Add ML-KEM and ML-DSA support#399
Open
aidangarske wants to merge 43 commits into
Open
Conversation
Frauschi
requested changes
May 27, 2026
Frauschi
left a comment
Frauschi
left a comment
There was a problem hiding this comment.
Some smaller findings. The biggest "issue" imo is the usage of the now old ML-DSA API instead of the new one. But moving this to the new one should be easy.
|
Jenkins retest this please |
Member
Author
|
Jenkins retest this please |
…, get_params, KEM op name, debian pqc)
padelsbach
reviewed
Jun 4, 2026
…arams, and WP_LOG_COMP_PQC tracing
…) with version-floor gates and per-algorithm CI coverage
…vp_test (replace-default uses no-tests)
…y support for TLS 1.3 key exchange
…fault, both directions, all ML-KEM and hybrid groups)
…rts load through wolfProvider
…rts authenticate in TLS 1.3
… sign ML-DSA certificates
…idate as trust anchors (EVP_PKEY_is_a / check_sig_alg_match)
…Test::Nginx harness (wolfSSL stable+master, latest OpenSSL, force-fail, pinned nginx/nginx-tests)
…d for oqs-provider, exercising ML-DSA auth + ML-KEM/hybrid KEX via their connection test
…hybrid-group KEM; run all PQC unit tests in CI
…ify per group), validating the ML-DSA TLS signature algorithm end-to-end
…pply FIPS 204 sig params in all init paths, reject wrong-length keygen seed, close hybrid match fail-open
…t, reject wrong-length IKME/test-entropy, scrub hybrid shared secret on failure, fix fill_rnd log flag
…erive ECC public on hybrid private import, scrub ML-KEM shared secret on failure
…dersized buffer (early-return on size check), reject mismatched public on hybrid keypair import
…A public only when actually decoded, give hybrid variant tables internal linkage
….9.2); fix wget TLS by setting LD_LIBRARY_PATH after nginx download
…rray of GIDs, so the loop ran once with a GID); drop install-layout-dependent mime.types include; add startup debug
…per wolfSSL ref), loading wolfProvider via provider.conf in non-replace builds
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ML-KEM (FIPS 203) and ML-DSA (FIPS 204) via wolfSSL backend.
Algorithms: ML-KEM-512/768/1024, ML-DSA-44/65/87 hybrid schemes supported now as well
Opt-in:
./scripts/build-wolfprovider.sh --enable-pqc(adds--enable-mlkem --enable-mldsato wolfSSL).Validation: three independent paths cross-checked, all pass.
make testwc_*API (12 cross-pairs)CI: new
wolfssl-versions-pqc.ymlruns three matrix rows - pre-PQC wolfSSL, latest stable, master -- and the three-way interop validator on the PQC-enabled rows.supplemental PR for interop test in wolfCrypt: wolfSSL/wolfssl#10603
Test plan
make testpasses (all 11 PQC tests + existing suite)./test/pqc_interop.test-- ALL PASS (24 cross-pairs)make testclean