -11,6 +11,7 @@ Some options (more can be found in CMakeLists.txt):
 	-DBUILD_TESTS=ON		Compile tests along with libraries
 	-DDISABLE_NON_PAGED_MEMORY=ON	Disable non-paged memory for secure storage
 	-DENABLE_EDDSA=ON		Enable support for EDDSA
+	-DENABLE_MLDSA=ON		Enable support for ML-DSA
 	-DWITH_MIGRATE=ON		Build migration tool
 	-DWITH_CRYPTO_BACKEND=openssl	Select crypto backend (openssl|botan)
 

CMAKE-WIN-NOTES.md

@@ -52,6 +52,7 @@ Some options (more can be found in CMakeLists.txt):
 
 	-DBUILD_TESTS=ON                Compile tests along with libraries
 	-DENABLE_EDDSA=ON               Enable support for EDDSA
+    -DENABLE_MLDSA=ON               Enable support for ML-DSA
 	-DWITH_MIGRATE=ON               Build migration tool
 	-DWITH_CRYPTO_BACKEND=          Select crypto backend (openssl|botan)
 	-DDISABLE_NON_PAGED_MEMORY=ON   Disable non-paged memory for secure storage

CMakeLists.txt

@@ -8,6 +8,7 @@ option(DISABLE_VISIBILITY "Disables and unsets -fvisibility=hidden" OFF)
 option(ENABLE_64bit "Enable 64-bit compiling" OFF)
 option(ENABLE_ECC "Enable support for ECC" ON)
 option(ENABLE_EDDSA "Enable support for EDDSA" ON)
+option(ENABLE_MLDSA "Enable support for ML-DSA" OFF)
 option(ENABLE_GOST "Enable support for GOST" OFF)
 option(ENABLE_FIPS "Enable support for FIPS 140-2 mode" OFF)
 option(ENABLE_P11_KIT "Enable p11-kit integration" ON)

README.md

@@ -82,6 +82,7 @@ Options:
 	--enable-ecc		Enable support for ECC (default detect)
 	--enable-gost		Enable support for GOST (default detect)
 	--enable-eddsa		Enable support for EDDSA (default detect)
+    --enable-mldsa		Enable support for ML-DSA (default detect)
 	--disable-visibility	Disable hidden visibilty link mode [enabled]
 	--with-crypto-backend	Select crypto backend (openssl|botan)
 	--with-openssl=PATH	Specify prefix of path of OpenSSL

config.h.in.cmake

@@ -151,6 +151,9 @@
 /* Compile with EDDSA support */
 #cmakedefine WITH_EDDSA @WITH_EDDSA@
 
+/* Compile with ML-DSA support */
+#cmakedefine WITH_ML_DSA @WITH_ML_DSA@
+
 /* Compile with FIPS 140-2 mode */
 #cmakedefine WITH_FIPS @WITH_FIPS@
 

m4/acx_crypto_backend.m4

@@ -28,6 +28,16 @@ AC_DEFUN([ACX_CRYPTO_BACKEND],[
 		[enable_eddsa="detect"]
 	)
 
+	# Add ML-DSA check
+
+	AC_ARG_ENABLE(mldsa,
+		AS_HELP_STRING([--enable-mldsa],
+			[Enable support for ML-DSA (default detect)]
+		),
+		[enable_mldsa="${enableval}"],
+		[enable_mldsa="detect"]
+	)
+
 	# Second check for the FIPS 140-2 mode
 
 	AC_ARG_ENABLE(fips,
@@ -100,6 +110,15 @@ AC_DEFUN([ACX_CRYPTO_BACKEND],[
 			detect*-no*) enable_eddsa="no";;
 		esac
 
+		case "${enable_mldsa}" in
+			yes|detect) ACX_OPENSSL_MLDSA;;
+		esac
+		case "${enable_mldsa}-${have_lib_openssl_mldsa_support}" in
+			yes-no) AC_MSG_ERROR([OpenSSL library has no ML-DSA support]);;
+			detect-yes) enable_mldsa="yes";;
+			detect-no) enable_mldsa="no";;
+		esac
+
 		case "${enable_gost}-${enable_fips}" in
 			yes-yes) AC_MSG_ERROR([GOST is not FIPS approved]);;
 			yes-no|detect-no) ACX_OPENSSL_GOST;;
@@ -166,6 +185,10 @@ AC_DEFUN([ACX_CRYPTO_BACKEND],[
 			detect-*) enable_eddsa="${have_lib_botan_eddsa_support}";;
 		esac
 
+		if test	"x${enable_mldsa}" = "xyes"; then
+            AC_MSG_ERROR([Botan does not support ML-DSA])
+        fi
+
 		case "${enable_gost}" in
 			yes|detect) ACX_BOTAN_GOST;;
 		esac
@@ -231,6 +254,19 @@ AC_DEFUN([ACX_CRYPTO_BACKEND],[
 	fi
 	AM_CONDITIONAL([WITH_EDDSA], [test "x${enable_eddsa}" = "xyes"])
 
+	AC_MSG_CHECKING(for ML-DSA support)
+	if test "x${enable_mldsa}" = "xyes"; then
+		AC_MSG_RESULT(yes)
+		AC_DEFINE_UNQUOTED(
+			[WITH_ML_DSA],
+			[],
+			[Compile with ML-DSA support]
+		)
+	else
+		AC_MSG_RESULT(no)
+	fi
+	AM_CONDITIONAL([WITH_ML_DSA], [test "x${enable_mldsa}" = "xyes"])
+
 
 	AC_SUBST(CRYPTO_INCLUDES)
 	AC_SUBST(CRYPTO_LIBS)

m4/acx_openssl_mldsa.m4

@@ -0,0 +1,43 @@
+AC_DEFUN([ACX_OPENSSL_MLDSA],[
+	AC_MSG_CHECKING(for OpenSSL ML-DSA support)
+
+	tmp_CPPFLAGS=$CPPFLAGS
+	tmp_LIBS=$LIBS
+
+	CPPFLAGS="$CPPFLAGS $CRYPTO_INCLUDES"
+	LIBS="$CRYPTO_LIBS $LIBS"
+
+	AC_LANG_PUSH([C])
+	AC_CACHE_VAL([acx_cv_lib_openssl_mldsa_support],[
+		acx_cv_lib_openssl_mldsa_support=no
+		AC_RUN_IFELSE([
+			AC_LANG_SOURCE([[
+				#include <openssl/evp.h>
+				#include <openssl/objects.h>
+				int main()
+				{
+					EVP_PKEY_CTX *pctx =
+    					EVP_PKEY_CTX_new_from_name(NULL, "ML-DSA-44", NULL);
+						if (pctx == NULL)
+							return 1;
+						return 0;
+				}
+			]])
+		],[
+			AC_MSG_RESULT([yes])
+			acx_cv_lib_openssl_mldsa_support=yes
+		],[
+			AC_MSG_RESULT([no])
+			acx_cv_lib_openssl_mldsa_support=no
+		],[
+			AC_MSG_WARN([Cannot test, ML-DSA])
+			acx_cv_lib_openssl_mldsa_support=no
+		])
+	])
+
+	AC_LANG_POP([C])
+
+	CPPFLAGS=$tmp_CPPFLAGS
+	LIBS=$tmp_LIBS
+	have_lib_openssl_mldsa_support="${acx_cv_lib_openssl_mldsa_support}"
+])

src/bin/dump/tables.h

@@ -150,6 +150,8 @@ void fill_CKA_table(std::map<unsigned long, std::string> &t)
 	t[CKA_OS_TOKENFLAGS] = "CKA_OS_TOKENFLAGS";
 	t[CKA_OS_SOPIN] = "CKA_OS_SOPIN";
 	t[CKA_OS_USERPIN] = "CKA_OS_USERPIN";
+	t[CKA_PARAMETER_SET] = "CKA_PARAMETER_SET";
+	t[CKA_SEED] = "CKA_SEED";
 }
 
 void fill_CKM_table(std::map<unsigned long, std::string> &t)
@@ -478,6 +480,8 @@ void fill_CKM_table(std::map<unsigned long, std::string> &t)
 	t[CKM_RSA_PKCS_OAEP_TPM_1_1] = "CKM_RSA_PKCS_OAEP_TPM_1_1";
 	t[CKM_EC_EDWARDS_KEY_PAIR_GEN] = "CKM_EC_EDWARDS_KEY_PAIR_GEN";
 	t[CKM_EDDSA] = "CKM_EDDSA";
+	t[CKM_ML_DSA_KEY_PAIR_GEN] = "CKM_ML_DSA_KEY_PAIR_GEN";
+	t[CKM_ML_DSA] = "CKM_ML_DSA";
 }
 
 void fill_CKO_table(std::map<unsigned long, std::string> &t)
@@ -544,6 +548,7 @@ void fill_CKK_table(std::map<unsigned long, std::string> &t)
 	t[CKK_GOSTR3411] = "CKK_GOSTR3411";
 	t[CKK_GOST28147] = "CKK_GOST28147";
 	t[CKK_EC_EDWARDS] = "CKK_EC_EDWARDS";
+	t[CKK_ML_DSA] = "CKK_ML_DSA";
 }
 
 void fill_CKC_table(std::map<unsigned long, std::string> &t)

src/lib/P11Attributes.cpp

@@ -2227,6 +2227,38 @@ bool P11AttrEcPoint::setDefault()
 	return osobject->setAttribute(type, attr);
 }
 
+/*****************************************
+ * CKA_PARAMETER_SET
+ *****************************************/
+
+// Set default value
+bool P11AttrParameterSet::setDefault()
+{
+	OSAttribute attr((unsigned long)0);
+	return osobject->setAttribute(type, attr);
+}
+
+// Update the value if allowed
+CK_RV P11AttrParameterSet::updateAttr(Token* /*token*/, bool /*isPrivate*/, CK_VOID_PTR pValue, CK_ULONG ulValueLen, int op)
+{
+	// Attribute specific checks
+	if (op != OBJECT_OP_GENERATE && op != OBJECT_OP_CREATE)
+	{
+		return CKR_ATTRIBUTE_READ_ONLY;
+	}
+
+	if (ulValueLen != sizeof(CK_ULONG))
+	{
+		return CKR_ATTRIBUTE_VALUE_INVALID;
+	}
+
+	// Store data
+
+	osobject->setAttribute(type, *(CK_ULONG*)pValue);
+
+	return CKR_OK;
+}
+
 /*****************************************
  * CKA_GOSTR3410_PARAMS
  *****************************************/
@@ -2523,3 +2555,42 @@ CK_RV P11AttrAllowedMechanisms::updateAttr(Token* /*token*/, bool /*isPrivate*/,
 	osobject->setAttribute(type, OSAttribute(data));
 	return CKR_OK;
 }
+
+/*****************************************
+ * CKA_SEED
+ *****************************************/
+
+// Set default value
+bool P11AttrSeed::setDefault()
+{
+	OSAttribute attr(ByteString(""));
+	return osobject->setAttribute(type, attr);
+}
+
+// Update the value if allowed
+CK_RV P11AttrSeed::updateAttr(Token *token, bool isPrivate, CK_VOID_PTR pValue, CK_ULONG ulValueLen, int /*op*/)
+{
+	ByteString plaintext((unsigned char*)pValue, ulValueLen);
+	ByteString value;
+
+	// Encrypt
+
+	if (isPrivate)
+	{
+		if (!token->encrypt(plaintext, value))
+			return CKR_GENERAL_ERROR;
+	}
+	else
+		value = plaintext;
+
+	// Attribute specific checks
+
+	if (value.size() < ulValueLen)
+		return CKR_GENERAL_ERROR;
+
+	// Store data
+
+	osobject->setAttribute(type, value);
+
+	return CKR_OK;
+}